Showing papers on "Quantum cryptography published in 2003"
TL;DR: In this article, the authors present the Deutsch-Jozsa algorithm for continuous variables, and a deterministic version of it is used for quantum information processing with continuous variables.
Abstract: Preface. About the Editors. Part I: Quantum Computing. 1. Quantum computing with qubits S.L. Braunstein, A.K. Pati. 2. Quantum computation over continuous variables S. Lloyd, S.L. Braunstein. 3. Error correction for continuous quantum variables S.L. Braunstein. 4. Deutsch-Jozsa algorithm for continuous variables A.K. Pati, S.L. Braunstein. 5. Hybrid quantum computing S. Lloyd. 6. Efficient classical simulation of continuous variable quantum information processes S.D. Bartlett, B.C. Sanders, S.L. Braunstein, K. Nemoto. Part II: Quantum Entanglement. 7. Introduction to entanglement-based protocols S.L. Braunstein, A.K. Pati. 8. Teleportation of continuous uantum variables S.L. Braunstein, H.J. Kimble. 9. Experimental realization of continuous variable teleportation A. Furusawa, H.J. Kimble. 10. Dense coding for continuous variables S.L. Braunstein, H.J. Kimble. 11. Multipartite Greenberger-Horne-Zeilinger paradoxes for continuous variables S. Massar, S. Pironio. 12. Multipartite entanglement for continuous variables P. van Loock, S.L. Braunstein. 13. Inseparability criterion for continuous variable systems Lu-Ming Duan, G. Giedke, J.I. Cirac, P. Zoller. 14. Separability criterion for Gaussian states R. Simon. 15. Distillability and entanglement purification for Gaussian states G. Giedke, Lu-Ming Duan, J.I. Cirac, P. Zoller. 16. Entanglement purification via entanglement swapping S. Parke, S. Bose, M.B. Plenio. 17. Bound entanglement for continuous variables is a rare phenomenon P. Horodecki, J.I. Cirac, M. Lewenstein. Part III: Continuous Variable Optical-Atomic Interfacing. 18. Atomic continuous variable processing and light-atoms quantum interface A. Kuzmich, E.S. Polzik. Part IV: Limits on Quantum Information and Cryptography. 19. Limitations on discrete quantum information and cryptography S.L. Braunstein, A.K. Pati. 20. Quantum cloning with continuous variables N.J. Cerf. 21. Quantum key distribution with continuous variables in optics T.C. Ralph. 22. Secure quantum key distribution using squeezed states D. Gottesman, J. Preskill. 23. Experimental demonstration of dense coding and quantum cryptography with continuous variables Kunchi Peng, Qing Pan, Jing Zhang, Changde Xie. 24. Quantum solitons in optical fibres: basic requisites for experimental quantum communication G. Leuchs, Ch. Silberhorn, E. Konig, P.K. Lam, A. Sizmann, N. Korolkova. Index.
3,911 citations
TL;DR: A protocol for quantum secure direct communication using blocks of Einstein-Podolsky-Rosen (EPR) pairs is proposed, and a set of ordered N EPR pairs is used as a data block for sending secret message directly.
Abstract: A protocol for quantum secure direct communication using blocks of Einstein-Podolsky-Rosen (EPR) pairs is proposed. A set of ordered N EPR pairs is used as a data block for sending secret message directly. The ordered N EPR set is divided into two particle sequences, a checking sequence and a message-coding sequence. After transmitting the checking sequence, the two parties of communication check eavesdropping by measuring a fraction of particles randomly chosen, with random choice of two sets of measuring bases. After insuring the security of the quantum channel, the sender Alice encodes the secret message directly on the message-coding sequence and sends them to Bob. By combining the checking and message-coding sequences together, Bob is able to read out the encoded messages directly. The scheme is secure because an eavesdropper cannot get both sequences simultaneously. We also discuss issues in a noisy channel.
1,844 citations
TL;DR: This work proposes and experimentally demonstrate a quantum key distribution protocol based on the transmission of gaussian-modulated coherent states and shot-noise-limited homodyne detection, which is in principle secure for any value of the line transmission, against gaussian individual attacks based on entanglement and quantum memories.
Abstract: Quantum continuous variables are being explored as an alternative means to implement quantum key distribution, which is usually based on single photon counting. The former approach is potentially advantageous because it should enable higher key distribution rates. Here we propose and experimentally demonstrate a quantum key distribution protocol based on the transmission of gaussian-modulated coherent states (consisting of laser pulses containing a few hundred photons) and shot-noise-limited homodyne detection; squeezed or entangled beams are not required. Complete secret key extraction is achieved using a reverse reconciliation technique followed by privacy amplification. The reverse reconciliation technique is in principle secure for any value of the line transmission, against gaussian individual attacks based on entanglement and quantum memories. Our table-top experiment yields a net key transmission rate of about 1.7 megabits per second for a loss-free line, and 75 kilobits per second for a line with losses of 3.1 dB. We anticipate that the scheme should remain effective for lines with higher losses, particularly because the present limitations are essentially technical, so that significant margin for improvement is available on both the hardware and software.
1,595 citations
TL;DR: In this paper, the authors considered the existence in arbitrary finite dimensions d of a POVM comprised of d^2 rank-one operators all of whose operator inner products are equal, called a ''symmetric, informationally complete'' POVM (SIC-POVM).
Abstract: We consider the existence in arbitrary finite dimensions d of a POVM comprised of d^2 rank-one operators all of whose operator inner products are equal. Such a set is called a ``symmetric, informationally complete'' POVM (SIC-POVM) and is equivalent to a set of d^2 equiangular lines in C^d. SIC-POVMs are relevant for quantum state tomography, quantum cryptography, and foundational issues in quantum mechanics. We construct SIC-POVMs in dimensions two, three, and four. We further conjecture that a particular kind of group-covariant SIC-POVM exists in arbitrary dimensions, providing numerical results up to dimension 45 to bolster this claim.
597 citations
TL;DR: In this paper, the order rearrangement operation in both parties is controlled by a prior shared control key, which is used repeatedly in a quantum key distribution session, so that Eve cannot steal useful information.
Abstract: A technique is devised to perform orthogonal state quantum key distribution. In this scheme, entangled parts of a quantum information carrier are sent from Alice to Bob through two quantum channels. However, before the transmission, the order of the quantum information carrier in one channel is reordered so that Eve cannot steal useful information. At the receiver's end, the order of the quantum information carrier is restored. The order rearrangement operation in both parties is controlled by a prior shared control key which is used repeatedly in a quantum key distribution session.
499 citations
TL;DR: It is shown that $2n$ random classical bits are both necessary and sufficient for encrypting any unknown state of n quantum bits in an informationally secure manner and a connection is made between quantum encryption and quantum teleportation that allows for a different proof of optimality of teleportation.
Abstract: We show that $2n$ random classical bits are both necessary and sufficient for encrypting any unknown state of n quantum bits in an informationally secure manner. We also characterize the complete set of optimal protocols in terms of a set of unitary operations that comprise an orthonormal basis in a canonical inner product space. Moreover, a connection is made between quantum encryption and quantum teleportation that allows for a different proof of optimality of teleportation.
407 citations
TL;DR: The eavesdropping scheme is presented, which reveals that the ping-pong protocol is not secure for transmission efficiencies lower than 60%, but can be hidden in the channel losses if one replaces the original lossy channel with a less lossy one.
Abstract: Security of the "ping-pong" quantum communication protocol recently proposed by Bostrom and Felbinger [Phys. Rev. Lett. 89, 187902 (2002)]] is analyzed in the case of considerable quantum channel losses. The eavesdropping scheme is presented, which reveals that the ping-pong protocol is not secure for transmission efficiencies lower than 60%. Our scheme induces 50% losses, which, however, can be hidden in the channel losses if one replaces the original lossy channel with a less lossy one. Finally, a possible improvement of the ping-pong protocol security is proposed.
317 citations
TL;DR: In this article, Shor and Preskill have provided a simple proof of security of the standard quantum key distribution scheme by Bennett and Brassard (1984) by demonstrating a connection between key distribution and entanglement purification protocols (EPPs) with one-way communications.
Abstract: Shor and Preskill (see Phys. Rev. Lett., vol.85, p.441, 2000) have provided a simple proof of security of the standard quantum key distribution scheme by Bennett and Brassard (1984) by demonstrating a connection between key distribution and entanglement purification protocols (EPPs) with one-way communications. Here, we provide proofs of security of standard quantum key distribution schemes, Bennett and Brassard and the six-state scheme, against the most general attack, by using the techniques of two-way entanglement purification. We demonstrate clearly the advantage of classical post-processing with two-way classical communications over classical post-processing with only one-way classical communications in quantum key distribution (QKD). This is done by the explicit construction of a new protocol for (the error correction/detection and privacy amplification of) Bennett and Brassard that can tolerate a bit error rate of up to 18.9%, which is higher than what any Bennett and Brassard scheme with only one-way classical communications can possibly tolerate. Moreover, we demonstrate the advantage of the six-state scheme over Bennett and Brassard by showing that the six-state scheme can strictly tolerate a higher bit error rate than Bennett and Brassard. In particular, our six-state protocol can tolerate a bit error rate of 26.4%, which is higher than the upper bound of 25% bit error rate for any secure Bennett and Brassard protocol. Consequently, our protocols may allow higher key generation rate and remain secure over longer distances than previous protocols. Our investigation suggests that two-way entanglement purification is a useful tool in the study of advantage distillation, error correction, and privacy amplification protocols.
311 citations
TL;DR: It is proved that any RSP protocol can be modified to require from the sender only a single specimen of the state, without increasing the classical communication cost, which implies Lo's conjectured lower bound on the cost.
Abstract: We characterize the class of remote state preparation (RSP) protocols that use only forward classical communication and entanglement, deterministically prepare an exact copy of a general state, and do so obliviously-without leaking further information about the state to the receiver. We prove that any such protocol can be modified to require from the sender only a single specimen of the state, without increasing the classical communication cost. This implies Lo's conjectured lower bound on the cost for these protocols. We relate our RSP protocols to the private quantum channels and establish a one-to-one correspondence between them.
260 citations
TL;DR: Differential phase shift quantum key distribution based on two nonorthogonal states is described in this article, in which the phase of each pulse is randomly modulated by a one-bit delay circuit.
Abstract: Differential-phase-shift quantum key distribution based on two nonorthogonal states is described A weak coherent pulse train is sent from Alice to Bob, in which the phase of each pulse is randomly modulated by ${0,\ensuremath{\pi}}$ Bob measures the differential phase by a one-bit delay circuit The system has a simple configuration without the need for an interferometer and a bright reference pulse in Alice's site, unlike the conventional QKD system based on two nonorthogonal states, and has an advantage of improved communication efficiency The principle of the operation is successfully demonstrated in experiments
260 citations
TL;DR: A detailed mathematical analysis of the Winnow protocol is presented in the context of practical implementations of quantum-key distribution, finding the information overhead required for secure implementation is one of the most important criteria in the evaluation of a particular error-reconciliation protocol.
Abstract: We describe an error-reconciliation protocol, which we call Winnow, based on the exchange of parity and Hamming's ``syndrome'' for N-bit subunits of a large dataset. The Winnow protocol was developed in the context of quantum-key distribution and offers significant advantages and net higher efficiency compared to other widely used protocols within the quantum cryptography community. A detailed mathematical analysis of the Winnow protocol is presented in the context of practical implementations of quantum-key distribution; in particular, the information overhead required for secure implementation is one of the most important criteria in the evaluation of a particular error-reconciliation protocol. The increase in efficiency for the Winnow protocol is largely due to the reduction in authenticated public communication required for its implementation.
TL;DR: This work considers the special case where the legitimate partners already share a mutual string which might, however, be partially known to the adversary, and proposes two protocols, one based on universal hashing and onebased on extractors, allowing for privacy amplification secure against an adversary whose knowledge about the initial partially secret string is limited to one third of the length of this string.
Abstract: For pt. II see ibid., vol.49, no.4, p.832-38 (2003). Here, we consider the special case where the legitimate partners already share a mutual string which might, however, be partially known to the adversary. The problem of generating a secret key in this case has been well studied in the passive-adversary model - for instance, in the context of quantum key agreement - under the name of privacy amplification. We consider the same problem with respect to an active adversary and propose two protocols, one based on universal hashing and one based on extractors, allowing for privacy amplification secure against an adversary whose knowledge about the initial partially secret string is limited to one third of the length of this string. Our results are based on novel techniques for authentication secure even against adversaries knowing a substantial amount of the "secret" key.
25 Aug 2003
TL;DR: This paper introduces quantum cryptography, discusses its relation to modern secure networks, and describes its unusual physical layer, its specialized quantum cryptographic protocol suite, and the extensions to IPsec to integrate it with quantum cryptography.
Abstract: BBN, Harvard, and Boston University are building the DARPA Quantum Network, the world's first network that delivers end-to-end network security via high-speed Quantum Key Distribution, and testing that Network against sophisticated eavesdropping attacks. The first network link has been up and steadily operational in our laboratory since December 2002. It provides a Virtual Private Network between private enclaves, with user traffic protected by a weak-coherent implementation of quantum cryptography. This prototype is suitable for deployment in metro-size areas via standard telecom (dark) fiber. In this paper, we introduce quantum cryptography, discuss its relation to modern secure networks, and describe its unusual physical layer, its specialized quantum cryptographic protocol suite (quite interesting in its own right), and our extensions to IPsec to integrate it with quantum cryptography.
Posted Content•
TL;DR: The DARPA Quantum Network as mentioned in this paper is the world's first network that delivers end-to-end network security via high-speed Quantum Key Distribution, and testing that Network against sophisticated eavesdropping attacks.
Abstract: BBN, Harvard, and Boston University are building the DARPA Quantum Network, the world's first network that delivers end-to-end network security via high-speed Quantum Key Distribution, and testing that Network against sophisticated eavesdropping attacks. The first network link has been up and steadily operational in our laboratory since December 2002. It provides a Virtual Private Network between private enclaves, with user traffic protected by a weak-coherent implementation of quantum cryptography. This prototype is suitable for deployment in metro-size areas via standard telecom (dark) fiber. In this paper, we introduce quantum cryptography, discuss its relation to modern secure networks, and describe its unusual physical layer, its specialized quantum cryptographic protocol suite (quite interesting in its own right), and our extensions to IPsec to integrate it with quantum cryptography.
TL;DR: In this article, the authors describe the construction of a time-multiplexed detector, which uses a pair of standard avalanche photodiodes operated in Geiger mode, for resolving any number of photons.
Abstract: Detectors that can resolve photon number are needed in many quantum information technologies. In order to be useful in quantum information processing, such detectors should be simple, easy to use, and be scalable to resolve any number of photons, as the application may require great portability such as in quantum cryptography. Here we describe the construction of a time-multiplexed detector, which uses a pair of standard avalanche photodiodes operated in Geiger mode. The detection technique is analysed theoretically and tested experimentally using a pulsed source of weak coherent light.
TL;DR: It is shown that QKD can be extended beyond point-to-point links to switched multinode architectures including protected ring networks to enhance quantum channel availability.
Abstract: Quantum key distribution (QKD) enables unconditional physical layer security for the distribution of cryptographic key material. However, most experimental demonstrations have relied on simple point-to-point optical links. In this paper we investigate the compatibility of QKD with reconfigurable optical networks. By performing the first tests of QKD transmission through optical switches, we study if there are impairment mechanisms other than switch insertion loss that impact the sifted and error corrected secret bit yield. Three types of transparent optical switch elements are investigated including lithium niobate (LiNbO/sub 3/), microelectromechanical systems (MEMS), and optomechanical. We show that QKD can be extended beyond point-to-point links to switched multinode architectures including protected ring networks to enhance quantum channel availability.
TL;DR: In this paper, a deterministic method was proposed for the preparation and measurement of single-photon two-qubit entangled states, in which the polarization and the spatial modes of a single photon each represent a quantum bit.
Abstract: We implement experimentally a deterministic method to prepare and measure the so-called single-photon two-qubit entangled states or single-photon Bell states, in which the polarization and the spatial modes of a single photon each represent a quantum bit. All four single-photon Bell states can be easily prepared and measured deterministically using linear optical elements alone. We also discuss how this method can be used for the recently proposed single-photon two-qubit quantum cryptography scheme.
TL;DR: A fiber-optics implementation of the Deutsch-Jozsa and Bernstein-Vazirani quantum algorithms for 8-point functions and the measured visibility of the 8-path interferometer is about 97.5%.
Abstract: We report on a fiber-optics implementation of the Deutsch-Jozsa and Bernstein-Vazirani quantum algorithms for 8-point functions. The measured visibility of the 8-path interferometer is about 97.5%. Potential applications of our setup to quantum communication or cryptographic protocols using several qubits are discussed.
TL;DR: In this paper, the security of quantum cryptography schemes for d-level systems using 2 or d + 1 maximally conjugated bases, under individual eavesdropping attacks based on cloning machines and measurement after the basis reconciliation, was analyzed.
Abstract: We analyze the security of quantum cryptography schemes for d-level systems using 2 or d + 1 maximally conjugated bases, under individual eavesdropping attacks based on cloning machines and measurement after the basis reconciliation. We consider classical advantage distillation protocols, that allow to extract a key even in situations where the mutual information between the honest parties is smaller than the eavesdropper's information. In this scenario, advantage distillation protocols are shown to be as powerful as quantum distillation: key distillation is possible using classical techniques if and only if the corresponding state in the entanglement based protocol is distillable.
Posted Content•
TL;DR: A general information-theoretic description of the overall approach to quantum cryptography will be presented, and contrasted with the detection/coding description necessary for specific protocols.
Abstract: A new approach to quantum cryptography to be called KCQ, keyed communication in quantum noise, is developed on the basis of quantum detection and communication theory for classical information transmission. By the use of a shared secret key that determines the quantum states generated for different data bit sequences, the users may employ the corresponding optimum quantum measurement to decode the data. This gives them a better error performance than an attacker who does not know the key when she makes her quantum measurement, and an overall generation of a fresh key may be obtained from the resulting advantage. This principle is illustrated in the operation of a concrete qubit system A general information-theoretic description of the overall approach will be presented, and contrasted with the detection/coding description necessary for specific protocols.
TL;DR: A protocol for quantum cryptography in which the data obtained for mismatched bases are used in full for the purpose of quantum state tomography, and the incoherent eavesdropping attacks that are still permissible are studied.
Abstract: We present a protocol for quantum cryptography in which the data obtained for mismatched bases are used in full for the purpose of quantum state tomography. Eavesdropping on the quantum channel is seriously impeded by requiring that the outcome of the tomography is consistent with unbiased noise in the channel. We study the incoherent eavesdropping attacks that are still permissible and establish under which conditions a secure cryptographic key can be generated. The whole analysis is carried out for channels that transmit quantum systems of any finite dimension.
TL;DR: Whereas other quantum-cryptographic schemes require the use of fragile quantum states and ultrasensitive detection equipment, this protocol is loss tolerant, uses off-the-shelf components, and is optically amplifiable.
Abstract: We demonstrate high-speed (250 Mbps) data encryption over 25 km of telecommunication fiber by use of coherent states. For the parameter values used in the experiment, the demonstration is secure against individual ciphertext-only eavesdropping attacks near the transmitter with ideal detection equipment. Whereas other quantum-cryptographic schemes require the use of fragile quantum states and ultrasensitive detection equipment, our protocol is loss tolerant, uses off-the-shelf components, and is optically amplifiable.
TL;DR: In this paper, a new scheme for quantum key distribution based on entanglement swapping was proposed, and Alice can securely share a random quantum key with Bob, without transporting any particle.
Abstract: We propose a new scheme for quantum key distribution based on entanglement swapping. By this protocol, Alice can securely share a random quantum key with Bob, without transporting any particle.
Patent•
NEC1
TL;DR: In this article, an unbalanced interferometer system for sharing a secret key between a transmitter and a receiver site is presented. But the system does not use a phase modulator in the receiver site.
Abstract: In a quantum cryptography key distribution system for sharing a secret key between a transmitter and a receiver site, an unbalanced interferometer system in the transmitter site has a Mach-Zehnder interferometer switch with a phase modulator while the receiver site records photon arrival time slots. The system utilizes a whole of arrival photons in the receiver site and dispenses with any phase modulator in the receiver site. This system serves to improve a photon utilization efficiency.
Patent•
30 May 2003TL;DR: In this paper, a method and apparatus for secure distribution of cryptographic key information based on quantum cryptography is described, which is used with a transmitter comprising a source of pairs of dim, depolarised light pulses together with a phase modulator and random number generator that are used to encode the binary key information by changing the relative phases of the pulses of some pairs.
Abstract: A method and apparatus for secure distribution of cryptographic key information based on quantum cryptography is described. The apparatus incorporates or is used with a transmitter comprising a source of pairs of dim, depolarised light pulses together with a phase modulator and random number generator that are used to encode the pulse pairs with the binary key information by changing the relative phases of the pulses of some pairs. The apparatus incorporates a receiver comprising a polarisation beam splitter, and a pair of interferometers and optical detectors. The invention overcomes problems associated with polarisation evolution in quantum cryptography systems that incorporate a non-polarisation-preserving optical channel (e.g. standard optical fiber). In addition the invention removes the need for an active random number generator and phase modulator at the receiver, because the polarisation beam splitter acts as if it were a random router, thereby achieving significant reduction of the cost and complexity of the apparatus.
1 Jan 2003
TL;DR: In this article, the authors investigated the potential of quantum cryptography, i.e., quantum key distribution (QKD), with special emphasis on the demands and opportunities provided by intersatellite links.
Abstract: Communication schemes employing quantum entanglement open a wide field of possible applications with properties outperforming their classical counterparts. Promising examples are quantum key distribution, quantum dense coding, and quantum state teleportation. We investigate the potential of quantum cryptography, i.e. quantum key distribution (QKD), with special emphasis on the demands and opportunities provided by intersatellite links.
Posted Content•
TL;DR: It is proved that the information theoretical requirements for a class of quantum secret sharing schemes reduce to only one requirement (the recoverability condition) as a consequence of the no-cloning principle.
Abstract: In this paper we introduce a quantum information theoretical model for quantum secret sharing schemes. We show that quantum information theory provides a unifying framework for the study of these schemes. We prove that the information theoretical requirements for a class of quantum secret sharing schemes reduce to only one requirement (the recoverability condition) as a consequence of the no-cloning principle. We give also a shorter proof of the fact that the size of the shares in a quantum secret sharing scheme must be at least as large as the secret itself.
TL;DR: This work shows how two parties A and B can securely share unlimited sequences of random bits at optical speeds, offering practical advantages over the Bennett-Brassard 1984 protocol for key distribution.
Abstract: This work shows how two parties A and B can securely share unlimited sequences of random bits at optical speeds. A and B possess true-random physical sources and exchange random bits by using a random sequence received to cipher the following one to be sent. A starting shared secret key is used and the method can be described as a one-time-pad unlimited extender. It is demonstrated that the minimum probability of error in signal determination by the eavesdropper can be set arbitrarily close to the pure guessing level. Being based on the M-ry encryption protocol this method also allows for optical amplification without security degradation, offering practical advantages over the Bennett-Brassard 1984 protocol for key distribution.
Patent•
11 Mar 2003TL;DR: In this paper, the authors propose a method and apparatus for synchronizing the receiver and the emitter in an autocompensating quantum cryptography system, where a time reference can either be transmitted using a channel from the other station (for example the receiver), or it can also consist of an information transmitted along a channel and a synchronization unit.
Abstract: In a method and apparatus for synchronizing the receiver and the emitter in an autocompensating quantum cryptography system it is allowed to one of the stations (for example the emitter) to define the timing of all its operations (for example the application of a signal onto the modulator used to encode the values of the bits) as a function of a time reference. This time reference can either be transmitted using a channel from the other station (for example the receiver). It can also consist of a time reference synchronized with that of the other station through using information transmitted along a channel and a synchronization unit. Preferably a time reference unit is provided at each station. One of these time reference units functions as a master, while the other one function as a slave. The slave is synchronized with the master using information transmitted over a communication channel by a synchronization unit.
Posted Content•
TL;DR: In this article, the authors analyzed the security of quantum cryptography schemes for $d$-level systems using 2 or $d+1$ maximally conjugated bases, under individual eavesdropping attacks based on cloning machines and measurement after the basis reconciliation.
Abstract: We analyze the security of quantum cryptography schemes for $d$-level systems using 2 or $d+1$ maximally conjugated bases, under individual eavesdropping attacks based on cloning machines and measurement after the basis reconciliation. We consider classical advantage distillation protocols, that allow to extract a key even in situations where the mutual information between the honest parties is smaller than the eavesdropper's information. In this scenario, advantage distillation protocols are shown to be as powerful as quantum distillation: key distillation is possible using classical techniques if and only if the corresponding state in the entanglement based protocol is distillable.