Applied quantum cryptography

Lecture Notes in Physics

Founding Editors: W. Beiglbock, J. Ehlers, K. Hepp, H. Weidenm ¨ uller ¨

Editorial Board

R. Beig, Vienna, Austria

W. Beiglbock, Heidelberg, Germany ¨

W. Domcke, Garching, Germany

B.-G. Englert, Singapore

U. Frisch, Nice, France

F. Guinea, Madrid, Spain

P. Hanggi, Augsburg, Germany ¨

W. Hillebrandt, Garching, Germany

R. L. Jaffe, Cambridge, MA, USA

W. Janke, Leipzig, Germany

H. v. Lohneysen, Karlsruhe, Germany ¨

M. Mangano, Geneva, Switzerland

J.-M. Raimond, Paris, France

M. Salmhofer, Heidelberg, Germany

D. Sornette, Zurich, Switzerland

S. Theisen, Potsdam, Germany

D. Vollhardt, Augsburg, Germany

W. Weise, Garching, Germany

J. Zittartz, Koln, Germany ¨

The Lecture Notes in Physics

The series Lecture Notes in Physics (LNP), founded in 1969, reports new developments

in physics research and teaching – quickly and informally, but with a high quality and

the explicit aim to summarize and communicate current knowledge in an accessible way.

Books published in this series are conceived as bridging material between advanced grad￾uate textbooks and the forefront of research and to serve three purposes:

• to be a compact and modern up-to-date source of reference on a well-defined topic

• to serve as an accessible introduction to the field to postgraduate students and

nonspecialist researchers from related areas

• to be a source of advanced teaching material for specialized seminars, courses and

schools

Both monographs and multi-author volumes will be considered for publication. Edited

volumes should, however, consist of a very limited number of contributions only. Pro￾ceedings will not be considered for LNP.

Volumes published in LNP are disseminated both in print and in electronic formats, the

electronic archive being available at springerlink.com. The series content is indexed, ab￾stracted and referenced by many abstracting and information services, bibliographic net￾works, subscription agencies, library networks, and consortia.

Proposals should be sent to a member of the Editorial Board, or directly to the managing

editor at Springer:

Christian Caron

Springer Heidelberg

Physics Editorial Department I

Tiergartenstrasse 17

69121 Heidelberg / Germany

[email protected]

C. Kollmitzer

M. Pivk (Eds.)

Applied Quantum

Cryptography

ABC

Christian Kollmitzer

AIT Austrian Institute

of Technology GmbH

Safety & Security Department

Quantum Technologies

Lakeside B01A, 9020, Klagenfurt

Austria

[email protected]

Mario Pivk

Pockau 171 ¨

9601 Arnoldstein

Austria

[email protected]

Kollmitzer C., Pivk M. (Eds.), Applied Quantum Cryptography, Lect. Notes Phys. 797

(Springer, Berlin Heidelberg 2010), DOI 10.1007/978-3-642-04831-9

Lecture Notes in Physics ISSN 0075-8450 e-ISSN 1616-6361

ISBN 978-3-642-04829-6 e-ISBN 978-3-642-04831-9

DOI 10.1007/978-3-642-04831-9

Springer Heidelberg Dordrecht London New York

Library of Congress Control Number: 2010920541

c Springer-Verlag Berlin Heidelberg 2010

This work is subject to copyright. All rights are reserved, whether the whole or part of the material is

concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting,

reproduction on microfilm or in any other way, and storage in data banks. Duplication of this publication

or parts thereof is permitted only under the provisions of the German Copyright Law of September 9,

1965, in its current version, and permission for use must always be obtained from Springer. Violations are

liable to prosecution under the German Copyright Law.

The use of general descriptive names, registered names, trademarks, etc. in this publication does not imply,

even in the absence of a specific statement, that such names are exempt from the relevant protective laws

and regulations and therefore free for general use.

Cover design: Integra Software Services Pvt. Ltd., Pondicherry

Printed on acid-free paper

Springer is part of Springer Science+Business Media (www.springer.com)

CK: For my family and Verena

MP: For all those, who enrich my life

Foreword

Using the quantum properties of single photons to exchange binary keys between

two partners for subsequent encryption of secret data is an absolutely novel tech￾nology. Only a few years ago quantum cryptography – or better Quantum Key

Distribution – was the domain of basic research laboratories at universities. But

during the last few years things changed. Quantum Key Distribution or QKD left

the laboratories and was picked up by more practical-oriented teams that worked

hard to develop a practically applicable technology out of the astonishing results of

basic research.

One major milestone toward a QKD technology was a large research and devel￾opment project funded by the European Commission that aimed at combining quan￾tum physics with complementary technologies that are necessary to create a techni￾cal solution: electronics, software, and network components were added within the

project SECOQC (Development of a Global Network for Secure Communication

based on Quantum Cryptography) that teamed up all expertise on European level to

get a technology for future cryptography.

Lead-managed by a team at the Austrian Research Centers in Vienna, the practi￾cal application of QKD in a standard optical fiber network was demonstrated giving

a glimpse of the future of secure communication. Although many steps have still

to be done in order to achieve a real mature technology the cornerstone for future

secure communication is already laid. QKD will not be the Holy Grail of security,

it will not be able to solve all problems for evermore. But QKD has the potential to

replace one of the weakest parts of symmetric encryption: the exchange of the key.

It can be proven that the key exchange process cannot be corrupted and that keys

that are generated and exchanged quantum cryptographically will be secure for ever

(as long as some additional conditions are kept).

This book will show the state of the art of Quantum Cryptography and it will

sketch how it can be implemented in standard communication infrastructure. The

growing vulnerability of sensitive data requires new concepts and QKD will be a

possible solution to overcome some of today’s limitations.

Vienna, Austria Christian Monyk

vii

Acknowledgements

We would like to give thanks to the Austrian Research Centers GmbH – ARC Kla￾genfurt and Vienna for their support of this book. This work was supported by the

EC/IST Integrated Project SECOQC (contract no. 506813). M.S. is grateful to T.

Langer, T. Lor ¨ unser, C. Pacher, M. Peev, and A. Poppe for discussion, help, and ¨

assistance in writing Chap. 6. We would like to take this opportunity to express

our gratitude to Roland Potzmann from the Central Institute for Meteorology and

Geodynamics (ZAMG) who provided us with the climate data. Furthermore, a spe￾cial thanks to the people of the University of Vienna for their support. Christian

Kollmitzer would like to give thanks to Mr. Gerald Dissauer for discussions and

explanations of Medical Information Systems. He would also like to give thanks

to Michele Mosca, Norbert Lutkenhaus, and Daniel Gottesman from the University ¨

of Waterloo, Ontario, Canada, and to Takashi Linzbichler from the University of

Applied Science Joanneum, Kapfenberg, Austria, and their students for many hours

of discussion on the “Ring of Trust” model. We want to thank Claus Ascheron for

his work in the process of making this book and our reviewers for their fruitful

comments.

ix

Contents

1 Introduction . . . . . .............................................. 1

C. Kollmitzer

2 Preliminaries . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

M. Pivk

2.1 Quantum Information Theory ............................... 3

2.2 Unconditional Secure Authentication . . . . . . . . . . . . . . . . . . . . . . . . . 14

2.3 Entropy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

3 Quantum Key Distribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

M. Pivk

3.1 Quantum Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

3.2 Public Channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27

3.3 QKD Gain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

3.4 Finite Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

4 Adaptive Cascade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

S. Rass and C. Kollmitzer

4.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

4.2 Error Correction and the Cascade Protocol . . . . . . . . . . . . . . . . . . . . . 49

4.3 Adaptive Initial Block-Size Selection . . . . . . . . . . . . . . . . . . . . . . . . . 52

4.4 Fixed Initial Block-Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

4.5 Dynamic Initial Block-Size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56

4.6 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65

4.7 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68

5 Attack Strategies on QKD Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71

S. Schauer

5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72

xi

xii Contents

5.2 Attack Strategies in an Ideal Environment . . . . . . . . . . . . . . . . . . . . . 73

5.3 Individual Attacks in an Realistic Environment . . . . . . . . . . . . . . . . . 89

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94

6 QKD Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

M. Suda

6.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

6.2 QKD Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98

6.3 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

7 Statistical Analysis of QKD Networks in Real-Life Environment . . . . . . . . 123

K. Lessiak and J. Pilz

7.1 Statistical Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123

7.2 Results of the Experiments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127

7.3 Statistical Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142

7.4 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148

8 QKD Networks Based on Q3P . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

O. Maurhart

8.1 QKD Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151

8.2 PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

8.3 Q3P . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

8.4 Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167

8.5 Transport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170

9 Quantum-Cryptographic Networks from a Prototype to the Citizen . . . . . . 173

P. Schartner and C. Kollmitzer

9.1 The SECOQC Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173

9.2 How to Bring QKD into the “Real” Life . . . . . . . . . . . . . . . . . . . . . . . 176

9.3 Resumee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183

10 The Ring of Trust Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

C. Kollmitzer and C. Moesslacher

10.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185

10.2 Model of the Point of Trust Architecture . . . . . . . . . . . . . . . . . . . . . . 186

10.3 Communication in the Point of Trust Model . . . . . . . . . . . . . . . . . . . 186

10.4 Exemplified Communications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194

10.5 A Medical Information System Based on the Ring of Trust . . . . . . . 204

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211

Chapter 1

Introduction

C. Kollmitzer

Quantum cryptography or more precisely quantum key distribution (QKD) is a new

technology which gets a high level of attention today worldwide. The possibility

to exchange information in a provable secure way is a milestone in communication

history. The main problem in QKD is the range limitation between the communi￾cation partners Alice and Bob. Several experiments have shown that the distance

between Alice and Bob can be enhanced. Some of these experiments used optical

fibers; others were based on free space technologies. But beyond that it is now pos￾sible to build communication networks based on QKD. Thus, not only Peer to Peer

connection has to be used but it is now possible to build modern communication

structures.

The first fully functional QKD-based network was presented in October 2008 in

Vienna, Austria. It acted thereby as the base layer for a video conferencing network,

which connected several parts of the city. Not only one QKD technology was used

but five different systems were deployed. Single communications used several of

them, invisible for the user.

This book contains the following aspects:

At first fundamental techniques are discussed which form a basis for all further

concepts, in particular the QKD systems also introduced here. The individual steps

of the communication setup are shown in detail, especially sifting, reconciliation,

error correction, and privacy amplification.

Regarding error correction the Adaptive Cascade protocol, an improvement of

the original error correction protocol Cascade, is introduced. It enhances the clas￾sical Cascade approach and supplements it with a method to determine the optimal

initial block size and hence enhance its efficiency.

In order to ensure the security of communication systems, different attack strate￾gies must be examined. Besides the classical attack strategies QKD systems offer a

range of new aspects which are also presented.

C. Kollmitzer (B)

Safety & Security Department, Quantum Technologies, AIT Austrian Institute of Technology

GmbH, Lakeside B01A 9020 Klagenfurt, Austria,

[email protected]; http://www.ait.ac.at

Kollmitzer, C.: Introduction. Lect. Notes Phys. 797, 1–2 (2010)

DOI 10.1007/978-3-642-04831-9 1 c Springer-Verlag Berlin Heidelberg 2010

2 C. Kollmitzer

After that we present current QKD systems in detail, which were used in the

SECOQC network project of the European Union and were part of the first QKD￾based network in October 2008 in Vienna, Austria.

Although QKD system has been used for years within different experimental

setups, many of these experiments took place within a laboratory. But due to the

deployment of the SECOQC network, it was possible to collect data from a longtime

setup within an urban environment. The influence of the environment was examined

and temperature, humidity, etc., could be seized for the first time and subsequently

statistically evaluated. The results are discussed in detail.

QKD systems are designed as an enhancement to existing communication net￾works. Thus, their integration into current communication systems is a crucial fac￾tor. Special network protocols had been developed whereby in particular the Q3P

protocol is of high importance and presented in detail.

A communication network is one of the key developments on the way to the field

use. The appropriate fundamentals are presented. Apart from that we deal with the

user itself and its benefit in using QKD networks. In particular the employments of

QKD generated keys using current communication equipments like the iPhone are

described.

Because of the range limitation of QKD systems, the development of global net￾works is one of the most strongly examined research areas. A possible solution

based on a network of trusted communication centers is also presented. The main

advantage in this model is the possibility to generate keys on demand such that the

user doesn’t need to store them in a relatively uncertain environment.

We hope that we can promote the interest in QKD systems and the associated

new possibilities with this book. We assume today that these new options will be

the subject of international research activities all over the next years worldwide

and that the results will have a massive impact on the communication structures of

tomorrow.