Where the work of others has been used, it is duly acknowledged in the text. This thesis contains no text, graphics or tables copied and pasted from the Internet, unless specifically acknowledged and the source is detailed in the thesis and References sections.
The problem of secure communication
Second, the requirement of no possible access to information by Eve can be relaxed to a requirement of no possible undetected access, since the key contains no information about the message itself, and if compromised, can be redistributed. The problem is therefore reduced to a search for a courier of key information who can be trusted to report wiretapping in all cases.
The photon as a courier of information
But the key distribution must involve the transfer of information between Alice and Bob so that progress towards the solution has indeed been made.
The counter-intuitive behaviour of elementary particles
Encoding random bits in quantum couriers
Now the task is to investigate the implications of the representation of information in quantum systems such as photons. For α and β both nonzero, there is a plurality of corresponding qubit states, for which the qubit is said to be in a superposition of the states |0i and |1i.
Non-orthogonal quantum states
The utility of encoding information into the qubit depends on how effectively the information can be deciphered. 1 as |+i or |−i, respectively, and if Eve and Bob perform the same measurement as in the above case, the measurement '|0i,|1i', then as previously described the qubit will receive the measurement result as the state her.
BB84 as an illustration of distributing a secret key
Phase 1 of BB84
Thus, in the case of the intercept-and-resend attack, on average only 58 of the S2Bs will agree with S2A, while Eve can construct a bit string of which 34 agree with S2A. The above steps 1-4 constitute phase 1 of the protocol implemented on the quantum channel.
Phase 2 of BB84
3.4.3) on the classical channel, the result of which is that Alice and Bob share an identical key of length N. ii) Enhancing privacy. Thus, Eve's information about the resulting secure key of length n < N shared by Alice and Bob is reduced to zero.
The meaning of unconditional security
Using el as an estimate of e, and conservatively attributing all error to eavesdropping, Alice and Bob can calculate IE, an upper bound on the information potentially gained by Eve. Alice and Bob now perform secret key distillation (SKD) on their remaining N bits, called raw keys, which are not yet perfectly connected nor perfectly secret.
The security of BB84
Entanglement
If Alice and Bob perform the same kind of measurement on one of each of the pairs, their correlated measurement results can be used as a key. The security of this protocol, called E91 after the year its proposal was discussed and discussed only very briefly here, is due to the fact that the distributed signals do not contain any key information due to their superposition state until the legitimate users have both carried out their measurements.
Entanglement and the unconditional security of BB84
After the broadcast and possible eavesdropping, Alice and Bob share a large number of mixed, non-maximally entangled states. A set of pure maximally entangled states is then distilled from the larger set of mixed non-maximally entangled states using CSS codes.
Necessary and sufficient conditions for security
Bob's measurement must be described by non-commute POVM elements, since then there exists no measurement suitable for decoding that could possibly commute with his and thus be performed unnoticed by Eve in an intercept-and-redo- send-attack. This detection is only possible if Bob's measurement is described by non-commuting POVM elements (see section 6.4 for a proof).
In conclusion: The Point
Furthermore, Bob's measurement must be described by non-commuting POVM elements when considering either the P&M or the EB version of the protocol. The public key (a, n) is published, while Bob's private key (b, n) is kept secret. the set with mod n addition and multiplication) via c = ma mod n [16].
Symmetrical ciphers
Shannon in 1949 [1], who showed that the above condition is satisfied, i.e., that the ciphertext does not contain information on the statistical distribution of the plaintext. If pad once is used more than once, the above condition is no longer satisfied, since two ciphertext bits ci and cj encoded with the same key bit can be added modulo 2 to get mi ⊕mj, and this constitutes information on the statistical distribution of plain text.
Authentication
Conclusion
Random variables and independent and i.i.d. sources . 22
An information source can be modeled as a set of random variables whose values represent the output of the source. The Shannon entropy can also be interpreted as follows: −logp(x) is the uncertainty in the occurrence of the symbol x.
More definitions
- Binary entropy
- Joint and conditional probabilities
- Relative entropy
- Joint Entropy
- Conditional entropy
- Mutual information
- Conditional mutual information
- Intrinsic information
The relative entropy H(X||X0) [39] of two information sources modeled by the random variables X and X0 with the same alphabet X, with probability distributions p(x) andq(x), respectively, is defined as. 3.4) The relative entropy is a measure of the distance between the probability distributions p(x) and q(x) for the same alphabet X [39]. The conditional entropy H(X|Y) [39] of two sources of information modeled by the random variables X and Y is defined as. 3.6) The conditional entropy is the expected value of the information content, or average uncertainty, associated with the random variable X, given that Y is known [40].
Shannon’s noisy channel coding theorem
A noisy channel
The conditional mutual information I(X : Y|Z) is the reduction in uncertainty of X due to knowing Y given Z. The mutual information I(X : Y) is a reduction in the uncertainty associated with X due to Y, or alternatively, an amount of information gained, on average, about x when learning y.
The symmetric binary channel
Secret key rate
- Lower bound
- Upper bound
- Error correction
- Privacy amplification
I(X :Y ↓Z)≡infPI(X :Y|Z) (3.9) where P is the set of possible expansions of the observable probability distribution P(X, Y) in P(X, Y, Z) , which corresponds to all possible individual attacks that Eve could perform [28]. The rate K at which the final secret key of a QKD protocol is produced is the product of the raw key rate R and the secret fraction r.
Conclusion
Since quantum systems are subject to the laws of quantum mechanics, a broad overview of the principles of quantum mechanics is also given. Quantum mechanics [55] is a mathematical framework that identifies any isolated physical system with a complex vector space with an inner product called the Hilbert space of the system.
The qubit
The states |0i and |+i are an example of a pair of non-orthogonal states, their inner product is given by It can be seen that the existence of non-orthogonal states is a result of the existence of superposition states in the quantum regime.
Quantum measurement
Measuring a qubit
The word 'random' has been used more than once in this work, and the security of QKD protocols depends on its correct interpretation. In a realistic experimental setting, biases in the preparation of the qubit state and measurement implementations also had to be taken into account before measurement results could be considered truly random [13].
Projective measurement
According to the laws of quantum mechanics, truly random processes include radioactive decay, shock noise [58], the random selection of a single photon in a beamsplitter [59] (see section 5.4 for a description of a beamsplitter), and also the process of measuring a cube. Since the two possible measurement results ideally occur randomly with equal probability, associating the result '0' with the zero bit and the result '1' with the one bit results in the generation of a truly random variable.
POVM
Distinguishing non-orthogonal quantum states
The commutator
For an example of a measurement containing non-commutative operators, consider a POVM that tries to distinguish between two arbitrary non-orthogonal states, |ψi and |γi. Thus, it can be seen that as a result of |ψi and |γi being different, and being non-orthogonal states, which implies that the inner product c is non-zero, a POVM constructed to (sometimes) contains distinguish the modes, non-commutative elements.
No-cloning theorem
Entanglement
Entangled states
The H Hilbert space associated with a composite system is a tensor product of the Hilbert Hi spaces associated with the individual systems i. According to the superposition principle, a general state in the Hilbert space H is a normalized complex linear combination of orthonormal basis vectors spanning the Hilbert space of the system [68].
The EPR paradox
Subsequently, if Bob measures the z-component of his particle's spin, he will get the result σ(B)z =−1 with probability one. The EPR paradox is thus resolved in a contemporary interpretation of quantum mechanics that does not accept a locally realistic description of what reality is like.
Entanglement as a physical resource
Given the above assumptions and the result of the EPR paper, the implication is that the quantum mechanical description of reality is incomplete. Recently, a number of experiments have been performed (summarized in [70]), the results of which confirm the predictions of quantum theory and refute the so-called local-realist theories, which assume the principles of realism and locality.
Definitions
Density operator
Von Neumann entropy
The Holevo bound
Secret key rate
Lower bound
For protocols where bounds on the secret key rate have been found for unconditional security, these bounds have been shown to be the same as for collective attacks [45]. This is a difficult problem, and indeed no bounds have yet been found for the unconditional secure key rate for such protocols.
Quantum SKD
However, in QKD protocols, where |Ψ(S)i cannot be written in tensor product form and the symbols are encoded in the correlations between states|ψ(s0i)i (see Section 7.2), Eve would benefit from joint signal manipulation. This is a difficult problem, and bounds for an unconditionally secure key rate for such protocols have not yet been found. presented in Section 1.10) using CSS codes.
Conclusion
Light is a physical system that allows quantum mechanical description via the quantization of the electromagnetic field. That is, each mode of the electromagnetic field is associated with a quantum harmonic oscillator [75].
States of light
Both the number states and the coherent states of the electromagnetic field are now described in more detail. Due to the orthogonality of the number states, the inner product of the coherent states is given by .
Phase modulation
Beamsplitters
The action of a beam splitter on a coherent state in path 0 and the vacuum in path 1 is given in terms of the displacement operator D(α) (5.12) by. 5.19) The operation of a beam splitter at coherent conditions in paths 0 and 1 is given by.
Detectors
However, the most commonly available photo detectors are so-called bucket detectors, which can only distinguish between no photons, and one or more photons [85]. No click' corresponds to measurement outcome '0' corresponding to an input of vacuum, and a 'click' corresponds to measurement outcome '1' corresponding to the detection of a one or more photons.
Conclusion
In “P&M” terminology, phase 1 of a general QKD protocol involves Alice preparing a sequence of quantum states in which a sequence of symbols is encoded. Then the classic channel is used to filter a secure key from the initial set of symbols.
An EB description of Phase 1 of a general QKD protocol
Entanglement as precondition for security
The mutual information between the sender and receiver, Alice and Bob, conditional on the information estimated to have been obtained by Eve through eavesdropping I(A:B|E) (3.8), is given by. 6.2, in the case where the observable data p(a, b), describing the measurement outcomes of Alice and Bob, can be explained as coming from a mixed separable state.
Bob’s measurement
Here the theorem itself is not investigated further, but the implication that Bob's measurement must contain some non-commuting operators is shown. Therefore, a prerequisite for security is that some of the POVM elements describing Bob's measurement must be noncommuters.
Entanglement distillation
Therefore, a necessary condition for the security of a QKD protocol is that the POVM elements that make up Bob's measurement, which are the same in both translations, are not all mutually commuting. This result should not be surprising, since in an intercept-and-send attack on a P&M protocol where Bob's measurement is described only by commuting operators, an eavesdropper could measure an observable that commutes with all of Bob's operators without changing the statistics of Bob's operators. measurement and thus remains undetected.
Conclusion
The EB translation of DPSQKD given here is a necessary first step towards an unconditional security proof for an ED-based protocol. There is no such EB translation of DPSQKD in the literature: the starting point is the P&M description of the 1st phase of the protocol.
A P&M description of Phase 1 of the DPSQKD protocol
In terms of the creation operators for each time interval i for the signals entering Bob's interferometer in path 0, a†i0, and the two outgoing paths,a†i4. This process serves to filter a secure key S∗ from the initial sequence S, since (in the absence of error) for each i∗ Alice and Bob can add an identical bit, si∗, to the secure filtered key.
An EB description of Phase 1 of the DPSQKD protocol
7.8), where the states |0i and |1i form an arbitrary orthogonal basis in which Alice measures, and correspond to s0i = 0 and 1, respectively. The consequences of this independence are that Alice must monitor the time intervals corresponding to the measurement results, thereby gradually strengthening your knowledge of the set through the relations i =s0i−1+s0i.
Bob’s measurement
This is not possible if Bob's measurement results only correspond to mutual commuting effects (see section 6.4). Therefore, a prerequisite for safety is that some of the effects that make up Bob's measurement must be non-commuters.
Thoughts
An EB translation of the P&M QKD protocol, where the Bob measurement condition is met, is a necessary first step towards an ED-based security proof. It remains to be shown whether an unconditional safety proof based on ED can be performed.
EB DPSQKD-like protocol
Comments
The states |ψi and |γi are non-orthogonal due to the contribution of the vacuum state in the coherent state, and are therefore not perfectly distinguishable. Considering an error-free channel, in the P&M DPS QKD protocol, Alice and Bob can record a secret key bit in all time intervals in which Bob records a sensing event, and this happens with a probability of 1−e−|α|2 .
Conclusion
Classical data produced in a secure QKD protocol must imply non-classical correlations between the systems held by Alice and Bob in the EB translation. Therefore, a necessary condition for the security of a QKD protocol is that the measurements performed by Alice and Bob in the EB translation must detect entanglement in the effectively distributed state, which in turn implies that Bob's measurement must consist of non-movement of POVM elements.
DPSQKD
Outlook
Renner, “Security of quantum key distribution protocols using two-way classical communication or weak coherent pulses”, Phys. Tsurumaru, “Sequential intensity modulation attack on quantum key distribution protocol with differential phase shift”, Phys.
