* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download security engineering - University of Sydney
Matter wave wikipedia , lookup
Algorithmic cooling wikipedia , lookup
Topological quantum field theory wikipedia , lookup
Relativistic quantum mechanics wikipedia , lookup
Renormalization wikipedia , lookup
Renormalization group wikipedia , lookup
Double-slit experiment wikipedia , lookup
Basil Hiley wikipedia , lookup
Scalar field theory wikipedia , lookup
Theoretical and experimental justification for the Schrödinger equation wikipedia , lookup
Wave–particle duality wikipedia , lookup
Bell test experiments wikipedia , lookup
Bohr–Einstein debates wikipedia , lookup
Probability amplitude wikipedia , lookup
Measurement in quantum mechanics wikipedia , lookup
Particle in a box wikipedia , lookup
Density matrix wikipedia , lookup
Path integral formulation wikipedia , lookup
Quantum electrodynamics wikipedia , lookup
Quantum decoherence wikipedia , lookup
Quantum field theory wikipedia , lookup
Copenhagen interpretation wikipedia , lookup
Coherent states wikipedia , lookup
Hydrogen atom wikipedia , lookup
Delayed choice quantum eraser wikipedia , lookup
Quantum dot wikipedia , lookup
Quantum entanglement wikipedia , lookup
Bell's theorem wikipedia , lookup
Quantum fiction wikipedia , lookup
Many-worlds interpretation wikipedia , lookup
Symmetry in quantum mechanics wikipedia , lookup
Orchestrated objective reduction wikipedia , lookup
Interpretations of quantum mechanics wikipedia , lookup
History of quantum field theory wikipedia , lookup
EPR paradox wikipedia , lookup
Quantum group wikipedia , lookup
Quantum computing wikipedia , lookup
Quantum machine learning wikipedia , lookup
Canonical quantization wikipedia , lookup
Quantum cognition wikipedia , lookup
Quantum state wikipedia , lookup
Hidden variable theory wikipedia , lookup
ELEC5616 computer and network security matt barrie [email protected] CNS2009 handout 21 :: quantum cryptography 1 quantum cryptography • What is quantum cryptography? – Using quantum computers to do cryptography • What are quantum computers? – Quantum physics applied to computational tasks • What does quantum cryptanalysis mean for classical cryptography? • Is it feasible? • Can we exploit quantum effects to solve our security woes? CNS2009 handout 21 :: quantum cryptography 2 what we are NOT doing CNS2009 handout 21 :: quantum cryptography 3 quantum physics • Stuff is “quantised” – Atoms don’t behave like little billiard balls • Atoms emit energy in discrete quanta, called “photons” • Atoms sometimes interact in unexpected ways CNS2009 handout 21 :: quantum cryptography 4 quantum physics • Measurements are uncertain – Planck Length: 1.6x10-35 m – Planck Mass: 2.2x10-8 kg – Planck Time: 5.4x10-44 s • Heisenberg Uncertainty Principle h 4 • Atomic properties are often undefined, expressed as a “superposition” of states xp  – Atomic spin might be up, down, or both – Only defined when observed (“decoherence”)  CNS2009 handout 21 :: quantum cryptography 5 qubits Classical bit qubit 0 0 ? 1 1 CNS2009 handout 21 :: quantum cryptography 6 qubit registers Classical bit registers 000 001 010 011 CNS2009 100 101 110 111 qubits registers (entangled qubits) ??? handout 21 :: quantum cryptography 7 qubit computation f(x) = 2*x (mod 8) Classical bits CNS2009 qubits 000  001  101  ???  000 010 010 ??0 handout 21 :: quantum cryptography 8 qubit computation (factoring y) f(x) = y mod x 010  001 CNS2009 Classical bits (y=15=1111) 011 100   000 011 qubits …  ???  … 000 handout 21 :: quantum cryptography 9 shor’s algorithm • Peter Shor, AT&T (1994) • Efficient factoring of n-bit integers with 2n-qubit registers • IBM implemented the largest so far (December 2001) – 7 qubit register – Factored 15 into 3*5 CNS2009 handout 21 :: quantum cryptography 10 quantum computer complexity • • • • • BQP (Bounded-error, Quantum, Polynomial time) P  BQP NP-complete ? BQP (probably disjoint) Primality testing  P [Agrawal et al, 2004] Integer factorisation  BQP [Shor, 1994] CNS2009 handout 21 :: quantum cryptography 11 most classical algorithms don’t last • Anything relying on integer factorisation or the discrete logarithm problem can’t resist quantum cryptanalysis – RSA, DSA, Diffie-Hellman, El Gamal, ECC • One-Time Pad is still fine – why? CNS2009 handout 21 :: quantum cryptography 12 BB84: Bennett & Brassard (1984) • Quantum key exchange with polarised photons • Two basis pairs of two states (rectilinear and diagonal) • Alice generates random bit string, and random basis sequence – e.g. 0110101 and • Alice sends a photon per bit, polarised with the chosen basis • Bob randomly picks a basis for each bit • Alice and Bob compare notes later, only about chosen basis • Any interception by Eve destroys initial photon state • Immune to MITM if Alice and Bob can verify each other’s identity CNS2009 handout 21 :: quantum cryptography 13 Practicality of BB84 • Implementations are getting better – 1989: 32 cm – March 2007: 148 km • Still very slow and difficult, and doesn’t solve everything – authentication – non-repudiation (digital signatures) – and more … • Moral: there are no “silver bullets” for security problems CNS2009 handout 21 :: quantum cryptography 14 references • Quantiki – www.quantiki.org CNS2009 handout 21 :: quantum cryptography 15
 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                            