quantum cryptography christian schaffner research center for quantum software institute for logic,...
TRANSCRIPT
![Page 1: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/1.jpg)
Quantum Cryptography
Christian Schaffner
Research Center for Quantum Software
Institute for Logic, Language and Computation (ILLC)University of Amsterdam
Centrum Wiskunde & Informatica
32C3 Chaos Computer Congress HamburgMonday, 28 December 2015
![Page 2: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/2.jpg)
2
1969: Man on the Moon
NASA
The Great Moon-Landing Hoax?
How can you prove that you are at a specific location?http://www.unmuseum.org/moonhoax.htm
![Page 3: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/3.jpg)
3 What will you learn from this Talk?
Introduction to Quantum Mechanics Quantum Key Distribution Position-Based Cryptography
![Page 4: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/4.jpg)
4Quantum Bit: Polarization of a Photonqubit as unit vector in C2
![Page 5: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/5.jpg)
5Qubit: Rectilinear/Computational Basis
![Page 6: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/6.jpg)
6Detecting a Qubit
Bob
No photons: 0
Alice
![Page 7: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/7.jpg)
7Measuring a Qubit
Bob
No photons: 0Photons: 1
with prob. 1 yields 1Measurement:
0/1
Alice
![Page 8: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/8.jpg)
8Diagonal/Hadamard Basis
with prob. ½ yields 0
with prob. ½ yields 1
Measurement:
0/1=
![Page 9: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/9.jpg)
9Measuring Collapses the State
with prob. ½ yields 0
with prob. ½ yields 1
Measurement:
0/1=
![Page 10: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/10.jpg)
10Measuring Collapses the State
==
![Page 11: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/11.jpg)
11Quantum Mechanics
with prob. 1 yields 1Measurements:
+ basis
£ basis
with prob. ½ yields 0
with prob. ½ yields 1
0/1
0/1
![Page 12: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/12.jpg)
Wonderland of Quantum Mechanics
![Page 13: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/13.jpg)
13
Demonstration of Quantum Technology
13
generation of random numbers
(diagram from idQuantique white paper)
no quantum computation, only quantum communication required
50%
50%
![Page 14: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/14.jpg)
14 What will you Learn from this Talk?
Introduction to Quantum Mechanics Quantum Key Distribution Position-Based Cryptography
![Page 15: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/15.jpg)
15No-Cloning Theorem
??
?
Quantum operations: U
Proof: copying is a non-linear operation
![Page 16: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/16.jpg)
Quantum Key Distribution (QKD)Alice
Bob
Eve Offers an quantum solution to the key-exchange problem which
does not rely on computational assumptions (such as factoring, discrete logarithms, security of AES, SHA-3 etc.)
Puts the players into the starting position to use symmetric-key cryptography (encryption, authentication etc.).
[Bennett Brassard 84]16
k = 0101 1011 k = 0101 1011
k = ?
![Page 17: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/17.jpg)
Quantum Cryptography Landscape17
attackers
systems
efficient classicalattacks
efficient quantumattacks
everlasting security (store and break
later)
AES confident longer keys brute force
SHA confident longer outputs brute force
RSA, DiscLogs confident Shor brute force
Hash-Based Sign probably probably brute force
McEliece probably probably brute force
Lattice-based probably probably brute force
QKD
physical security
Post Quantum
Crypto te
chni
cal d
ifficu
lty (€
)
![Page 18: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/18.jpg)
Quantum Key Distribution (QKD)[Bennett Brassard 84]18
0 1 1 1 0
0 0 1 1 0
k = 110
k = 110
![Page 19: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/19.jpg)
Quantum Key Distribution (QKD)[Bennett Brassard 84]19
0 1 1 1 0
0 0 1 1 0
k = 10 k = 10
Quantum states are unknown to Eve, she cannot copy them.
Honest players can test whether Eve interfered.
? ? ? ??
k = ?
![Page 20: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/20.jpg)
Quantum Key Distribution (QKD)Alice
Bob
Eve
technically feasible: no quantum computer required, only quantum communication
[Bennett Brassard 84]20
![Page 21: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/21.jpg)
Quantum Key Distribution (QKD)Alice
Bob
Eve
technically feasible: no quantum computer required, only quantum communication
[Bennett Brassard 84]21
![Page 22: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/22.jpg)
22Quantum Hacking
e.g. by the group of Vadim Makarov (University of Waterloo, Canada)
![Page 23: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/23.jpg)
23 What will you Learn from this Talk?
Introduction to Quantum Mechanics
Quantum Key Distribution Position-Based Cryptography
![Page 24: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/24.jpg)
24Position-Based Cryptography
Typically, cryptographic players use credentials such as secret information (e.g. password or secret key) authenticated information biometric features
Can the geographical location of a player be used as cryptographic credential ?
![Page 25: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/25.jpg)
25Position-Based Cryptography
Possible Applications: Launching-missile command comes
from within your military headquarters Talking to the correct assembly Pizza-delivery problem /
avoid fake calls to emergency services …
Can the geographical location of a player be used as sole cryptographic credential ?
![Page 26: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/26.jpg)
26
Basic task: Position Verification
Prover wants to convince verifiers that she is at a particular position
no coalition of (fake) provers, i.e. not at the claimed position, can convince verifiers
(over)simplifying assumptions: communication at speed of light instantaneous computation verifiers can coordinate
Verifier1 Verifier2Prover
![Page 27: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/27.jpg)
27
Position Verification: First Try
Verifier1 Verifier2Prover
time
distance bounding [Brands Chaum ‘93]
![Page 28: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/28.jpg)
28
Position Verification: Second Try
Verifier1 Verifier2Prover
position verification is classically impossible ! [Chandran Goyal Moriarty Ostrovsky 09]
![Page 29: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/29.jpg)
29
The Attack
copying classical information this is impossible quantumly
![Page 30: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/30.jpg)
30
Position Verification: Quantum Try[Kent Munro Spiller 03/10]
Can we brake the scheme now?
?
?
?
![Page 31: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/31.jpg)
31
?
Attacking Game
Impossible to cheat due to no-cloning theorem
Or not?
?? ?
?
![Page 32: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/32.jpg)
32EPR Pairs
prob. ½ : 0 prob. ½ : 1
prob. 1 : 0
[Einstein Podolsky Rosen 1935]
“spukhafte Fernwirkung” (spooky action at a distance) EPR pairs do not allow to communicate
(no contradiction to relativity theory) can provide a shared random bit
EPR magic!
![Page 33: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/33.jpg)
33Quantum Teleportation[Bennett Brassard Crépeau Jozsa Peres Wootters 1993]
does not contradict relativity theory Bob can only recover the teleported qubit
after receiving the classical information ¾
?
[Bell]
? ?
![Page 34: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/34.jpg)
34
Teleportation Attack
It is possible to cheat with entanglement !! Quantum teleportation allows to
break the protocol perfectly.
? ?
?
?
[Bell]
?[Bell]
![Page 35: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/35.jpg)
35No-Go Theorem
Any position-verification protocol can be broken using an exponential number of entangled qubits.
Question: Are so many quantum resources really necessary?
Does there exist a protocol such that: honest prover and verifiers are efficient, but any attack requires lots of entanglement
[Buhrman, Chandran, Fehr, Gelles, Goyal, Ostrovsky, Schaffner 2010] [Beigi Koenig 2011]
see http://homepages.cwi.nl/~schaffne/positionbasedqcrypto.php for recent developments
![Page 36: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/36.jpg)
36
What Have You Learned from this Talk?Quantum Mechanics
Qubits
No-cloning
Entanglement
Quantum Teleportation
![Page 37: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/37.jpg)
37
What Have You Learned from this Talk?
Position-Based Cryptography
Quantum Key Distribution (QKD)
![Page 38: Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam](https://reader036.vdocument.in/reader036/viewer/2022070414/5697c0251a28abf838cd562e/html5/thumbnails/38.jpg)
Thank you for your attention!
Questions