504 research outputs found
Using quantum key distribution for cryptographic purposes: a survey
The appealing feature of quantum key distribution (QKD), from a cryptographic
viewpoint, is the ability to prove the information-theoretic security (ITS) of
the established keys. As a key establishment primitive, QKD however does not
provide a standalone security service in its own: the secret keys established
by QKD are in general then used by a subsequent cryptographic applications for
which the requirements, the context of use and the security properties can
vary. It is therefore important, in the perspective of integrating QKD in
security infrastructures, to analyze how QKD can be combined with other
cryptographic primitives. The purpose of this survey article, which is mostly
centered on European research results, is to contribute to such an analysis. We
first review and compare the properties of the existing key establishment
techniques, QKD being one of them. We then study more specifically two generic
scenarios related to the practical use of QKD in cryptographic infrastructures:
1) using QKD as a key renewal technique for a symmetric cipher over a
point-to-point link; 2) using QKD in a network containing many users with the
objective of offering any-to-any key establishment service. We discuss the
constraints as well as the potential interest of using QKD in these contexts.
We finally give an overview of challenges relative to the development of QKD
technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special
issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8
The decoding failure probability of MDPC codes
Moderate Density Parity Check (MDPC) codes are defined here as codes which
have a parity-check matrix whose row weight is where is the
length of the code. They can be decoded like LDPC codes but they decode
much less errors than LDPC codes: the number of errors they can decode in this
case is of order . Despite this fact they have been proved
very useful in cryptography for devising key exchange mechanisms. They have
also been proposed in McEliece type cryptosystems. However in this case, the
parameters that have been proposed in \cite{MTSB13} were broken in
\cite{GJS16}. This attack exploits the fact that the decoding failure
probability is non-negligible. We show here that this attack can be thwarted by
choosing the parameters in a more conservative way. We first show that such
codes can decode with a simple bit-flipping decoder any pattern of
errors. This avoids the
previous attack at the cost of significantly increasing the key size of the
scheme. We then show that under a very reasonable assumption the decoding
failure probability decays almost exponentially with the codelength with just
two iterations of bit-flipping. With an additional assumption it has even been
proved that it decays exponentially with an unbounded number of iterations and
we show that in this case the increase of the key size which is required for
resisting to the attack of \cite{GJS16} is only moderate
Quantum cryptography: key distribution and beyond
Uniquely among the sciences, quantum cryptography has driven both
foundational research as well as practical real-life applications. We review
the progress of quantum cryptography in the last decade, covering quantum key
distribution and other applications.Comment: It's a review on quantum cryptography and it is not restricted to QK
A tiny public key scheme based on Niederreiter Cryptosystem
Due to the weakness of public key cryptosystems encounter of quantum
computers, the need to provide a solution was emerged. The McEliece
cryptosystem and its security equivalent, the Niederreiter cryptosystem, which
are based on Goppa codes, are one of the solutions, but they are not practical
due to their long key length. Several prior attempts to decrease the length of
the public key in code-based cryptosystems involved substituting the Goppa code
family with other code families. However, these efforts ultimately proved to be
insecure. In 2016, the National Institute of Standards and Technology (NIST)
called for proposals from around the world to standardize post-quantum
cryptography (PQC) schemes to solve this issue. After receiving of various
proposals in this field, the Classic McEliece cryptosystem, as well as the
Hamming Quasi-Cyclic (HQC) and Bit Flipping Key Encapsulation (BIKE), chosen as
code-based encryption category cryptosystems that successfully progressed to
the final stage. This article proposes a method for developing a code-based
public key cryptography scheme that is both simple and implementable. The
proposed scheme has a much shorter public key length compared to the NIST
finalist cryptosystems. The key length for the primary parameters of the
McEliece cryptosystem (n=1024, k=524, t=50) ranges from 18 to 500 bits. The
security of this system is at least as strong as the security of the
Niederreiter cryptosystem. The proposed structure is based on the Niederreiter
cryptosystem which exhibits a set of highly advantageous properties that make
it a suitable candidate for implementation in all extant systems
Quantum key distribution and cryptography: a survey
I will try to partially answer, based on a review on recent work, the following question:
Can QKD and more generally quantum information be useful to cover some practical security requirements in current (and future) IT infrastructures ?
I will in particular cover the following topics
- practical performances of QKD
- QKD network deployment - SECOQC project
- Capabilities of QKD as a cryptographic primitive - comparative advantage with other solution, in order to cover practical security requirements
- Quantum information and Side-channels
- QKD security assurance
- Thoughts about "real" Post-Quantum Cryptograph
- …