Fault tolerant quantum key distributions using entanglement swapping of GHZ states over collective-noise channels

This work proposes two fault tolerant quantum key distribution (QKD) protocols. Each of which is robust under one kind of collective noises: collective-dephasing noise and collective-rotation noise, respectively. Due to the use of the entanglement swapping of Greenberger–Horne–Zeilinger (GHZ) state as well as the decoy logical qubits, the new protocols provide the best qubit efficiency among the existing fault tolerant QKD protocols over the same collective-noise channel. The receiver simply performs two Bell measurements to obtain the raw key. Moreover, the proposed protocols are free from several well-known attacks and can also be secure over a lossy channel.     

Probabilistic quantum relay communication in the noisy channel with analogous space-time code

Motivated by the space-time diversity transmission technique in wireless communications, a novel probabilistic quantum relay communication scheme in the quantum noisy channel is proposed in order to maximize the correct information transmission and the range of quantum communication, in which quantum signal sequences that carrying two-particle entangled states are transmitted from two senders to two relays and then retransmitted to the receiver after space-time encoded by relays. The quantum signal states can be restored via filtering out the channel noise with two-dimensional Bell measurements by the receiver. Analysis and discussions indicate that our scheme can increase and approximately double the range of quantum communication while not to reduce too much quantum signal-to-noise ratio, and meanwhile the security can be guaranteed under strongest collective attacks and LOCC attacks.     

Semi-quantum information splitting using GHZ-type states

By using a generalized Greenberger–Horne–Zeilinger (GHZ) state in which is locally unitarily connected with standard GHZ state as a communication channel, semi-quantum key distribution is extended to study semi-quantum information splitting protocols for secret sharing of quantum information. In our scheme, quantum Alice splits arbitrary two, three and N-qubit states with two classical parties, Bob and Charlie, in a way that both parties are sufficient to reconstruct Alice’s original states only under the condition of which she/he obtains the help from another one, but one of them cannot. The presented protocols are helpful for both secure against certain eavesdropping attacks and economical in processing of quantum information.     

A secure distance-based RFID identification protocol with an off-line back-end database

The design of a secure RFID identification scheme is a thought-provoking challenge, and this paper deals with this problem adopting a groundbreaking approach. The proposed protocol, called Noent, is based on cryptographic puzzles to avoid the indiscriminate disclose of the confidential information stored on tags and on an innovative role reversal distance-bounding protocol to distinguish between honest and rogue readers. The protocol provides moderate privacy protection (data and location) to single tags but its effectiveness increases hugely when it is used to protect a large population of tags (e.g., protection against inventory disclosure). Moreover, in comparison with classical approaches, Noent does not require an on-line database, which facilitates key updating and mitigates desynchronization attacks.     

Some physics and system issues in the security analysis of quantum key distribution protocols

In this paper, we review a number of issues on the security of quantum key distribution (QKD) protocols that bear directly on the relevant physics or mathematical representation of the QKD cryptosystem. It is shown that the cryptosystem representation itself may miss out many possible attacks, which are not accounted for in the security analysis and proofs. Hence, the final security claims drawn from such analysis are not reliable, apart from foundational issues about the security criteria that are discussed elsewhere. The cases of continuous-variable QKD and multi-photon sources are elaborated upon.     

Reference-free-independent quantum key distribution immune to detector side channel attacks

Usually, a shared reference frame is indispensable for practical quantum key distribution (QKD) systems. As a result, most QKD systems need active alignment of reference frame due to the unknown and slowly variances of reference frame introduced by environment. Quite interestingly, reference-free-independent (RFI) QKD can generate secret-key bits without alignment of reference frame. However, RFI QKD may be still vulnerable to detector side channel attacks. Here, we propose a new RFI QKD protocol, in which all detector side channels are removed. Furthermore, our protocol can still tolerate unknown and slow variance of reference frame without active alignment. And a numerical simulation shows that long security distance is probable in this protocol.     

Multiple stochastic paths scheme on partially-trusted relay quantum key distribution network

Quantum key distribution (QKD) technology provides proven unconditional point-to-point security based on fundamental quantum physics. A QKD network also holds promise for secure multi-user communications over long distances at high-speed transmission rates. Although many schemes have been proposed so far, the trusted relay QKD network is still the most practical and flexible scenario. In reality, the insecurity of certain relay sections cannot be ignored, so to solve the fatal security problems of partially-trusted relay networks we suggest a multiple stochastic paths scheme. Its features are: (i) a safe probability model that may be more practical for real applications; (ii) a multi-path scheme with an upper bound for the overall safe probability; (iii) an adaptive stochastic routing algorithm to generate sufficient different paths and hidden routes. Simulation results for a typical partially-trusted relay QKD network show that this generalized scheme is effective. Supported by the National Fundamental Research Program of China (Grant No. 2006CB921900), the National Natural Science Foundation of China (Grant Nos. 60537020 and 60621064), the Knowledge Innovation Project of the Chinese Academy of Sciences, and the Chinese Academy of Sciences International Partnership Project     

Security of BB84 with weak randomness and imperfect qubit encoding

The main threats for the well-known Bennett–Brassard 1984 (BB84) practical quantum key distribution (QKD) systems are that its encoding is inaccurate and measurement device may be vulnerable to particular attacks. Thus, a general physical model or security proof to tackle these loopholes simultaneously and quantitatively is highly desired. Here we give a framework on the security of BB84 when imperfect qubit encoding and vulnerability of measurement device are both considered. In our analysis, the potential attacks to measurement device are generalized by the recently proposed weak randomness model which assumes the input random numbers are partially biased depending on a hidden variable planted by an eavesdropper. And the inevitable encoding inaccuracy is also introduced here. From a fundamental view, our work reveals the potential information leakage due to encoding inaccuracy and weak randomness input. For applications, our result can be viewed as a useful tool to quantitatively evaluate the security of a practical QKD system.     

Four-state quantum key distribution exploiting maximum mutual information measurement strategy

We propose a four-state quantum key distribution (QKD) scheme using generalized measurement of nonorthogonal states, the maximum mutual information measurement strategy. Then, we analyze the eavesdropping process in intercept–resend and photon number splitting attack scenes. Our analysis shows that in the intercept–resend and photon number splitting attack eavesdropping scenes, our scheme is more secure than BB84 protocol and has higher key generation rate which may be applied to high-density QKD.     

PUF-enhanced offline RFID security and privacy

RFID (Radio Frequency IDentification) based communication solutions have been widely used nowadays for mobile environments such as access control for secure system, ticketing systems for transportation, and sport events. These systems usually depend on readers that are not continuously connected to a secure backend system. Thus, the readers should be able to perform their duties even in offline mode, which generally requires the management by the readers of the susceptible data. The use of RFID may cause several security and privacy issues such as traceability of tag owner, malicious eavesdropping and cloning of tags. Besides, when a reader is compromised by an adversary, the solution to resolve these issues getting worse. In order to handle these issues, several RFID authentication protocols have been recently proposed; but almost none of them provide strong privacy for the tag owner. On the other hand, several frameworks have been proposed to analyze the security and privacy but none of them consider offline RFID system.Motivated by this need, in this paper, we first revisit Vaudenay's model, extend it by considering offline RFID system and introduce the notion of compromise reader attacks. Then, we propose an efficient RFID mutual authentication protocol. Our protocol is based on the use of physically unclonable functions (PUFs) which provide cost-efficient means to the fingerprint chips based on their physical properties. We prove that our protocol provides destructive privacy for tag owner even against reader attacks.     

Trojan horse attack free fault-tolerant quantum key distribution protocols

This work proposes two quantum key distribution (QKD) protocols—each of which is robust under one kind of collective noises—collective-dephasing noise and collective-rotation noise. Due to the use of a new coding function which produces error-robust codewords allowing one-time transmission of quanta, the proposed QKD schemes are fault-tolerant and congenitally free from Trojan horse attacks without having to use any extra hardware. Moreover, by adopting two Bell state measurements instead of a 4-GHZ state joint measurement for decoding, the proposed protocols are practical in combating collective noises.     

Quantum broadcasting multiple blind signature with constant size

Using quantum homomorphic signature in quantum network, we propose a quantum broadcasting multiple blind signature scheme. Different from classical signature and current quantum signature schemes, the multi-signature proposed in our scheme is not generated by simply putting the individual signatures together, but by aggregating the individual signatures based on homomorphic property. Therefore, the size of the multi-signature is constant. Furthermore, based on a wide range of investigation for the security of existing quantum signature protocols, our protocol is designed to resist possible forgery attacks against signature and message from the various attack sources and disavowal attacks from participants.     

Denial of service attacks and defenses in decentralized trust management

Trust management is an approach to scalable and flexible access control in decentralized systems. In trust management, a server often needs to evaluate a chain of credentials submitted by a client; this requires the server to perform multiple expensive digital signature verifications. In this paper, we study low-bandwidth Denial-of-Service (DoS) attacks that exploit the existence of trust management systems to deplete server resources. Although the threat of DoS attacks has been studied for some application-level protocols such as authentication protocols, we show that it is especially destructive for trust management systems. Exploiting the delegation feature in trust management languages, an attacker can forge a long credential chain to force a server to consume a large amount of computing resource. Using game theory as an analytic tool, we demonstrate that unprotected trust management servers will easily fall prey to a witty attacker who moves smartly. We report our empirical study of existing trust management systems, which manifests the gravity of this threat. We also propose a defense technique using credential caching, and show that it is effective in the presence of intelligent attackers. A preliminary version of this paper was presented at the Second IEEE International Conference on Security and Privacy in Communication Networks, Baltimore, MD, USA, August 2006.     

Unbalanced states violates RFID privacy

Designing privacy preserving authentication protocols for massively deployed Radio Frequency IDentification (RFID) systems is a real world challenge that have drawn significant attention from RFID community. This interest yields considerable amount of proposals targeting to overcome the main bottleneck (i.e. the exhaustive search over the list of all tag entries) which appears in the back-end database for large-scale RFID tag deployments. A class of these proposals contains RFID protocols where the server authenticates the tag in a negligible constant/sub-linear time for a more frequent normal state and needs a linear search in a rare abnormal states. In this study, however, we show that such protocols having unbalanced states are subject to side-channel attacks and do not preserve the RFID privacy. To illustrate this brutal security flaw, we conduct our analysis on different RFID protocols.     

Privacy-friendly synchronized ultralightweight authentication protocols in the storm

In the recent years, there has been an increasing interest in the development of secure and private authentication protocols for RFID. In order to suit the very lightweight nature of RFID tags, a number of proposals have focused on the design of very efficient authentication protocols using no classical cryptographic primitives.This article presents the state of the art in this field by summarizing this family of protocols and the most important attacks against them. The contribution also consists of a passive full-disclosure attack on the SASI and Yeh–Lo–Winata ultralightweight authentication protocols.     

认证协议中数据同步的分析

认证双方数据的同步是认证协议以及认证密钥交换协议的基本要求,但是在协议设计过程中难以把握且经常被忽视。对近年来可证明安全的一个RFID认证协议和一个RFID认证密钥交换协议以及可证明安全的一个移动卫星通信系统认证密钥交换协议进行了仔细分析,分别发现了针对这些协议的数据同步攻击,这些攻击破坏了协议的可用性。最后分别给出了改进方案,以克服存在的安全隐患。     

基于量子密码的物联网RFID系统安全的研究

RFID系统的普及应用和计算机处理能力不断提高使得传统公钥密码体制的不足日益凸显。为了替代传统公钥密码体制,解决标签的安全问题,本文基于遍历矩阵构造多元二次多项式（Bisectional Multivariate Quadratic Equation,BMQE）的方法,建立一种新的基于量子计算机构造的公钥密码方案,并且给出物联网移动RFID安全协议模型。接着从密钥尺寸、加/解密速度等对该方案进行性能评估,表明该方案在RFID系统中应用的可行性。最后从各项攻击方法等进行分析,表明该方案的安全性。该研究成果对量子密码时代推进RFID的安全研究具有重要参考价值。     

Single tag sharing scheme for multiple-object RFID applications

RFID systems have been widely adopted in various industrial as well as personal applications. However, traditional RFID systems are limited to address only one tag for each application object. This limitation hinders the usability of RFID applications because it is difficult, if not impossible, to distinguish many tags simultaneously with existing RFID systems. In this paper, we propose a new RFID tag structure to support multiple-objects that can be easily shared by many different RFID applications. That is, the proposed RFID tag structure supports that a tag maintains several different objects and allows those applications to access them simultaneously. We also propose an authentication protocol to support multiple-object RFID applications. Especially, we focus on the efficiency of the authentication protocol by considering different security levels in RFID applications. The proposed protocol includes two types of authentication procedures. In the proposed protocol, an object has its security level and goes through one of different authentication procedures suitable for its security level. We report the results of a simulation to test the performance of the proposed scheme. In our simulation, we considered the safety of our scheme against potential attacks and evaluated the efficiency of the proposed protocol.     

An efficient user authentication and key exchange protocol for mobile client–server environment

Considering the low-power computing capability of mobile devices, the security scheme design is a nontrivial challenge. The identity (ID)-based public-key system with bilinear pairings defined on elliptic curves offers a flexible approach to achieve simplifying the certificate management. In the past, many user authentication schemes with bilinear pairings have been proposed. In 2009, Goriparthi et al. also proposed a new user authentication scheme for mobile client–server environment. However, these schemes do not provide mutual authentication and key exchange between the client and the server that are necessary for mobile wireless networks. In this paper, we present a new user authentication and key exchange protocol using bilinear pairings for mobile client–server environment. As compared with the recently proposed pairing-based user authentication schemes, our protocol provides both mutual authentication and key exchange. Performance analysis is made to show that our presented protocol is well suited for mobile client–server environment. Security analysis is given to demonstrate that our proposed protocol is provably secure against previous attacks.     

A lightweight authentication and key agreement protocol preserving user anonymity

Nowadays with widespread employment of the Internet, servers provide various services for legal users. The vital issue in client/server connections is authentication protocols that make the communication channel safe and secure against famous attacks. Recently, Kumari et al. and Chaudhry et al. proposed two authentication and key agreement protocols and illustrated that their proposed protocols are secure against various security attacks. However, in this paper we demonstrate that both protocols are vulnerable to off-line password guessing attacks. Moreover, we show that Kumari et al.’s protocol does not provide the property of user anonymity. In order to overcome these weaknesses, we propose a lightweight authentication and key agreement protocol. The correctness of the proposed protocol is proved using BAN logic. Security analysis demonstrates that the proposed protocol resists various security attacks and provides user anonymity. Furthermore, performance analysis confirms that the computation cost of the proposed protocol is acceptable.