anupamasrep
TRANSCRIPT
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 1/15
Seminar Report
On
Quantum Cryptography
&
It’s Integration
With
802.11 WLAN
Anupama Sukhija
2008H103428
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 2/15
INDEX
1. Introduction to Quantum Cryptography
1.1 Classical Cryptography and Key Distribution Problem
1.2 Quantum Communication
1.3 Elements of Quantum Theory
1.4 Heisenberg Uncertainty Principle
1.5 Quantum Key Distribution
1.6 Detecting Eavesdropper
2. Overview of IEEE 802.11 Wireless LAN
2.1 802.11 Key Hierarchy && 4 way Handshake for Authentication
2.2 Need for Quantum Cryptography
3. Integrating 802.11 & Quantum Cryptography
3.1 QKD handshake for WLAN
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 3/15
1. Introduction to Quantum Cryptography
Over the last two decades an interesting field of cryptography has raised from non
classical atomic theory, Quantum Physics. This field is called Quantum cryptography.
Unlike the classical cryptography of public and private key ciphers which analyze the
strength of a cipher by means of mathematical attacks and formulas, the security of
quantum cryptography is ensured by laws of Quantum Physics.
1.1 Classical Cryptography and Key Distribution problem.
Classical Cryptography is based on encrypting the plain text to be send by the
source using some mathematical formula, sending it over a insecure channel to the sink
where it is decrypted by reverse mathematical operation. The algorithm used for
encryption is called Cipher and hence the data send over the network is called cipher text.
Fig 1.1 Classical Cryptography
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 4/15
Key Distribution Problem
Classical Cryptography suffers from Key Distribution problem, how to
communicate the key securely between two pair of users. For years, it was believed that
the only possibility to solve the key distribution problem was to send some physicalmedium – a disk for containing the key. In the digital era, this requirement is clearly
unpractical. In addition, it is not possible to check whether this medium was intercepted –
and its content copied – or not.
Public key cryptography came as a solution to this, but these too are slow and
cannot be used to encrypt large amount of data. Public key cryptography suffers because
even though one way functions have not been yet reversed with technological and
mathematical advances it is possible.
1.2 Elements of Quantum Theory
Light waves are made up of millions of discrete quanta called Photons. They are
massless and have energy, momentum and angular momentum called spin. Spin carries
the polarization. These photons are indivisible much like Atoms it just that they are units
of lights. Photons can be polarized from 0◦ to 360◦ and intermediate spin positions like
45◦ or 90◦ can be detected using filters inclined to certain directions.
Fig 1.2 Polarization of Light
In 1.2 we can see that light from a bulb passes through a polarization filter with isinclined to 90◦ so we get vertical ray of light out of it, if we place another filer that is
inclined differently rays are again rotated. If the rays are at orthogonal angle to the filter
we will get no output.
The advantage of this kind of polarized light is that once we pass the light through
2nd
filter we don’t know what was the orientation of light rays after 1st
filter. So in that
channel privacy is maintained.
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 5/15
1.3 Quantum Communication
In telecommunication networks, light is routinely used to exchange information.
For each bit of information, a pulse is emitted and sent down an optical fiber – a thinfiber of glass used to carry light signals – to the receiver, where it is registered and
transformed back into an electronic signal. These pulses typically contain millions of
photons.
In quantum cryptography, one can follow the same approach, with the only
difference that the pulses contain only a single photon. A single photon represents a very
tiny amount of light (when reading this article your eyes register billions of photons
Quantum cryptography solves the key distribution problem by allowing the
exchange of a cryptographic key between two remote parties with absolute security,guaranteed by the laws of physics. This key can then be used with conventional
cryptographic algorithms.
Quantum Communication is based on two features of Quantum mechanisms and
photons
- State indeterminancy based on Heisenberg principle
- Entangled based protocols that means two entities can be defined such that their
properties are entangled altering one effects the value of other. If an entangledobject like a key is shared between two parties it maintains integrity of the key
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 6/15
1.4 Heisenberg Uncertainty Principle:
For any two observable properties linked together like mass and momentum
According to the principle two interrelated properties cannot be measured individually
without affecting the other. The principle is that since you cannot partition the photon
into two halves measuring the state of photon will affect it value. So if someone tries to
detect the state of photons being send over to the receiver the error can be detected.
1.5 Quantum Key Distribution – BB84 Protocol
Each photon carries one “qubit” of information.Polarization can be used to represent
a 0 or 1. A user can suggest a key by sending a stream of randomly polarized photons.This sequence can be converted to a binary key. If the key was intercepted it could be
discarded and a new stream of randomly polarized photons sent.
This protocol, known as BB84 after its inventors and year of publication, was
originally described using photon polarization states to transmit the information.
However, any two pairs of conjugate states can be used for the protocol, and many
optical fibre based implementations described as BB84 use phase encoded states
Now the steps of the protocol are as follows.
Alice communicates with Bob via a quantum channel sending him photons.
Then they discuss results using a public channel.
After getting an encryption key Bob can encrypt his messages and send them by
any public channel.
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 7/15
One with the 0-90 degree basis and one with 45-135 degree basis .
Alice uses her polarizer's to send randomly photons to Bob in one of the four
possible polarizations 0,45,90,135 degree.
Bob uses his polarizer's to measure each polarization of photons he receives.
He can use the basis or the but not both simultaneously.
Fig 1.3 Quantum Communication
1.6 Detecting Eavesdroppers
To check for the presence of eavesdropping Alice and Bob now compare a certain
subset of their remaining bit strings. If any interceptor has gained any information about
the photons polarization, this will have introduced errors in Bobs' measurements. If more
than p bits differ they abort the key and try again, possibly with a different quantum
channel, as the security of the key cannot be guaranteed. p is chosen between the sender
and reciver.
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 8/15
1.7 Intercept and Resend Attack
One of the simplest attack on BB84 is intercept and resend , where Eve or the
interceptor intercept a state and resends another it has already prepared. Suppose Eve is
an interceptor, since it doesn’t not know the random basis chosen by source Alice it
chooses one randomly for itself. So it used this basis and changes the photon states. This
produces and error in the information Bob has.
Fig 1.7 Attack on Quantum Cryptography
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 9/15
2. IEEE 802.11 WLAN
IEEE 802.11 is Wireless LAN provides three services
- Authentication
- Key Management
- Encryption Algorithm
Authentication
In 802.11 Authentication is the first thing done when a mobile host wants to
connect to the network, this is done by EAP( Extensible Authentication Protocol)
between the Supplicant, Access Point and Authenticator Server. The supplicant
corresponds to the Access Point which network it wants to join. The access point
handles all access control jobs and allows only authenticated users to reach the
server.
Fig 2.1 Authentication Protocol Stack
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 10/15
Key Management
802.11i uses many keys at different levels one referred here is PMK or
Pairwise Master Key.
- PMK is divided into KEK(Key encryption key) , KCK (Key confirmationkey),and TK ( temporal key).
- KCK calculates MIC(Message Integrity Code)
- KEK is used to calculate GTK(Group Temporal Key) used for multicast
communication.
- TK is used for Unicast traffic.
Fig 2.2 4 way handshake
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 11/15
- Upon having the PMK, the access point starts the 4-way handshake with the
mobile terminal to derive the PTK.(Pairwise Temporal Key)
- This is split into Key Confirmation Key (KCK), Key Encryption Key (KEK),
and Temporal Key (TK).
- The KCK is used to calculate the MIC (Message Integrity Code) of the
message during the 4- way handshake.
- The KEK is used to encrypt the Group Temporal Key (GTK), the key related
to the encryption of the multicast traffic, when the access point distributes the
GTK to mobile terminals.
- The TK is used to encrypt unicast user data traffic
- In step (1) the PMK is derived during the authentication between the
Supplicant and the Authentication server.
- In step (2), the Authentication server supplies the Authenticator with the PMK.
- In step (3), the PTK and thus the remainder keys of the key hierarchy are
derived during the 4- way handshake.
- The 4-way handshake is started by the Authenticator by sending the value
ANonce(Authenticator Nonce) to the Supplicant.
- In the second message the Supplicant correspond with SNounce or Supplier
Nounce and MIC
- In the third message of the 4-way handshake, theAuthenticator tells the
Supplicant that it has finished the derivation of the key hierarchy. It also sends
a MIC calculated based on the content of the message and the KCK which has
just derived.
- Upon receiving this message, the Supplicant checks the MIC in order to verify
that the Authenticator obtains the PMK, and thus authenticates the
Authenticator.
- Then, the key hierarchy can be used without the doubt.
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 12/15
- In the last message of the 4-way handshake, the Supplicant tells the
Authenticator that the 4-way handshake is now successfully completed.
- After the 4-way handshake, the Temporal Key (TK) is used by the encryption
algorithm to provide confidentiality of user data.
Encryption
The 802.11i standard specifies two encryption algorithms: TKIP (Temporal Key
Integrity Protocol) and CCMP (Counter mode with CBC-MAC Protocol). CCMP is
mandatory and TKIP is optional.
2.2 Why Quantum Cryptogrpahy is needed in 802.11?
- Firstly, WLAN is used to access the Internet via an Access Point this
communication is highly security critical in nature.
- Since WLANS are used in office type of environments this facilitates the
deployment of quantum key distribution network apparatus.
- The mobility speed of WLAN is slow enough to solve the Line of Sight
Problem of quantum transmitters and receivers.
“Line of Sight problems occurs majorly in cellular mobile host who have
a very high speed of mobility”
- WLAN terminals have enough computational capacity and autonomy to
facilitate quantum key distribution.
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 13/15
3. Integrating QFD and 802.11
In order to integrate Quantum key distribution in 802.11i, we modify the 4-way
handshake to integrate the BB84 protocol, and call it the Quantum handshake. The BB84protocol is inserted into the 4-way handshake after the second message.
The purpose is to make as minimal change to 802.11 as possible so we keep
authentication and encryption intact while we change the Key Management Process.
- The two first messages of the 4-way handshake, which are reused by the
Quantum handshake, allow the Supplicant and the Authenticator to derive a
fresh KCK before starting the BB84 protocol.
- In the 4-way handshake, the Supplicant and the Authenticator use a Pseudo-
Random Function (PRF) to derive the PTK of 384 bits (for CCMP) or 512
bits (for TKIP) from the PMK. The PTK is then split into a KEK of 128
bits, a KCK of 128 bits, and a TK of 128 bits (for CCMP) or 256 bits (for
TKIP).
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 14/15
Fig 3.1 QKD Handshake
- Quantum handshake, the PRF function is only used to produce the KCK
which serves the mutual authentication between the Supplicant and the
Authenticator.
- The keys serving the encryption, KEK and TK (the TK is our main
objective, but we profit the QKD process to establish also the KEK), will
be constructed by the BB84 protocol.
- The ANonce and SNonce exchanged in the first two messages only used to
construct the KCK which helps the Authenticator and the Supplicant to
authenticate each other and to provide the integrity (via the MIC calculation
and verification) of the messages exchanged in the BB84 protocol.
7/27/2019 anupamasrep
http://slidepdf.com/reader/full/anupamasrep 15/15
Other References
[1] Integration of Quantum Cryptography in 802.11 Networks The Mai Trang Nguyen,
Mohamed Ali Sfaxi, and Solange Ghernaouti-Hélie .
[2]Bennett, C. H., and Shor, P. W. Quantum information theory. IEEE Transaction onInformation Theory 44, 6 (1998), 2724–42.
[3] Shannon, C. E., 1949, ‘‘Communication theory of secrecy systems, ’’ Bell Syst. Tech.
J28, 656–715.
[4] B. Schneier, Applied Cryptography, John Wiley & Son,1996.
[5] K. G. Paterson, F. Piper, and R. Schack, “Why quantum cryptography ?”, Quantum
physics, quant-ph/0406147, June 2004.