ABSTRACT
To address the potential threat to the power grid industry posed by quantum computers and ensure the security of bidirectional communication in smart grids, it is imperative to develop quantum-safe authentication protocols. This paper proposes a semi-quantum bidirectional authentication protocol between a control center (CC) and a neighboring gateway (NG). This method uses single photons to facilitate communication between the CC and the NG. Security analysis demonstrates that the protocol can effectively resist common attack methods, including double CNOT attacks, impersonation attacks, interception-measurement-retransmission attacks, and entanglement-measurement attacks. Comparisons with other protocols reveal that this protocol has significant advantages, making it more appealing and practical for real-world applications. Finally, by simulating the protocol on the IBM quantum simulator, this protocol not only validates the theoretical framework but also confirms the practical feasibility of the protocol.
ABSTRACT
Quantum private comparison (QPC) represents a cryptographic approach that enables two parties to determine whether their confidential data are equivalent, without disclosing the actual values. Most existing QPC protocols utilizing single photons or Bell states are considered highly feasible, but they suffer from inefficiency. To address this issue, we present a novel QPC protocol that capitalizes on the entanglement property of Bell states and local operations to meet the requirements of efficiency. In the proposed protocol, two participants with private inputs perform local operations on shared Bell states received from a semi-honest third party (STP). Afterward, the modified qubits are returned to the STP, who can then determine the equality of the private inputs and relay the results to the participants. A simulation on the IBM Quantum Cloud Platform confirmed the feasibility of our protocol, and a security analysis further demonstrated that the STP and both participants were unable to learn anything about the individual private inputs. In comparison to other QPC protocols, our proposed solution offers superior performance in terms of efficiency.
ABSTRACT
Quantum cryptography revolutionizes secure information transfer, providing defense against both quantum and classical computational attacks. The primary challenge in extending the reach of quantum communication comes from the exponential decay of signals over long distances. We meet this challenge by experimentally realizing the Quantum-Protected Control-Based Key Distribution (QCKD) protocol, utilizing physical control over signal losses. By ensuring significant non-orthogonality of the leaked quantum states, this control severely constrains eavesdroppers' capacities. We demonstrate the performance and scale of our protocol by experiments over a 1707 km long fiber line. The scalability of the QCKD opens the route for globally secure quantum-resistant communication.
ABSTRACT
In this article, a password-authenticated key exchange (PAKE) version of the National Institute of Standards and Technology (NIST) post-quantum cryptography (PQC) public-key encryption and key-establishment standard is constructed. We mainly focused on how the PAKE version of PQC standard Kyber with mobile compatibility can be obtained by using simple structured password components. In the design process, the conventional password-based authenticated key exchange (PAK) approach is updated under the module learning with errors (MLWE) assumptions to add password-based authentication. Thanks to the following PAK model, the proposed Kyber.PAKE provides explicit authentication and perfect forward secrecy (PFS). The resistance analysis against the password dictionary attack of Kyber.PAKE is examined by using random oracle model (ROM) assumptions. In the security analysis, the cumulative distribution function (CDF) Zipf (CDF-Zipf) model is also followed to provide realistic security examinations. According to the implementation results, Kyber.PAKE presents better run-time than lattice-based PAKE schemes with similar features, even if it contains complex key encapsulation mechanism (KEM) components. The comparison results show that the proposed PAKE scheme will come to the fore for the future security of mobile environments and other areas.
ABSTRACT
In this article, we propose a novel bilateral generalization inhomogenous short integer solution (BiGISIS)-based password-authenticated key exchange (PAKE) scheme for post-quantum era security. The hardness assumption of the constructed PAKE is based on newly proposed hard lattice problem, BiGISIS. The main aim of this article is to provide a solution for the post-quantum secure PAKE scheme, which is one of the open problems in the literature. The proposed PAKE is the first BiGISIS-based PAKE that satisfies anonymity and reusable key features. The bilateral-pasteurization (BiP) approach is used to obtain the reusable key, and anonymity is achieved thanks to the additional identity components and hash functions. The reusable key structure reduces the time in the key generation, and anonymity prevents illegal user login attempts. The security analysis is done by following the real-or-random (RoR) model assumptions. As a result of security examinations, perfect forward secrecy (PFS) and integrity are satisfied, and the resistance against eavesdropping, manipulation-based attack (MBA), hash function simulation, impersonation, signal leakage attack (SLA), man-in-the-middle (MitM), known-key security (KKS), and offline password dictionary attack (PDA) is captured. According to the comparison analysis, the proposed PAKE is the first SLA-resistant lattice-based PAKE with reusable key and anonymity properties.
ABSTRACT
In recent research, Durandal, a signature scheme based on rank metrics following Schnorr's approach, was introduced to conceal secret key information by selectively manipulating the vector subspace of signatures. Later, an enhancement, namely the SHMW signature scheme, with smaller keys and signatures while maintaining EUF-CMA security, was proposed. Both Durandal and SHMW require adversaries to solve hard problems (i.e., Rank Support Learning, Rank Syndrome Decoding, and Affine Rank Syndrome Decoding) for secret key retrieval, in which the parameters are designed to withstand at least 128-bit computational complexity. The authors claimed that the security of the SHMW scheme is deemed superior to that of the original Durandal scheme. In this paper, we introduce a novel approach to identifying weak keys within the Durandal framework to prove the superiority of the SHMW scheme. This approach exploits the extra information in the signature to compute an intersection space that contains the secret key. Consequently, a cryptanalysis of the SHMW signature scheme was carried out to demonstrate the insecurity of the selected keys within the SHWM scheme. In particular, we proposed an algorithm to recover an extended support that contains the secret key used in the signature schemes. Applying our approach to the SHMW scheme, we can recover its secret key with only 97-bit complexity, although it was claimed that the proposed parameters achieve a 128-bit security level. The results of our proposed approaches show that the security level of the SHMW signature scheme is inferior compared to that of the original Durandal scheme.
ABSTRACT
Quantum-key-distribution (QKD) networks are gaining importance and it has become necessary to analyze the most appropriate methods for their long-distance interconnection. In this paper, four different methods of interconnecting remote QKD networks are proposed. The methods are used to link three different QKD testbeds in Europe, located in Berlin, Madrid, and Poznan. Although long-distance QKD links are only emulated, the methods used can serve as a blueprint for the secure interconnection of distant QKD networks in the future. Specifically, the presented approaches combine, in a transparent way, different fiber and satellite physical media, as well as common standards of key delivery interfaces. The testbed interconnections are designed to increase the security by utilizing multipath techniques and multiple hybridizations of QKD and post-quantum cryptography (PQC) algorithms.
ABSTRACT
In 1999, the Polynomial Reconstruction Problem (PRP) was put forward as a new hard mathematics problem. A univariate PRP scheme by Augot and Finiasz was introduced at Eurocrypt in 2003, and this cryptosystem was fully cryptanalyzed in 2004. In 2013, a bivariate PRP cryptosystem was developed, which is a modified version of Augot and Finiasz's original work. This study describes a decryption failure that can occur in both cryptosystems. We demonstrate that when the error has a weight greater than the number of monomials in a secret polynomial, p, decryption failure can occur. The result of this study also determines the upper bound that should be applied to avoid decryption failure.
ABSTRACT
We demonstrate an important step toward on-chip integration of single-photon sources at room temperature. Excellent photon directionality is achieved with a hybrid metal-dielectric bullseye antenna, while back-excitation is permitted by placement of the emitter in a subwavelength hole positioned at its center. The unique design enables a direct back-excitation and very efficient front coupling of emission either to a low numerical aperture (NA) optics or directly to an optical fiber. To show the versatility of the concept, we fabricate devices containing either a colloidal quantum dot or a nanodiamond containing silicon-vacancy centers, which are accurately positioned using two different nanopositioning methods. Both of these back-excited devices display front collection efficiencies of â¼70% at NAs as low as 0.5. The combination of back-excitation with forward directionality enables direct coupling of the emitted photons into a proximal optical fiber without any coupling optics, thereby facilitating and simplifying future integration.
ABSTRACT
Quantum secure multi-party summation (QSMS) is a fundamental problem in quantum secure multi-party computation (QSMC), wherein multiple parties compute the sum of their data without revealing them. This paper proposes a novel QSMS protocol based on graph state, which offers enhanced security, usability, and flexibility compared to existing methods. The protocol leverages the structural advantages of graph state and employs random graph state structures and random encryption gate operations to provide stronger security. Additionally, the stabilizer of the graph state is utilized to detect eavesdroppers and channel noise without the need for decoy bits. The protocol allows for the arbitrary addition and deletion of participants, enabling greater flexibility. Experimental verification is conducted to demonstrate the security, effectiveness, and practicality of the proposed protocols. The correctness and security of the protocols are formally proven. The QSMS method based on graph state introduces new opportunities for QSMC. It highlights the potential of leveraging quantum graph state technology to securely and efficiently solve various multi-party computation problems.
ABSTRACT
We develop a photonic description of short, one-dimensional electromagnetic pulses, specifically in the language of electrical transmission lines. Current practice in quantum technology, using arbitrary waveform generators, can readily produce very short, few-cycle pulses in a very-low-noise, low-temperature setting. We argue that these systems attain the limit of producing pure coherent quantum states, in which the vacuum has been displaced for a short time, and therefore over a short spatial extent. When the pulse is bipolar, that is, the integrated voltage of the pulse is zero, then the state can be described by the finite displacement of a single mode. Therefore there is a definite mean number of photons, but which have neither a well-defined frequency nor position. Due to the Paley-Wiener theorem, the two-component photon "wavefunction" of this mode, while somewhat localized, is not strictly bounded in space even if the vacuum displacement that defines it is bounded. When the pulse is unipolar, no photonic description is possible-the photon number can be considered to be divergent. We consider properties that photon counters and quantum non-demolition detectors must have to optimally convert and detect the photons in several example pulses. We develop a conceptual test system for implementing short-pulse quantum key distribution, building on the design of a recently achieved Bell's theorem test in a cryogenic microwave setup.
ABSTRACT
The advancement of quantum computing threatens the security of conventional public-key cryptosystems. Post-quantum cryptography (PQC) was introduced to ensure data confidentiality in communication channels, and various algorithms are being developed. The National Institute of Standards and Technology (NIST) has initiated PQC standardization, and the selected algorithms for standardization and round 4 candidates were announced in 2022. Due to the large memory footprint and highly repetitive operations, there have been numerous attempts to accelerate PQC on both hardware and software. This paper introduces the RISC-V instruction set extension for NIST PQC standard algorithms and round 4 candidates. The proposed programmable crypto-processor can support a wide range of PQC algorithms with the extended RISC-V instruction set and demonstrates significant reductions in code size, the number of executed instructions, and execution cycle counts of target operations in PQC algorithms of up to 79%, 92%, and 87%, respectively, compared to RV64IM with optimization level 3 (-O3) in the GNU toolchain.
ABSTRACT
As the popularity of 3D printing or additive manufacturing (AM) continues to increase for use in commercial and defense supply chains, the requirement for reliable, robust protection from adversaries has become more important than ever. Three-dimensional printing security focuses on protecting both the individual Industrial Internet of Things (I-IoT) AM devices and the networks that connect hundreds of these machines together. Additionally, rapid improvements in quantum computing demonstrate a vital need for robust security in a post-quantum future for critical AM manufacturing, especially for applications in, for example, the medical and defense industries. In this paper, we discuss the attack surface of adversarial data manipulation on the physical inter-device communication bus, Controller Area Network (CAN). We propose a novel, hierarchical tree solution for a secure, post-quantum-supported security framework for CAN-based AM devices. Through using subnet hopping between isolated CAN buses, our framework maintains the ability to use legacy or third-party devices in a plug-and-play fashion while securing and minimizing the attack surface of hardware Trojans or other adversaries. The results of the physical implementation of our framework demonstrate 25% and 90% improvement in message costs for authentication compared to existing lightweight and post-quantum CAN security solutions, respectively. Additionally, we performed timing benchmarks on the normal communication (hopping) and authentication schemes of our framework.
ABSTRACT
Zero-knowledge proof (ZKP) is a fundamental cryptographic primitive that allows a prover to convince a verifier of the validity of a statement without leaking any further information. As an efficient variant of ZKP, noninteractive zero-knowledge proof (NIZKP) adopting the Fiat-Shamir heuristic is essential to a wide spectrum of applications, such as federated learning, blockchain, and social networks. However, the heuristic is typically built upon the random oracle model that makes ideal assumptions about hash functions, which does not hold in reality and thus undermines the security of the protocol. Here, we present a quantum solution to the problem. Instead of resorting to a random oracle model, we implement a quantum randomness service. This service generates random numbers certified by the loophole-free Bell test and delivers them with postquantum cryptography (PQC) authentication. By employing this service, we conceive and implement NIZKP of the three-coloring problem. By bridging together three prominent research themes, quantum nonlocality, PQC, and ZKP, we anticipate this work to inspire more innovative applications that combine quantum information science and the cryptography field.
ABSTRACT
Quantum obfuscation is one of the important primitives in quantum cryptography that can be used to enhance the security of various quantum cryptographic schemes. The research on quantum obfuscation focuses mainly on the obfuscatability of quantum functions. As a primary quantum function, the quantum power function has led to the development of quantum obfuscation because it is applicable to construct new obfuscation applications such as quantum encryption schemes. However, the previous definition of quantum power functions is constrained and cannot be beneficial to the further construction of other quantum functions. Thus, it is essential to extend the definition of the basic quantum power function in a more general manner. In this paper, we provide a formal definition of two quantum power functions called generalized quantum power functions with coefficients, each of which is characterized by a leading coefficient and an exponent that corresponds to either a quantum or classical state, indicating the generality. The first is the quantum power function with a leading coefficient, and the second is the quantum n-th power function, which are both fundamental components of quantum polynomial functions. In addition, obfuscation schemes for the functions are constructed by quantum teleportation and quantum superdense coding, and demonstrations of their obfuscatability are also provided in this paper. This work establishes the fundamental basis for constructing more quantum functions that can be utilized for quantum obfuscation, therefore contributing to the theory of quantum obfuscation.
ABSTRACT
Quantum secure direct communication (QSDC) offers a practical way to realize a quantum network which can transmit information securely and reliably. Practical quantum networks are hindered by the unavailability of quantum relays. To overcome this limitation, a proposal has been made to transmit the messages encrypted with classical cryptography, such as post-quantum algorithms, between intermediate nodes of the network, where encrypted messages in quantum states are read out in classical bits, and sent to the next node using QSDC. In this paper, we report a real-time demonstration of a computationally secure relay for a quantum secure direct communication network. We have chosen CRYSTALS-KYBER which has been standardized by the National Institute of Standards and Technology to encrypt the messages for transmission of the QSDC system. The quantum bit error rate of the relay system is typically below the security threshold. Our relay can support a QSDC communication rate of 2.5 kb/s within a 4 ms time delay. The experimental demonstration shows the feasibility of constructing a large-scale quantum network in the near future.
ABSTRACT
Privacy comparison is an important research topic in secure multi-party computing, widely used in e-commerce, secret ballots, and other fields. However, the development of quantum computing power poses a growing potential security threat to secure multi-party algorithms based on mathematically tricky problems, and most of the proposed quantum privacy comparison schemes could be more efficient. Therefore, based on the W-state, we offer a more efficient semi-quantum privacy comparison method. The security analysis shows that the scheme can resist third-party, measurement, and entanglement attacks. Compared with the previous work, the scheme significantly improves communication efficiency and has stronger practicability.
ABSTRACT
In this study, the security implications of utilizing the concept of entanglement in time in the quantum representation of a blockchain data structure are investigated. The analysis reveals that the fundamental idea underlying this representation relies on an uncertain interpretation of experimental results. A different perspective is provided by adopting the Copenhagen interpretation, which explains the observed correlations in the experiment without invoking the concept of entanglement in time. According to this interpretation, the qubits responsible for these correlations are not entangled, posing a challenge to the security foundation of the data structure. The study incorporates theoretical analysis, numerical simulations, and experiments using real quantum hardware. By employing a dedicated circuit for detecting genuine entanglement, the existence of entanglement in the process of generating a quantum blockchain is conclusively excluded.
ABSTRACT
Recent developments in quantum computing have shed light on the shortcomings of the conventional public cryptosystem. Even while Shor's algorithm cannot yet be implemented on quantum computers, it indicates that asymmetric key encryption will not be practicable or secure in the near future. The National Institute of Standards and Technology (NIST) has started looking for a post-quantum encryption algorithm that is resistant to the development of future quantum computers as a response to this security concern. The current focus is on standardizing asymmetric cryptography that should be impenetrable by a quantum computer. This has become increasingly important in recent years. Currently, the process of standardizing asymmetric cryptography is coming very close to being finished. This study evaluated the performance of two post-quantum cryptography (PQC) algorithms, both of which were selected as NIST fourth-round finalists. The research assessed the key generation, encapsulation, and decapsulation operations, providing insights into their efficiency and suitability for real-world applications. Further research and standardization efforts are required to enable secure and efficient post-quantum encryption. When selecting appropriate post-quantum encryption algorithms for specific applications, factors such as security levels, performance requirements, key sizes, and platform compatibility should be taken into account. This paper provides helpful insight for post-quantum cryptography researchers and practitioners, assisting in the decision-making process for selecting appropriate algorithms to protect confidential data in the age of quantum computing.
Subject(s)
Computer Security , Computing Methodologies , Quantum Theory , Algorithms , ComputersABSTRACT
Guesswork is an information-theoretic quantity which can be seen as an alternate security criterion to entropy. Recent work has established the theoretical framework for guesswork in the presence of quantum side information, which we extend both theoretically and experimentally. We consider guesswork when the side information consists of the BB84 states and their higher-dimensional generalizations. With this side information, we compute the guesswork for two different scenarios for each dimension. We then performed a proof-of-principle experiment using Laguerre-Gauss modes to experimentally compute the guesswork for higher-dimensional generalizations of the BB84 states. We find that our experimental results agree closely with our theoretical predictions. This work shows that guesswork can be a viable security criterion in cryptographic tasks and is experimentally accessible in a number of optical setups.