Quantum Cryptography: from Theory to Practice
Total Page:16
File Type:pdf, Size:1020Kb
Quantum cryptography: from theory to practice by Xiongfeng Ma A thesis submitted in conformity with the requirements arXiv:0808.1385v1 [quant-ph] 10 Aug 2008 for the degree of Doctor of Philosophy Thesis Graduate Department of Department of Physics University of Toronto Copyright c 2008 by Xiongfeng Ma Abstract Quantum cryptography: from theory to practice Xiongfeng Ma Doctor of Philosophy Thesis Graduate Department of Department of Physics University of Toronto 2008 Quantum cryptography or quantum key distribution (QKD) applies fundamental laws of quantum physics to guarantee secure communication. The security of quantum cryptog- raphy was proven in the last decade. Many security analyses are based on the assumption that QKD system components are idealized. In practice, inevitable device imperfections may compromise security unless these imperfections are well investigated. A highly attenuated laser pulse which gives a weak coherent state is widely used in QKD experiments. A weak coherent state has multi-photon components, which opens up a security loophole to the sophisticated eavesdropper. With a small adjustment of the hardware, we will prove that the decoy state method can close this loophole and substantially improve the QKD performance. We also propose a few practical decoy state protocols, study statistical fluctuations and perform experimental demonstrations. Moreover, we will apply the methods from entanglement distillation protocols based on two-way classical communication to improve the decoy state QKD performance. Fur- thermore, we study the decoy state methods for other single photon sources, such as triggering parametric down-conversion (PDC) source. Note that our work, decoy state protocol, has attracted a lot of scientific and media interest. The decoy state QKD becomes a standard technique for prepare-and-measure QKD schemes. Aside from single-photon-based QKD schemes, there is another type of scheme based on entangled photon sources. A PDC source is commonly used as an entangled photon source. We propose a model and post-processing scheme for the entanglement-based QKD with a PDC source. Although the model is proposed to study the entanglement- based QKD, we emphasize that our generic model may also be useful for other non-QKD experiments involving a PDC source. By simulating a real PDC experiment, we show that the entanglement-based QKD can achieve longer maximal secure distance than the single-photon-based QKD schemes. ii We propose a time-shift attack that exploits the efficiency mismatch of two single photon detectors in a QKD system. This eavesdropping strategy can be realized by current technology. We will also discuss counter measures against the attack and study the security of a QKD system with efficiency mismatch detectors. iii Acknowledgements The research presented in this Doctor of Philosophy thesis is carried out under the the supervision of Prof. Hoi-Kwong Lo in the Department of Physics at the University of Toronto. I owe my most sincere thanks to Hoi-Kwong for sharing his extensive knowledge with me. I can still clearly remember the time when I went to his office every week and struggled to understand the GLLP security analysis, how I was disappointed by my first simulation result, and how happy I was when I finished the simulation work for the decoy state method inspired by his conference paper. I am very grateful for his support of my non-academic life as well. During my graduate study, I was lucky enough to be surrounded by wonderful col- leagues: Jean-Christian Boileau, Ryan Bolen, Kai Chen, Marcos Curty, Fr´ed´eric Dupuis, Ben Fortescue, Chi-Hang Fred Fung, Leilei Huang, Bing Qi, Li Qian, Kiyoshi Tamaki, Yi Zhao etc. In particular, I would like to thank Bing Qi for enormously helpful and enjoyable discussions about models, experimental setups and security analysis. I wish to express my warm and sincere thanks to researchers in the field who have helped along the way and influenced the formation of the understanding and approach to quantum cryptography presented in this thesis. I would like to acknowledge that I have benefited very much from thoughtful discussions with Norbert L¨utkenhaus, Jian- Wei Pan, Aephraim M. Steinberg, Wolfgang Tittel, Gregor Weihs and the members of their research groups. I would like to thank Ms. Serena Ma for her suggestions and proofreading. Respon- sibility for any remaining errors and omissions rests entirely with the author. I gratefully acknowledge the financial support from the Chinese Government Award for Outstanding Self-financed Students Abroad and the Lachlan Gilchrist Fellowship. Furthermore, my warm thanks are extended to the members of the Department of Physics, the Chinese Students and Scholars Association at the University of Toronto and the Student Diversity Group. With them, I enjoyed a colorful life as a graduate student at the University of Toronto. Finally, and most importantly, I would like to thank my family for their constant and unending love and support. This thesis is dedicated to my parents, which without them, none of this would have been even possible. iv Contents 1 Introduction 1 1.1 Background .................................. 1 1.1.1 Quantuminformationprocessing . 1 1.1.2 Cryptography ............................. 2 1.1.3 Quantumcryptography. 4 1.1.4 Cryptanalysis and Quantum Cryptanalysis . ... 6 1.2 Preliminary .................................. 6 1.2.1 AQKDscenario ........................... 6 1.2.2 QKDperformance .......................... 7 1.3 Motivation................................... 8 1.3.1 QKDsecurity ............................. 8 1.3.2 A gap between theory and experiment . 8 1.4 HighlightandOutline ............................ 9 1.5 Futureoutlook ................................ 11 2 Security analysis 12 2.1 Whataresecurityproofs? . 12 2.2 Squashmodel ................................. 13 2.2.1 Acalibrationproblem . 13 2.2.2 Squashmodel ............................. 13 2.2.3 Remarks................................ 14 2.3 Entanglement-basedQKD . .. .. 15 2.4 Single-photon-basedQKD . 16 2.5 GLLPsecurityanalysis. 19 2.5.1 Taggedanduntaggedqubits . 19 2.5.2 Post-processing ............................ 19 v 2.5.3 Anextension ............................. 20 2.6 GLLP vs. L¨utkenhaus’ security analysis . ...... 21 3 Setup and Model 23 3.1 QKDsetup .................................. 23 3.2 QKDmodel .................................. 24 3.2.1 Weakcoherentstatesource . 24 3.2.2 Channelanddetection . 26 3.2.3 Photonnumberchannelmodel. 27 3.3 QKDhardware ................................ 28 3.3.1 Lasersource.............................. 28 3.3.2 Channel ................................ 28 3.3.3 Detection ............................... 29 4 Decoy state 31 4.1 Decoystate .................................. 31 4.1.1 Motivation............................... 32 4.1.2 Solution ................................ 32 4.1.3 Discussion............................... 33 4.1.4 Simulation............................... 34 4.2 UpperBounds................................. 35 4.2.1 Distanceupperbound . .. .. 35 4.2.2 Keyrateupperbound ........................ 36 4.3 Discussion................................... 37 5 Practical decoy state 38 5.1 Practicalproposals .............................. 38 5.1.1 Vacuum+Weakdecoy. 39 5.1.2 Onedecoy............................... 41 5.1.3 Numericalmethod .......................... 42 5.2 Statisticalfluctuationanalysis . ..... 44 5.2.1 Whatparametersarefluctuating? . 44 5.2.2 StandardErrorAnalysis . 47 5.2.3 Choice of Ns, Nvac, Nw and ν .................... 48 5.3 Simulation................................... 49 vi 5.4 Experimentaldemonstrations . .. 53 5.4.1 Howtogeneratedecoystates . 53 5.4.2 Experimental data post-processing . .. 54 5.5 Conclusion................................... 55 6 Decoy state QKD with 2-LOCC 56 6.1 2-LOCCEDP................................. 56 6.1.1 Gottesman-LoEDP.......................... 57 6.1.2 RecurrenceEDPscheme . 60 6.1.3 Boundsoferrorrates. .. .. 61 6.2 Decoy+GLLP+Gottesman-LoEDP . 63 6.3 Decoy+GLLP+RecurrenceEDP . 67 6.4 Conclusion................................... 70 7 Triggering PDC QKD 71 7.1 Background .................................. 72 7.2 Experimentsetup............................... 74 7.3 Model ..................................... 76 7.3.1 OnAlice’sside ............................ 76 7.3.2 Thresholddetector . .. .. 77 7.3.3 Perfect photon-number resolving detector . ..... 78 7.4 Post-processing ................................ 79 7.4.1 Non-decoy states with threshold detectors . .... 80 7.4.2 Infinite active decoy state with threshold detectors . ....... 80 7.4.3 Weak active decoy state with threshold detectors . ..... 81 7.4.4 Passivedecoystate .......................... 82 7.4.5 Passive decoy state with threshold detectors . ..... 83 7.4.6 With a perfect photon-number resolving detector . ..... 84 7.4.7 Afewremarks............................. 84 7.5 Simulation................................... 85 7.5.1 Without statistical fluctuations . .. 86 7.5.2 Withstatisticalfluctuations . 88 7.6 Conclusion................................... 90 vii 8 Entanglement-based QKD 92 8.1 Introduction.................................. 93 8.2 Implementation ................................ 94 8.2.1 Sourceinthemiddle ......................... 95 8.2.2 SourceonAlice’sside. .. .. 95 8.3 Model ..................................... 96 8.3.1 AnentangledPDCsource . 96 8.3.2 Detection ............................... 97 8.4 Post-processing ................................ 98 8.5 Simulation..................................