Secure communication plays a crucial role in the Internet Age. Quantum mechanics may revolutionise cryptography as we know it today. In this Review Article, we introduce the motivation and the current state of the art of research in quantum cryptography. In particular, we discuss the present security model together with its assumptions, strengths and weaknesses. After a brief introduction to recent experimental progress and challenges, we survey the latest developments in quantum hacking and counter-measures against it.With the rise of the Internet, the importance of cryptography is growing every day. Each time we make an on-line purchase with our credit cards, or we conduct financial transactions using Internet banking, we should be concerned with secure communication. Unfortunately, the security of conventional cryptography is often based on computational assumptions. For instance, the security of the RSA scheme [1], the most widely used public-key encryption scheme, is based on the presumed hardness of factoring. Consequently, conventional cryptography is vulnerable to unanticipated advances in hardware and algorithms, as well as to quantum code-breaking such as Shor's efficient algorithm [2] for factoring. Government and trade secrets are kept for decades. An eavesdropper, Eve, may simply save communications sent in 2014 and wait for technological advances. If she is able to factorise large integers in say 2100, she could retroactively break the security of data sent in 2014.In contrast, quantum key distribution (QKD), the best-known application of quantum cryptography, promises to achieve the Holy Grail of cryptographyunconditional security in communication. By unconditional security or, more precisely, -security, as it will be explained shortly (see section discussing the security model of QKD), Eve is not restricted by computational assumptions but she is only limited by the laws of physics. QKD is a remarkable solution to long-term security since, in principle, it offers security for eternity. Unlike conventional cryptography, which allows Eve to store a classical transcript of communications, in QKD, once a quantum transmission is done, there is no classical transcript for Eve to store. See Box 1 for background information on secure communication and QKD.Box 1 | Secure communication and QKD. Secure Communication: Suppose a sender, Alice, would like to send a secret message to a receiver, Bob, through an open communication channel. Encryption is needed. If they share a common string of secret bits, called a key, Alice can use her key to transform a plain-text into a cipher-text, which is unintelligible to Eve. In contrast, Bob, with his key, can decrypt the cipher-text and recover the plain-text. In cryptography, the security of a crypto-system should rely solely on the secrecy of the key. The question is: how to distribute a key securely? In conventional cryptography, this is often done by trusted couriers. Unfortunately, in classical physics, couriers may be brided or compromised without the users noti...
Abstract:A secure communication network with quantum key distribution in a metropolitan area is reported. Six different QKD systems are integrated into a mesh-type network. GHz-clocked QKD links enable us to demonstrate the world-first secure TV conferencing over a distance of 45km. The network includes a commercial QKD product for long-term stable operation, and application interface to secure mobile phones. Detection of an eavesdropper, rerouting into a secure path, and key relay via trusted nodes are demonstrated in this network. ©2011 Optical Society of AmericaOCIS codes: (270.5568) Quantum cryptography; (060.5565) Quantum communications. References and links1. N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, "Quantum cryptography," Rev. Mod. Phys. 74(1), 145-195 (2002). 2. V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Dušek, N. N. Lütkenhaus, and M. Peev, "The security of practical quantum key distribution," Rev. Mod. Phys. 81(3), 1301-1350 (2009
Quantum communication holds promise for unconditionally secure transmission of secret messages and faithful transfer of unknown quantum states. Photons appear to be the medium of choice for quantum communication. Owing to photon losses, robust quantum communication over long lossy channels requires quantum repeaters. It is widely believed that a necessary and highly demanding requirement for quantum repeaters is the existence of matter quantum memories. Here we show that such a requirement is, in fact, unnecessary by introducing the concept of all-photonic quantum repeaters based on flying qubits. In particular, we present a protocol based on photonic cluster-state machine guns and a loss-tolerant measurement equipped with local high-speed active feedforwards. We show that, with such all-photonic quantum repeaters, the communication efficiency scales polynomially with the channel distance. Our result paves a new route towards quantum repeaters with efficient single-photon sources rather than matter quantum memories.
Quantum key distribution (QKD) offers an unconditionally secure means of communication based on the laws of quantum mechanics [1]. Currently, a major challenge is to achieve a QKD system with a 40 dB channel loss, which is required if we are to realize global scale QKD networks using communication satellites [2]. Here we report the first QKD experiment in which secure keys were distributed over 42 dB channel loss and 200 km of optical fibre. We employed the differential phase shift quantum key distribution (DPS-QKD) protocol [3] implemented with a 10-GHz clock frequency, and superconducting single photon detectors (SSPD) based on NbN nanowire [4,5]. The SSPD offers a very low dark count rate (a few Hz) and small timing jitter (60 ps full width at half maximum). These characteristics allowed us to construct a 10-GHz clock QKD system and thus distribute secure keys over channel loss of 42 dB. In addition, we achieved a 17 kbit/s secure key rate over 105 km of optical fibre, which is two orders of
Quantum key distribution promises unconditionally secure communications. However, as practical devices tend to deviate from their specifications, the security of some practical systems is no longer valid. In particular, an adversary can exploit imperfect detectors to learn a large part of the secret key, even though the security proof claims otherwise. Recently, a practical approach-measurement-device-independent quantum key distribution-has been proposed to solve this problem. However, so far its security has only been fully proven under the assumption that the legitimate users of the system have unlimited resources. Here we fill this gap and provide a rigorous security proof against general attacks in the finite-key regime. This is obtained by applying large deviation theory, specifically the Chernoff bound, to perform parameter estimation. For the first time we demonstrate the feasibility of long-distance implementations of measurement-device-independent quantum key distribution within a reasonable time frame of signal transmission.
In principle, quantum key distribution (QKD) offers unconditional security based on the laws of physics. In practice, flaws in the state preparation undermine the security of QKD systems, as standard theoretical approaches to deal with state preparation flaws are not loss-tolerant. An eavesdropper can enhance and exploit such imperfections through quantum channel loss, thus dramatically lowering the key generation rate. Crucially, the security analyses of most existing QKD experiments are rather unrealistic as they typically neglect this effect. Here, we propose a novel and general approach that makes QKD loss-tolerant to state preparation flaws. Importantly, it suggests that the state preparation process in QKD can be significantly less precise than initially thought. Our method can widely apply to other quantum cryptographic protocols.PACS numbers: 03.67.Dd, 03.67.-a Introduction.-Quantum key distribution (QKD) [1] allows two distant parties, Alice and Bob, to distribute a secret key, which is essential to achieve provable secure communications [2]. The field of QKD has progressed very rapidly over the last years, and it now offers practical systems that can operate in realistic environments [3,4].Crucially, QKD provides unconditional security based on the laws of physics, i.e., despite the computational power of the eavesdropper, Eve. Indeed, the security of QKD has been promptly demonstrated for different scenarios [5][6][7][8][9][10][11][12]. Importantly, Gottesman, Lo, Lütkenhaus and Preskill [13] (henceforth referred to as GLLP) proved the security of QKD when Alice's and Bob's devices are flawed, as is the case in practical implementations. Unfortunately, however, GLLP has a severe limitation, namely, it is not loss-tolerant; it assumes the worst case scenario where Eve can enhance flaws in the state preparation by exploiting channel loss. As a result, the key generation rate and achievable distance of QKD are dramatically reduced [14]. Notice that most existing QKD experiments simply ignore state preparation imperfections in their key rate formula, which renders their results unrealistic and not really secure.In this Letter, we show that GLLP's worst case assumption is far too conservative, i.e., in sharp contrast to GLLP, we present a security proof for QKD that is loss-tolerant. Indeed, for the case of modulation errors, an important flaw in real-life QKD systems, we show that Eve cannot exploit channel loss to enhance such imperfections. The intuition here is rather simple: in this type of state preparation flaws the signals sent out by Alice are still qubits, i.e., there is no side-channel for Eve to exploit
Most quantum communication tasks need to rely on the transmission of quantum signals over long distances. Unfortunately, transmission of such signals is most often limited by losses in the channel, the same issue that affects classical communication. Simple signal amplification provides an elegant solution for the classical world, but this is not possible in the quantum world, as the no-cloning theorem forbids such an operation and, thus, an alternative approach, a quantum repeater, is needed. Quantum repeaters enable one to create a known maximally entangled state between the end points of the network by first segmenting the network into pieces, creating entanglement between the segments, and then, connecting those entanglement to create the required long range entanglement. Quantum teleportation then allows an unknown quantum message to be transmitted between them using the long-range entangled state. This form of quantum communication will be at the heart of the future quantum Internet. In this review, we will detail various approaches to quantum repeaters, and discuss their expected performance and limitations.
We prove the unconditional security of the Bennett 1992 protocol, by using a reduction to an entanglement distillation protocol initiated by a local filtering process. The bit errors and the phase errors are correlated after the filtering, and we can bound the amount of phase errors from the observed bit errors by an estimation method involving nonorthogonal measurements. The angle between the two states shows a trade-off between accuracy of the estimation and robustness to noises.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.