||Quantum Key Recycling with Optimal Key Recycling Rate based on Error Rate
||Institute of Computer Science and Information Engineering
Quantum Key Recycling
Key Recycling Rate
Authenticated Quantum Protocol
Universal Composable security
Quantum Key Distribution
Key Sharing Rate
本論文提出了一可於雜訊通道中運行的量子金鑰回收(Quantum Key Recycling)協定，此協定能根據量子通道的雜訊程度回收使用過的加密金鑰。我們發現現存能於雜訊通道中運行的量子金鑰回收協定具有一共通的安全漏洞，因此我們提出了不具此漏洞的量子金鑰回收協定，且我們提出的量子金鑰回收協定基於量子通道實際的雜訊程度提升金鑰回收率。我們亦證明了在本協定中回收的金鑰具有無條件安全性並具有通用可組合性(universal composability)。另一方面，我們亦分析了使用量子金鑰回收協定來進行金鑰分配的可行性。為了比較量子金鑰回收協定與量子金鑰分配(Quantum Key Distribution)協定分配金鑰的效率，我們定義了金鑰分享率(key sharing rate)來比較兩類協定。我們發現使用我們提出的量子金鑰回收協定在特定情況下具有更高的金鑰分享率。
This thesis proposes a new Quantum Key Recycling (QKR) protocol, which recycles used keys according to the error rate. The proposed QKR protocol can tolerate the noise in the quantum channel. The earlier studies [1-4] also proposed QKR protocols with noise tolerance. Unfortunately, there is a common security loophole in these protocols. The proposed QKR protocol is designed to avoid this security loophole, and the key recycling rate of the pre-shared keys is optimized depending on the noise level. The security proof shows the security of the recycled keys is universal composable. This thesis also answers the question that is there any benefit for the QKR protocols to distribute keys as compared to the Quantum Key Distribution (QKD) protocols? The key sharing rate, which is the other version of the key rate, is defined to compare the efficiency of the proposed QKR protocol with that of QKD protocols. The key sharing rate can be calculated for both the QKD protocols and the QKR protocols, and the key sharing rate of the proposed QKR is then calculated. According to the comparison of the key sharing rate, this thesis finds that if using the proposed QKR protocol to distribute keys, it is more efficient than BB84 in some situations.
誌 謝 iii
List of Figures vi
Chapter 1 Introduction 1
1.1 Background 1
1.2 Motivation 2
1.3 Contributions 3
1.4 Thesis Structure 4
Chapter 2 Preliminaries 6
2.1 Information entropy 6
2.2 The density operator and the von Neumann entropy 7
2.3 Universal composable security 8
2.4 Privacy amplification 9
2.5 Key rate 10
Chapter 3 The protocol 12
Chapter 4 Security Analysis 15
4.1 The security of the message 15
4.2 The security of the recycled key for authentication 15
4.3 The security of the recycled key for basis decision 16
4.4 The security of the updated key for encryption 18
Chapter 5 Compare QKD protocols with the proposed QKR protocol 22
5.1 Compare BB84 with the proposed QKR protocol 24
5.2 Compare six-state QKD protocol with six-state version of the proposed QKR protocol 26
Chapter 6 Conclusions and open questions 29
 S. Fehr, and L. Salvail, "Quantum Authentication and Encryption with Key Recycling," pp. 311-338: Springer International Publishing, 2017.
 D. Leermakers, and B. Škoric, “Security proof for quantum key recycling with noise,” Quantum Information & Computation, vol. 19, no. 11+ 12, pp. 0913-0934, 2019.
 B. Škorić, and M. De Vries, “Quantum Key Recycling with 8-state encoding (The Quantum One-Time Pad is more interesting than we thought),” International Journal of Quantum Information, vol. 15, no. 03, pp. 1750016, 2017.
 D. Leermakers, and B. Škoric, “Quantum Alice and Silent Bob,” arXiv preprint quant-ph/2003.11799, 2020.
 C. H. Bennett, G. Brassard, and S. Breidbart, “Quantum cryptography II: How to re-use a one-time pad safely even if P= NP,” Natural computing, vol. 13, no. 4, pp. 453-458, 2014.
 I. Damgård, T. B. Pedersen, and L. Salvail, "A Quantum Cipher with Near Optimal Key-Recycling," pp. 494-510: Springer Berlin Heidelberg, 2005.
 I. S. Reed, and G. Solomon, “Polynomial codes over certain finite fields,” Journal of the society for industrial and applied mathematics, vol. 8, no. 2, pp. 300-304, 1960.
 R. Gallager, “Low-density parity-check codes,” IRE Transactions on information theory, vol. 8, no. 1, pp. 21-28, 1962.
 D. Gottesman, “Uncloneable encryption,” arXiv preprint quant-ph/0210062, 2002.
 R. Renner, and R. König, “Universally composable privacy amplification against quantum adversaries,” in Theory of Cryptography Conference, 2005, pp. 407-425.
 D. Bruß, “Optimal Eavesdropping in Quantum Cryptography with Six States,” Physical Review Letters, vol. 81, no. 14, pp. 3018-3021, 1998.
 H. Bechmann-Pasquinucci, and N. Gisin, “Incoherent and coherent eavesdropping in the six-state protocol of quantum cryptography,” Physical Review A, vol. 59, no. 6, pp. 4238-4248, 1999.
 C. E. Shannon, “A mathematical theory of communication,” Bell system technical journal, vol. 27, no. 3, pp. 379-423, 1948.
 I. Bengtsson, and K. Życzkowski, Geometry of quantum states: an introduction to quantum entanglement: Cambridge university press, 2017.
 J. L. Carter, and M. N. Wegman, “Universal classes of hash functions,” Journal of computer and system sciences, vol. 18, no. 2, pp. 143-154, 1979.
 M. N. Wegman, and J. L. Carter, “New hash functions and their use in authentication and set equality,” Journal of computer and system sciences, vol. 22, no. 3, pp. 265-279, 1981.
 R. Renner, N. Gisin, and B. Kraus, “Information-theoretic security proof for quantum-key-distribution protocols,” Physical Review A, vol. 72, no. 1, 2005.
 I. Devetak, and A. Winter, “Distillation of secret key and entanglement from quantum states,” Proceedings of the Royal Society A: Mathematical, Physical and engineering sciences, vol. 461, no. 2053, pp. 207-235, 2005.
 P. Rogaway, “Bucket Hashing and Its Application to Fast Message Authentication,” vol. 12, no. 2, pp. 91-115, 1999.
 D. J. Robinson, An introduction to abstract algebra: Walter de Gruyter, 2008.
 E. Biham, and T. Mor, “Security of quantum cryptography against collective attacks,” Physical Review Letters, vol. 78, no. 11, pp. 2256, 1997.
 V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Dušek, N. Lütkenhaus, and M. Peev, “The security of practical quantum key distribution,” Reviews of Modern Physics, vol. 81, no. 3, pp. 1301-1350, 2009.
 C. E. Shannon, “Communication theory of secrecy systems,” Bell system technical journal, vol. 28, no. 4, pp. 656-715, 1949.
 D. R. Stinson, “Universal hashing and authentication codes,” Designs, Codes and Cryptography, vol. 4, no. 3, pp. 369-380, 1994.
 C. Portmann, “Key Recycling in Authentication,” vol. 60, no. 7, pp. 4383-4396, 2014.
 M. A. Nielsen, and I. Chuang, "Quantum computation and quantum information," AAPT, 2002.
 B. M. Terhal, M. Horodecki, D. W. Leung, and D. P. Divincenzo, “The entanglement of purification,” vol. 43, no. 9, pp. 4286, 2002.
 P. W. Shor, and J. Preskill, “Simple Proof of Security of the BB84 Quantum Key Distribution Protocol,” Physical Review Letters, vol. 85, no. 2, pp. 441-444, 2000.
 B. Škoric, and M. de Vries, “Quantum Key Recycling with eight-state encoding.”
 V. Scarani, and R. Renner, “Quantum cryptography with finite resources: Unconditional security bound for discrete-variable protocols with one-way postprocessing,” Physical review letters, vol. 100, no. 20, pp. 200501, 2008.
 W. O. Krawec, and E. P. Geiss, “Limited Resource Semi-Quantum Key Distribution,” arXiv preprint arXiv:1710.05076, 2017.
 C. Portmann, "Quantum Authentication with Key Recycling," pp. 339-368: Springer International Publishing, 2017.