On the Key-Uncertainty of Quantum Ciphers and the Computational Security of One-way Quantum Transmission

We consider the scenario where Alice wants to send a secret (classical) $n$-bit message to Bob using a classical key, and where only one-way transmission from Alice to Bob is possible. In this case, quantum communication cannot help to obtain perfect secrecy with key length smaller then $n$. We study the question of whether there might still be fundamental differences between the case where quantum as opposed to classical communication is used. In this direction, we show that there exist ciphers with perfect security producing quantum ciphertext where, even if an adversary knows the plaintext and applies an optimal measurement on the ciphertext, his Shannon uncertainty about the key used is almost maximal. This is in contrast to the classical case where the adversary always learns $n$ bits of information on the key in a known plaintext attack. We also show that there is a limit to how different the classical and quantum cases can be: the most probable key, given matching plain- and ciphertexts, has the same probability in both the quantum and the classical cases. We suggest an application of our results in the case where only a short secret key is available and the message is much longer.Comment: 19 pages, 2 figures. This is a revised version of an earlier version that appeared in the proc. of Eucrocrypt'04:LNCS3027, 200

A Tight High-Order Entropic Quantum Uncertainty Relation With Applications

We derive a new entropic quantum uncertainty relation involving min-entropy. The relation is tight and can be applied in various quantum-cryptographic settings. Protocols for quantum 1-out-of-2 Oblivious Transfer and quantum Bit Commitment are presented and the uncertainty relation is used to prove the security of these protocols in the bounded quantum-storage model according to new strong security definitions. As another application, we consider the realistic setting of Quantum Key Distribution (QKD) against quantum-memory-bounded eavesdroppers. The uncertainty relation allows to prove the security of QKD protocols in this setting while tolerating considerably higher error rates compared to the standard model with unbounded adversaries. For instance, for the six-state protocol with one-way communication, a bit-flip error rate of up to 17% can be tolerated (compared to 13% in the standard model). Our uncertainty relation also yields a lower bound on the min-entropy key uncertainty against known-plaintext attacks when quantum ciphers are composed. Previously, the key uncertainty of these ciphers was only known with respect to Shannon entropy.Comment: 21 pages; editorial changes, additional applicatio

Review on DNA Cryptography

Cryptography is the science that secures data and communication over the network by applying mathematics and logic to design strong encryption methods. In the modern era of e-business and e-commerce the protection of confidentiality, integrity and availability (CIA triad) of stored information as well as of transmitted data is very crucial. DNA molecules, having the capacity to store, process and transmit information, inspires the idea of DNA cryptography. This combination of the chemical characteristics of biological DNA sequences and classical cryptography ensures the non-vulnerable transmission of data. In this paper we have reviewed the present state of art of DNA cryptography.Comment: 31 pages, 12 figures, 6 table

Quantum Noise Randomized Ciphers

We review the notion of a classical random cipher and its advantages. We sharpen the usual description of random ciphers to a particular mathematical characterization suggested by the salient feature responsible for their increased security. We describe a concrete system known as AlphaEta and show that it is equivalent to a random cipher in which the required randomization is effected by coherent-state quantum noise. We describe the currently known security features of AlphaEta and similar systems, including lower bounds on the unicity distances against ciphertext-only and known-plaintext attacks. We show how AlphaEta used in conjunction with any standard stream cipher such as AES (Advanced Encryption Standard) provides an additional, qualitatively different layer of security from physical encryption against known-plaintext attacks on the key. We refute some claims in the literature that AlphaEta is equivalent to a non-random stream cipher.Comment: Accepted for publication in Phys. Rev. A; Discussion augmented and re-organized; Section 5 contains a detailed response to 'T. Nishioka, T. Hasegawa, H. Ishizuka, K. Imafuku, H. Imai: Phys. Lett. A 327 (2004) 28-32 /quant-ph/0310168' & 'T. Nishioka, T. Hasegawa, H. Ishizuka, K. Imafuku, H. Imai: Phys. Lett. A 346 (2005) 7

Orthogonal-state-based cryptography in quantum mechanics and local post-quantum theories

We introduce the concept of cryptographic reduction, in analogy with a similar concept in computational complexity theory. In this framework, class $A$ of crypto-protocols reduces to protocol class $B$ in a scenario $X$, if for every instance $a$ of $A$, there is an instance $b$ of $B$ and a secure transformation $X$ that reproduces $a$ given $b$, such that the security of $b$ guarantees the security of $a$. Here we employ this reductive framework to study the relationship between security in quantum key distribution (QKD) and quantum secure direct communication (QSDC). We show that replacing the streaming of independent qubits in a QKD scheme by block encoding and transmission (permuting the order of particles block by block) of qubits, we can construct a QSDC scheme. This forms the basis for the \textit{block reduction} from a QSDC class of protocols to a QKD class of protocols, whereby if the latter is secure, then so is the former. Conversely, given a secure QSDC protocol, we can of course construct a secure QKD scheme by transmitting a random key as the direct message. Then the QKD class of protocols is secure, assuming the security of the QSDC class which it is built from. We refer to this method of deduction of security for this class of QKD protocols, as \textit{key reduction}. Finally, we propose an orthogonal-state-based deterministic key distribution (KD) protocol which is secure in some local post-quantum theories. Its security arises neither from geographic splitting of a code state nor from Heisenberg uncertainty, but from post-measurement disturbance.Comment: 12 pages, no figure, this is a modified version of a talk delivered by Anirban Pathak at Quantum 2014, INRIM, Turin, Italy. This version is published in Int. J. Quantum. Info

Quantum Cryptography in Practice

BBN, Harvard, and Boston University are building the DARPA Quantum Network, the world's first network that delivers end-to-end network security via high-speed Quantum Key Distribution, and testing that Network against sophisticated eavesdropping attacks. The first network link has been up and steadily operational in our laboratory since December 2002. It provides a Virtual Private Network between private enclaves, with user traffic protected by a weak-coherent implementation of quantum cryptography. This prototype is suitable for deployment in metro-size areas via standard telecom (dark) fiber. In this paper, we introduce quantum cryptography, discuss its relation to modern secure networks, and describe its unusual physical layer, its specialized quantum cryptographic protocol suite (quite interesting in its own right), and our extensions to IPsec to integrate it with quantum cryptography.Comment: Preprint of SIGCOMM 2003 pape