基于密钥中继的广域量子密钥网络路由方案

针对现有基于密钥中继的 QKD 网络路由方案存在适用范围有限、不能满足广域环境路由需求的问题,分析了广域 QKD 网络路由特点并提出了相应的路由需求,进而设计了基于虚链路的分域量子密钥网络路由方案。将广域 QKD 网络划分为多个小规模的密钥路由域,降低了域内密钥路由的复杂度,通过建立跨越密钥路由域的虚链路缩短了域间路由长度,从而提高了广域环境下密钥路由效率。理论分析表明,该方案具有路由更新收敛快、路由时延小、密钥资源消耗少的优点。     

Reference-free-independent quantum key distribution immune to detector side channel attacks

Usually, a shared reference frame is indispensable for practical quantum key distribution (QKD) systems. As a result, most QKD systems need active alignment of reference frame due to the unknown and slowly variances of reference frame introduced by environment. Quite interestingly, reference-free-independent (RFI) QKD can generate secret-key bits without alignment of reference frame. However, RFI QKD may be still vulnerable to detector side channel attacks. Here, we propose a new RFI QKD protocol, in which all detector side channels are removed. Furthermore, our protocol can still tolerate unknown and slow variance of reference frame without active alignment. And a numerical simulation shows that long security distance is probable in this protocol.     

Building a Quantum Network: How to Optimize Security and Expenses

Quantum key distribution (QKD) is regarded as a key-technology for the upcoming decades. Its practicability has been demonstrated through various experimental implementations. Wide-area QKD networks are a natural next step and should inherit the selling point of provable security. However, most research in QKD focuses on point-to-point connections, leaving end-to-end security to the trustworthiness of intermediate repeater nodes, thus defeating any formal proof of security: why bother outwitting QKD, if the repeater node is an easy prey, and an equally valuable target? We discuss methods of designing QKD networks with provable end-to-end security at provably optimized efforts. We formulate two optimization problems, along with investigations of computational difficulty: First, what is the minimal cost for a desired security? Second, how much security is achievable under given (budget-)constraints? Both problems permit applications of commercial optimization software, so allow taking a step towards an economic implementation of a globally spanning QKD network.     

Is quantum key distribution suitable for steganography?

Recently a quantum steganographic communication protocol based on quantum key distribution (QKD) was proposed, where it is believed that QKD is a kind of suitable cover of a steganographic communication because QKD itself is not deterministic communication. Here we find that, as a special cryptographic application, the procedure of QKD can be used for deterministic secure communication, and consequently it is not suitable for steganography. Due to similar reasons, other quantum cryptographic schemes, including quantum secret sharing and quantum secure direct communication, are not suitable for steganography either.     

QKD网络量子信道管理关键技术研究

随着网络的发展,网络传播的信息日益增多,其中某些信息需要较高的安全性,因此信息加密手段的研究具有重大意义。量子密钥分发(Quantum Key Distribution,QKD)技术基于量子力学中的不可克隆定理,即不可能复制一个未知的量子态而不对其造成扰动,保证了其无条件的安全性,能够实现安全的密钥分发。但目前QKD网络规模较小,不能满足大规模组网的需求。同时,经典网络的路由技术已经不能适应QKD网络,量子信道寻径成为了一个需要解决的问题。鉴于以上问题,提出了一种能够满足较大规模QKD通信的基于光开关切换的QKD网络模型,并重点设计了其网络结构和信令体系,在此基础上设计了一个用于量子信道寻径的先导信号协议,并提出了量子信道管理机制。经实验验证,该模型的性能良好。     

Implementation of quantum key distribution network simulation module in the network simulator NS-3

As the research in quantum key distribution (QKD) technology grows larger and becomes more complex, the need for highly accurate and scalable simulation technologies becomes important to assess the practical feasibility and foresee difficulties in the practical implementation of theoretical achievements. Due to the specificity of the QKD link which requires optical and Internet connection between the network nodes, to deploy a complete testbed containing multiple network hosts and links to validate and verify a certain network algorithm or protocol would be very costly. Network simulators in these circumstances save vast amounts of money and time in accomplishing such a task. The simulation environment offers the creation of complex network topologies, a high degree of control and repeatable experiments, which in turn allows researchers to conduct experiments and confirm their results. In this paper, we described the design of the QKD network simulation module which was developed in the network simulator of version 3 (NS-3). The module supports simulation of the QKD network in an overlay mode or in a single TCP/IP mode. Therefore, it can be used to simulate other network technologies regardless of QKD.     

Some physics and system issues in the security analysis of quantum key distribution protocols

In this paper, we review a number of issues on the security of quantum key distribution (QKD) protocols that bear directly on the relevant physics or mathematical representation of the QKD cryptosystem. It is shown that the cryptosystem representation itself may miss out many possible attacks, which are not accounted for in the security analysis and proofs. Hence, the final security claims drawn from such analysis are not reliable, apart from foundational issues about the security criteria that are discussed elsewhere. The cases of continuous-variable QKD and multi-photon sources are elaborated upon.     

Advanced unambiguous state discrimination attack and countermeasure strategy in a practical B92 QKD system

Even though unconditional security of B92 quantum key distribution (QKD) system is based on the assumption of perfect positive-operator-valued measures, practical B92 systems only utilize two projective measurements. Unfortunately, such implementation may degrade the security of the B92 QKD system due to Eve’s potential attack exploiting the imperfection of system. In this paper, we propose an advanced attack strategy with an unambiguous state discrimination (USD) measurement which makes practical B92 QKD systems insecure even under a lossless channel. In addition, we propose an effective countermeasure against the advanced USD attack model by monitoring double-click events. We further address a fundamental approach to make the B92 QKD system tolerable to attack strategies with USD measurements using a multi-qubit scheme.     

Universally composable and customizable post-processing for practical quantum key distribution

In quantum key distribution (QKD), a secret key is generated between two distant parties by transmitting quantum states. Experimental measurements on the quantum states are then transformed to a secret key by classical post-processing. Here, we propose a construction framework in which QKD classical post-processing can be custom made. Though seemingly obvious, the concept of concatenating classical blocks to form a whole procedure does not automatically apply to the formation of a quantum cryptographic procedure since the security of the entire QKD procedure rests on the laws of quantum mechanics and classical blocks are originally designed and characterized without regard to any properties of these laws. Nevertheless, we justify such concept of concatenating classical blocks in constructing QKD classical post-processing procedures, along with a relation to the universal-composability-security parameter. Consequently, effects arising from an actual QKD experiment, such as those due to the finiteness of the number of signals used, can be dealt with by employing suitable post-processing blocks. Lastly, we use our proposed customizable framework to build a comprehensive generic recipe for classical post-processing that one can follow to derive a secret key from the measurement outcomes in an actual experiment.     

Study on the security of the authentication scheme with key recycling in QKD

In quantum key distribution (QKD), the information theoretically secure authentication is necessary to guarantee the integrity and authenticity of the exchanged information over the classical channel. In order to reduce the key consumption, the authentication scheme with key recycling (KR), in which a secret but fixed hash function is used for multiple messages while each tag is encrypted with a one-time pad (OTP), is preferred in QKD. Based on the assumption that the OTP key is perfect, the security of the authentication scheme has be proved. However, the OTP key of authentication in a practical QKD system is not perfect. How the imperfect OTP affects the security of authentication scheme with KR is analyzed thoroughly in this paper. In a practical QKD, the information of the OTP key resulting from QKD is partially leaked to the adversary. Although the information leakage is usually so little to be neglected, it will lead to the increasing degraded security of the authentication scheme as the system runs continuously. Both our theoretical analysis and simulation results demonstrate that the security level of authentication scheme with KR, mainly indicated by its substitution probability, degrades exponentially in the number of rounds and gradually diminishes to zero.     

Multiple stochastic paths scheme on partially-trusted relay quantum key distribution network

Quantum key distribution (QKD) technology provides proven unconditional point-to-point security based on fundamental quantum physics. A QKD network also holds promise for secure multi-user communications over long distances at high-speed transmission rates. Although many schemes have been proposed so far, the trusted relay QKD network is still the most practical and flexible scenario. In reality, the insecurity of certain relay sections cannot be ignored, so to solve the fatal security problems of partially-trusted relay networks we suggest a multiple stochastic paths scheme. Its features are: (i) a safe probability model that may be more practical for real applications; (ii) a multi-path scheme with an upper bound for the overall safe probability; (iii) an adaptive stochastic routing algorithm to generate sufficient different paths and hidden routes. Simulation results for a typical partially-trusted relay QKD network show that this generalized scheme is effective. Supported by the National Fundamental Research Program of China (Grant No. 2006CB921900), the National Natural Science Foundation of China (Grant Nos. 60537020 and 60621064), the Knowledge Innovation Project of the Chinese Academy of Sciences, and the Chinese Academy of Sciences International Partnership Project     

The enhanced measurement-device-independent quantum key distribution with two-intensity decoy states

We put forward a new scheme for implementing the measurement-device-independent quantum key distribution (QKD) with weak coherent source, while using only two different intensities. In the new scheme, we insert a beam splitter and a local detector at both Alice’s and Bob’s side, and then all the triggering and non-triggering signals could be employed to process parameter estimations, resulting in very precise estimations for the two-single-photon contributions. Besides, we compare its behavior with two other often used methods, i.e., the conventional standard three-intensity decoy-state measurement-device-independent QKD and the passive measurement-device-independent QKD. Through numerical simulations, we demonstrate that our new approach can exhibit outstanding characteristics not only in the secure transmission distance, but also in the final key generation rate.     

Key-leakage evaluation of authentication in quantum key distribution with finite resources

Partial information leakages of generation key undoubtedly influence the security of practical Quantum Key Distribution (QKD) system. In this paper, based on finite-key analysis and deep investigation on privacy amplification, we present a method for characterizing information leakages gained by adversary in each authentication round and therefore take the theory derived by Cederlöf and Larsson (IEEE Trans Inf Theory 54:1735–1741, 2008) into practical case. As the authentication key is fed from one round of generation keys to the next except the first round, by considering its security weakness due to information leakages and finite size effect, we further propose a universal formula for calculating the lifetime of initial authentication key used in QKD with finite resources. Numerical simulations indicate that our bound for estimating information leakages strictly characterizes the stability of practical QKD against information-leakage-based attacks, and our calculation formula in terms of lifetime can precisely evaluate the usage time of initial authentication key. Our work provides a practical solution for evaluating authentication security of QKD.     

BB84量子密钥分配协议在专网中的应用

依据专用网络的特点,对BB84量子密钥分配协议做了改进,提出一种适用于专用网络的BB84-PN协议。该协议通过身份认证和量子物理特性,提高了安全性。同时,在通信过程中通过协商传输量子密钥规则,有效地提高了传输效率。     

面向量子密钥分发的自适应LDPC双码并行机制

信息协调是量子密钥分发中的关键步骤,基于LDPC实现量子信息协调是当前国内外研究的焦点。目前QKD系统LDPC译码器普遍采用单码字顺序译码机制设计,且采用的是性能较差的准循环LDPC码,LDPC译码器吞吐量和纠错上限较低,无法满足高速率高误码下量子安全性及性能需求。设计了一种面向量子密钥分发的新型自适应LDPC双码并行机制ADCPM,采用随机型LDPC码,且在译码的同时进行双密钥串并行纠错,较传统方法吞吐量提升了近1倍。真实平台实验结果表明,ADCPM支持高达10%的误码率,吞吐量超过140 Mbps,可有效支撑高误码下高速安全量子信息协调。     

Four-state quantum key distribution exploiting maximum mutual information measurement strategy

We propose a four-state quantum key distribution (QKD) scheme using generalized measurement of nonorthogonal states, the maximum mutual information measurement strategy. Then, we analyze the eavesdropping process in intercept–resend and photon number splitting attack scenes. Our analysis shows that in the intercept–resend and photon number splitting attack eavesdropping scenes, our scheme is more secure than BB84 protocol and has higher key generation rate which may be applied to high-density QKD.     

基于纠缠的量子密钥分配协议仿真

由于受物理资源和实验条件的限制,在经典计算机上对量子密钥分配（QKD）仿真,为研究者提供一种手段以便更好地掌握这类抽象协议。对以纠缠态为基础的E91协议的量子密钥分配过程进行仿真,重点对比分析了理想环境、有噪环境以及窃听环境下的仿真结果,并验证该量子密钥分配协议的安全性。     

量子密钥分发网络端端密钥协商最优路径选择算法

针对量子密钥分发(QKD)网络端端密钥协商路径选择问题,设计了一种基于改进Dijkstra算法的端端密钥协商最优路径选择算法。首先,基于有效路径策略,剔除网络中的失效链路;然后,基于最短路径策略,通过改进Dijkstra算法,得到密钥消耗最少的多条最短路径;最后,基于最优路径策略,从多条最短路径中选择一条网络服务效率最高的最优路径。分析结果表明,该算法很好地解决了最优路径不唯一、最优路径非最短、最优路径非最优等问题,可以降低QKD网络端端密钥协商时密钥消耗量,提高网络服务效率。     

Tunable multi-party high-capacity quantum key distribution based on <Emphasis Type="Italic">m</Emphasis>-generalized Fibonacci sequences using golden coding

Practical communication settings for quantum key distribution (QKD) are very complex, and the number of participants should be tunable. Given these, we propose a tunable multi-party high-capacity QKD protocol based on m-generalized Fibonacci sequences and golden coding, where the number of participants can be adjusted adaptively by joining a new participant and revoking an old participant, combining two participant groups into one group. Meanwhile, we construct golden coding to achieve higher capability and fewer interactive communications.     

Trojan horse attack free fault-tolerant quantum key distribution protocols

This work proposes two quantum key distribution (QKD) protocols—each of which is robust under one kind of collective noises—collective-dephasing noise and collective-rotation noise. Due to the use of a new coding function which produces error-robust codewords allowing one-time transmission of quanta, the proposed QKD schemes are fault-tolerant and congenitally free from Trojan horse attacks without having to use any extra hardware. Moreover, by adopting two Bell state measurements instead of a 4-GHZ state joint measurement for decoding, the proposed protocols are practical in combating collective noises.