Quantum Cryptography

Final Presentation for PHY 6410

Spencer Gill

Introduction
Cryptography is the art of
hiding and uncovering
messages.
Dates to 1900 BCE.
Earliest examples are shift
ciphers, also called Caesar
ciphers.
Caesar ciphers are special
cases of a general
monoalphabetic cipher.
Iraqi polymath Abu Yusuf alKindi broke the
monoalphabetic cipher in
the 800s.

Polyalphabetic Ciphers
The more sophisticated
polyalphabetic ciphers started
appearing in the 15th century.
Essentially, encodes each
letter in a different Caesar
cipher.
Rarely used until the 1800s.
Vigenere cipher, le chiffre
indichiffrable.
Cracked by Charles Babbage
and then again by Friedrich
Kasiski.
Reached their apex with the
Enigma machine in WW2.

Enigma
Simplified form of the Enigma
on the right.
Basically, passes each letter
through three substitutions
via rotors that change the
alphabet after a certain
number of keystrokes.
A reflector rotor then ensured
that no letter could be
encoded as itself.
A plugboard allowed letters to
be swapped before going
through the rotors.
Army Enigma units had over
158 quintillion possible
configurations.

Early Cryptanalysis
Cryptanalysis can be divided into
brute-force attacks (trying all
combinations), cracking the
ciphers algorithm, and cracking
the psychology of the user.
The Caesar cipher is easy to
break by brute force, as there
are only 25 possible ciphers.
However, the monoalphabetic
cipher is much harder to break in
this way.
Al-Kindi used frequency analysis
to show how anyone could break
a monoalphabetic cipher.
This method was popularized by
Edgar Allan Poe.

Later Cryptanalysis
The Vigenere cipher can
similarly be cracked by looking
for repeating patterns in the
encoded text to divine the
length of the key.
Once the keys length is
discovered, the message
becomes a number of Caesar
ciphers equal to the length of
the key.
However, a key equal in length
to the message and randomly
generated is unbreakable for a
single message.
This is called a one-time pad.

Cracking Enigma
Enigma was effectively immune to
brute-forcing attacks.
The main avenues of attacking the
algorithms were via the plugboard
and the reflector.
Still required dedicated
electromechanical computers to
launch the attacks.
More profitable was attacking via
cribs- common structures in
messages.
Reduced search-space down
significantly.
Enigma was consistently cracked
during the war.

Modern Cryptography

Enigma made it clear that ciphers are

essentially mathematical in nature,
and the rise of computers allowed for
mathematical operations impractical
for humans to be used for
cryptography.
Many modern ciphers make heavy
use of what are called one-way
functions, mathematical operations
that are much easier to perform than
to reverse.
For example, RSA encryption (used in
many public-key cryptographic
systems) relies on the product of two
large, random prime numbers.
Factoring numbers (reversing
multiplication) requires a great deal
of time to perform algorithmically.
Thus, RSA is currently unbreakable.

Public-Key Cryptography

Two keys are generated, the public

and private key.
Messages ciphered using the public
key can only be deciphered using the
private key, and vice versa.
The public key is generally available,
while the private key is only known to
one person.
To send secure messages, cipher
using the persons public key, send it
to them, and they decipher with their
public key.
Thus, this is called asymmetric-key
encryption.
This is much more complex than
symmetric-key, so its often used to
securely exchange a symmetric key.

Modern Cryptanalysis
However, RSA is only
unbreakable in that it takes a
long time (proportional to
log(N)^1/3*(log(log(N)))^2/3,
where N is the number to be
factored) to crack the numbers. If
a more efficient way to factor
were discovered, RSA would be
broken.
There is a way to factor more
efficiently, known as Shors
algorithm.
Shors algorithm cannot be run
on a computer within the
classical realm. Its one of the
class of algorithms known as
quantum algorithms.

The general field sieve, the most efficient way to factor

numbers.

Part of Shors algorithm.

Quantum Computing

Quantum algorithms can only be run

on a quantum computer.
Quantum computing is a subject
worth many books, but heres a
simple summary.
A quantum computer uses qubits
instead of bits. Each qubit can be in
one of two states, or any
superposition of those states.
An electron, which can be spin-up or
spin-down, is an excellent qubit.
Classical computers with n bits can be
in any one of the 2^n states possible.
Quantum computers may be in any
superposition of all 2^n states.
However, they produce probabilistic
results and are susceptible to
decoherence.

In addition, they need a great many

qubits to perform operations.
Current quantum computation has
been done verifiably with up to 14
qubits, while cracking RSA would
require trillions to quadrillions of
qubits.
Nevertheless, it would take a 1MHz
quantum computer with sufficient
qubits 10 seconds to factor a 1000-bit
number. This is around the size of
small RSA keys.

However
Symmetric keys are not
much more vulnerable to
quantum computing than to
classical computation, as far
as we know.
So why use asymmetric
keys?
However, we have focused
on two sides of the
cryptanalysis triangle.
The third side is people.
One of the biggest problems
in cryptography is getting
keys out to people securely.

The more people that know

a key, the easier it is to
steal.
But the fewer people that
know the key, the less
useful the code is.
Recently, the US switched to
AES encryption from DES
because DES was so wellknown it was compromised.
Asymmetric keys allow for
secure key distribution.
So what can cryptographers
do?

Quantum Cryptography

One answer is already available.

If you could ensure that the message
only goes through if its been
received by the proper recipient, you
would be more secure than with
asymmetric keys.
Close to this is quantum key
distribution.
Quantum key distribution consists of
sending messages through a
quantum system that is either
entangled or superposed.
An eavesdropper can interfere with
the system, and if they would be able
to gather the information sent, they
collapse the system and the message
is not received.

There are two established protocolsone based on polarization of light,

and the other on entangled photons.
The information is not entirely
identical, which requires some
synchronization between the two
individuals, which is itself vulnerable.
Currently, over optical fiber, a
1Mbit/s transmission rate is possible
over 20km.
The central weakness, however, is
that an eavesdropper can simply
impersonate the receiver and get the
information that way.
Authentication methods are
themselves vulnerable to
conventional interception and
decryption methods.

Quantum Cryptography

Key distribution is only one of many

cryptographic procedures. Another
one is commitment- allowing the
sender to ensure that the receiver
only gets the message when they
wish, without allowing the sender to
alter the message itself.
Quantum commitment uses the
quantum channels established for
QKD to ensure commitment and
allow for an oblivious transfer of
information- obviously useful for
online shopping and banking!
Unfortunately, quantum commitment
lacks the theoretical security of QKD.
Given arbitrary computational
resources, an attacker can break any
quantum commitment scheme
possible.

Quantum Cryptography
Similar attempts to use quantum
physics to guarantee the location of
a particular receiver (a way to get
around authentication problems
with QKD) have also been shown to
be theoretically vulnerable given
sufficient entangled particles.
In practice, though, both quantum
commitment and quantum
positioning can be very secure due
to the fact that arbitrary computing
power or entangled particles are
not available.

Damgrd, Fehr, Salvail, and

Schaffner, in a 2005 paper,
showed that as long as both
parties send a message at
least twice as long as an
eavesdroppers quantum
memory storage, the
eavesdropper must either lose
half of the message or
measure the system and thus
abandon their ability to break
quantum commitment.
This also does not require
either party to have quantum
memory available, making it
practical for modern use.

The Future
Quantum cryptography and
quantum computing are in their
infancy.
For example, a paper published
last year in the Physical Review
Letters showed that quantum
commitment can be made
absolutely secure using
relativistic constraints and
multiple agents sending and
receiving.
Quantum computers are still
weaker than even the first
electronic computers and only
the surface has been scratched
for possible qubits
The opportunities available are
incredible for anyone interested
in the field.