Transcript Rita Pizzi Dipartimento di Tecnologie dell’Informazione

Rita Pizzi
Department of Information Technology
Università degli Studi di Milano
PROTOTYPE OF A
QUANTUM
CRYPTOGRAPHY SYSTEM
FOR THE END USER
QUANTUM INFORMATION
The quantum computer does non exist yet
But a real world application based on quantum
information exists:
QUANTUM CRYPTOGRAPHY
It allows the secure transmission of data, independent
from algorithms and computing power of the attacker
It is possible to detect any intrusion immediately
Nowadays optical fiber systems exist that reach
distances of 100 km
Methods to increase distances and usability are
underway (quantum repeaters for optical fibers / satellite
transmissions)
QUANTUM CRYPTOGRAPHY TODAY
Quantum cryptography performances captured the
interest of banks, big companies and institutions.
Systems already on sale:
• MagiQ Technologies New York
•
idQuantique Geneve
•
SmartQuantum York
•
•
•
QinetiQ UK (defence)
Toshiba Corp Tokio
National Institute of Standards and
Technology (US government agency )
are acquiring this technology
QUANTUM CRYPTOGRAPHY TODAY
Today the cost of a system is around 100.000 $
Less expensive applications are interesting,
affordable for the end user:
ATM terminals, online internet transactions
We developed our prototype to this purpose
A compact and cheap system that could be
embedded in a smartphone
THE BB84 PROTOCOL
(Bennet Brassard 1984)
In quantum physics the act of
observation modifies in an
unpredictable way the observed
system
Thus any external action in the system
will corrupt the flow of information,
revealing the intrusion
The BB84 protocol is based on the
polarization properties of the photons
THE BB84 PROTOCOL
(Bennet Brassard 1984)
Alice chooses rendomly a sequence of 1 and 0
bits, turns them into photons, applies to each bit
one of the possible polarizations, then sends them
to Bob.
Bob chooses randomly a polarization to examine
each of the received photons, turns them into bits
and records the results of his observations.
THE BB84 PROTOCOL
(Bennet Brassard 1984)
Now Bob sends to Alice on a public channel (e.g.
Internet) his polarization sequence (but NOT the
result of his measures)
Alice selects the positions in the sequence that
Bob sent correctly and sends them back to Bob on
the public channel
THE BB84 PROTOCOL
(Bennet Brassard 1984)
Both Alice and Bob share now an identical
sequence of bits, i.e. they possess a shared key
that is definitely secret.
BB84 – THE INTRUSION
In this kind of transaction an intrinsic error rate
exists, that can be minimized by means of error
correction and privacy amplification techniques
If an eardropper E interposes to intercept the
sequence of bits, for the quantum physics laws he
corrupts the sequence and sends back to Bob a
sequence with a much higher error rate
This reveals immediately the presence of the
intruder and the transaction can be stopped
without damage
OUR SYSTEM
Our system is based on two
custom cards: the transmitter
and the receiver.
TRANSMITTER
It is an electronic circuit that
drives four high-performances
LEDs
The LEDS are endowed with
polarizing filters and their
intensity is suitably
attenuated.
Random logical signals are
generated that turn on the
four LEDs in sequence
OUR SYSTEM
RECEIVER
The receiving circuit must
re-establish a sequence of
data starting from the
received photons.
Four high-sensitivity
photodiodes turn the
photons (passed through
four polarizing filters) into
electrical signals, then into
bits.
This is made possible by a
logic state analyzer that
detects the voltage peaks
coming from the
photodiodes.
THE FIRMWARE
A C-written software drives the whole process on
two separated PCs.
In the first PC the software, using the
BlumBlumShub pseudorandom number generator,
generates the sequence of bits and synchronizes it
This is acquired by the transmitter through the
parallel port.
THE FIRMWARE
On the second PC the software reads the
signals reconstructed by the logic state
analyzer and syncronizes them
We also simulated the comparison on public
channel between sequences generated by
transmitter and receiver
At the end of simulation we obtain
the secure key.
FUTURE DEVELOPMENTS
At the moment our system is a prototype
on optical bench
In the future it can be adapted to work on
optical fibers or directly on ATM terminals.
The system performances are improvable
with more effective components and with
more powerful software algorithms
FUTURE DEVELOPMENTS
We are acquiring avalanche photodiodes
that will ensure single-photon performances
The software random number generator
will be substituted by a portable and
affordable hardware generator (IdQuantique
o custom)
Robust algorithms of error correction and
privacy amplification will be developed.