Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8

An algebraic time-advantage-based key establishment protocol

In this thesis we have built a key-establishment protocol which takes advantage of a resource : time. When two devices spends a pre-determined, mostly uninterrupted time interval with each other they would be able to establish a key. However it is not just the quantity of time but also the quality which matters. The information gained about the key with time by the legitimate party can is flexible and can be chosen by the user. We have analyzed our protocol thoroughly and discussed the circumstances an adversary can gain access to information about the key

KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems

International audienceThe EPC Class-1 Generation-2 (Gen2 for short) is a Radio Frequency IDentification (RFID) technology that is gaining a prominent place in several domains. However, the Gen2 standard lacks verifiable security functionalities. Eavesdropping attacks can, for instance, affect the security of applications based on the Gen2 technology. To address this problem, RFID tags must be equipped with a robust mechanism to authenticate readers before authorising them to access their data. In this paper, we propose a key establishment and derivation protocol, which is applied at both identification phase and those remainder operations requiring security. Our solution is based on a pseudorandom number generator that uses a low computational workload, while ensuring long term secure communication to protect the secrecy of the exchanged data. Mutual authentication of the tag and the sensor and strong notions of secrecy such as forward and backward secrecy are analysed, and we prove formally that after being amended, our protocol is secure with respect to these properties

Quantum Key Distribution over Probabilistic Quantum Repeaters

A feasible route towards implementing long-distance quantum key distribution (QKD) systems relies on probabilistic schemes for entanglement distribution and swapping as proposed in the work of Duan, Lukin, Cirac, and Zoller (DLCZ) [Nature 414, 413 (2001)]. Here, we calculate the conditional throughput and fidelity of entanglement for DLCZ quantum repeaters, by accounting for the DLCZ self-purification property, in the presence of multiple excitations in the ensemble memories as well as loss and other sources of inefficiency in the channel and measurement modules. We then use our results to find the generation rate of secure key bits for QKD systems that rely on DLCZ quantum repeaters. We compare the key generation rate per logical memory employed in the two cases of with and without a repeater node. We find the cross-over distance beyond which the repeater system outperforms the non-repeater one. That provides us with the optimum inter-node distancing in quantum repeater systems. We also find the optimal excitation probability at which the QKD rate peaks. Such an optimum probability, in most regimes of interest, is insensitive to the total distance.Comment: 12 pages, 6 figures; Fig. 5(a) is replace

Quantum key distribution and cryptography: a survey

I will try to partially answer, based on a review on recent work, the following question: Can QKD and more generally quantum information be useful to cover some practical security requirements in current (and future) IT infrastructures ? I will in particular cover the following topics - practical performances of QKD - QKD network deployment - SECOQC project - Capabilities of QKD as a cryptographic primitive - comparative advantage with other solution, in order to cover practical security requirements - Quantum information and Side-channels - QKD security assurance - Thoughts about "real" Post-Quantum Cryptograph