Cryptography – Key management – Key distribution
Reexamination Certificate
1998-04-21
2001-08-07
Barron, Jr., Gilberto (Department: 2131)
Cryptography
Key management
Key distribution
C380S044000, C380S260000, C380S256000
Reexamination Certificate
active
06272224
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The purpose of this invention is a process and device for quantum distribution of an encryption key. It has applications in cryptography, in other words secret transmission of information.
2. Discussion of the Background
The invention relates to cryptography with a secret key. In this technique, a plain text message is transformed into a coded message using an algorithm with a secret key. This key is formed from a sequence of random numbers. The message sender and receiver must exchange this secret key in order to be able to correctly encrypt and decrypt the message.
If the key is as long as the message and if it is only used once, then it is impossible to decrypt the signal without the key.
The problem that occurs with this type of encryption is that the key has to be transmitted without being detectable by a third party eavesdropping on exchanges between the sender and the receiver.
Quantum key distribution or “quantum encryption” solves this problem. This technique uses some properties of quantum physics, particularly the following:
the state of an elementary particle (for example the polarization state of a photon) cannot be determined unless the measurement is made in the same base as the base that was used to prepare this state (for example, it is impossible to determine the state of a photon that was polarized circularly to the right or to the left, by measuring this state in a linear polarization base);
any measurement projects the studied system into a state specific to the base used to make this measurement; it is then no longer possible to determine the state in which the system was before the measurement if the base is not the same; thus, measuring the linear polarization of a photon prepared in a circular polarization state will result in loss of knowledge of its initial polarization state.
FIG. 1
attached clarifies the principles of quantum key distribution to a certain extent. The sender and receiver are called Alice and Bob, according to the usual terminology in cryptography. Alice has a transmission set
10
composed of conventional transmission means
12
and quantum transmission means
14
. Bob has a reception set
20
composed of conventional reception means
22
and quantum reception means
24
. Alice and Bob communicate through two channels, one of which is public (Cp) and the other is quantum (Cq). Furthermore, it is assumed that a third party called Eve is eavesdropping on lines Cp and Cq.
The general process comprises the following steps:
1) Alice sends a sequence of photons to Bob on the quantum channel Cq, choosing the state in which each photon will be prepared in a random manner; each state is used to code one information bit; it is considered that the correspondence between the value of the coding bit and the state that codes it is known publicly.
2) On reception, Bob decides to measure the state of each detected photon at random, without knowing in advance the state in which it was prepared.
3) After the quantum communication, Alice and Bob discuss the results of their transmission through the public line Cp; the purpose of this discussion is to eliminate the incorrect measurements that can be explained by the quantum principles mentioned above; having done this, Alice and Bob each have a common string formed of a random sequence of bits; the presence of an eavesdropper will cause a higher error rate than would occur if there was no eavesdropper; this increase in the error rate is due to bad measurements (according to the quantum principles mentioned) made by Eve who wants to know the state of the photon sent by Alice.
4) The error rate is calculated by means of a publicly known process, and will detect the presence of the spy.
The protocols used at the present time can be classed into two groups:
the protocol with four states: Alice uses two bases not orthogonal with each other formed by two orthogonal states. Bob uses one of the two bases at random to measure the state of the photon sent by Alice. This protocol was suggested by S. J. D. PHOENIX and P. D. TOWNSEND in an article entitled “Quantum Cryptography and Secure Optical Communications” published in the “revue BT Techn. Journ.”, 11, 2, PP 65-75, 1993;
the protocol with two states: Alice only uses two non-orthogonal states of a photon to code her information. This protocol is described in document U.S. Pat. No. 5,307,410.
The procedure for the latter protocol is as follows:
1) Alice sends a sequence of photons individually, choosing the type of state in which she prepares them at random (non-orthogonal states). These two states represent bits
0
and
1
. The correspondence between the state and the value of the bit is known publicly.
2) On reception, Bob attempts to measure the state of the photon sent by Alice. He does this by choosing one of two measurement bases mutually orthogonal to the two states chosen by Alice, at random. Two cases may arise:
a) Bob detects nothing; this means either that there is no photon to be detected, or that the base used to make the measurement is orthogonal to the state to the transmitted photon; therefore, Bob cannot know which bit Alice sent to him.
b) The base used by Bob is not orthogonal to the state sent by Alice; there is then a non-zero probability of detecting a photon; in this case (when he detects a photon) Bob will know the state (and therefore the corresponding bit) of the photon sent by Alice, (since he knows it is the state that is not orthogonal to the base that he used).
3) To determine the state of the photons sent by Alice, Eve has to make the same type of measurements as Bob and therefore is subject to the same constraints as Bob. When she detects a photon, she knows the state of the photon sent by Alice with certainty and can send a photon to Bob in the same state (obviously she will have one chance out of two of making the right choice). When she detects nothing she cannot know if it is because she chose the wrong base or if it is because there was no photon. In this case she must either delete the transmission signal or send a photon in the state that she assumes is right and thus introduce errors between Alice and Bob.
4) Bob publicly announces that he has detected a photon (or when he has not detected it), but does not reveal the base used to make the measurement. The remaining bits must be absolutely identical if the message was not intercepted. In order to test if there was any eavesdropping on their line, Alice and Bob publicly compare parts of their key, and then sacrifice this part. The presence of Eve will be detected by the errors that she caused.
The coding used to put the photons in a certain state may be one of two types. The first type is coding by polarization. The information concerns the polarization state of the photon. This method is described by an article by G. H. BENNET, G. BRASSARD and A. EKERT entitled “Quantum Cryptography” published in the “Scientific American” 33, p. 26, 1993. It is also described in the article by C. H. BENNETT et al entitled “Experimental Quantum Cryptography” published in the “Journal of Cryptology” 5, pp 3-28, 1992. The problem with this technique is the difficulty of maintaining the polarization of photons over a long distance.
In a second type of coding, the optical phase is adjusted. The device is shown schematically in
FIG. 2
attached. It comprises a single photon source
40
, a symmetric Mach-Zehnder interferometer
41
comprising a phase modulator
42
specific to Alice and a phase modulator
52
specific to Bob. At the output from the interferometer there are two photon detectors
61
,
62
and a decryption and counting circuit
64
.
This device operates as follows: Alice and Bob input a phase difference for each photon emitted by the source
40
, using modulators
42
and
52
. Alice arbitrarily chooses the phase to which bits
0
and
1
correspond. Bob determines the state of the sent bit using the two detector,
61
and
62
using the second measurement protocol described above.
This solution is difficult to use over lon
Goedgebuer Jean-Pierre
Mazourenko Youri
Merolla Jean-Marc
Barron Jr. Gilberto
France Telecom
Latham Bryan
Oblon & Spivak, McClelland, Maier & Neustadt P.C.
LandOfFree
Method and apparatus for quantum distribution of an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for quantum distribution of an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for quantum distribution of an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2458307