Quantum Cryptography - an approach to unconditional secure communication -
Dr Kiyotaka Hammura
Saturday, 21 June 2003; 7:30-9:10pm
Keynes Hall, King's College
Recently, many efforts have been paid to the Quantum Cryptography Research, which pursues the implementation of unconditional secure communication by the help of the principles of Quantum Mechanics. In my talk, I would like to give a brief explanation of this new research field by three major sections as follows: (A) An incentive to this research and a specific problem to overcome. (B) An approach to the problem and implementation of it. (C) Potential problems.
(A) Unless data are transferred encrypted, you should not use the Internet shopping. Imagine shopping at "amazon.com" to buy a book. Each time you are asked to input personal or secret data about you through the PC display, you must simply obey the request without paying much attention to the possibility of the leakage of the data. However, you see that you risked yourself soon after you realise that you sent your secret data in front of numberless people which were using the Internet when you did it. This is because, as a general rule anybody could pick up your data floating in the Internet. The current Internet communication, where data are encrypted by the latest cryptographic technology, should be regarded as a secure against any eavesdropper using the latest super computers. As a result, in the secure point of view now you should not worry about shopping at "amazon.com."
However, recently, it has been demonstrated that the current cryptography can be decrypted easily if you can use a Quantum Computer. The security of the current cryptography depends on the difficulty of factorization of large number, which is an essential calculation for an eavesdropper trying to decrypt the data encrypted with the current cryptography. The calculation needs enormous time to do even by the latest supercomputers, which is the only reason why the current cryptography has been regarded a secure one. We do not expect the Quantum Computer very soon, but we can expect the advent of it. We should have new cryptography which is still secure against even by an eavesdropper using the Quantum Computer.
(B) Quantum Cryptography is the one recently proposed as a candidate for a novel cryptography which still offers secure communication under attack by the Quantum Computer. The Quantum Cryptography should adopt the universality of the principles of Quantum Mechanics as the basis of security of the cryptography. One specific idea of the Quantum Cryptography is "the Quantum Key Distribution (QKD) based on the BB84 protocol using consecutive single photons", where different figures to be transferred correspond to different polarisations of the single photons. This method has been proved to be unconditionally secure. The points are as follows: When we put single photons instead of many photons, the photons should be treated as quantum states instead of classical electromagnetic wave. Each figure is carried by each quantum state. To succeed in eavesdropping, s/he needs to (1) duplicate the original quantum state, (2) measure one of them to get information and (3) return the other quantum state to the communication channel. Duplication is necessary because measurement of quantum state inevitably means destruction of it. However, the eavesdropper cannot duplicate quantum state, for any quantum state is governed by "the non-cloning theorem of quantum state." As a result, s/he has to release the "broken" quantum state to the communication channel. We can detect that a part of the consecutive quantum states are broken by a simple method, which tells us the existence of the eavesdropper. By the way, the data sent by the BB84 protocol cannot be transferred fully without additional information. So, it can be said that we could transfer secret consecutive figures in secure according to the following procedures: If we find the existence of eavesdropper we throw away the data transferred. If we do not, we exchange the additional information to transfer the data fully.
There are several potential problems to the "the Quantum Key Distribution (QKD) based on the BB84 protocol using consecutive single photons." One is due to the delicacy of the communication channel base on single photon, and the other to the scheme of the key distribution itself. Use of multiphoton must be a candidate to strengthen the channel, although we cannot use the non-cloning theorem for multiphoton state. How to ensure the security with use of multiphoton might be the point to be discussed. The method introduced above is basically a modification of a current cryptography "key distribution." We should explore more efficient method.