Are There Enough Decoy States to Ensure Key Secrecy in Quantum Cryptography?
- PDF / 575,142 Bytes
- 8 Pages / 612 x 792 pts (letter) Page_size
- 77 Downloads / 138 Views
MOLECULES, OPTICS
Are There Enough Decoy States to Ensure Key Secrecy in Quantum Cryptography? S. N. Molotkova,b,c,*, K. S. Kravtsovd,e, and M. I. Ryzhkina a
Institute of Solid State Physics, Russian Academy of Sciences, Chernogolovka, Moscow oblast, 142432 Russia b Academy of Cryptography of the Russian Federation, Moscow, 121552 Russia c Faculty of Computational Mathematics and Cybernetics, Lomonosov Moscow State University, Moscow, 119899 Russia d Faculty of Physics, Moscow State University, Moscow, 119899 Russia e Prokhorov General Physics Institute, Russian Academy of Sciences, Moscow, 119991 Russia *e-mail: [email protected] Received October 17, 2018; revised October 17, 2018; accepted October 29, 2018
Abstract—The decoy state method has been proposed to detect a photon number splitting (PNS) attack. Today, the decoy state method is considered to be an almost universal method for proving the secrecy of quantum cryptography protocols and calculating the length of a secret key. In this paper, it is shown that there exist attacks, for example, a beam splitting (BS) attack, to which the decoy state method turns out to be insensitive. The decoy state method is oriented to the detection of changes in the photocount statistics of information states and decoy states under a PNS attack. Under a BS attack, the photocount statistics is not changed. As a result, the decoy state method significantly overestimates the length of the key. Thus, the decoy state method is not a universal method that allows the detection of various attacks. Apparently, due to a large number of publications on the decoy state method, a widespread opinion has been formed that this method is universal. This fact has led to attempts to adopt this method as an international standard in quantum cryptography, which is clearly premature. DOI: 10.1134/S1063776119030105
1. INTRODUCTION Quantum cryptography solves one of the main problems of symmetric cryptography—the problem of secret key distribution over an open quantum channel and an auxiliary classical authentic communication channel. At the formal level, legitimate users (Alice and Bob), without sharing a secret, can obtain a shared secret key by quantum cryptography from a weak cryptographic primitive—an authentic exchange of classical information and a transfer of quantum states. The shared secret key is the strongest cryptographic primitive from which one can obtain all the other cryptographic functions. The secrecy of keys in quantum cryptography is guaranteed by the fundamental laws of quantum mechanics on the distinguishability of quantum states. Key secrecy in quantum cryptography at the level of fundamental principles is strictly proved only in the single-photon case for the BB84 protocol [1]. The proof is based on the fundamental entropy uncertainty relations [2]. These relations allow one to avoid enumerating all sorts of attacks on transmitted quantum states and obtain an upper bound for the information leak to the eavesdropper (Eve) when only the observed error is known on the
Data Loading...
