algorithms; BB84, B92, and EPR. Those protocols exchange qubits over quantum channel and then apply probabilistic measures to adjust the key bits sequence ...
Quantum Key Distribution by Using Public Key Algorithm(RSA) Ammar Odeh, Khaled Elleithy, Muneer Alshowkan, Eman Abdelfattah Department of Computer Science & Engineering University of Bridgeport Bridgeport, USA
{aodeh, elleithy, malshowk, eman} @bridgeport.edu The rest of this paper is organized as follows. In Section II, we briefly glance at the main security protocols over quantum channel. In Section III, we describe our proposed algorithm. Analysis of the proposed algorithm is presented in Section IV. Finally, concluding remarks are offered in Section V.
Abstract— Classical cryptography is based on the computational difficulty to compute the secret key using the current computing systems. Depending only on the difficulty of computational complexity does not provide enough security because finding a fast method to calculate the secret key will compromise the security of the systems. Quantum computing uses the law of physics for communication allowing new concepts to be applied in computing specially in cryptography and key distribution by applying quantum theorems and principles. In this paper, we are introducing a new model for quantum key distribution between three parties or more where there is a trusted center providing the clients the necessary secret information to securely communicate with each other. Keywords—Quantum Conputing, Communication, Cryptography, Key Distribution;
II.
Quantum key distribution mainly depends on three algorithms; BB84, B92, and EPR. Those protocols exchange qubits over quantum channel and then apply probabilistic measures to adjust the key bits sequence. BB84 uses rectilinear and diagonal bases to pass data from sender to receiver [5], [6]. The used bases are shown in equation (1) B92 employs non-orthogonal bases to send qubits to the receiving side [7], [8]. EPR uses one of the interesting quantum properties which is entanglement to transfer data between parties [9] . Two entangled states are shown in equation (2).
Three-party
I. INTRODUCTION Quantum computing depends on quantum physics for communication and quantum cryptography to secure the communication between two parities. It allows two parities to generate a key with special characteristics and use it for secure communication between them. Quantum computing allows the sender and the receiver to use two principles from quantum mechanics. First, the Heisenberg uncertainty principle and second, the no-cloning theorem [1]. These principles provide the sender and the receiver absolute security. In quantum computing the presence of an eavesdropper who disturbs the communication can be detected by the communicating parities. This property is based on a concept in quantum mechanics which states that measuring of a quantum state results in destroying that state. An eavesdropper on the quantum channel could be detected by superposition and entanglement [1-4]. Classical cryptography doesn’t provide any properties to detect a third party eavesdropping on the classical channel. No-cloning theorem was proven in 1982 by Wootters and Zurek. It states that a user cannot copy quantum channel state and cannot duplicate the qubits without a prior knowledge of their bases [2]. No-cloning principle makes it impossible for an eavesdropper to listen to the quantum channel without being detected unless this eavesdropper can perfectly predict the sender random basis and use it to measure the qubits and send them back to the receiver.
978-1-4799-0048-0/13/$31.00 ©2013 IEEE
RELATED WORK
{| 〉 | 〉} = |00
√
1,0 T , 1,1 √ |11
√2
Figure 1.Rectilinear Base
T
1 2
Figure 2.Diagonal Base
The first concept of quantum key exchange was introduced by Bennett and Brassard in 1984 [10]. The implementation results in IBM laboratory of the first quantum cryptography experiment were impressive and showed that quantum cryptography is promising for secret key exchange [11]. The uncertainty principle was applied in this experiment instead mathematical modeling. In [11], new principles were introduced for secret key exchange against two types of intruders who intercept and resend data. Figure 2 shows the main idea in reconciliation between sender and receiver.
83
In [15], a secure algorithm introduced to improve the data confidentiality and user authentication by using multi-party applications. A Multicast Network Security model divides the process into three phases. The first one is user authentication where only legitimate users can receive messages. In the second phase, Quantum key distribution generates secure keys to encrypt and decrypt messages. In the last phase, the data can be encrypted by using generated keys from the second phase and then send to legitimate users. Quantum Key Distribution (QKD) protocol with a two-way quantum channel was introduced in [16]. The algorithm works by sending data more than once between the users and they will compute the Quantum Bit Error Rate (QBER). This algorithm consists of 10 steps and those steps are repeated for 20 rounds. After the rounds, a shifted key process is applied to agree on the bases that will be used between the users. In [17], Sarath et. al. proposed a scheme for digital authentication using hash function. The scheme is utilizing quantum characteristics and principles to perform one way hash function. The authors proposed the scheme as an improvement to the protocol BB84 which supports authentication by considering programming polarizer. Dual quantum channels are required in the scheme. The protocol has a combination of quantum and classical processes that provide high degree of security.
Figure 3. Reconciliation for Practical Quantum Key
In [12], the authors presented new security algorithm to distribute a key over the quantum channel. In this algorithm it is assumed that two quantum channels between the sender and the receiver while using diagonal bases {↗, ↖} and rectilinear bases { , }. The sender sends the same data using two channels. The receiver measures the first channel’s data using diagonal basis and uses rectilinear basis for the second channel. By measuring both channels, the receiver cancels any measured bit that has a probability less than 1. It keeps the remaining certain bits with a probability of 1. By this strategy the parties agree on the quantum bases order that are used to transmit the data. In [12], two protocols were introduced by using three party quantum key distributions. The proposed work achieves session agreement by using only unitary operation. In other words, QKD is trusted from all parties, where the sender uses some classical concepts such as checksum, and then adds the checksum result to the original message. The main advantage of this algorithm is that it allows authorized users to use qubits as a session key. A proposal introduced in [13] that supports security over direct communications in addition to improving authentication. The trusted server manages the communication between authenticated users. To improve security, the communication is divided into two stages. The first part is called authentication and attackers check stage. It employs hash function and unitary matrix property to improve data authentication where each user has a unique ID over the network. In the second stage, direct communication occurs by dividing the data into blocks and using entangled bits.
III.
PROPOSED ALGORITHM
In this paper, we propose a three-party key distribution protocol. Alice and Bob want to securely communicate with each other and require a secret key to secure their communicating channel from a trusted third party. In protocols such as BB84 and B92, the sender and the receiver are not able to know the secret key until the last step when they finish the comparison of their bases. When a third party is introduced, BB84 and B92 cannot be applied because there is no mechanism to precisely distribute the same key to multiple parties. In our proposed protocol we are considering how to involve three or more parties in the key distribution process. Our specific aim is to improve key distribution system by applying some classical concepts and quantum techniques. By applying public key concepts, we can enhance user authentication and data integrity process. The proposed algorithm achieves a high percentage of the correct bases. Moreover, we don’t need the physical channel to check the Qubits sequence where the quantum bases are shared by using asymmetric key distribution center. The proposed algorithm consists of two phases: 1. User Authentication & Quantum Bases distribution 2. Data Transfer over the Quantum channel In order for Alice and Bob to obtain a session key, the following steps take place between the three parties:
In [14], the authors presented a new proposal that merges between the merits of classical cryptography and quantum cryptography using Quantum Key Distribution Protocol (QKDP). QKDP consists of two phases; the first step is connection setup where the sender and the receiver agree about the bases that can be used during the connection. The next step is key distribution where the trusted center (TC) notifies users about communication process. In the beginning, TC generates a random number and a session key by employing hashing function then sends them to the authenticated users. When the users receive the qubits, they measure the qubits by using the established bases from the first phase and verify the result to check if it is the key they agreed on or not. After the verification steps, the sender starts sending data.
84
ID
E 2.
Bo b)
User Authentication and Quantum Bases distribution || QB )
|| Al ice
Bo b
ID
|| ID
Al ice (
Al ice
4.
EP
o
U‐ Al ice (
B ID ||
ID
) b Bo ) ID ) b Bo || QB ID || b
ice Al
||
(ID
ice Al
ob
PR ‐
ice Al
(ID
‐B PU
ob ‐B
(ID
ob
E PR
E 4.
1. E
‐B PU
3.
1- Alice requests to have a connection with Bob Alice J QKD: EPR-Alice(IDAlice || IDBob) QKD will register the connection request status in log file and check the ID of Alice for user Authentication. Moreover, QKD checks Bob’s ID status (Busy, Free). If Bob is free, QKD moves to step 2. 2- QKD sends to Bob a connection request containing Alice’s request QKD J Bob: EPU-Bob(IDAlice || IDBob)
Figure 4.User Authentication and Quantum Bases distribution
If the Notify message is Okay, the connection will be alive until QKD sends any error notification or Alice stops sending. In the proposed protocol, we improve security over the quantum channel. Each message is authenticated by the sender using its private key. Moreover, data authentication enhancement is achieved when parties send random pieces to QKD center and notify them. By applying this protocol we remove the guessing theory applied in early protocols such as BB84, B92, and EPR. We have improved the ability to identify if there is an intruder or not.
3- When Bob reply by accepting the connection with Alice, Bob will send to QKD a confirmation message Bob J QKD: EPR-Bob(IDAlice || IDBob) QKD decrypts the message and adds connection’s status between Alice and Bob and both of them are authenticated to send and receive data. 4- QKD starts distributing quantum bases (+,X) in some sequence to encode the message to Alice and Bob in an encrypted message using their public keys. 4. 1 4. 2
IV.
ALGORITHM ANALYSIS
Our proposed algorithm consists of two general phases and seven steps. In this section we analyze our algorithm and compare it with other algorithms. Table I shows a comparison with respect to used bases, classical channel and user Authentication. Table II, illustrates a comparison in regards to number of used phases and the use of cryptography.
QKD J Alice: EPU-Alice(IDAlice || IDBob || QB). QKD J Bob: EPU-Bob(IDAlice || IDBob || QB). Data Transfer over Quantum channel
5- After Alice and Bob receive the quantum bases from QKD, Alice sends an encrypted message using the quantum bases to Bob Alice J Bob: EPR-Alice(EQB(M)||EPU-Bob(IDAlice))
In protocols BB84, B92 and EPR there is a probability of mismatching bases. Taking into consideration this possibility, the length of bases will be relatively smaller to the original length. If there is an attacker, the percent will be 50%, which means that half of key will be discarded. In our protocol, we can transfer the message by using the whole key length. By using public key encryption algorithm, we can send the quantum bases sequence from QKD to Alice and Bob. In addition, we improve user’s authentication where the above three algorithms do not provide it. On the other hand, earlier protocols use classical channel to compare between the sender and the receiver bases. In our algorithm, the sender and the receiver send random parts from the message to QKD to check if there is an intruder or not.
6- Bob and Alice send a random part of the message to QKD by using Private Key of sender(Alice, Bob). Bob QKD: EPR-Bob(EQB(M)||EPU-QKD(IDBob)) Alice QKD: EPR-Alice(EQB(M)||EPU-QKD(IDAlice)) QKD can decrypt the messages and compare between them. If there are any mismatching bits, then QKD concludes that there is an intruder. 7- QKD sends notification messages to Alice and Bob to inform them there is an intruder or not. QKD J Bob: EPU-Bob (EQB(Notify)) QKD J Alice: EPU-Alice(EQB(Notify))
V.
CONCLUSION
Quantum key distribution protocols BB84, B92 and EPR communicate using a classical channel to compare the bases. This approach facilitates eliminating the erroneous qubits. In this paper we introduce a novel security quantum algorithm that employs public key encryption algorithm to
Figure 4 and Figure 5 show the steps involved in the algorithm.
85
[6]
generate keys to improve security over quantum communication channel. Moreover, the introduced algorithm enhances user’s authentication and data privacy.
[7] [8] Q
PU
PU -B o
B
e lic -A
Q e lic -A D PR QK PU
B A
e lic
PU
PR Q K
D
b
[9]
Q B
Bo b Q B Bo b
[10]
Figure 5.Data Transfer over Quantum channel
Table I. Compression between QKD, BB82, B92 and EPR Classical User Algorithm Bases Channel Authentication BB82 +,X Yes No NonB92 Yes No orthogonal Entanglement EPR Yes No Bit Our Algorithm +,X No Yes
[11]
Table II. Comparison between QDKP and other protocols Classical Algorithm No. of phase cryptography
[13]
[15] [16] [17] Our Algorithm
[1] [2]
[3]
[4] [5]
Two phases Three phases One Phase Two phases
[12]
Hashing function XOR classical Gate Hashing function RSA
[14]
References W. K. Wootters and W. H. Zurek, "A single quantum cannot be cloned," Nature, vol. 299, pp. 802-803, 1982. T. Hwang, K.-C. Lee, and C.-M. Li, "Provably secure three-party authenticated quantum key distribution protocols," Dependable and Secure Computing, IEEE Transactions on, vol. 4, pp. 7180, 2007. W. Y. Hwang, I. G. Koh, and Y. D. Han, "Quantum cryptography without public announcement of bases," Physics Letters A, vol. 244, pp. 489-494, 1998. G. Zeng and W. Zhang, "Identity verification in quantum key distribution," Physical Review A, vol. 61, p. 22303, 2000. S. J. Lomonaco, "A quick glance at quantum cryptography," Cryptologia, vol. 23, pp. 1-41, 1999.
[15]
[16]
[17]
86
N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, "Quantum cryptography," Reviews of modern physics, vol. 74, pp. 145-195, 2002. M. Elboukhari, M. Azizi, and A. Azizi, "Analysis of the Security of BB84 by Model Checking," arXiv preprint arXiv:1005.4504, 2010. M. Zou and G. Zhang, "Information investigation for B92 protocol in quantum cryptography," in Photonics Asia 2004, 2005, pp. 181-191. M. I. Khan and M. Sher, "Protocols for secure quantum transmission: a review of recent developments," Pakistan Journal of Information and Technology, vol. 2, pp. 265-276, 2003. C. H. Bennett and G. Brassard, "Quantum cryptography: Public key distribution and coin tossing," in Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, 1984. N. Benletaief, H. Rezig, and A. Bouallegue, "Reconciliation for practical quantum key distribution with BB84 protocol," in Mediterranean Microwave Symposium (MMS), 2011 11th, 2011, pp. 219-222. D. Jin, P. Verma, and S. Kartalopoulos, "Key Distribution Using Dual Quantum Channels," in Information Assurance and Security, 2008. ISIAS'08. Fourth International Conference on, 2008, pp. 327-332. X.-y. Yang, Z. Ma, X. Lu, and H.-x. Li, "Quantum secure direct communication based on partially entangled states," in Information Assurance and Security, 2009. IAS'09. Fifth International Conference on, 2009, pp. 11-14. S. Ranganathan, N. Ramasamy, S. K. K. Arumugam, B. Dhanasekaran, P. Ramalingam, V. Radhakrishnan, and R. Karpuppiah, "A Three Party Authentication for Key Distributed Protocol Using Classical and Quantum Cryptography," International Journal of Computer Science Issues(IJCSI), vol. 7, 2010. S. Ali, O. Mahmoud, and A. A. Hasan, "Multicast network security using quantum key distribution (QKD)," in Computer and Communication Engineering (ICCCE), 2012 International Conference on, 2012, pp. 941-947. F. Zamani and P. K. Verma, "A QKD protocol with a two-way quantum channel," in Advanced Networks and Telecommunication Systems (ANTS), 2011 IEEE 5th International Conference on, 2011, pp. 1-6. R. Sarath, A. S. Nargunam, and R. Sumithra, "Dual channel authentication in cryptography using quantum stratagem," in Computing, Electronics and Electrical Technologies (ICCEET), 2012 International Conference on, 2012, pp. 1044-1048.
