Practical quantum cryptography

As it seems, people from Cambridge were able to overcome difficulties that make quantum cryptography impractical: they have built a network with quantum cryptography-based security that allows 10 Mbit/s broadband speed (although the distances between nodes cannot exceed 10 km) – previous speed record was something like 10kbit/s or so.

Open key cryptography

In order to understand what does gibberish above really mean, let us recall some basics of public key-open key cryptography. Suppose we have a large number N which is a product of two primes p and q. We will call the number N a key. In the simplest case the key is known to everybody – to the sender (Alice), to the receiver (Bob) and the hacker (Eve). The sender encodes information in some way, and in order to decode it, one has to know the value of q. If Bob knows p (the secret key), Alice can send him encoded data and open key N=pq, and Bob will easily calculate q.

If Eve wants to hack the code, she will have to learn the value of q somehow. In order to do that, she will have to express the open key N as the product of two primes – this procedure is known to get harder and harder while N becomes larger and larger. In principle, we can choose N to be so large, that contemporary computers will need time of the order of the age of the Universe to expand N.

Open keys and quantum mechanics

In 1984 Charles Bennett and Jiles Brassard have introduced a certain modification of the algorithm above called BB84. In order to increase security provided by the algorithm, the modification involved the use of quantum mechanics (in particular, a property for the wave package to reduce due to the very process of measurement). In Bennett-Brassard approach, the number q is not known at the beginning at all. Alice sends a sequence of photons to Bob, these photons being polarized in the two special basis. Usually, these basis are denoted x (vectors of the basis are oriented diagonally, at 45 and 135 degrees) and + (vectors of the basis are oriented horizontally and vertically, at 0 and 90 degrees). Bob and Alice know the choose the polarization prescription in advance – for example, that horiztonal polarization in the basis + means 0, while vertical polarization means 1. It is not known a priori in which basis a given photon will be polarized – a random number generator decides that.

Bob is trying to detect polarization of the incoming photons. If his guess regarding the choice of basis for the particular photon is wrong, the result of his measurement will be random. Detecting a sequence of photons of a certain length, Bob constructs what is called a primary key. Then, using an non-encrypted channel, Bob reports to Alice which basis he used to detect the polarization of every given photon in the sequence. In turn, Alice tells him whether his guess was correct or not. If his guess was correct, Bob saves the result of measurement, otherwise he erases it. Alice does the same. As a result, both Bob and Alice get keys of the same length.

The last stage of the algorithm is checking out how safe is the key. To check this out, Bob and Alice choose randomly several bits from their keys and compare them using un-encrypted channel. If Eve (hacker!) was listening the full transmission, it should have influenced the polarization of photons sent. This in turn should lead to a very large number of discrepancies between Bob’s and Alice’s keys. If the number of discrepancies is larger than a certain threshold value, the channel is declared to be unsafe – Bob and Alice will have to start from the scratch.

Open keys + quantum mechanics -hackers

Theoretically, BB84 allows to construct absolutely safe network. In reality, certain complications may appear. Here is one: Alice should send a single photon after photon to Bob, in reality, this is almost never so – impulses she sends contain more than one photon. This gives Eve a chance: she detects impulses containing more than one photon, picks one from the impulse and sends the remainder to Bob. Then, listening to the conversation between Alice and Bob, she is able to recover most of the information. This is called photon-number splitting (PNS) attack.

Another difficulty is the speed that network secured with quantum cryptography allows for – as was said above, the maximal throughput people were able to achieve so far was about 10 kbit/s. That’s what makes the work of people from Cambridge revolutionary.

What did they do

They have constructed a network with throughput about 10 Mbit/s, and what is even more important , cheap one.

They use somewhat upgraded BB84 featuring a trick: intensity (that is, average number of photons) of some of the impulses is specially made lower. Alice tells Bob which impulses were low-intensity ones, and Bob calculates the throughput of the channel. If Alice and Bob somewhat fine-tune parameters of the transmission and throughput of the channel, they will find significant drop in throughput if the network is under PBS attack.

Current in avalaunche photodiode as a function of the number of photons. From the paper

Second improvement is that they use avalaunche photodiods (see the plot above). This is what allows them to increase the frequency in the network to 1 GHz (corresponding to 10 Mbit/s over distances up to 20 km).

Via lenta.ru.

Literature:

1. N. Yanofsky, Quantum cryptography for computer scientists
2. Dirk Bouwmeester, The Physics of Quantum Information: Quantum Cryptography, Quantum Teleportation, Quantum Computation
3. Simon Singh, The Code Book: The Science of Secrecy from Ancient Egypt to Quantum Cryptography