Free-Space Quantum Cryptography

LMU-München
Department für Physik

Free-Space Quantum Cryptography

Diplomarbeit

vorgelegt von: Ivan Ordavo
vorgelegt am: 6.. Juni 2006

Contents

1 Introduction ... 5

2 Classical Cryptography ... 7
2..1 General Remarks ... 7
2..2 Glossary ... 7
2..3 Kerckhoffs’ Principle and Encryption Keys ... 8
2..4 Symmetric and Asymmetric Ciphers ... 9
2..5 Transposition Ciphers ... 10
2..6 Substitution Ciphers ... 10
Monoalphabetic Substitution ... 10
Polyalphabetic Substitution ... 12
Homophonic Substitution ... 12
Polygraphic Substitution ... 13
Rotor Machines ... 14
2..7 One-time Pad ... 15
Problems with One-time Pad ... 17
2..8 Modern Cryptography ... 17
2..8..1 Symmetric Key Algorithms: DES and AES ... 18
The Feistel Function ... 20
2..8..2 Asymmetric Algorithms ... 22
2..8..3 Hybrid Cryptosystems ... 25
2..9 Security ... 25
2..9..1 Computational Complexity ... 26
2..9..2 Successful Attacks ... 26

3 Quantum Cryptography ... 29
3..1 Introduction ... 29
3..2 Quantum Mechanical Background ... 30
3..2..1 Qubits ... 30
Practical Realization of Qubit States ... 31
3..2..2 No-go Theorems ... 32
3..3 Quantum Entanglement and Bell’s Theorem ... 35
3..4 Quantum Protocols ... 37
3..4..1 Four-State Protocol: BB84 ... 37
Security: Intercept-Resend and Cloning Attack ... 39
3..4..2 Two-State Protocol: B92 ... 41
Security: Unambiguous State Discrimination Attack ... 42
3..4..3 QKD with Weak Coherent Pulses ... 42
Decoy State Protocol ... 45
3..4..4 Entanglement-Based QKD: Original and Simplified Ekert
Protocols ... 48
3..5 Error Correction and Privacy Amplification ... 50
3..5..1 Error Correction ... 50
3..5..2 Privacy Amplification ... 51

4 The Munich Experiment ... 55
4..1 Sender Unit: Alice ... 56
Driving Electronics ... 57
4..1..1 LD Electrical Characterization ... 59
4..1..2 Laser Diode Spectral Characterization ... 60
4..1..3 Information Gain from Spectral Measurements ... 62
4..2 Quantum Channel ... 64
Automatic Alignment ... 65
4..3 Receiver Unit: Bob ... 68
4..4 Synchronization ... 70
4..5 Conclusion ... 72

5 Temperature Stabilization ... 75
5..1 The Main Idea ... 75
5..2 Thermal Management ... 76
5..2..1 Spectral Dependency ... 76
5..2..2 Preliminary Analysis ... 77
5..2..3 TEC Device ... 79
5..2..4 TEC Controller Unit ... 82
5..3 New Design ... 85

6 Summary & Outlook ... 89

A The Extended Euclidean Algorithm ... 91

B Beam Parameters ... 95

Bibliography ... 97

1 Introduction

Cryptography is the art of obscuring the content of a message to unauthorized people, but to make it accessible to trusted parties. This practice has ancient origins and, in the course of the centuries, it could meet more and more demanding requirements determined by the parallel ability of codebreakers to gain knowledge about those secrets. Nevertheless, particularly in the information age in which we live, concerns about security questions have become an everyday topic. If, on the one hand, the internet is now the ultimate place to accelerate the flow of relevant information, on the other hand, companies, government facilities, or even private people must be sure that confidential data flows cannot be accessible to someone else but the authorized party the message is addressed to. In order to ensure such a security level over publicly available networks, some nowadays standardized procedures come into play.

For practical reasons, the most frequently used protocols rely on so called asymmetric key algorithms (public-key cryptography), where the encryption key is published, which allows any sender to perform encryption and to safely send his message, while a private key is kept secret by the receiver, which enables only him to perform decryption. Although widely used, e.g. in onlinebanking transactions or e-commerce, the security of such cryptographic routines is taken for granted only under some reasonable (but not necessarily true) assumptions, such, e.g., limited computational power at one’s disposal or low efficiency of factorizing algorithms.

The only encryption procedure which has been shown to be unbreakable¹ is the one-time pad, a symmetric key algorithm. Unfortunately, some major drawbacks, key distribution above all, make this process hard to implement in the framework of classical information theory. Nevertheless, though this deficiency, it turns out that quantum information theory is able to provide a way-out to this problem. Unlike classical cryptography, which uses mathematical techniques to restrict the amount of eavesdropped information, quantum cryptography exploits the quantum character of nature to ensure secure communication between two trusted parties. This new issue, known under the name of Quantum Key Distribution (QKD)², provides the two parties, Alice and Bob, with a setup to generate a secret key, which can be used afterwards in the encryption/decryption process of the secret message (e.g. with one-time pad). Within this scheme, single key bits are encoded in states of a quantum mechanical system (e.g. polarization states of a photon), and then distributed between two or more parties. If an eavesdropper would ever attempt to intercept key bits, he has to carry out a measurement on a quantum mechanical system, unavoidably changing its status, hence introducing errors. This revolutionary principle of eavesdropping can be detected, is used in analysis protocols which can assert whether the key exchange was secure, or someone tried to eavesdrop, in which case the key has to be dismissed.

In this work we present an experimental implementation of such a scheme, in which raw key bits are encoded in four different polarization states of photons. Using the first proposed quantum encoding protocol, the BB84, and weak coherent pulses from a laser source, we could realize a stable link between transmitter and receiver units over a free-space distance of 500 m. Software-based procedures for key extraction and privacy amplification lead to the final shared secure key. This thesis-work is articulated in four main sections: In the first (Chap. 2), we provide the reader with a wide overview of classical cryptographic methods, how they work and their security issues. The second (Chap. 3) illustrates the main concepts of QKD and the underlying physics involved in them. The third section (Chap. 4) deals with the description of our test-setup located in downtown Munich, with particular attention paid to transmitter/receiver units and source spectral selection. The last part describes the applied procedures for thermal management, which aims to stabilize the spectral characteristics of the source.

2 Classical Cryptography

2.1 General Remarks

Before computer age, the term cryptography (from the Greek κρυπτ ´oς “hidden” and γραϕ´η “to write”), referred solely to the process of changing the content of a message in order to make it unreadable without special knowledge. Since then, the meaning assumed a wider dimension, and nowadays can be summarized with the words of a famous cryptologist, Ron Rivest, who stated: “Cryptography is about communication in the presence of adversaries” [Riv90]. Moreover, the art of gaining unauthorized information, is called cryptanalysis (loosely speaking codebreaking), and together with cryptography constitutes the field of studies of cryptology.

In the technical literature, a fundamental distinction between “classical” and “modern” cryptography is made. The former refers to the age where cryptographic procedures were still accomplished with paper and pen; the latter refers to almost the same tasks but carried out with the help of computers. Nevertheless, throughout this work, the meaning of the adjective “classical” is extended to include also the modern cryptography as a subset, to better outline the difference relative to cryptographic tasks accomplished with the help of quantum based devices.

[......]

1 The precise expression is unconditional secure, that is no restriction is made about computational power or scientific progress available. The proof for the one-time pad is due to Claude Shannon, who published it in the Bell Labs Technical Journal in 1949.

2 Sometimes the expression Quantum Key Growing is used, emphasizing the fact that an initial shared secret key is needed for the process to work.