A quantum key distribution protocol for rapid denial of service detection

We introduce a quantum key distribution protocol designed to expose fake users that connect to Alice or Bob for the purpose of monopolising the link and denying service. It inherently resists attempts to exhaust Alice and Bob's initial shared secret, and is 100% efficient, regardless of the number of qubits exchanged above the finite key limit. Additionally, secure key can be generated from two-photon pulses, without having to make any extra modifications. This is made possible by relaxing the security of BB84 to that of the quantum-safe block cipher used for day-to-day encryption, meaning the overall security remains unaffected for useful real-world cryptosystems such as AES-GCM being keyed with quantum devices.Comment: 13 pages, 3 figures. v2: Shifted focus of paper towards DoS and added protocol 4. v1: Accepted to QCrypt 201

Information reconciliation methods in secret key distribution

We consider in this thesis the problem of information reconciliation in the context of secret key distillation between two legitimate parties. In some scenarios of interest this problem can be advantageously solved with low density parity check (LDPC) codes optimized for the binary symmetric channel. In particular, we demonstrate that our method leads to a significant efficiency improvement, with respect to earlier interactive reconciliation methods. We propose a protocol based on LDPC codes that can be adapted to changes in the communication channel extending the original source. The efficiency of our protocol is only limited by the quality of the code and, while transmitting more information than needed to reconcile Alice’s and Bob’s sequences, it does not reveal any more information on the original source than an ad-hoc code would have revealed.---ABSTRACT---En esta tesis estudiamos el problema de la reconciliación de información en el contexto de la destilación de secreto entre dos partes. En algunos escenarios de interés, códigos de baja densidad de ecuaciones de paridad (LDPC) adaptados al canal binario simétrico ofrecen una buena solución al problema estudiado. Demostramos que nuestro método mejora significativamente la eficiencia de la reconciliación. Proponemos un protocolo basado en códigos LDPC que puede ser adaptado a cambios en el canal de comunicaciones mediante una extensión de la fuente original. La eficiencia de nuestro protocolo está limitada exclusivamente por el código utilizado y no revela información adicional sobre la fuente original que la que un código con la tasa de información adaptada habría revelado

Limitations on Protecting Information Against Quantum Adversaries

The aim of this thesis is to understand the fundamental limitations on secret key distillation in various settings of quantum key distribution. We first consider quantum steering, which is a resource for one-sided device-independent quantum key distribution. We introduce a conditional mutual information based quantifier for quantum steering, which we call intrinsic steerability. Next, we consider quantum non-locality, which is a resource for device-independent quantum key distribution. In this context, we introduce a quantifier, intrinsic non-locality, which is a monotone in the resource theory of Bell non-locality. Both these quantities are inspired by intrinsic information and squashed entanglement and are based on conditional mutual information. The idea behind these quantifiers is to suppress the correlations that can be explained by a local hidden variable or by an inaccessible quantum system, thus quantifying the remaining intrinsic correlations. We then prove various properties of these two monotones, which includes the following: monotonicity under free operations, additivity under tensor product of objects, convexity, and faithfulness, among others. Next, we prove that intrinsic steerability is an upper bound on the secret-key-agreement capacity of an assemblage, and intrinsic non-locality is an upper bound on the secret-key-agreement capacity of a quantum probability distribution. Thus we prove that these quantities are upper bounds on the achievable key rates in one-sided device-independent and device-independent quantum key distribution protocols. We also calculate these bounds for certain honest devices. The study of these upper bounds is instrumental in understanding the limitations of protocols that can be designed for various settings. These upper bounds inform us that, even if one considers the best possible protocol, there is no possibility of exceeding the upper bounds on key rates without a quantum repeater. The upper bounds introduced in this thesis are an important step for initiating this line of research in one-sided device-independent and in device-independent quantum key distribution

Tackling denial of service attacks on key management in software-defined quantum key distribution networks

A QKD network provides an additional security layer for IT-secure cryptographic key distribution that is added to existing conventional networks. Thus, QKD network components must be resilient to security challenges from conventional network environments. This paper provided a novel solution for designing a Key Management System resistant to DoS attacks. Our solution allows applications to function securely in environments with fewer keys. In addition, we have provided approaches for allocating and managing QKD resources to avoid malicious key reservations. Simulation experiments verified the proposed solutions.Web of Science1011052011051

Byzantine Modification Detection in Multicast Networks With Random Network Coding

An information-theoretic approach for detecting Byzantine or adversarial modifications in networks employing random linear network coding is described. Each exogenous source packet is augmented with a flexible number of hash symbols that are obtained as a polynomial function of the data symbols. This approach depends only on the adversary not knowing the random coding coefficients of all other packets received by the sink nodes when designing its adversarial packets. We show how the detection probability varies with the overhead (ratio of hash to data symbols), coding field size, and the amount of information unknown to the adversary about the random code

Practical unconditionally secure signature schemes and related protocols

The security guarantees provided by digital signatures are vital to many modern applications such as online banking, software distribution, emails and many more. Their ubiquity across digital communications arguably makes digital signatures one of the most important inventions in cryptography. Worryingly, all commonly used schemes – RSA, DSA and ECDSA – provide only computational security, and are rendered completely insecure by quantum computers. Motivated by this threat, this thesis focuses on unconditionally secure signature (USS) schemes – an information theoretically secure analogue of digital signatures. We present and analyse two new USS schemes. The first is a quantum USS scheme that is both information-theoretically secure and realisable with current technology. The scheme represents an improvement over all previous quantum USS schemes, which were always either realisable or had a full security proof, but not both. The second is an entirely classical USS scheme that uses minimal resources and is vastly more efficient than all previous schemes, to such an extent that it could potentially find real-world application. With the discovery of such an efficient classical USS scheme using only minimal resources, it is difficult to see what advantage quantum USS schemes may provide. Lastly, we remain in the information-theoretic security setting and consider two quantum protocols closely related to USS schemes – oblivious transfer and quantum money. For oblivious transfer, we prove new lower bounds on the minimum achievable cheating probabilities in any 1-out-of-2 protocol. For quantum money, we present a scheme that is more efficient and error tolerant than all previous schemes. Additionally, we show that it can be implemented using a coherent source and lossy detectors, thereby allowing for the first experimental demonstration of quantum coin creation and verification