量子密码学.ppt

* * This is the efficiency mismatch observed in a real life QKD system and there are time instances where the efficiency mismatch is large. We experimentally showed that if Alice and Bob were not aware of this attack, the generated key may not be secure. * * * * * * * * * * * * * * * * * 教训 QKD协议的安全性 ? 实际系统的安全性； Eve利用实际系统的不完善发起攻击； 一旦发现了安全漏洞，找到相应的防御措施不太困难； 如何寻找安全漏洞？ “Quantum hacking” 更通用的解决方案？ 设计“不依赖”于实际系统的QKD协议 * 更通用的解决方案 （1） Source PM PM SPD {0,?/2,?,3?/2} {0,?/2,?,3?/2} Alice Bob 四相位调制方案 Bob 随机改变单光子探测器与比特值的对应关系； Eve 即使知道特定的探测器响应，也无法获得对应的比特值。 “1” or “0” “0” or “1” * Failed: detector blinding attack* 利用强光照射?单光子探测器进入线性工作状态； Eve进行“截取—再发送”攻击； 只有当Bob和Eve使用的基相同，探测器才会相应— “basis dependent” post-selection *Lars Lydersen, et al., Nature Photonics 4, 686 - 689 (2010) * Time-Reversed EPR Quantum Key Distribution* H. Inamori, Algorithmica 34, pp. 340-365 (2002) Bell measurement Alice Single photon source Polarization modulation Bob Single photon source Polarization modulation Eve BB84 states BB84 states 假设：Alice 与 Bob 正确制备量子态。 优点：测量系统可以完全受Eve控制。 更通用的解决方案 （2） Basic idea: Alice and Bob can perform Bell inequalities test without knowing how the device actually works. As long as Alice and Bob can verify the existence of entanglement, it is possible to generate secure key. * “Device independent”QKD[1,2] [1] D. Mayers and A. C.-C. Yao, in Proceedings of the 39th Annual Symposium on Foundations of Computer Science (FOCS98) (IEEE Computer Society, Washington, DC, 1998), p. 503. [2] A. Ac′?n, N. Brunner, N. Gisin, S. Massar, S. Pironio and V. Scarani, Phys. Rev. Lett. 98, 230501 (2007). 假设 量子力学是正确的; 测量基的选择是完全随机的; 信息不能随意从Alice和Bob的系统中泄露出去。 局限 DI-QKD is highly impractical as it requires a near unity detection efficiency and even then generates an extremely low key rate (of order 10-10 bit per pulse) at practical distances [1, 2] . * [1] N. Gisin, S. Pironio and N. Sangouard, Phys. Rev. Lett. 105, 070501 (2010). [2] M. Curty and T. Moroder, Phys. Rev. A 84, 010304(R) (2011). “Device in