1 / 57

Post-Quantum Key Agreement Protocols and Braid group cryptography

Post-Quantum Key Agreement Protocols and Braid group cryptography. Andis Kwan Graduate Center of the City University of New York Chair: Ted Brown Advisor: Michael Anshel Committee: XiangDong Li, Subash Shankar, Christina Zamfirescu http://web.cs.gc.cuny.edu/~ckwan/evote/p.htm. Outline.

mohawk
Download Presentation

Post-Quantum Key Agreement Protocols and Braid group cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Post-Quantum Key Agreement Protocols and Braid group cryptography Andis Kwan Graduate Center of the City University of New York Chair: Ted Brown Advisor: Michael Anshel Committee: XiangDong Li, Subash Shankar, Christina Zamfirescu http://web.cs.gc.cuny.edu/~ckwan/evote/p.htm

  2. Outline • Why post quantum key exchange? • Braid group cryptography • Our proposal on quantum key exchange - public and private key exchange scheme - hybrid quantum random walk agreement scheme and search protocol • Open discussion/questions

  3. Motivation and Background Practical Public-key Cryptosystems - Diffie-Hellman - RSA - ElGamal - Elliptic Curve Cryptosystems, etc

  4. Shor and Grover • Shor’s[96] factoring and Grover’s[97] searching algorithms on quantum computers • Chuang et al 2001 implemented Shor’s algorithm on 7-qubit quantum computer • NIST 2004 QIP 10-qubit • Id Quantique, MagicQ, NEC http://qubit.nist.gov/

  5. Large-scale quantum computer? • A large-scale quantum computer require > 10^5 qubits. Qubits are well defined entities that cannot be copied, and must be shuttled frequently. • quantum error correcting codes and fault-tolerance. Failure rate drops doubly exponentially allowing us to scale to arbitrary sizes: PL ~ APL-12^L EC Gate EC EC EC

  6. Quantum Simulator • NIST QCsim (Black & Lane 2004) to model Quantum Information Decision Diagrams(QIDD) and read input description in QHDL • [3,1] hamming code in the presence of random bit flip or generalized amplitude noise, non-Monte Carlo, for error correcting code circuit • BB84 with random noise, basis and eavesdropping • Teleportation complexity, measurements vs classical bits • QCL (Oemer 2003), quantum programming language

  7. Qcsim: Teleportation Example

  8. Quantum Key Distribution (QKD) • BB84, B92, many variations of QKD and quantum secure direct communication (QSDS) depend on entanglement, secret code sharing, and two-way communication such as ping-ping protocol(Boström, 2002; Wójcik, 2003; Hoffmann, 2004) • Recent advance in KKKP(Kye, 2006)

  9. DARPA-NIST-MIT QKD • NIST fiber QKD, 4M bps • KKKP scheme (Kye et al 2005, 2006)

  10. Detour, geometric & Artin braid

  11. Detour band generator & dynamical braid

  12. Topology of Braid • Homotopy classes of homeomorphisms of the n-punctured disc which fix the border of the disc and permute the puncture points. • Braid group is the homotopy group of the punctured sphere Dn with a fixed border. Consider n points in R2 with basepoint {(1,0),…,(n,0)}on complex plane C.

  13. Elementary Property of Braid Exact sequence • Theorem: (Artin) • Braid is isomorphic to certain subgroup of automorphism of free group. • Algorithm for the word problem is exponential.

  14. Left-canonical representation in Artin Braid

  15. Left-canonical form in band generator

  16. An example

  17. Public Key Encryption Scheme

  18. Ingredients

  19. Braid Diffie-Hellman Problem

  20. Key Agreement BDHP-DP

  21. PKC BDHP-DP

  22. Conjugacy Search Problem

  23. Linear Representation of Braid

  24. Braid Signature Scheme

  25. Hard Problems in Braid

  26. Proposed Solutions – Post Quantum Key Exchange Protocols

  27. Key Agreement Frame Work • Random source: Satellite • Alice and Bob need to know when to count the bits as keys - Quantum Teleportation - Quantum Clock Synchronization • They agree to flip one bit or more Citations: - Hyper-encryption (Rabin & Ding, 2002) - Teleportation (Kauffman et al., 2004) - Quantum Clock, ticking qubit handshake protocol (Chuang et al., 2000)

  28. Three Key Exchanges • Quantum Public Key Exchange • Post-Quantum Private Key Exchange Protocols • Quantum Walk Agreement Protocols

  29. Private Key Exchange (PKE) Scheme • Quantum clock • Teleport a quantum particle state • Count bits at time t • Key vanishes after use

  30. Quantum PKE Scheme Quantum Clocks Alice Bob Count bits at time t, i.e. t1 Public: key is g and prime p Teleport particle state Flip nth bit of g Set new key = g1 Send (g1) a mod p Send (g1)b mod p K = (((g1) b mod p) a mod p) = (((g1) b mod p) a mod p) Eva

  31. Hybrid Quantum Walk Algorithm • Our scheme extends in two ways: • Uses teleportation and quantum clock synchronization to exchange operator • Tree-walk the graph • Reduces high transmission of errors and defeats man-in-the-middle attack • require only 1-qubit • Our quantum uses Cayley graph of group to model quantum key distribution and the works of: (Kempe, 2003; Hillery, 2005; Ambainis, 2006)

  32. Quantum Walk Agreement Protocols (QWAP) • Alice and Bob perform a random walk on the random bits. They must use the same operator to reach an agreement • Alice and Bob teleport or synchronize with a quantum clock to exchange the operator • They are in synchronization with the same operator, and apply the operator on random bits stream • i.e. tree-walk the graph G

  33. Quantum Walk Agreement Search Algorithm (QWASA) • Select a quantum device • Initialize the quantum system in the uniform superposition | • Do T times: Apply the marked walk U’ • Measure the position register • Check if the measured vertex is the marked item

  34. Quantum Walk • QWAP • Use teleportation and quantum clock synchronization to exchange operator between Alice and Bob • Apply the operator on random bits stream and tree-walk on the graph to determine the key • QWASA • Formulate quantum walk on a graph, Cayley graph of particle spin state • Use a different quantum device and time complexity on discrete quantum walk takes O(√N log N) • May break the QWAP

  35. Possible Attacks • Weak impersonation • Quantum eavesdropping -Splitter - Phase shifters - Others • Timing and parallel attacks • Do we need to update the session key?

  36. Conclusion • Our proposal uses • Hyper-encryption technique • Teleportation and quantum clock mechanism • It is a novel way for quantum key distribution • Our quantum walk agreement is • efficient • secure

  37. Extensions to Our Proposal • Theoretical Model of quantum computation • Topological quantum computer • Anyons and quantum knots • Quantum algorithms

  38. Future Directions • Quantum walk search technique - with better bounds - with different quantum gadgets • Problems: - Initial condition • Localization problems • What kinds of group-theoretic problems can the search technique solve that current classical model can’t?

  39. Future Directions • Quantum walk search technique with better bounds with different quantum gadgets • Initial condition • Localization problems • What kinds of group-theoretic problems can the search technique solve that current classical model can’t?

  40. Thank You ! This proposal is a result of collaboration of CUNY Graduate Students and Faculty CUNY introduces two inter-disciplinary courses: - Classical and Quantum Computing - Quantum Cryptography http://www.cs.gc.cuny.edu/~ckwan/crypto/CQIC.htm

  41. Beyond…appendices

  42. Operations on canonical factors

  43. Operations on Braids

  44. Key Agreement Scheme

  45. Signature Scheme

  46. Prepare a simple initial state j00L0i. Perform a universal set of 1- and 2-qubit unitary gates (e.g., H, CNOT, exp[ip Z/8]). Circuit model of quantum computation H eipZ/8 • Make a measurement in the computational basis.

  47. Measurement is universal Two kinds of models: 1.) Product initial state, few-qubit measurements (Gottesman & Chuang, Nielsen, Fenner & Zhang, Leung) • Prepare initial state j00L0i. • Perform a sequence of 2-qubit measurements, conditioned on results of previous measurements. 2.) Entangled initial state, one-qubit measurements (Raussendorf & Briegel) • Prepare an entangled initial state. • Perform a sequence of 1-qubit measurements, conditioned on results of previous measurements.

  48. or equivalently H Teleportation H

  49. Teleportation-based universality of single qubit measurements Teleport logical qubits between different physical qubits. Choice of measurement basis allows us to perform different basic operations. We will show that for certain initial states, it is possible to do a universal set of operations. Problem: Teleportation induces Pauli errors. Fortunately, they are known! Maintain the state of the computation in the form P |y> where |y> is the desired state and P is a known Pauli error.

More Related