Quantum Cryptography 101

Quantum Cryptography

Omar Shehab

Department of Computer Science and Electrical Engineering
University of Maryland, Baltimore County
Baltimore, Maryland 21250
shehab1@umbc.edu

September 21, 2012

Curiosity

We start with following questions:

Omar Shehab (UMBC) Quantum Cryptography September 21, 2012 2 / 52

Curiosity (contd.)

How strong are the classical cryptographic schemes?


Curiosity (contd.)

Is it possible to break them quickly?


Let’s take an example

RSA (Rivest et al. [1978]) is a standard classical cryptographic
scheme.


Here is the situation

Alice wants to send a message to Bob.
Both of them are worried about Eve who is notoriously trying
to intercept the message.


Proposed solution

Alice decides a secret key and encrypts her message with that
key.
The encrypted message is sent to Bob over public channel.
Alice sends the key to Bob over a secure channel.
Bob decrypts the message with the key.


Issue with the solution

How to ﬁnd a secure channel to transfer the key?


It is a good idea?

What if Alice decides another secret sub-key to encrypt the original
key and send it over the public channel?


Let’s see!

Another sub-sub-key to encrypt the sub-key and another
sub-sub-sub-key to secure the sub-sub-key and so on...


It never stops!

Catch-22 (Lomonaco [1998])!


Now what?

Let us redeﬁne ’secret’ !


’Secret’

A secret is secret if it is always secret!
A secret is secret is it is computationally unbreakable (Lomonaco
[1998])!


Computationally secret!!!

Here comes RSA!


Assumptions in RSA

The assumption is that the problem of factoring large number is
not in P, NP-complete, and co-NP-complete (Rivest et al. [1978]).


How conﬁdent?

So far true for classical computers.


Are we safe then?

There are other issues.


An issue with public key cryptography

Eavesdropping cannot be detected in classical public key
cryptographic solutions (Lomonaco [1998]).


New in the town

Quantum Cryptography!!!


Quantum Cryptography

We need quantum computers.


No more ’bits’

Qubits replace bits. Logic one and zero are no longer the scalers 1
and 0. They are expressed by orthonormal pairs of vectors living in
Hilbert space (a special type of vector space) (Lomonaco [1998]).


What are those orthonormal pairs of vectors?

They are called basis sets.


Basis sets

They can be chosen in a number of ways.


Basis sets: Example 1

Let the set be S+ .
1 0
S+ ≡ ,
0 1

These vectors are orthonormal to each other.


Basis sets: Example 2

Let the set be SX .
1 −1 √ 1
SX ≡ √2 , 12
1 1

These vectors are orthonormal to each other.


Qubits

What may Qubits look like in real world?


Qubits (contd.)

Spin of an electron ( 2 or − 1 )
1
2
Polarization of a photon (horizontal or vertical, right circular
or left circular, 45◦ clockwiseorcounter − clockwise etc.)
and many other . . .


Logical impression

Using S+ ,
0 1
Logic 1 ≡ , Logic 0 ≡ or vice versa.
1 0
Using SX ,
1 −1 1 1
Logic 1 ≡ √ , Logic 0 ≡ √ or vice versa.
2 1 2 1


Features

Qubits have following features:


Qubits: Feature 1

Qubits cannot be copied (Wootters and Zurek [1982]). If someone
tries to copy a qubit, the information gets destroyed. So, the
problem of eavesdropping detection is solved.


Qubits: Feature 2

Qubits can be in two opposite states at the same time. For
example, a qubit can be both logic 1 and logic 0 at the same time.


Qubits: Feature 2 (contd.)

1 1
If a qubit is in state √ , it is both in logic 1 and logic 0 with
2 1
equal probability.


Qubits: Feature 3

To read the information of a qubit, we need to measure it. In
quantum world, results of measurement are always probabilistic.
So, we end up with information with speciﬁc amount of probability
associated to it.


Feature 3: Example

If we want to read (measure) an arbitrary qubit using S+ , we will
0 1
get with some probability and ≡ with the
1 0
complementary amount of probability.
1 −1
If we read the same qubit using SX , we will get √2 with
1
1 1
some probability and √2 with the complementary amount of
1
probability.


A note about basis set

While working with quantum information, you can encode your
message with any basis set whenever you want. So, while sending a
message, a part of the message can be encoded using the basis set
SX and rest of the message can be encoded using the basis set S+ .


Message with mixed basis sets

Bit index 1 2 3 4
Logical impression 1 0 1 0
0 1 1 1 −1 1
Qubits √ √
1 2 1 2 1 0
Basis set S+ SX SX S+


Back to Alice!

We recommend Alice and Bob to buy quantum computers.


Alice’s secret key

Alice wants to send a secret key consisting random bits.
Say, she wants to send a 12-bit key. Alice ﬂips a coin for each bit
and sets the bit to 1 for head and 0 for tail. For one instance, let
the logical impression of the message be,
0 1 1 0 1 1 1 0 1 0 1 0.


Alice’s secret key (contd.)

So far, Alice has decided only the logical version of the secret key.
She is yet to decide the basis on which she will encode the
corresponding qubits.



Alice chooses the basis sets in random too. For each bit, if it is
head, the basis set is S+ otherwise SX .



The situation may be as in the following table.
Qubit Basis set Secret key Index

1 2 3 4 5 6 7 8 9 10 11 12

0 1 1 0 1 1 1 0 1 0 1 0

S+ S+ SX S+ S+ S+ SX S+ SX SX SX S+
1 1 1 1 1
1 0 − √2 1 1 1 − √2 1 − √2 √
2
√
2 1
1 1 1 1 1
0 1 √
2
0 0 0 √
2
0 √
2
√
2
√
2
0


Bob receives and measures the key
Real basis Original key Result Basis set Index
1 2 3 4 5 6 7 8 9 10 11 12

SX S+ SX SX S+ SX S+ S+ SX SX SX S+

0 1 1 1 1 0 1 0 1 0 1 0

0 1 1 0 1 1 1 0 1 0 1 0


Message at Bob’s end

Bob will guess right basis 50% of the time. For those correct basis
sets, the results of measurement will be exactly what Alice sent.
For the rest of the message, Bob will have wrong data.


Conﬁrmation of basis with Alice

Bob informs Alice the basis he has used for each bit through public
channel. Whenever, there is a basis mismatch, they discard the
corresponding bit. Here is the scenario,
Key Match Bob Alice Index

1 2 3 4 5 6 7 8 9 10 11 12


SX S+ SX SX S+ SX S+ S+ SX SX SX S+

1 1 1 0 1 0 1 0


Eavesdropping

To intercept the message, Eve needs to measure the qubits just
like Bob does. She cannot copy and forward the original message
to Bob due to the no-cloning theorem. So, Eve can also guess only
50% of the information correctly. To hide her existence, Eve needs
to resend the data to Bob. Any measurement collapses the
quantum superposition of the qubits. So, Bob only receives the
result of measurements, not the original qubits.


Bob measures Eve’s

When Bob measures the message coming from Eve, there is
another layer of applying wrong random bases, which decreases the
probability of getting the original message by more than 50%. Bob
needs a way to detect the eavesdropping.


Detection

Bob shares half of the remaining bits with Alice over public
channel. If there is only a tiny percentage of mismatch (due to
noise), they can safely assume that Eve hasn’t listened to their
communication. Here is the scenario,
Secret Exchange Key Index

1 2 3 4 5 6 7 8 9 10 11 12

1 1 1 0 1 0 1 0

1 1 0 1


Detection (contd.)

With 12-bit secret key, after measurement and intrusion detection,
4 bits are still secret. So, if Alice wants a 100-bit secret key, she
may safely start with a 300-bit key.


Meet BB
This scheme is called the BB84 Quantum Key Exchange protocol.

Figure: Charles H. Bennett

Figure: Gilles Brassard


2012 Nobel Prize?

Thomson Reuters Predicts 2012 Nobel prize in physics may go to
these two people.


Bibliography I

Samuel J. Lomonaco. A quick glance at quantum cryptography. 1998.
R. L. Rivest, A. Shamir, and L. Adleman. A method for obtaining digital signatures and public-key cryptosystems.
Communications of the ACM, 21:120–126, 1978.
W. K. Wootters and W. H. Zurek. A single quantum cannot be cloned. volume 299, pages 802–803, 1982.


Questions?


Quantum Cryptography 101

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (20)

Quantum Cryptography 101