Quantum Cryptography and Possible Attacks-slide
-
Upload
arinto-murdopo -
Category
Documents
-
view
1.459 -
download
3
description
Transcript of Quantum Cryptography and Possible Attacks-slide
![Page 1: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/1.jpg)
Quantum Cryptography
Arinto Murdopo Maria Stylianou
Ioanna Tsalouchidou
13/12/2011
![Page 2: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/2.jpg)
Outline
● Quantum Cryptography● Theoretical Background ● Quantum Key Distribution (QKD)
○ BB84 Protocol● Vulnerabilities & Attacks
○ Faked - state attack
![Page 3: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/3.jpg)
Quantum Cryptography - How it came up
● Cryptography => Secure Communication => Secure Data Transmission
● Two techniques○ Symmetric - key encryption (shared key)
■ Key - distribution problem ○ Asymmetric - key encryption (pair of public&secret keys)
■ Success based on hardware limitations, absence of good algorithms and non-use of quantum computers.
Quantum Cryptography!
![Page 4: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/4.jpg)
Quantum Cryptography
● Quantum Cryptography is ○ the use of laws of quantum physics, to:
■ perform cryptographic functionalities ■ break cryptographic systems
● Examples:○ Quantum Key Distribution (next section)○ Quantum Computers to break existing protocols
![Page 5: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/5.jpg)
Theoretical Background
● Quantum - minimum amount of any physical entity ● Photon Polarization - Quantum Superposition
○ Vertical-Horizontal 2 orthogonal○ Diagonal +-45 degrees states
● Heisenberg Uncertainty Principle
○ “observation causes perturbation”○ no-cloning theorem
Polarized Wave Applet! http://surendranath.tripod.com/Applets/Waves/Polarisation/PW.html
![Page 6: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/6.jpg)
Theoretical Background
Filter to distinguish polarized photons. Correct Filter applied Wrong Filter applied
![Page 7: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/7.jpg)
Quantum Key Distribution - BB84
● First quantum cryptography protocol
● Goal: describe a scheme of two users who want to communicate and exchange data securely.
● Idea: distribute a key securely, based on the laws of
physics.
● Security proofs: ○ If someone reads the state of photon -> state changes○ Not possible to copy the photon in order to encode it with
all possible ways (basis)
![Page 8: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/8.jpg)
Quantum Key Distribution - BB84
![Page 9: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/9.jpg)
Quantum Key Distribution - BB84
Step 1 ● Alice has two choices, key (a) & basis (b), chosen
randomly● Combine bits of a and b, 1-1, ● Four different states of qubit (photon polarization)● Sent through public quantum channels:
○ Optical Fiber○ Free Space
Photon Source
![Page 10: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/10.jpg)
Quantum Key Distribution - BB84
Step 2
● Bob receives qubit from Alice● Bob measures it by choosing random basis using
Beam Splitter (BS), practically it could be 50/50 mirror● PBS sends qubit to certain detector using some rules
![Page 11: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/11.jpg)
Quantum Key Distribution - BB84
Step 2How PBS of a specific basis works
● Let photon that polarized on that basis to pass through to the correct detector
● Otherwise, the photon can head randomly to any of the wrong detectors
![Page 12: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/12.jpg)
Quantum Key Distribution - BB84
Step 2Example of how PBS combining with detector works!
![Page 13: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/13.jpg)
Quantum Key Distribution - BB84
Step 3● 1st communication between Alice and Bob in public
channel● They compare the basis used to encode and measure
the qubit● If Bob.basis == Alice.basis
○ Keep the bit!● Else
○ Discard the bit● The length of the initial key is reduced to half of its length
because the probability of Bob choosing the same basis as Alice is 50%
![Page 14: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/14.jpg)
Quantum Key Distribution - BB84
Step 4● Check if someone has intruded the communication or if
some imperfection of the devices or channel has introduced noise that distort the outcome
● If Eve has intruded the communication, she will DEFINITELY left some traces due to Heisenberg Uncertainty Principle (HUP) and non cloning theorem
![Page 15: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/15.jpg)
Quantum Key Distribution - BB84Step 4
● Alice and Bob performs MANY parity-checks● In this way, they can find out whether Eve has intruded
the communication● Very simple example:
○ Calculate parity of blocks of 4-bits
● Alice sends the parities of her blocks and Bob checks them
![Page 16: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/16.jpg)
Quantum Key Distribution - BB84Step 5
● Now Alice and Bob have the same keys, all the bits are same
● The problem is, in Step 4, Eve manages to find out some portions of their key
● Privacy Amplification comes into the rescue!
![Page 17: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/17.jpg)
Quantum Key Distribution - BB84Step 5
● Alice and Bob apply Hash function to compress the key into the final one. And they should use the same Hash function.
![Page 18: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/18.jpg)
Vulnerabilities - Photon number attack
● Sending more than one photon for each bit leads to photon number attack.
○ Eve can steal extra photons to extract the stolen photons information.
● Ensure photon spitter only sends exactly ONE photon each time.
● Single photon ensures quantum mechanic laws are satisfied.
![Page 19: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/19.jpg)
Vulnerabilities - Spectral attack
● If photons are created by four DIFFERENT laser photo diodes, they have different spectral characteristics.
● Eve performs spectral attack by measuring COLOR, and not polarization.
![Page 20: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/20.jpg)
Vulnerabilities - Random numbers
● Are our random numbers really "Random"?
● Bob side, randomness is determined by BS.● Alice side, randomness if a bit stream cannot be proven
mathematically○ Algorithms generate "random" sequences by following
specific patterns => NOT that random!○ Eve can use same algorithm to extract information.
Entangled Photon Pairs comes to the rescue!
![Page 21: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/21.jpg)
Entangled photon pairs
![Page 22: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/22.jpg)
BB84 with photon pairs
![Page 23: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/23.jpg)
Faked-state attack
General scheme
![Page 24: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/24.jpg)
Faked-state attack
Practical Implementation - Detector replica● Eve has replica of Bob's detector ● To capture the photon and measure it like Bob always does
![Page 25: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/25.jpg)
Faked-state attack
Practical Implementation - Fake Stated Generator
● Blind Bob's detector○ Insensitive to photon
● Forces Bob's detectors to have same "click" as what Eve has measured
○ Bob and Eve have same information
![Page 26: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/26.jpg)
Faked-state attack
Practical Implementation - Blind all Bob's detectors● QKD detectors use Single Photon Avalanche Diode (SPAD)
![Page 27: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/27.jpg)
Faked-state attack
Single Photo Avalanche Diode● Has two modes
○ Geiger Mode○ Linear Mode
Hence, SPAD in Linear Mode can be considered as blind-to-photon.
![Page 28: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/28.jpg)
Faked-state attack
Single Photo Avalanche Diode● How to make SPAD behaves in Linear Mode?
![Page 29: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/29.jpg)
Faked-state attack
Single Photo Avalanche Diode● SPAD in Linear Mode
● Bright illumination causes the capacitor has not enough time to recharge and re-balance the voltage value at point 2
● SPAD's bias voltage below VBreakdown -> Linear Mode
![Page 30: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/30.jpg)
Faked-state attack
Single Photo Avalanche Diode● SPAD in Linear Mode
●
![Page 31: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/31.jpg)
Faked-state attack
Practical Implementation - Force Bob's detector to click● Blinding Bob's detector is not enough● Eve needs to force specific Bob's detector to "click"
according to the measurement result in Eve's detector
![Page 32: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/32.jpg)
Faked-state attack
Practical Implementation - Force Bob's detector to click● SPAD in linear mode ("blind SPAD) -> easily forced to
create a "click"● Sending pulse of light with intensity power "I0"
![Page 33: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/33.jpg)
Faked-state attack
Practical Implementation - Blind the detector● Correct light pulse intensity is important ● (2*I0) is the answer!
![Page 34: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/34.jpg)
Putting them all together!
Faked-state attack
![Page 35: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/35.jpg)
Faked-state attack
Result of the Attack: Impressive!Bob@V Bob@-45 Bob@H Bob@+45
Eve@V 99.51% 0 0 0
Eve@-45 0 99.66% 0 0
Eve@H 0 0 99.80% 0
Eve@+45 0 0 0 99.95%
![Page 36: Quantum Cryptography and Possible Attacks-slide](https://reader034.fdocuments.us/reader034/viewer/2022052522/554f28b3b4c905723a8b54a1/html5/thumbnails/36.jpg)
The end!
Questions?