nach oben

Quantum Information Processing

Erschienen in:

01.01.2016

Attacks on quantum key distribution protocols that employ non-ITS authentication

verfasst von: C. Pacher, A. Abidin, T. Lorünser, M. Peev, R. Ursin, A. Zeilinger, J.-Å. Larsson

Erschienen in: Quantum Information Processing | Ausgabe 1/2016

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We demonstrate how adversaries with large computing resources can break quantum key distribution (QKD) protocols which employ a particular message authentication code suggested previously. This authentication code, featuring low key consumption, is not information-theoretically secure (ITS) since for each message the eavesdropper has intercepted she is able to send a different message from a set of messages that she can calculate by finding collisions of a cryptographic hash function. However, when this authentication code was introduced, it was shown to prevent straightforward man-in-the-middle (MITM) attacks against QKD protocols. In this paper, we prove that the set of messages that collide with any given message under this authentication code contains with high probability a message that has small Hamming distance to any other given message. Based on this fact, we present extended MITM attacks against different versions of BB84 QKD protocols using the addressed authentication code; for three protocols, we describe every single action taken by the adversary. For all protocols, the adversary can obtain complete knowledge of the key, and for most protocols her success probability in doing so approaches unity. Since the attacks work against all authentication methods which allow to calculate colliding messages, the underlying building blocks of the presented attacks expose the potential pitfalls arising as a consequence of non-ITS authentication in QKD post-processing. We propose countermeasures, increasing the eavesdroppers demand for computational power, and also prove necessary and sufficient conditions for upgrading the discussed authentication code to the ITS level.

Vorheriger Artikel Geometry and dynamics of one-norm geometric quantum discord

Nächster Artikel An efficient quantum scheme for Private Set Intersection

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

In “Appendix 3” we demonstrate that for typical scenarios the probability that in step (Pc’) a useful PA function \(P^\mathbf E \) for Eve exists is almost one.

Abidin, A., Larsson, J.Å.: Vulnerability of “A novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography”. Int. J. Quantum Inf. 7(5), 1047–1052 (2009)MATHCrossRef

Abidin, A., Larsson, J.Å.: Security of authentication with a fixed key in quantum key distribution. arXiv:1109.5168v1 (2011)

Abidin, A., Larsson, J.Å.: New universal hash functions. In: Lucks, S., Armknecht, F. (eds.) WEWoRC 2011, LNCS, vol. 7242, pp. 99–108. Springer, Berlin (2012)

Ben-Or, M., Mayers, D.: General security definition and composability for quantum & classical protocols. quant-ph/0409062 (2004)

Ben-Or, M., Mayers, D.: The universal composable security of quantum key distribution. In: Kilian, J. (eds.) Proceedings of TCC 2005. Springer, Cambridge, MA, Lecture Notes in Computer Science, vol. 3378, pp. 386–406 (2005). quant-ph/0409078

Bennett, C.H., Brassard, G.: Quantum cryptography: Public key distribution and coin tossing. In: Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, IEEE New York, Bangalore, India, pp. 175–179 (1984)

Bennett, C.H., Bessette, F., Brassard, G., Salvail, L., Smolin, J.A.: Experimental quantum cryptography. J. Cryptol. 5(1), 3–28 (1992)MATHCrossRef

Beth, T., Müller-Quade, J., Steinwandt, R.: Cryptanalysis of a practical quantum key distribution with polarization-entangled photons. Quantum Inf. Comput. 5(3), 181–186 (2005)MATHMathSciNet

Bierbrauer, J.: Universal hashing and geometric codes. Des. Codes Cryptogr. 11, 207–221 (1997)MATHMathSciNetCrossRef

10.

Bierbrauer, J., Johansson, T., Kabatianskii, G., Smeets, B.: On families of hash functions via geometric codes and concatenation. In: Stinson, D. (eds.) CRYPTO ’93. Lecture Notes in Computer Science, vol. 773, pp. 331–342. Springer, Berlin (1994)

11.

Carter, J.L., Wegman, M.N.: Universal classes of hash functions. J. Comput. Syst. Sci. 18(2), 143–154 (1979)MATHMathSciNetCrossRef

12.

den Boer, B.: A simple and key-economical unconditional authentication scheme. J. Comput. Secur. 2, 65–72 (1993)

13.

Ferguson, N., Schneier, B., Kohno, T.: Cryptography Engineering. Wiley Publishing, Inc, New York (2010)

14.

Gilbert, G., Hamrick, M.: Practical quantum cryptography: a comprehensive analysis (part one). MITRE report MTR 00W0000052. quant-ph/0009027v5 (2000)

15.

Hayashi, M.: Exponential decreasing rate of leaked information in universal random privacy amplification. IEEE Trans. Inf. Theory 57, 3989–4001 (2011)CrossRefMathSciNet

16.

Hoeffding, W.: Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58(301), 13–30 (1963)MATHMathSciNetCrossRef

17.

Johansson, T., Kabatianskii, G., Smeets, B.: On the relation between a-codes and codes correcting independent errors. In: Advances in cryptology, EUROCRYPT 1993, Lecture Notes in Computer Science, vol. 765, pp. 1–11. Springer, Berlin (1993)

18.

Krawczyk, H.: LFSR-based hashing and authentication. In: Desmedt, Y. (eds.) CRYPTO ’94. Lecture Notes in Computer Science, vol. 839, pp. 129–139. Springer, Berlin (1994)

19.

Lütkenhaus, N.: Estimates for practical quantum cryptography. Phys. Rev. A 59(5), 3301–3319 (1999). doi:10.1103/PhysRevA.59.3301 CrossRefADS

20.

Mehlhorn, K., Vishkin, U.: Randomized and deterministic simulations of prams by parallel machines with restricted granularity of parallel memories. Acta Inf. 21, 339–374 (1984)MATHMathSciNetCrossRef

21.

Menezes, A., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton, FL (1996)CrossRefMATH

22.

Müller-Quade, J., Renner, R.: Composability in quantum cryptography. New J. Phys. 11(8), 085,006 (2009)CrossRefMathSciNet

23.

Nguyen, L.H., Roscoe, A.W.: New combinatorial bounds for universal hash functions. Unpublished manuscript (2009). http://www.cs.ox.ac.uk/files/2343/UniversalHash%20%281%29.pdf, http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.6475

24.

Peev, M., Nölle, M., Maurhardt, O., Lorünser, T., Suda, M., Poppe, A., Ursin, R., Fedrizzi, A., Zeilinger, A.: A novel protocol-authentication algorithm ruling out a man-in-the middle attack in quantum cryptography. Int J. Quantum Inf. 3(1), 225–231 (2005)MATHCrossRef

25.

Peev, M., Pacher, C., Lorünser, T., Nölle, M., Poppe, A., Maurhart, O., Suda, M., Fedrizzi, A., Ursin, R., Zeilinger, A.: Response to “Vulnerability of ‘A novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography”’. Int J. Quantum Inf. 7(7), 1401–1407 (2009)MATHCrossRef

26.

Portmann, C.: Key recycling in authentication. IEEE Trans. Inf. Theory 60(8), 4383–4396 (2014)MathSciNetCrossRef

27.

Renner, R., König, R.: Universally composable privacy amplification against quantum adversaries. In: Kilian, J. (eds.) Proceedings of TCC 2005. Lecture Notes in Computer Science, vol. 3378, pp. 407–425. Springer, Cambridge, MA (2005)

28.

Sasaki, M., Fujiwara, M., Ishizuka, H., Klaus, W., Wakui, K., Takeoka, M., Miki, S., Yamashita, T., Wang, Z., Tanaka, A., Yoshino, K., Nambu, Y., Takahashi, S., Tajima, A., Tomita, A., Domeki, T., Hasegawa, T., Sakai, Y., Kobayashi, H., Asai, T., Shimizu, K., Tokura, T., Tsurumaru, T., Matsui, M., Honjo, T., Tamaki, K., Takesue, H., Tokura, Y., Dynes, J.F., Dixon, A.R., Sharpe, A.W., Yuan, Z.L., Shields, A.J., Uchikoga, S., Legré, M., Robyr, S., Trinkler, P., Monat, L., Page, J.B., Ribordy, G., Poppe, A., Allacher, A., Maurhart, O., Länger, T., Peev, M., Zeilinger, A.: Field test of quantum key distribution in the Tokyo QKD network. Opt. Express 19(11), 10,387–10,409 (2011). doi:10.1364/OE.19.010387 CrossRef

29.

Scarani, V., Bechmann-Pasquinucci, H., Cerf, N.J., Dus̆ek, M., Lütkenhaus, N., Peev, M.: The security of practical quantum key distribution. Rev. Mod. Phys. 81, 1301–1350 (2009)CrossRefADS

30.

Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (eds.) CRYPTO ’96, Springer 1996, Lecture Notes in Computer Science, vol. 1109, pp. 313–328 (1996)

31.

Stinson, D.R.: Universal hashing and authentication codes. In: Feigenbaum, J. (eds.) CRYPTO ’91, Lecture Notes in Computer Science, vol. 576, pp. 74–85. Springer, Berlin (1991)

32.

Taylor, R.: An integrity check value algorithm for stream ciphers. In: Stinson, D. (eds.) Advances in Cryptology—CRYPTO ’93. Lecture Notes in Computer Science, vol. 773, pp. 40–48. Springer, Berlin (1994)

33.

Wegman, M.N., Carter, J.L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)MATHMathSciNetCrossRef

Titel: Attacks on quantum key distribution protocols that employ non-ITS authentication
verfasst von: C. Pacher
A. Abidin
T. Lorünser
M. Peev
R. Ursin
A. Zeilinger
J.-Å. Larsson
Publikationsdatum: 01.01.2016
Verlag: Springer US
Erschienen in: Quantum Information Processing / Ausgabe 1/2016
Print ISSN: 1570-0755
Elektronische ISSN: 1573-1332
DOI: https://doi.org/10.1007/s11128-015-1160-4

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence_ieS/© Springer Fachmedien Wiesbaden GmbH, Search Icon, Banner Hanser, Strompreise/© vejaa / stock.adobe.com, Bunte Männchen, die Kunden darstelle, werden von einem riesigen Magneten angezogen. /© Oleksiy Mark, Dr. Daniel Schneider/© Fraunhofer IESE, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell, ATZ-Webinar: Prototypenfreie Entwicklung durch Offline- und Driver-in-the-Loop-HiL-Tests /© (c) VI-grade

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2016

The staggered quantum walk model

Efficient multi-party quantum key agreement by cluster states

Highly symmetric POVMs and their informational power

Exploring the global entanglement and quantum phase transition in the spin 1/2 XXZ model with Dzyaloshinskii–Moriya interaction

A survey of quantum image representations

Quantum entanglement establishment between two strangers

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.