Top

Quantum Information Processing

Published in:

01-01-2016

Attacks on quantum key distribution protocols that employ non-ITS authentication

Authors: C. Pacher, A. Abidin, T. Lorünser, M. Peev, R. Ursin, A. Zeilinger, J.-Å. Larsson

Published in: Quantum Information Processing | Issue 1/2016

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

We demonstrate how adversaries with large computing resources can break quantum key distribution (QKD) protocols which employ a particular message authentication code suggested previously. This authentication code, featuring low key consumption, is not information-theoretically secure (ITS) since for each message the eavesdropper has intercepted she is able to send a different message from a set of messages that she can calculate by finding collisions of a cryptographic hash function. However, when this authentication code was introduced, it was shown to prevent straightforward man-in-the-middle (MITM) attacks against QKD protocols. In this paper, we prove that the set of messages that collide with any given message under this authentication code contains with high probability a message that has small Hamming distance to any other given message. Based on this fact, we present extended MITM attacks against different versions of BB84 QKD protocols using the addressed authentication code; for three protocols, we describe every single action taken by the adversary. For all protocols, the adversary can obtain complete knowledge of the key, and for most protocols her success probability in doing so approaches unity. Since the attacks work against all authentication methods which allow to calculate colliding messages, the underlying building blocks of the presented attacks expose the potential pitfalls arising as a consequence of non-ITS authentication in QKD post-processing. We propose countermeasures, increasing the eavesdroppers demand for computational power, and also prove necessary and sufficient conditions for upgrading the discussed authentication code to the ITS level.

previous article Geometry and dynamics of one-norm geometric quantum discord

next article An efficient quantum scheme for Private Set Intersection

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Available only for authorised users

In “Appendix 3” we demonstrate that for typical scenarios the probability that in step (Pc’) a useful PA function \(P^\mathbf E \) for Eve exists is almost one.

Abidin, A., Larsson, J.Å.: Vulnerability of “A novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography”. Int. J. Quantum Inf. 7(5), 1047–1052 (2009)MATHCrossRef

Abidin, A., Larsson, J.Å.: Security of authentication with a fixed key in quantum key distribution. arXiv:1109.5168v1 (2011)

Abidin, A., Larsson, J.Å.: New universal hash functions. In: Lucks, S., Armknecht, F. (eds.) WEWoRC 2011, LNCS, vol. 7242, pp. 99–108. Springer, Berlin (2012)

Ben-Or, M., Mayers, D.: General security definition and composability for quantum & classical protocols. quant-ph/0409062 (2004)

Ben-Or, M., Mayers, D.: The universal composable security of quantum key distribution. In: Kilian, J. (eds.) Proceedings of TCC 2005. Springer, Cambridge, MA, Lecture Notes in Computer Science, vol. 3378, pp. 386–406 (2005). quant-ph/0409078

Bennett, C.H., Brassard, G.: Quantum cryptography: Public key distribution and coin tossing. In: Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, IEEE New York, Bangalore, India, pp. 175–179 (1984)

Bennett, C.H., Bessette, F., Brassard, G., Salvail, L., Smolin, J.A.: Experimental quantum cryptography. J. Cryptol. 5(1), 3–28 (1992)MATHCrossRef

Beth, T., Müller-Quade, J., Steinwandt, R.: Cryptanalysis of a practical quantum key distribution with polarization-entangled photons. Quantum Inf. Comput. 5(3), 181–186 (2005)MATHMathSciNet

Bierbrauer, J.: Universal hashing and geometric codes. Des. Codes Cryptogr. 11, 207–221 (1997)MATHMathSciNetCrossRef

10.

Bierbrauer, J., Johansson, T., Kabatianskii, G., Smeets, B.: On families of hash functions via geometric codes and concatenation. In: Stinson, D. (eds.) CRYPTO ’93. Lecture Notes in Computer Science, vol. 773, pp. 331–342. Springer, Berlin (1994)

11.

Carter, J.L., Wegman, M.N.: Universal classes of hash functions. J. Comput. Syst. Sci. 18(2), 143–154 (1979)MATHMathSciNetCrossRef

12.

den Boer, B.: A simple and key-economical unconditional authentication scheme. J. Comput. Secur. 2, 65–72 (1993)

13.

Ferguson, N., Schneier, B., Kohno, T.: Cryptography Engineering. Wiley Publishing, Inc, New York (2010)

14.

Gilbert, G., Hamrick, M.: Practical quantum cryptography: a comprehensive analysis (part one). MITRE report MTR 00W0000052. quant-ph/0009027v5 (2000)

15.

Hayashi, M.: Exponential decreasing rate of leaked information in universal random privacy amplification. IEEE Trans. Inf. Theory 57, 3989–4001 (2011)CrossRefMathSciNet

16.

Hoeffding, W.: Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58(301), 13–30 (1963)MATHMathSciNetCrossRef

17.

Johansson, T., Kabatianskii, G., Smeets, B.: On the relation between a-codes and codes correcting independent errors. In: Advances in cryptology, EUROCRYPT 1993, Lecture Notes in Computer Science, vol. 765, pp. 1–11. Springer, Berlin (1993)

18.

Krawczyk, H.: LFSR-based hashing and authentication. In: Desmedt, Y. (eds.) CRYPTO ’94. Lecture Notes in Computer Science, vol. 839, pp. 129–139. Springer, Berlin (1994)

19.

Lütkenhaus, N.: Estimates for practical quantum cryptography. Phys. Rev. A 59(5), 3301–3319 (1999). doi:10.1103/PhysRevA.59.3301 CrossRefADS

20.

Mehlhorn, K., Vishkin, U.: Randomized and deterministic simulations of prams by parallel machines with restricted granularity of parallel memories. Acta Inf. 21, 339–374 (1984)MATHMathSciNetCrossRef

21.

Menezes, A., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton, FL (1996)CrossRefMATH

22.

Müller-Quade, J., Renner, R.: Composability in quantum cryptography. New J. Phys. 11(8), 085,006 (2009)CrossRefMathSciNet

23.

Nguyen, L.H., Roscoe, A.W.: New combinatorial bounds for universal hash functions. Unpublished manuscript (2009). http://www.cs.ox.ac.uk/files/2343/UniversalHash%20%281%29.pdf, http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.153.6475

24.

Peev, M., Nölle, M., Maurhardt, O., Lorünser, T., Suda, M., Poppe, A., Ursin, R., Fedrizzi, A., Zeilinger, A.: A novel protocol-authentication algorithm ruling out a man-in-the middle attack in quantum cryptography. Int J. Quantum Inf. 3(1), 225–231 (2005)MATHCrossRef

25.

Peev, M., Pacher, C., Lorünser, T., Nölle, M., Poppe, A., Maurhart, O., Suda, M., Fedrizzi, A., Ursin, R., Zeilinger, A.: Response to “Vulnerability of ‘A novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography”’. Int J. Quantum Inf. 7(7), 1401–1407 (2009)MATHCrossRef

26.

Portmann, C.: Key recycling in authentication. IEEE Trans. Inf. Theory 60(8), 4383–4396 (2014)MathSciNetCrossRef

27.

Renner, R., König, R.: Universally composable privacy amplification against quantum adversaries. In: Kilian, J. (eds.) Proceedings of TCC 2005. Lecture Notes in Computer Science, vol. 3378, pp. 407–425. Springer, Cambridge, MA (2005)

28.

Sasaki, M., Fujiwara, M., Ishizuka, H., Klaus, W., Wakui, K., Takeoka, M., Miki, S., Yamashita, T., Wang, Z., Tanaka, A., Yoshino, K., Nambu, Y., Takahashi, S., Tajima, A., Tomita, A., Domeki, T., Hasegawa, T., Sakai, Y., Kobayashi, H., Asai, T., Shimizu, K., Tokura, T., Tsurumaru, T., Matsui, M., Honjo, T., Tamaki, K., Takesue, H., Tokura, Y., Dynes, J.F., Dixon, A.R., Sharpe, A.W., Yuan, Z.L., Shields, A.J., Uchikoga, S., Legré, M., Robyr, S., Trinkler, P., Monat, L., Page, J.B., Ribordy, G., Poppe, A., Allacher, A., Maurhart, O., Länger, T., Peev, M., Zeilinger, A.: Field test of quantum key distribution in the Tokyo QKD network. Opt. Express 19(11), 10,387–10,409 (2011). doi:10.1364/OE.19.010387 CrossRef

29.

Scarani, V., Bechmann-Pasquinucci, H., Cerf, N.J., Dus̆ek, M., Lütkenhaus, N., Peev, M.: The security of practical quantum key distribution. Rev. Mod. Phys. 81, 1301–1350 (2009)CrossRefADS

30.

Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (eds.) CRYPTO ’96, Springer 1996, Lecture Notes in Computer Science, vol. 1109, pp. 313–328 (1996)

31.

Stinson, D.R.: Universal hashing and authentication codes. In: Feigenbaum, J. (eds.) CRYPTO ’91, Lecture Notes in Computer Science, vol. 576, pp. 74–85. Springer, Berlin (1991)

32.

Taylor, R.: An integrity check value algorithm for stream ciphers. In: Stinson, D. (eds.) Advances in Cryptology—CRYPTO ’93. Lecture Notes in Computer Science, vol. 773, pp. 40–48. Springer, Berlin (1994)

33.

Wegman, M.N., Carter, J.L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)MATHMathSciNetCrossRef

Title: Attacks on quantum key distribution protocols that employ non-ITS authentication
Authors: C. Pacher
A. Abidin
T. Lorünser
M. Peev
R. Ursin
A. Zeilinger
J.-Å. Larsson
Publication date: 01-01-2016
Publisher: Springer US
Published in: Quantum Information Processing / Issue 1/2016
Print ISSN: 1570-0755
Electronic ISSN: 1573-1332
DOI: https://doi.org/10.1007/s11128-015-1160-4

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Other articles of this Issue 1/2016

Transferring multipartite entanglement among different cavities

Geometry and dynamics of one-norm geometric quantum discord

Quantum entanglement establishment between two strangers

Atom–photon entanglement beyond the multi-photon resonance condition

Efficient multi-party quantum key agreement by cluster states

Exploring the global entanglement and quantum phase transition in the spin 1/2 XXZ model with Dzyaloshinskii–Moriya interaction