Key establishment : proofs and refutations

Choo, Kim-Kwang Raymond

January 2006

We study the problem of secure key establishment. We critically examine the security models of Bellare and Rogaway (1993) and Canetti and Krawczyk (2001) in the computational complexity approach, as these models are central in the understanding of the provable security paradigm. We show that the partnership definition used in the three-party key distribution (3PKD) protocol of Bellare and Rogaway (1995) is flawed, which invalidates the proof for the 3PKD protocol. We present an improved protocol with a new proof of security. We identify several variants of the key sharing requirement (i.e., two entities who have completed matching sessions, partners, are required to accept the same session key). We then present a brief discussion about the key sharing requirement. We identify several variants of the Bellare and Rogaway (1993) model. We present a comparative study of the relative strengths of security notions between the several variants of the Bellare-Rogaway model and the Canetti-Krawczyk model. In our comparative study, we reveal a drawback in the Bellare, Pointcheval, and Rogaway (2000) model with the protocol of Abdalla and Pointcheval (2005) as a case study. We prove a revised protocol of Boyd (1996) secure in the Bellare-Rogaway model. We then extend the model in order to allow more realistic adversary capabilities by incorporating the notion of resetting the long-term compromised key of some entity. This allows us to detect a known weakness of the protocol that cannot be captured in the original model. We also present an alternative protocol that is efficient in both messages and rounds. We prove the protocol secure in the extended model. We point out previously unknown flaws in several published protocols and a message authenticator of Bellare, Canetti, and Krawczyk (1998) by refuting claimed proofs of security. We also point out corresponding flaws in their existing proofs. We propose fixes to these protocols and their proofs. In some cases, we present new protocols with full proofs of security. We examine the role of session key construction in key establishment protocols, and demonstrate that a small change to the way that session keys are constructed can have significant benefits. Protocols that were proven secure in a restricted Bellare-Rogaway model can then be proven secure in the full model. We present a brief discussion on ways to construct session keys in key establishment protocols and also prove the protocol of Chen and Kudla (2003) secure in a less restrictive Bellare-Rogaway model. To complement the computational complexity approach, we provide a formal specification and machine analysis of the Bellare-Pointcheval-Rogaway model using an automated model checker, Simple Homomorphism Verification Tool (SHVT). We demonstrate that structural flaws in protocols can be revealed using our framework. We reveal previously unknown flaws in the unpublished preproceedings version of the protocol due to Jakobsson and Pointcheval (2001) and several published protocols with only heuristic security arguments. We conclude this thesis with a listing of some open problems that were encountered in the study.

authentication

communications security

computational complexity

computer

security

cryptographic protocols

cryptography

Diffie–Hellman-based protocols

formal methods

formal specification and verification

identity-based protocols

key agreement protocols

key distribution

key establishment protocols

key exchange protocols

key transport protocols

password-based protocols

proofs of security

provable security

provably-secure protocols

security proofs

Physical layer secret key generation for decentralized wireless networks / Génération de clés secrètes avec la couche physique dans les réseaux sans fil décentralisés

Tunaru, Iulia

27 November 2015

Dans cette thèse on s’est intéressé aux méthodes de génération de clés secrètes symétriques en utilisant la couche physique ultra large bande impulsionnelle (IR-UWB). Les travaux ont été réalisés selon trois axes, les deux premiers concernant la communication point-à-point et le dernier, les communications coopératives. Tout d’abord, la quantification des signaux typiques IR-UWB (soit directement échantillonnés, soit estimés) a été investiguée, principalement du point de vue du compromis entre la robustesse (ou réciprocité) des séquences binaires obtenues et leur caractère aléatoire. Différents algorithmes de quantification valorisant l’information temporelle offerte par les canaux IR-UWB pour améliorer ce compromis ont alors été proposés. Ensuite, des études concernant les échanges publics nécessaires à l’étape de réconciliation (visant la correction d’éventuels désaccords entre les séquences binaires générées de part et d’autre du lien) ont montré qu’il était possible d’être plus robuste face aux attaques passives en utilisant des informations de plus haut niveau, inhérentes à cette technologie et disponibles à moindre coût (ex. via une estimation précise du temps de vol aller-retour). Finalement, une nouvelle méthode a été développée afin d’étendre les schémas de génération de clé point-à-point à plusieurs nœuds (trois dans nos études) en utilisant directement la couche physique fournie par les liens radio entre les nœuds. / Emerging decentralized wireless systems, such as sensor or ad-hoc networks, will demand an adequate level of security in order to protect the private and often sensitive information that they carry. The main security mechanism for confidentiality in such networks is symmetric cryptography, which requires the sharing of a symmetric key between the two legitimate parties. According to the principles of physical layer security, wireless devices within the communication range can exploit the wireless channel in order to protect their communications. Due to the theoretical reciprocity of wireless channels, the spatial decorrelation property (e.g., in rich scattering environments), as well as the fine temporal resolution of the Impulse Radio - Ultra Wideband (IR-UWB) technology, directly sampled received signals or estimated channel impulse responses (CIRs) can be used for symmetric secret key extraction under the information-theoretic source model. Firstly, we are interested in the impact of quantization and channel estimation algorithms on the reciprocity and on the random aspect of the generated keys. Secondly, we investigate alternative ways of limiting public exchanges needed for the reconciliation phase. Finally, we develop a new signal-based method that extends the point-to-point source model to cooperative contexts with several nodes intending to establish a group key.

Sécurité avec la couche physique

Génération de clé secrète

Radio impulsionnelle ultra large bande

Génération de clé coopérative

Réseaux décentralisés

Distribution de clés symétriques

Quantification

Réciprocité

Caractère aléatoire

Physical layer security

Secret key generation

Impulse Radio - Ultra Wideband

Cooperative key generation

Decentralized networks

Symmetric key distribution

Quantization

Reciprocity

Randomness

Role of Nonlocality and Counterfactuality in Quantum Cryptography

Akshatha Shenoy, H

January 2014

Quantum cryptography is arguably the most successfully applied area of quantum information theory. In this work, We invsetigate the role of quantum indistinguishability in random number generation, quantum temporal correlations, quantum nonlocality and counterfactuality for quantum cryptography. We study quantum protocols for key distribution, and their security in the conventional setting, in the counterfactual paradigm, and finally also in the device-independent scenario as applied to prepare-and-measure schemes. We begin with the interplay of two essential non-classical features like quantum indeterminism and quantum indistinguishability via a process known as bosonic stimulation is discussed. It is observed that the process provides an efficient method for macroscopic extraction of quantum randomness. Next, we propose two counterfactual cryptographic protocols, in which a secret key bit is generated even without the physical transmission of a particle. The first protocol is semicounterfactual in the sense that only one of the key bits is generated using interaction-free measurement. This protocol departs fundamentally from the original counterfactual key distribution protocol in not encoding secret bits in terms of photon polarization. We discuss how the security in the protocol originates from quantum single-particle non-locality. The second protocol is designed for the crypto-task of certificate authorization, where a trusted third party authenticates an entity (e.g., bank) to a client. We analyze the security of both protocols under various general incoherent attack models. The next part of our work includes study of quantum temporal correlations. We consider the use of the Leggett-Garg inequalities for device-independent security appropriate for prepare-and-measure protocols subjected to the higher dimensional attack that would completely undermine standard BB84. In the last part, we introduce the novel concept of nonlocal subspaces constructed using the graph state formalism, and propose their application for quantum information splitting. In particular, we use the stabilizer formalism of graph states to construct degenerate Bell operators, whose eigenspace determines the nonlocal subspace, into which a quantum secret is encoded and shared among an authorized group of agents, or securely transmitted to a designated secret retriever. The security of our scheme arises from the monogamy of quantum correlations. The quantum violation of the Bell-type inequality here is to its algebraic maximum, making this approach inherently suitable for the device-independent scenario.

Quantum Cryptography

Quantum Information Theory

Quantum Nonlocality

Counterfactual Quantum Cryptography

Bosonic Simulation

Quantum Indistinguishability

Quantum Random Number Generation

Leggett-Garg Inequaltiy

Quantum Information Splitting

Quantum Temporal Correlations

Counterfactual Cryptographic Protocols

Quantum Computation

Quantum Key Distribution

Computer Science

[pt] COMUNICAÇÕES ÓPTICAS DE ESPAÇO LIVRE POR CONTAGEM DE FÓTONS PARA USO EM ENLACES ENTRE EMBARCAÇÕES E ESTAÇÕES COSTEIRAS / [en] FREE-SPACE PHOTON COUNTING OPTICAL COMMUNICATIONS FOR USE IN VESSEL-TO-SHORE LINKS

RAFAEL FREITAS BARBOSA

23 February 2021

[pt] Este trabalho apresenta o estudo de comunicação óptica quântica no infravermelho, utilizando um sistema híbrido fibra-óptica – espaço-livre, como prova de princípio para o estabelecimento de chaves secretas a fim de utilização em criptografia do tipo one-time pad. Ao modular a polarização da luz de um laser em polarizações ortogonais, podem-se codificar os bits clássicos 1 e 0 em cada uma dessas polarizações, sendo detectadas por detectores contadores de fótons únicos, e, assim, utilizar o canal quântico para transmissão dos bits quânticos entre dois interlocutores, utilizandoos para o estabelecimento da chave criptográfica, que pode ser usada em qualquer tipo de informação a ser transmitida por um canal clássico ou quântico. Ao realizar a transmissão em espaço-livre, sujeita a variações climáticas, como temperatura atmosférica, luz solar, presença de nuvens, chuva e vento, foi também estudada a influência destes fenômenos na qualidade da transmissão e dos dados obtidos. Os resultados experimentais demonstraram consistência com a teoria e com outros trabalhos publicados na área até esta data com relação às taxas de erro de bit quântico e também à taxa de transmissão de bits. As taxas de erro obtidas, por estarem abaixo do limiar teórico para segurança da informação em comunicação quântica, provam, ainda, a possibilidade de estabelecimento de chave secreta para criptografia através do uso de distribuição quântica das chaves (QKD). Os resultados também apresentaram boa qualidade da informação recuperada após a descriptografia. / [en] This work presents the study of optical quantum communication in the infrared region, using a hybrid optical-fiber – free-space system, as proof of principle for the agreement on secret keys by two parties for use in one-time pad encryption. By modulating the polarization of laser light into orthogonal polarizations, one can encode the classic bits 1 and 0 in each of these polarizations, being detected by single photon counter detectors, and can use the quantum channel to transmit the quantum bits between two interlocutors. It is then possible to use those bits to establish the cryptographic key, which can be used in any type of information to be transmitted by a classic or quantum channel. While carrying out transmission in free space optics, subject to climatic variations, such as atmospheric temperature, sunlight, presence of clouds and rain, and the presence of wind, the influence of these phenomena on the quality of transmission and on the data obtained was also studied. The experimental results showed consistency with the theory and with other works published to date with regard to quantum bit error rates and to the bit rate. The error rates obtained, being below the theoretical threshold for information security in quantum communication, further proves the possibility of establishing a secret key for encryption through the use of quantum key distribution (QKD). It also presented good quality on the information recovered after decryption.

[pt] CRIPTOGRAFIA QUANTICA

[pt] COMUNICACAO NO INFRAVERMELHO

[pt] COMUNICACAO OPTICA EM ESPACO-LIVRE

[pt] DISTRIBUICAO QUANTICA DE CHAVES

[en] QUANTUM CRYPTOGRAPHY

[en] INFRARED COMMUNICATION

[en] FREE-SPACE OPTICAL COMMUNICATION

[en] QUANTUM KEY DISTRIBUTION

Integrated photonic systems for single photon generation and quantum applications

Schröder, Tim

08 April 2013

Im Rahmen der vorliegenden Dissertation wurden neuartige integrierte Einzelphotonenquellen (EPQ) und ihre Anwendung für die Quanteninformationsverarbeitung entwickelt und untersucht. Die Erzeugung von Einzelphotonen basiert auf einzelnen Defektzentren in nanometergroßen Diamantkristallen mit einzigartigen optischen Eigenschaften: Stabilität bei Zimmertemperatur ohne optisches Blinken. Diamantkristalle mit Größen bis unter 20nm wurden mit neuartigen „pick-and-place“ Techniken (z.B. mit einem Atomkraftmikroskop) in komplexe photonische Strukturen integriert. Zwei unterschiedliche Ansätze für die Realisierung der neuartigen EPQ wurden verfolgt. Beim ersten werden fluoreszierende Diamantkristalle in nano- und mikrometergroße Faser-basierte oder resonante Strukturen in einem „bottom-up“ Ansatz integriert, dadurch werden zusätzliche optische Komponenten überflüssig und das Gesamtsystem ultra-stabil und wartungsfrei. Der zweite Ansatz beruht auf einem Festkörperimmersionsmikroskop (FIM). Seine Festkörperimmersionslinse wirkt wie eine dielektrische Antenne für die Emission der Defektzentren. Es ermöglicht die höchsten bisher erreichten Photonenzählraten von Stickstoff-Fehlstellen von bis zu 2.4Mcts/s und Einsammeleffizienzen von bis zu 4.2%. Durch Anwendung des FIM bei cryogenen Temperaturen wurden neuartige Anwendungen und fundamentale Untersuchungen möglich, weil Photonenraten signifikant erhöht wurden. Die Bestimmung der spektralen Diffusionszeit eines einzelnen Defektzentrums (2.2µs) gab neue Erkenntnisse über die Ursachen von spektraler Diffusion. Spektrale Diffusion ist eine limitierende Eigenschaft für die Realisierung von Quanteninformationsanwendungen. Das Tisch-basierte FIM wurde außerdem als kompakte mobile EPQ mit Ausmaßen von nur 7x19x23cm^3 realisiert. Es wurde für ein Quantenkryptographie-Experiment implementiert, zum ersten Mal mit Siliziumdefektzentren. Des Weiteren wurde ein neues Konzept für die Erzeugung von infraroten EPQ entwickelt und realisiert. / The presented thesis covers the development and investigation of novel integrated single photon (SP) sources and their application for quantum information schemes. SP generation was based on single defect centers in diamond nanocrystals. Such defect centers offer unique optical properties as they are room temperature stable, non-blinking, and do not photo-bleach over time. The fluorescent nanocrystals are mechanically stable, their size down to 20nm enabled the development of novel nano-manipulation pick-and-place techniques, e.g., with an atomic force microscope, for integration into photonic structures. Two different approaches were pursued to realize novel SP sources. First, fluorescent diamond nanocrystals were integrated into nano- and micrometer scaled fiber devices and resonators, making them ultra-stable and maintenance free. Secondly, a solid immersion microscope (SIM) was developed. Its solid immersion lens acts as a dielectric antenna for the emission of defect centers, enabling the highest photon rates of up to 2.4Mcts/s and collection efficiencies of up to 4.2% from nitrogen vacancy defect centers achieved to date. Implementation of the SIM at cryogenic temperatures enabled novel applications and fundamental investigations due to increased photon rates. The determination of the spectral diffusion time of a single nitrogen vacancy defect center (2.2µs) gave new insights about the mechanisms causing spectral diffusion. Spectral diffusion is a limiting property for quantum information applications. The table-top SIM was integrated into a compact mobile SP system with dimension of only 7x19x23cm^3 while still maintaining record-high stable SP rates. This makes it interesting for various SP applications. First, a quantum key distribution scheme based on the BB84 protocol was implemented, for the first time also with silicon vacancy defect centers. Secondly, a conceptually novel scheme for the generation of infrared SPs was introduced and realized.

Diamant

Quantensensor

Einzelphoton

Raumtemperatur

Einzelphotonenquelle

Faserkopplung

Nahfeldkopplung

Fasereinzelphotonenquelle

Stickstoff-Fehlstelle

Silizium-Fehlstelle

Defektzentrum

Farbzentrum

Nanodiamant

QKD

Photonenkonversion

spektrale Diffusion

Interferometrische Messung

Quanten-Optik

Nano-Optik

Photonik

diamond

quantum sensor

single photon

room temperature

single photon source

fiber coupling

nearfield coupling

fiber single photon source

nitrogen vacancy

silicon vacancy

defect center

color center

nanodiamond

quantum key distribution

photon conversion

spectral diffusion

interferometric measurement

quantum optics

nano optics

photonic

530 Physik

29 Physik, Astronomie

UH 5870

UO 6440

ddc:530

Information-Theoretic aspects of quantum key distribution

Van Assche, Gilles

26 April 2005

<p>La distribution quantique de clés est une technique cryptographique permettant l'échange de clés secrètes dont la confidentialité est garantie par les lois de la mécanique quantique. Le comportement particulier des particules élémentaires est exploité. En effet, en mécanique quantique, toute mesure sur l'état d'une particule modifie irrémédiablement cet état. En jouant sur cette propriété, deux parties, souvent appelées Alice et Bob, peuvent encoder une clé secrète dans des porteurs quantiques tels que des photons uniques. Toute tentative d'espionnage demande à l'espion, Eve, une mesure de l'état du photon qui transmet un bit de clé et donc se traduit par une perturbation de l'état. Alice et Bob peuvent alors se rendre compte de la présence d'Eve par un nombre inhabituel d'erreurs de transmission.</p><p><p><p>L'information échangée par la distribution quantique n'est pas directement utilisable mais doit être d'abord traitée. Les erreurs de transmissions, qu'elles soient dues à un espion ou simplement à du bruit dans le canal de communication, doivent être corrigées grâce à une technique appelée réconciliation. Ensuite, la connaissance partielle d'un espion qui n'aurait perturbé qu'une partie des porteurs doit être supprimée de la clé finale grâce à une technique dite d'amplification de confidentialité.</p><p><p><p>Cette thèse s'inscrit dans le contexte de la distribution quantique de clé où les porteurs sont des états continus de la lumière. En particulier, une partie importante de ce travail est consacrée au traitement de l'information continue échangée par un protocole particulier de distribution quantique de clés, où les porteurs sont des états cohérents de la lumière. La nature continue de cette information implique des aménagements particuliers des techniques de réconciliation, qui ont surtout été développées pour traiter l'information binaire. Nous proposons une technique dite de réconciliation en tranches qui permet de traiter efficacement l'information continue. L'ensemble des techniques développées a été utilisé en collaboration avec l'Institut d'Optique à Orsay, France, pour produire la première expérience de distribution quantique de clés au moyen d'états cohérents de la lumière modulés continuement.</p><p><p><p>D'autres aspects importants sont également traités dans cette thèse, tels que la mise en perspective de la distribution quantique de clés dans un contexte cryptographique, la spécification d'un protocole complet, la création de nouvelles techniques d'amplification de confidentialité plus rapides à mettre en œuvre ou l'étude théorique et pratique d'algorithmes alternatifs de réconciliation.</p><p><p><p>Enfin, nous étudions la sécurité du protocole à états cohérents en établissant son équivalence à un protocole de purification d'intrication. Sans entrer dans les détails, cette équivalence, formelle, permet de valider la robustesse du protocole contre tout type d'espionnage, même le plus compliqué possible, permis par les lois de la mécanique quantique. En particulier, nous généralisons l'algorithme de réconciliation en tranches pour le transformer en un protocole de purification et nous établissons ainsi un protocole de distribution quantique sûr contre toute stratégie d'espionnage.</p><p><p><p>Quantum key distribution is a cryptographic technique, which allows to exchange secret keys whose confidentiality is guaranteed by the laws of quantum mechanics. The strange behavior of elementary particles is exploited. In quantum mechnics, any measurement of the state of a particle irreversibly modifies this state. By taking advantage of this property, two parties, often called Alice and bob, can encode a secret key into quatum information carriers such as single photons. Any attempt at eavesdropping requires the spy, Eve, to measure the state of the photon and thus to perturb this state. Alice and Bob can then be aware of Eve's presence by a unusually high number of transmission errors.</p><p><p><p>The information exchanged by quantum key distribution is not directly usable but must first be processed. Transmission errors, whether they are caused by an eavesdropper or simply by noise in the transmission channel, must be corrected with a technique called reconciliation. Then, the partial knowledge of an eavesdropper, who would perturb only a fraction of the carriers, must be wiped out from the final key thanks to a technique called privacy amplification.</p><p><p><p>The context of this thesis is the quantum key distribution with continuous states of light as carriers. An important part of this work deals with the processing of continuous information exchanged by a particular protocol, where the carriers are coherent states of light. The continuous nature of information in this case implies peculiar changes to the reconciliation techniques, which have mostly been developed to process binary information. We propose a technique called sliced error correction, which allows to efficiently process continuous information. The set of the developed techniques was used in collaboration with the Institut d'Optique, Orsay, France, to set up the first experiment of quantum key distribution with continuously-modulated coherent states of light.</p><p><p><p>Other important aspects are also treated in this thesis, such as placing quantum key distribution in the context of a cryptosystem, the specification of a complete protocol, the creation of new techniques for faster privacy amplification or the theoretical and practical study of alternate reconciliation algorithms.</p><p><p><p>Finally, we study the security of the coherent state protocol by analyzing its equivalence with an entanglement purification protocol. Without going into the details, this formal equivalence allows to validate the robustness of the protocol against any kind of eavesdropping, even the most intricate one allowed by the laws of quantum mechanics. In particular, we generalize the sliced error correction algorithm so as to transform it into a purification protocol and we thus establish a quantum key distribution protocol secure against any eavesdropping strategy.</p> / Doctorat en sciences appliquées / info:eu-repo/semantics/nonPublished

Sciences de l'ingénieur

Electronique générale

Information theory

Data protection

Quantum computers

Cryptography -- Data processing

Computer security

Data encryption (Computer science)

Source code (Computer science)

Théorie de l'information

Ordinateurs quantiques

Cryptographie -- Informatique

Sécurité informatique

Chiffrement (Informatique)

Programme source (Informatique)

cryptographie quantique

distribution quantique de clés

quantum key distribution

security

reconciliation

source coding

quantum cryptography

privacy amplification

entanglement purification

purification d'intrication

sécurité

théorie de l'information

information theory

quantum information theory

cryptography

réconciliation

cryptographie

codage source

amplification de confidentialité

théorie de l'information quantique

Analýza a optimalizace datové komunikace pro telemetrické systémy v energetice / Analysis and Optimization of Data Communication for Telemetric Systems in Energy

Fujdiak, Radek

January 2017

Telemetry system, Optimisation, Sensoric networks, Smart Grid, Internet of Things, Sensors, Information security, Cryptography, Cryptography algorithms, Cryptosystem, Confidentiality, Integrity, Authentication, Data freshness, Non-Repudiation.