Transcript Lecture
Lecture 14: Blocking and Catching Photons CS551: Security and Privacy University of Virginia Computer Science David Evans http://www.cs.virginia.edu/~evans Menu • Visual Cryptography – Identify your pictures – Work in groups to think about problem on manifest • • • • Quantum Cryptography Quantum Computing Midterm Wednesday Office Hours: Tuesday 3-4:30 – Will not answer questions about anything except the Dumpster Document 27 July 2016 University of Virginia CS 551 2 Visual Cryptography • Can we quickly do a lot of XORs without a computer? • Yes: Key Ciphertext Key Ciphertext 0: 1: .5 probability 27 July 2016 .5 probability University of Virginia CS 551 3 Key + Ciphertext Key Ciphertext Key Ciphertext + + + + =0 =1 27 July 2016 University of Virginia CS 551 4 Perfect Cipher? Plaintext 0 Key Ciphertext Key Ciphertext 1 .5 probability 27 July 2016 .5 probability University of Virginia CS 551 5 Perfect Cipher Plaintext 0 Key Ciphertext Key Ciphertext 1 .5 probability .5 probability P (C = P (C = | M = 0) = .5 = | M = 1) = .5 P (C = P (C = | M = 0) = .5 = | M = 1) = .5 27 July 2016 University of Virginia CS 551 Yes! 6 Show Demo 27 July 2016 University of Virginia CS 551 7 Quantum Cryptography 27 July 2016 University of Virginia CS 551 8 Quantum Physics for Dummies • Light behaves like both a wave and a particle at the same time • A single photon is in many states at once • Can’t observe its state without forcing it into one state • Schrödinger’s Cat – Put a live cat in a box with cyanide vial that opens depending on quantum state – Cat is both dead and alive at the same time until you open the box 27 July 2016 University of Virginia CS 551 9 Heisenberg’s Uncertainty Principle “We cannot know, as a matter of principle, the present in all its details.” Werner Heisenberg, 1920s If you can’t know all the details about something you can’t copy it. Bits are easy to copy; photons are impossible to copy. 27 July 2016 University of Virginia CS 551 10 Quantum Cash Stephen Wiesner, late 60s: “I didn’t get any support from my thesis advisor – he showed no interest in it at all. I showed it to several other people, and they all pulled a strange face, and went straight back to what they were already doing.” (Quoted in Singh, The Code Book) 27 July 2016 University of Virginia CS 551 11 Photon Polarity Photons have “spin”: V H +45º -45º Vertical filter: 100% of V photons 50% of +45º photons (become V photons) 50% of -45º photons (become V photons) 0% of H photons Horizontal filter: 100% of H photons 50% of +45º photons (become H photons) 50% of -45º photons (become H photons) 0% of V photons 27 July 2016 University of Virginia CS 551 12 Photon Stream Can’t tell difference between V and +45º and –45º photons Vertical filter: 100% of V photons 50% of +45º photons (become V photons) 50% of -45º photons (become V photons) 0% of H photons 27 July 2016 University of Virginia CS 551 13 Quantum Cash $10000 First Photon Bank $10000 Spinning Photons Unique ID 258309274917392 Richard Feynman, Safecracker, Father of Quantum Computing $10000 27 July 2016 In Light We Trust University of Virginia CS 551 $10000 14 Bank Verifies Bill Unique ID 258309274917392 Spinning Photons First Photon Bank ID … Amount Photons … … $10000 258309274917392 … … V-45H+45+45V … Bank aligns filters according to expected values. If photons on bill all pass through filters, the bill is valid. 27 July 2016 University of Virginia CS 551 15 Counterfeiting Quantum Cash • To copy a bill, need to know the photons. • Counterfeiter can guess, but loses information. Physics says there is no way to measure the spins without knowing them! 27 July 2016 University of Virginia CS 551 16 Perfect Security? • Bill photons: V (¼), +45 (¼), -45 (¼), H (¼) • Guess V-filter: passes 100% of V photons, ½ of +45 and ½ of -45 – p (M = V | passes V filter) = .25 / (.25 + (.5 * .25) + (.5 * .25)) = .25/.5 = .5 If photon passes, counterfeiter can guess it is a V photon, right ½ of the time. If photon doesn’t pass, guess it’s a H photon, right ½ of the time. – p (M = +45 | passes V filter) = .25 • Actually a bit more complicated – can guess some photons wrong, and 50% chance bank won’t notice. 27 July 2016 University of Virginia CS 551 17 Guessing One +45º Photon • Passes through V-filter (.5) – Counterfeiter guesses V-photon – Passes through Banks +45 filter (.5) – .25 chance of getting it right • Doesn’t passes through V-filter (.5) – Counterfeiter guesses H-photon – Passes through Banks +45 filter (.5) – .25 chance of getting it right • Probability of not getting caught = .5 • Forge bill with 6 photons = 1/26; use more photons for more valuable bills. 27 July 2016 University of Virginia CS 551 18 Quantum Key Distribution • Charles Bennett (1980s) • Use quantum physics to transmit a key with perfect secrecy • Alice sends a stream of random photons • Bob selects random filters to try and guess photons • After, they communicate over insecure channel to figure out which bits were transmitted correctly 27 July 2016 University of Virginia CS 551 19 Quantum Key Distribution 1. Alice generates a random sequence. Transmits: 0: or (Randomly pick H or –45) 1: or (Randomly pick V or +45) 2. Bob randomly guesses filter: Rectilinear detector: recognizes H and V photons with 100% accuracy, randomly misrecognizes diagonal photons. Diagonal detector: recognizes -45 and +45 photons with 100% accuracy, randomly misrecognizes H and V photons. 27 July 2016 University of Virginia CS 551 20 Detecting Photons • Bob picks the right detector: – 100% chance of correctly recognizing bit • Bob picks the wrong detector: – 50% chance of “guessing” bit • Bob can’t tell the difference • But, Alice can (since she picked the photon encoding) 27 July 2016 University of Virginia CS 551 21 Finding Correct Guesses 3. Alice calls Bob over an insecure line, and tell him rectangular/diagonal for each bit. Bob tells Alice if he guessed right. They use the bits he guessed right on as the key. 4. Alice and Bob do some error checking (e.g., use a checksum) to make sure they have the same key. 27 July 2016 University of Virginia CS 551 22 What about Eve? • Eve can intercept the photon stream, and guess filters. • If she guesses right, she can resend the same photon. • If she guesses wrong, 50% chance she will send the wrong photon. • 50% chance Bob will guess the right filter on this photon, so 25% chance of error 27 July 2016 University of Virginia CS 551 23 Eve is Caught • When Alice and Bob agree on which bits to use, Eve will have the wrong ones since she guesses different polarities. • Eve cannot eavesdrop without Alice and Bob noticing an unusually high error rate! 27 July 2016 University of Virginia CS 551 24 Practical Quantum Cryptography • This may seem wacky and crazy, but it is real! • Los Alamos Lab Bob’s photon detector 48 km fiber-optic wire loop Alice’s photon transmitter What about quantum cash? 27 July 2016 Richard Hughes, et. al. University of Virginia CS 551 25 27 July 2016 University of Virginia CS 551 26 Though Air • Can transmit and recognize spinning photons through normal atmosphere! • Los Alamos group has demonstrated quantum key distribution over 0.5km in daylight • Depends on sending laser pulse before photon to obtain nano-second timing • Perhaps possible to send keys to satellites this way 27 July 2016 University of Virginia CS 551 27 What’s in the “Sneakers” Black Box? A Quantum Computer 27 July 2016 University of Virginia CS 551 28 Quantum Computing • Feynman, 1982 • David Deustch, 1985 – design for general purpose quantum computer • Quantum particles are in all possible states • Can try lots of possible computations at once with the same particles • In theory, can test all possible factorizations/keys/paths/etc. and get the right one! • In practice, major advances required before we can build it (unless the NSA knows something we don’t…) 27 July 2016 University of Virginia CS 551 29 Summary/Charge • We can really use quantum physics to distribute keys with perfect secrecy! • People with a lot of resources may (someday?) be able to use quantum physics to factor quickly • Next time: Midterm – Don’t forget to bring you book/notes 27 July 2016 University of Virginia CS 551 30