-
Analysis of Y00 Protocol under Quantum Generalization of a Fast Correlation Attack: Toward Information-Theoretic Security
Authors:
Takehisa Iwakoshi
Abstract:
In our previous work, it was demonstrated that the attacker could not pin-down the correct keys to start the Y00 protocol with a probability of one under the assistance of unlimitedly long known-plaintext attacks and optimal quantum measurements on the attacker's quantum memory. However, there were several assumptions that the Y00 system utilized linear-feedback shift registers as pseudo-random-nu…
▽ More
In our previous work, it was demonstrated that the attacker could not pin-down the correct keys to start the Y00 protocol with a probability of one under the assistance of unlimitedly long known-plaintext attacks and optimal quantum measurements on the attacker's quantum memory. However, there were several assumptions that the Y00 system utilized linear-feedback shift registers as pseudo-random-number generators, and a fast correlation attack was disabled by irregular map** on the Y00 systems. This study generalizes such an attack to remove the assumptions of the previous work. The framework of the security analyses of this study reiterates two well-known results from the past: (1) Y00 systems would be cryptanalyzed when the system is not designed well; (2) the system is possibly information-theoretically secure when the system is designed well, although the attacker's confidence in the correct key increases over time but the success probability of key recovery does not reach unity in finite time; (3) the breach time of the shared keys is increasingly threatened with time. Hence, a key-refreshment procedure for the Y00 protocol is provided herein. Such security analyses are important not only in key refreshment but also in initial key agreement situations.
△ Less
Submitted 29 January, 2020;
originally announced January 2020.
-
Potentially Information-theoretic Secure Y00 Quantum Stream Cipher with Limited Key Lengths beyond One-Time Pad
Authors:
Takehisa Iwakoshi
Abstract:
The previous work showed that the Y00 protocol could stay secure with the eavesdropper's guessing probability on the secret keys being strictly less than one under an unlimitedly long known-plaintext attack with quantum memory. However, an assumption that at least a fast correlation attack is completely disabled by irregular map**. The present study shows that the Y00 protocol can be information…
▽ More
The previous work showed that the Y00 protocol could stay secure with the eavesdropper's guessing probability on the secret keys being strictly less than one under an unlimitedly long known-plaintext attack with quantum memory. However, an assumption that at least a fast correlation attack is completely disabled by irregular map**. The present study shows that the Y00 protocol can be information-theoretic secure under any quantum-computational crypto-analyses if the Y00 system is well designed. The Y00 protocol directly encrypts messages with short secret keys expanded into pseudo-random running keys unlike One-Time Pad. However, it may offer information-theoretic security beyond the Shannon limit of cryptography.
△ Less
Submitted 13 February, 2019;
originally announced February 2019.
-
Guessing probability under unlimited known-plaintext attack on secret keys for Y00 quantum stream cipher by quantum multiple hypotheses testing
Authors:
Takehisa Iwakoshi
Abstract:
Although quantum key distribution is regarded as promising secure communication, security of Y00 protocol proposed by Yuen in 2000 for the affinity to conventional optical communication is not well-understood yet; its security has been evaluated only by the eavesdropper's error probabilities of detecting individual signals or masking size, the number of hidden signal levels under quantum and class…
▽ More
Although quantum key distribution is regarded as promising secure communication, security of Y00 protocol proposed by Yuen in 2000 for the affinity to conventional optical communication is not well-understood yet; its security has been evaluated only by the eavesdropper's error probabilities of detecting individual signals or masking size, the number of hidden signal levels under quantum and classical noise. Our study is the first challenge of evaluating the guessing probabilities on shared secret keys for pseudorandom number generators in a simplified Y00 communication system based on quantum multiple hypotheses testing theory. The result is that even unlimitedly long known-plaintext attack only lets the eavesdropper guess the shared secret keys of limited lengths with a probability strictly < 1. This study will give some insights for detailed future works on this quantum communication protocol.
△ Less
Submitted 11 December, 2018;
originally announced December 2018.
-
Security of Quantum Key Distribution from Attacker's View
Authors:
Takehisa Iwakoshi
Abstract:
In 2005, trace distance between an ideal quantum state to be distributed and an actual quantum state distributed was introduced as a valid security measure of Quantum Key Distribution (QKD) by R. Renner et al., then it has been perceived that the trace can be interpreted as a maximum failure probability of QKD. While such a perspective has been widely accepted, H. P. Yuen and O. Hirota have been w…
▽ More
In 2005, trace distance between an ideal quantum state to be distributed and an actual quantum state distributed was introduced as a valid security measure of Quantum Key Distribution (QKD) by R. Renner et al., then it has been perceived that the trace can be interpreted as a maximum failure probability of QKD. While such a perspective has been widely accepted, H. P. Yuen and O. Hirota have been warning that such an interpretation is not correct since 2009. The author of this study has been giving questions on the interpretation of the trace distance based on their criticisms since QIT30 in May 2014, and has been proposing Yuen's idea to evaluate the security of QKD by the probability for the attacker to guess the correct key. However, the author could not give the guessing probability concretely. In this study, the author explains how to derive the average guessing probability for the attacker, where its result equals to Yuen's derivation firstly seen in 2010. From this result, one will see the problems with the maximum failure probability interpretation of the trace distance clearly. This study also explains the indistinguishability advantage interpretation is also invalid.
△ Less
Submitted 9 November, 2017;
originally announced November 2017.
-
Yuen's Criticisms on Security of Quantum Key Distribution and Onward
Authors:
Takehisa Iwakoshi
Abstract:
Quantum Key Distribution (QKD) has been attracting researchers that it would provide provable security to distribute secret keys since its birth in 1984. Since 2005, the trace distance between an ideal quantum state and an actually distributed state has been employed to evaluate its security level, and the trace distance was given an interpretation that it would be a maximum failure probability in…
▽ More
Quantum Key Distribution (QKD) has been attracting researchers that it would provide provable security to distribute secret keys since its birth in 1984. Since 2005, the trace distance between an ideal quantum state and an actually distributed state has been employed to evaluate its security level, and the trace distance was given an interpretation that it would be a maximum failure probability in distributing perfectly secure keys. However, in 2009, H. P. Yuen criticized that the trace distance would not have such an interpretation. Since then, O. Hirota, K. Kato, and T. Iwakoshi have been warning to make people pay attention to Yuen's criticisms. In 2015, T. Iwakoshi precisely explained why Yuen has been correct. In 2016, Yuen himself published a paper to explain the potentially unsolved problems in QKD. This study precisely explains the most important problems given in Yuen's paper, and gives recent topics around QKD and other quantum cryptographic protocols.
△ Less
Submitted 26 July, 2018; v1 submitted 9 November, 2017;
originally announced November 2017.
-
Test of the Conserved Vector Current Hypothesis by beta-ray Angular Distribution Measurement in the Mass-8 System
Authors:
T. Sumikama,
K. Matsuta,
T. Nagatomo,
M. Ogura,
T. Iwakoshi,
Y. Nakashima,
H. Fujiwara,
M. Fukuda,
M. Mihara,
K. Minamisono,
T. Yamaguchi,
T. Minamisono
Abstract:
The beta-ray angular correlations for the spin alignments of 8Li and 8B have been observed in order to test the conserved vector current (CVC) hypothesis. The alignment correlation terms were combined with the known beta-alpha-angular correlation terms to determine all the matrix elements contributing to the correlation terms. The weak magnetism term, 7.5\pm0.2, deduced from the beta-ray correlati…
▽ More
The beta-ray angular correlations for the spin alignments of 8Li and 8B have been observed in order to test the conserved vector current (CVC) hypothesis. The alignment correlation terms were combined with the known beta-alpha-angular correlation terms to determine all the matrix elements contributing to the correlation terms. The weak magnetism term, 7.5\pm0.2, deduced from the beta-ray correlation terms was consistent with the CVC prediction 7.3\pm0.2, deduced from the analog-gamma-decay measurement based on the CVC hypothesis. However, there was no consistent CVC prediction for the second-forbidden term associated with the weak vector current. The experimental value for the second-forbidden term was 1.0 \pm 0.3, while the CVC prediction was 0.1 \pm 0.4 or 2.1 \pm 0.5.
△ Less
Submitted 9 May, 2011;
originally announced May 2011.