SlideShare ist ein Scribd-Unternehmen logo

Post processing for quantum key distribution

W
wtyru1989
Technologie
1 von 40
Downloaden Sie, um offline zu lesen
Post-processing for quantum key distribution Xiongfeng Ma CQIQC, University of Toronto Institute for Quantum Computing Chi-Hang Fred Fung, Jean-Christian Boileau, Hoi Fung Chau Computers & Security 30, 172 – 177 (2011) Phys. Rev. A 81, 012318 (2010) 1
Outline Introduction Security proof Finite key analysis Post-processing Conclusion 2
Introduction 3
Private key cryptosystem Alice and Bob share two identical keys secretly: one-time pad Encode Decode Message 10010110101 10101100001 Code XOR XOR Key 00111010100 00111010100 Key Code 10101100001 10010110101 Message Alice Bob Key Distribution 4
Quantum key distribution BB84 (Bennett & Brassard 1984) Alice Bob 0101100 110100 0101110 01X11X0 11X10X0 01X11X0 Eve 0: 1: 1110100 5
Biased basis choice Standard BB84 Alice and Bob choose X- and Z-basis with equal probabilities (50/50) Basis sift factor: 1/2 Efficient BB84 Alice and Bob choose X- and Z-basis with different probabilities, i.e., with a bias Basis sift factor: approaches to 1 asymptotically Trade-off In practice, a larger bias leads to less accurate phase error rate estimation. Think about the extreme case. H.-K. Lo, H. F. Chau, and M. Ardehali, J. Crypto. 18, 133 (2005). 6
In practice Biased basis ratio, e.g., 90% for Z-basis and 10% for X-basis Bit reconciliation Error correction: straightforward* Authentication and error verification Privacy amplification Amount: phase error rate estimation Efficiency: hash matrix construction Confidence level on the final key Security parameters 7
Objectives Link between security analyses and experiments Infinite-key analysis to finite-key analysis Post-processing From raw key to final key, step by step Parameter optimization Biased basis choice Security parameter vs. secure-key cost Towards a security analysis standard Security claim Final key size evaluation Underlying assumptions 8
Take-home messages A practical post-processing scheme: step by step Basis independent source Squashing model compatible detection system Biased basis ratio Typically, 90:10 Authentication: can be done efficiently in practice Error verification: essentially an authentication scheme Phase error estimation: a strict bound Main contribution to the finite-key effect Efficiency of privacy amplification: high Other sources and protocols: yet to be done Decoy state, COW, DPS, … X. Ma, C.-H. F. Fung, J.-C. Boileau, H. F. Chau, Computers & Security 30, 172 – 177 (2011) 9
Why is it secure? 10
A quick review Prepare-and-measure protocols BB84, six-state… Entanglement based protocols Ekert91, BBM92 Unconditional security proof Mayers (1996) Lo and Chau (1999) Shor and Preskill (2000) Devetak and Winter (2003), Renner (2005) Security analysis for QKD with imperfect devices E.g. Mayers, Lütkenhaus, ILM Koashi-Preskill Gottesman-Lo-Lütkenhaus-Preskill (GLLP) 11
Entanglement based protocols Alice (or Eve) prepares an EPR pair Ψ AB = 1 2 ( 00 + 11 ) Alice and Bob each measures one half of the pair Estimate bit and phase error rates Z basis measurement (bit) |0> or |1> X basis measurement (phase) |0>+|1> or |0>-|1> C. H. Bennett, D. P. DiVincenzo, J. A. Smolin, and W. K. Wootters, PRA 54, 3824 (1996). 12
Entanglement distillation protocol Entanglement distillation (Lo & Chau 99) 1. Bit error correction 2. Phase error correction 3. Share (almost) pure EPR pairs 4. Measure in Z basis to get final key Reduce to prepare-and-measure schemes (Shor & Preskill 00) Put the final key measurement ahead by moving 4 ahead of 1 Error correction Privacy amplification 13
Underlying assumptions Characterized source or basis-independent source Single photon (qubit) source Coherent state source: decoy state Entangled source Detection system: compatible with the squashing model Threshold detector No efficiency mismatch Classical accessories authentication; error correction; classical communication; random number generators; key management; Secure key cost: asymptotically negligible Infinite key limit Rates → probabilities Failure probability → 0 N. J. Beaudry, T. Moroder, and N. Lütkenhaus, Phys. Rev. Lett. , 101, 093601, (2008). 14
Basis independent setup BBM92 (Bennett, Brassard & Mermin 1992) One can assume Eve has a full control of the source. The basis choice is independent of the state in the channel. The source can be treated as a perfect single photon (qubit) Eve or EPR source. M. Koashi and J. Preskill, Phys. Rev. Lett. , 90, 057902, (2003). X. Ma, C.-H. F. Fung, and H.-K. Lo, PRA 76, 012307 (2007). 15
Finite key analysis 16
Finite-key issues Initial key Authentication: man-in-the-middle attack Other uses: encryption of classical communication in the post- processing Composability Generated key may be used for the next round of QKD Key growth rather than key distribution No perfect key in real-life Identical: Alice and Bob share the same key Real-life: no perfect error correction code, i.e., any error correction code can only guarantee with a certain confidence interval Private: Eve knows nothing about the final key Real-life: Eve can just guess the bit values of the initial key with a successful probability, ε=2-k 17
Naïve security definitions Secure key cost in post-processing Key cost (k) < key generation (n) A fixed failure probability for an arbitrary number of rounds, ε, [too strong] With Eve’s simple guess + man-in-the-middle attack: ε=2-k, for each round The failure probability for n rounds (potentially n attacks) is at least n2-k, linear dependence Small portion of the initial key known by Eve, [too weak] Even exponentially small is not strong enough due to continuous use of the QKD system Requirement of composability 18
Composable security Confidence interval / Failure probability Confidence interval: the probability that the final key is identical and private, 1-ε The failure probability for n rounds: nε, linear dependence Exponentially decreasing with key cost k A rough guess: ε=2-O(k) per round Smaller than a certain threshold determined by some practical use of the key, say 10-10 Remark: it does not mean Eve knows nε-bit information about the final key Composable security definition Failure probability is smaller than the pre-determined threshold for all rounds of QKD system usages M. Ben-Or et al, in TCC (2005), 386. R. Renner and R. König, in TCC (2005), 407. 19
Security measures Fidelity: failure probability Lo, Chau and other prior works M. Hayashi M. Koashi Trace distance R. Canetti (2001) M. Ben-Or, M. Horodecki, D. W. Leung, D. Mayers, and J. Oppenheim (2005) R. Renner and R. König (2005) Workshop, Finite-Size Effects in QKD (Singapore, 2008) Two approaches are equivalent Renner: we should use trace distance 20
To-do list Re-exam security proofs Underlying assumptions Formulas from asymptotic security analyses should be re- derived Note: all the security analyses are about privacy amplification Calculate failure probability and secure-key cost For each step: basis sift, error correction, authentication, error verification, and phase error rate estimation Efficiency of privacy amplification Parameter optimization Biased basis choice secure-key cost for each step We have all the recipes ready: put them together 21
Post-processing 22
Underlying assumptions A single photon (qubit) source or a basis- independent source Coherent state (e.g., with decoy state) QKD: in progress A detection system: compatible with the squashing model Classical communication Random number generator and key management 23
Flow chart M. Hayashi, D. W. Leung, H.-K. Lo, N. Lütkenhaus, M. Koashi, X. Mo, B. Qi, R. Renner, V. Scarani, D. Stebila, K. Tamaki, W. Tittel Workshop, Quantum Works QKD Meeting (Waterloo, Canada) Workshop, Finite-Size Effects in QKD (Singapore) N. Lütkenhaus, Phys. Rev. A 59, 3301 (1999): using error verification to replace error testing. 24
Procedures I Key sift [neither authenticated nor encrypted] Discard all no-clicks and randomly assign double- clicks Other sift scheme might be applied, e.g., Ma, Moroder and Lütkenhaus, arXiv:0812.4301 (2008) tkenhaus Basis sift [authenticated but not encrypted] Use a 2k-bit secure key to generate a Toeplitz matrix Calculate the tag by multiply the matrix with her/his basis string Send each other the basis string with the tag Discard those bits that used different bases Other sift scheme might be applied, e.g., SARG’04 25
Procedures II Error correction [not authenticated but encrypted] Any error correction scheme can be applied here Count the number of bits in the classical communication Error verification [essentially an authentication problem] Alice sends an encrypted tag to Bob Bob verify the tag If failed, they can go back to error correction again 26
Procedures III Phase error rate estimation Prob.{phase error} = Prob.{bit error} Asymptotically, rates → probabilities A simple random sampling problem 27
Procedure IV Privacy amplification [authenticated but not encrypted] Alice generates an nx+nz+l-1bit random bit string and sends it to Bob through an authenticated channel They use this random bit string to generate a Teoplitz matrix to do privacy amplification 28
Final key rate Key rate formula Finite-key effect Phase error rate estimation, which determines the biased basis choice k3: cost of authentication, error verification, efficiency of privacy amplification 29
Optimization Parameters to be optimized Failure probabilities: Key costs: Finite-key effect Net key growth: NR≥l-kec-k3 Failure probability: ε=εph + ε3 The contribution of ε3 is negligible, when the final key length >> 37 bits 30
Finite-key effects Error correction [fixed] Phase error Other parts rate estimation: Authentication The amount of Error privacy verification amplification Efficiency of Optimal basis privacy bias amplification 31
Quick results An extreme example Raw key size n=1030 and ε=10-30; k3=947 bits and ε3<10-32 A typical example n=107, ε=10-7; k3=202 bits and ε3<10-9 Observation Main effect comes from phase error estimation The efficiency of privacy amplification is close to 1 The costs of authentication and error verification are negligible in a normal (say, data size >10k) experiment 32
1 0.95 0.9 0.85 0.8 ex=ez=4% Bias 0.75 ε=10-7 100% error correction efficiency 0.7 0.65 0.6 px set by Alice 0.55 qx obtained by Bob 0.5 2 4 6 8 10 12 10 10 10 10 10 10 Raw key data size 33
0.7 0.6 Key rate per raw key 0.5 0.4 0.3 ex=ez=4% ε=10-7 0.2 100% error correction efficiency 0.1 Finite key Asymptotic key 0 2 4 6 8 10 12 10 10 10 10 10 10 Raw key data size 34
5 10 min data size to yield a positive key minimun data size 4 10 3 10 ex=ez=4% 100% error correction efficiency 2 10 -100 -80 -60 -40 -20 0 10 10 10 10 10 10 failure probability ε 35
Conclusion A practical post-processing scheme with failure probability as the security definition Error verification: essentially an authentication scheme Phase error estimation: a strict bound Efficiency of privacy amplification: high Parameter optimization: main finite-key effect comes from phase error rate estimation 36
Further discussion Further improvement in the privacy amplification step: no classical communication needed? Efficiency: failure probability, secure-key cost Extractors for privacy amplification Detector efficiency mismatch Squashing model Finite-key analysis for the decoy-state QKD Statistics (software) Hardware Computational complexity On-line post-processing Random number consumption Extractors 37
References X. Ma, C.-H. F. Fung, J.-C. Boileau, H. F. Chau, Computers & Security 30, 172 – 177 (2011) C.-H. F. Fung, X. Ma, and H. F. Chau, Phys. Rev. A 81, 012318 (2010) H. Krawczyk, in Advances in Cryptology - CRYPTO'94 (Springer- Verlag, 1994), 893, 129-139. N. Lütkenhaus, Phys. Rev. A 59, 3301 (1999). M. Koashi and J. Preskill, Phys. Rev. Lett. , 90, 057902, (2003). M. Ben-Or et al, in TCC (2005), 386. R. Renner and R. König, in TCC (2005), 407. M. Hayashi, Phys. Rev. A 74, 022307 (2006). X. Ma, C.-H. F. Fung, and H.-K. Lo, PRA 76, 012307 (2007). V. Scarani and R. Renner, Phys. Rev. Lett. 100, 200501 (2008). T. Tsurumaru and K. Tamaki, Phys. Rev. A 78, 032302 (2008). N. J. Beaudry, T. Moroder, and N. Lütkenhaus, Phys. Rev. Lett. 101, 093601 (2008). 38
Another interesting topic Efficiency loophole Long existing problem in Bell’s inequality tests QKD system Detector efficiency mismatch Dead time / after pulse Attacks Time-shift attack Other freedoms: space, frequency, … Even practical one-time encryption Efficiency-loophole free QKD X. Ma, T. Moroder, and N. Lütkenhaus, arXiv:0812.4301, (2008). 39
Thank you! Xiongfeng Ma, July 06th, 2011 40

Empfohlen

Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum CryptographyBise Mond
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptographyPriya Winsome
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptographyHimanshu Shekhar
 
Quantum Key Distribution Meetup Slides
Quantum Key Distribution Meetup Slides Quantum Key Distribution Meetup Slides
Quantum Key Distribution Meetup Slides Kirby Linvill
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum Cryptographysahilnarvekar
 
Quantum Key Distribution
Quantum Key DistributionQuantum Key Distribution
Quantum Key DistributionShahrikh Khan
 
Naman quantum cryptography
Naman quantum cryptographyNaman quantum cryptography
Naman quantum cryptographynamanthakur
 
Optical Burst Switching
Optical Burst SwitchingOptical Burst Switching
Optical Burst SwitchingJYoTHiSH o.s
 

Empfohlen

Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum CryptographyBise Mond
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptographyPriya Winsome
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptographyHimanshu Shekhar
 
Quantum Key Distribution Meetup Slides
Quantum Key Distribution Meetup Slides Quantum Key Distribution Meetup Slides
Quantum Key Distribution Meetup Slides Kirby Linvill
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum Cryptographysahilnarvekar
 
Quantum Key Distribution
Quantum Key DistributionQuantum Key Distribution
Quantum Key DistributionShahrikh Khan
 
Naman quantum cryptography
Naman quantum cryptographyNaman quantum cryptography
Naman quantum cryptographynamanthakur
 
Optical Burst Switching
Optical Burst SwitchingOptical Burst Switching
Optical Burst SwitchingJYoTHiSH o.s
 
Quantum Cryptography - Quantum Coin Tossing
Quantum Cryptography - Quantum Coin TossingQuantum Cryptography - Quantum Coin Tossing
Quantum Cryptography - Quantum Coin TossingRuwan Ranganath
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum CryptographySwasat Dutta
 
陳君翰 BB84 0718
陳君翰 BB84 0718陳君翰 BB84 0718
陳君翰 BB84 0718NTU PAS Lab
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptographySukhdeep Kaur
 
Quantum cryptography a modern cryptographic security
Quantum cryptography a modern cryptographic securityQuantum cryptography a modern cryptographic security
Quantum cryptography a modern cryptographic securityKamal Diwakar
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum Cryptographypixiejen
 
Quantam cryptogrphy ppt (1)
Quantam cryptogrphy ppt (1)Quantam cryptogrphy ppt (1)
Quantam cryptogrphy ppt (1)deepu427
 
Quantum entanglement (1).pptx
Quantum entanglement (1).pptxQuantum entanglement (1).pptx
Quantum entanglement (1).pptxSandraJoseph49
 
Dfb
DfbDfb
Dfbhimansupradhan7
 
Quantum computation: EPR Paradox and Bell's Inequality
Quantum computation: EPR Paradox and Bell's InequalityQuantum computation: EPR Paradox and Bell's Inequality
Quantum computation: EPR Paradox and Bell's InequalityStefano Franco
 
Quantum Cryptography & Key Distribution.pptx
Quantum Cryptography & Key Distribution.pptxQuantum Cryptography & Key Distribution.pptx
Quantum Cryptography & Key Distribution.pptxDaniel938043
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum CryptographyShyam Mohan
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptographyNishant Bhardwaj
 
EC 405, Fabrication of optical fibers
EC 405, Fabrication of optical fibersEC 405, Fabrication of optical fibers
EC 405, Fabrication of optical fibersCKSunith1
 
Optical Detectors.pptx
Optical Detectors.pptxOptical Detectors.pptx
Optical Detectors.pptxRajNivas3
 
GPRS
GPRSGPRS
GPRSHrudya Balachandran
 
Optical Detector PIN photodiode
Optical Detector PIN photodiodeOptical Detector PIN photodiode
Optical Detector PIN photodiodeDhruv Upadhaya
 
Optical fiber
Optical fiberOptical fiber
Optical fiberMath-Circle
 
Quantum Key Distribution Meetup Slides (Updated)
Quantum Key Distribution Meetup Slides (Updated)Quantum Key Distribution Meetup Slides (Updated)
Quantum Key Distribution Meetup Slides (Updated)Kirby Linvill
 
Quantum Cryptography presentation
Quantum Cryptography presentationQuantum Cryptography presentation
Quantum Cryptography presentationKalluri Madhuri
 
Qkd and de finetti theorem
Qkd and de finetti theoremQkd and de finetti theorem
Qkd and de finetti theoremwtyru1989
 
Bayesian Nonparametrics: Models Based on the Dirichlet Process
Bayesian Nonparametrics: Models Based on the Dirichlet ProcessBayesian Nonparametrics: Models Based on the Dirichlet Process
Bayesian Nonparametrics: Models Based on the Dirichlet ProcessAlessandro Panella
 

Weitere ähnliche Inhalte

Was ist angesagt?

Quantum Cryptography - Quantum Coin Tossing
Quantum Cryptography - Quantum Coin TossingQuantum Cryptography - Quantum Coin Tossing
Quantum Cryptography - Quantum Coin TossingRuwan Ranganath
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum CryptographySwasat Dutta
 
陳君翰 BB84 0718
陳君翰 BB84 0718陳君翰 BB84 0718
陳君翰 BB84 0718NTU PAS Lab
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptographySukhdeep Kaur
 
Quantum cryptography a modern cryptographic security
Quantum cryptography a modern cryptographic securityQuantum cryptography a modern cryptographic security
Quantum cryptography a modern cryptographic securityKamal Diwakar
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum Cryptographypixiejen
 
Quantam cryptogrphy ppt (1)
Quantam cryptogrphy ppt (1)Quantam cryptogrphy ppt (1)
Quantam cryptogrphy ppt (1)deepu427
 
Quantum entanglement (1).pptx
Quantum entanglement (1).pptxQuantum entanglement (1).pptx
Quantum entanglement (1).pptxSandraJoseph49
 
Quantum computation: EPR Paradox and Bell's Inequality
Quantum computation: EPR Paradox and Bell's InequalityQuantum computation: EPR Paradox and Bell's Inequality
Quantum computation: EPR Paradox and Bell's InequalityStefano Franco
 
Quantum Cryptography & Key Distribution.pptx
Quantum Cryptography & Key Distribution.pptxQuantum Cryptography & Key Distribution.pptx
Quantum Cryptography & Key Distribution.pptxDaniel938043
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum CryptographyShyam Mohan
 
EC 405, Fabrication of optical fibers
EC 405, Fabrication of optical fibersEC 405, Fabrication of optical fibers
EC 405, Fabrication of optical fibersCKSunith1
 
Optical Detectors.pptx
Optical Detectors.pptxOptical Detectors.pptx
Optical Detectors.pptxRajNivas3
 
Optical Detector PIN photodiode
Optical Detector PIN photodiodeOptical Detector PIN photodiode
Optical Detector PIN photodiodeDhruv Upadhaya
 
Quantum Key Distribution Meetup Slides (Updated)
Quantum Key Distribution Meetup Slides (Updated)Quantum Key Distribution Meetup Slides (Updated)
Quantum Key Distribution Meetup Slides (Updated)Kirby Linvill
 
Quantum Cryptography presentation
Quantum Cryptography presentationQuantum Cryptography presentation
Quantum Cryptography presentationKalluri Madhuri
 

Was ist angesagt? (20)

Quantum Cryptography - Quantum Coin Tossing
Quantum Cryptography - Quantum Coin TossingQuantum Cryptography - Quantum Coin Tossing
Quantum Cryptography - Quantum Coin Tossing
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum Cryptography
 
陳君翰 BB84 0718
陳君翰 BB84 0718陳君翰 BB84 0718
陳君翰 BB84 0718
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptography
 
Quantum cryptography a modern cryptographic security
Quantum cryptography a modern cryptographic securityQuantum cryptography a modern cryptographic security
Quantum cryptography a modern cryptographic security
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum Cryptography
 
Quantam cryptogrphy ppt (1)
Quantam cryptogrphy ppt (1)Quantam cryptogrphy ppt (1)
Quantam cryptogrphy ppt (1)
 
Quantum entanglement (1).pptx
Quantum entanglement (1).pptxQuantum entanglement (1).pptx
Quantum entanglement (1).pptx
 
Dfb
DfbDfb
Dfb
 
Quantum computation: EPR Paradox and Bell's Inequality
Quantum computation: EPR Paradox and Bell's InequalityQuantum computation: EPR Paradox and Bell's Inequality
Quantum computation: EPR Paradox and Bell's Inequality
 
Quantum Cryptography & Key Distribution.pptx
Quantum Cryptography & Key Distribution.pptxQuantum Cryptography & Key Distribution.pptx
Quantum Cryptography & Key Distribution.pptx
 
Quantum Cryptography
Quantum CryptographyQuantum Cryptography
Quantum Cryptography
 
Quantum cryptography
Quantum cryptographyQuantum cryptography
Quantum cryptography
 
EC 405, Fabrication of optical fibers
EC 405, Fabrication of optical fibersEC 405, Fabrication of optical fibers
EC 405, Fabrication of optical fibers
 
Optical Detectors.pptx
Optical Detectors.pptxOptical Detectors.pptx
Optical Detectors.pptx
 
GPRS
GPRSGPRS
GPRS
 
Optical Detector PIN photodiode
Optical Detector PIN photodiodeOptical Detector PIN photodiode
Optical Detector PIN photodiode
 
Optical fiber
Optical fiberOptical fiber
Optical fiber
 
Quantum Key Distribution Meetup Slides (Updated)
Quantum Key Distribution Meetup Slides (Updated)Quantum Key Distribution Meetup Slides (Updated)
Quantum Key Distribution Meetup Slides (Updated)
 
Quantum Cryptography presentation
Quantum Cryptography presentationQuantum Cryptography presentation
Quantum Cryptography presentation
 

Andere mochten auch

Qkd and de finetti theorem
Qkd and de finetti theoremQkd and de finetti theorem
Qkd and de finetti theoremwtyru1989
 
Bayesian Nonparametrics: Models Based on the Dirichlet Process
Bayesian Nonparametrics: Models Based on the Dirichlet ProcessBayesian Nonparametrics: Models Based on the Dirichlet Process
Bayesian Nonparametrics: Models Based on the Dirichlet ProcessAlessandro Panella
 
ChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH Ciphers
ChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH CiphersChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH Ciphers
ChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH CiphersAdaLabs
 
Quantum Cryptography and Possible Attacks-slide
Quantum Cryptography and Possible Attacks-slideQuantum Cryptography and Possible Attacks-slide
Quantum Cryptography and Possible Attacks-slideArinto Murdopo
 
The Fast Fourier Transform (FFT)
The Fast Fourier Transform (FFT)The Fast Fourier Transform (FFT)
The Fast Fourier Transform (FFT)Oka Danil
 
Introduction to MatLab programming
Introduction to MatLab programmingIntroduction to MatLab programming
Introduction to MatLab programmingDamian T. Gordon
 
Multiplication Powerpoint
Multiplication PowerpointMultiplication Powerpoint
Multiplication PowerpointMandie Funk
 
Decimation in time and frequency
Decimation in time and frequencyDecimation in time and frequency
Decimation in time and frequencySARITHA REDDY
 

Andere mochten auch (12)

Qkd and de finetti theorem
Qkd and de finetti theoremQkd and de finetti theorem
Qkd and de finetti theorem
 
Bayesian Nonparametrics: Models Based on the Dirichlet Process
Bayesian Nonparametrics: Models Based on the Dirichlet ProcessBayesian Nonparametrics: Models Based on the Dirichlet Process
Bayesian Nonparametrics: Models Based on the Dirichlet Process
 
Toeplitz (2)
Toeplitz (2)Toeplitz (2)
Toeplitz (2)
 
ChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH Ciphers
ChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH CiphersChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH Ciphers
ChaCha20-Poly1305 Cipher Summary - AdaLabs SPARKAda OpenSSH Ciphers
 
Ch 30
Ch 30Ch 30
Ch 30
 
Quantum Cryptography and Possible Attacks-slide
Quantum Cryptography and Possible Attacks-slideQuantum Cryptography and Possible Attacks-slide
Quantum Cryptography and Possible Attacks-slide
 
Aes
AesAes
Aes
 
Dif fft
Dif fftDif fft
Dif fft
 
The Fast Fourier Transform (FFT)
The Fast Fourier Transform (FFT)The Fast Fourier Transform (FFT)
The Fast Fourier Transform (FFT)
 
Introduction to MatLab programming
Introduction to MatLab programmingIntroduction to MatLab programming
Introduction to MatLab programming
 
Multiplication Powerpoint
Multiplication PowerpointMultiplication Powerpoint
Multiplication Powerpoint
 
Decimation in time and frequency
Decimation in time and frequencyDecimation in time and frequency
Decimation in time and frequency
 

Ähnlich wie Post processing for quantum key distribution

Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the MassesDavid Evans
 
Gull talk London.pdf
Gull talk London.pdfGull talk London.pdf
Gull talk London.pdfRichard Gill
 
Otoacoustic Emissions : A comparison between simulation and lab measures.
Otoacoustic Emissions : A comparison between simulation and lab measures.Otoacoustic Emissions : A comparison between simulation and lab measures.
Otoacoustic Emissions : A comparison between simulation and lab measures.Nicolò Paternoster
 
Cryptography from Quantum Mechanical Viewpoint
Cryptography from Quantum Mechanical ViewpointCryptography from Quantum Mechanical Viewpoint
Cryptography from Quantum Mechanical Viewpointijcisjournal
 
Cryptography from quantum mechanical
Cryptography from quantum mechanicalCryptography from quantum mechanical
Cryptography from quantum mechanicalijcisjournal
 
Krishna thesis presentation
Krishna thesis presentationKrishna thesis presentation
Krishna thesis presentationahyaimie
 
Security of continuous variable quantum key distribution against general attacks
Security of continuous variable quantum key distribution against general attacksSecurity of continuous variable quantum key distribution against general attacks
Security of continuous variable quantum key distribution against general attackswtyru1989
 
QSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.pptQSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.ppthienlmgm
 
QSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.pptQSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.pptMTufail10
 
Subspace Identification
Subspace IdentificationSubspace Identification
Subspace Identificationaileencv
 
Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...
Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...
Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...Luigi Vanfretti
 
Scaling Secure Computation
Scaling Secure ComputationScaling Secure Computation
Scaling Secure ComputationDavid Evans
 
optimizedBell.pptx
optimizedBell.pptxoptimizedBell.pptx
optimizedBell.pptxRichard Gill
 
Lecture3 xing fei-fei
Lecture3 xing fei-feiLecture3 xing fei-fei
Lecture3 xing fei-feiTianlu Wang
 
Defense Presentation
Defense PresentationDefense Presentation
Defense PresentationSahil Chaubal
 
THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...
THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...
THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...IJNSA Journal
 

Ähnlich wie Post processing for quantum key distribution (20)

Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the Masses
 
Gull talk London.pdf
Gull talk London.pdfGull talk London.pdf
Gull talk London.pdf
 
Otoacoustic Emissions : A comparison between simulation and lab measures.
Otoacoustic Emissions : A comparison between simulation and lab measures.Otoacoustic Emissions : A comparison between simulation and lab measures.
Otoacoustic Emissions : A comparison between simulation and lab measures.
 
Cryptography from Quantum Mechanical Viewpoint
Cryptography from Quantum Mechanical ViewpointCryptography from Quantum Mechanical Viewpoint
Cryptography from Quantum Mechanical Viewpoint
 
Cryptography from quantum mechanical
Cryptography from quantum mechanicalCryptography from quantum mechanical
Cryptography from quantum mechanical
 
Krishna thesis presentation
Krishna thesis presentationKrishna thesis presentation
Krishna thesis presentation
 
Security of continuous variable quantum key distribution against general attacks
Security of continuous variable quantum key distribution against general attacksSecurity of continuous variable quantum key distribution against general attacks
Security of continuous variable quantum key distribution against general attacks
 
QSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.pptQSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.ppt
 
QSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.pptQSIT-QuantumCryptography.ppt
QSIT-QuantumCryptography.ppt
 
PUF_lecture1.pdf
PUF_lecture1.pdfPUF_lecture1.pdf
PUF_lecture1.pdf
 
Subspace Identification
Subspace IdentificationSubspace Identification
Subspace Identification
 
Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...
Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...
Optimal Multisine Probing Signal Design for Power System Electromechanical Mo...
 
Quantum crypto
Quantum cryptoQuantum crypto
Quantum crypto
 
Scaling Secure Computation
Scaling Secure ComputationScaling Secure Computation
Scaling Secure Computation
 
optimizedBell.pptx
optimizedBell.pptxoptimizedBell.pptx
optimizedBell.pptx
 
Lecture3 xing fei-fei
Lecture3 xing fei-feiLecture3 xing fei-fei
Lecture3 xing fei-fei
 
Defense Presentation
Defense PresentationDefense Presentation
Defense Presentation
 
Lecture 20
Lecture 20Lecture 20
Lecture 20
 
THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...
THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...
THE COORDINATE RATIOS AS A TOOL TO ANALYZE THE INTRUSION BASED ON BUŽEK-HILLE...
 
quantum cryptography
quantum cryptographyquantum cryptography
quantum cryptography
 

Mehr von wtyru1989

Quantum optical measurement
Quantum optical measurementQuantum optical measurement
Quantum optical measurementwtyru1989
 
Gaussian discord imperial
Gaussian discord imperialGaussian discord imperial
Gaussian discord imperialwtyru1989
 
Entropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problemEntropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problemwtyru1989
 
Manipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglementManipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglementwtyru1989
 
The gaussian minimum entropy conjecture
The gaussian minimum entropy conjectureThe gaussian minimum entropy conjecture
The gaussian minimum entropy conjecturewtyru1989
 
The security of quantum cryptography
The security of quantum cryptographyThe security of quantum cryptography
The security of quantum cryptographywtyru1989
 
Entanglement of formation
Entanglement of formationEntanglement of formation
Entanglement of formationwtyru1989
 
Bound entanglement is not rare
Bound entanglement is not rareBound entanglement is not rare
Bound entanglement is not rarewtyru1989
 
Continuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applicationsContinuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applicationswtyru1989
 
Relative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglementRelative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglementwtyru1989
 
Lect12 photodiode detectors
Lect12 photodiode detectorsLect12 photodiode detectors
Lect12 photodiode detectorswtyru1989
 
Towards a one shot entanglement theory
Towards a one shot entanglement theoryTowards a one shot entanglement theory
Towards a one shot entanglement theorywtyru1989
 
Postselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkdPostselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkdwtyru1989
 
Encrypting with entanglement matthias christandl
Encrypting with entanglement matthias christandlEncrypting with entanglement matthias christandl
Encrypting with entanglement matthias christandlwtyru1989
 
Dic rd theory_quantization_07
Dic rd theory_quantization_07Dic rd theory_quantization_07
Dic rd theory_quantization_07wtyru1989
 
Lattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codesLattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codeswtyru1989
 
标量量化
标量量化标量量化
标量量化wtyru1989
 
Fully understanding cmrr taiwan-2012
Fully understanding cmrr taiwan-2012Fully understanding cmrr taiwan-2012
Fully understanding cmrr taiwan-2012wtyru1989
 
Op amp tutorial-1
Op amp tutorial-1Op amp tutorial-1
Op amp tutorial-1wtyru1989
 

Mehr von wtyru1989 (20)

Quantum optical measurement
Quantum optical measurementQuantum optical measurement
Quantum optical measurement
 
Gaussian discord imperial
Gaussian discord imperialGaussian discord imperial
Gaussian discord imperial
 
Entropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problemEntropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problem
 
Manipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglementManipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglement
 
The gaussian minimum entropy conjecture
The gaussian minimum entropy conjectureThe gaussian minimum entropy conjecture
The gaussian minimum entropy conjecture
 
The security of quantum cryptography
The security of quantum cryptographyThe security of quantum cryptography
The security of quantum cryptography
 
Entanglement of formation
Entanglement of formationEntanglement of formation
Entanglement of formation
 
Bound entanglement is not rare
Bound entanglement is not rareBound entanglement is not rare
Bound entanglement is not rare
 
Continuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applicationsContinuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applications
 
Relative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglementRelative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglement
 
Lect12 photodiode detectors
Lect12 photodiode detectorsLect12 photodiode detectors
Lect12 photodiode detectors
 
Towards a one shot entanglement theory
Towards a one shot entanglement theoryTowards a one shot entanglement theory
Towards a one shot entanglement theory
 
Postselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkdPostselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkd
 
Encrypting with entanglement matthias christandl
Encrypting with entanglement matthias christandlEncrypting with entanglement matthias christandl
Encrypting with entanglement matthias christandl
 
Dic rd theory_quantization_07
Dic rd theory_quantization_07Dic rd theory_quantization_07
Dic rd theory_quantization_07
 
Lattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codesLattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codes
 
Em method
Em methodEm method
Em method
 
标量量化
标量量化标量量化
标量量化
 
Fully understanding cmrr taiwan-2012
Fully understanding cmrr taiwan-2012Fully understanding cmrr taiwan-2012
Fully understanding cmrr taiwan-2012
 
Op amp tutorial-1
Op amp tutorial-1Op amp tutorial-1
Op amp tutorial-1
 

Kürzlich hochgeladen

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Kürzlich hochgeladen (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

Post processing for quantum key distribution

  • 1. Post-processing for quantum key distribution Xiongfeng Ma CQIQC, University of Toronto Institute for Quantum Computing Chi-Hang Fred Fung, Jean-Christian Boileau, Hoi Fung Chau Computers & Security 30, 172 – 177 (2011) Phys. Rev. A 81, 012318 (2010) 1
  • 2. Outline Introduction Security proof Finite key analysis Post-processing Conclusion 2
  • 4. Private key cryptosystem Alice and Bob share two identical keys secretly: one-time pad Encode Decode Message 10010110101 10101100001 Code XOR XOR Key 00111010100 00111010100 Key Code 10101100001 10010110101 Message Alice Bob Key Distribution 4
  • 5. Quantum key distribution BB84 (Bennett & Brassard 1984) Alice Bob 0101100 110100 0101110 01X11X0 11X10X0 01X11X0 Eve 0: 1: 1110100 5
  • 6. Biased basis choice Standard BB84 Alice and Bob choose X- and Z-basis with equal probabilities (50/50) Basis sift factor: 1/2 Efficient BB84 Alice and Bob choose X- and Z-basis with different probabilities, i.e., with a bias Basis sift factor: approaches to 1 asymptotically Trade-off In practice, a larger bias leads to less accurate phase error rate estimation. Think about the extreme case. H.-K. Lo, H. F. Chau, and M. Ardehali, J. Crypto. 18, 133 (2005). 6
  • 7. In practice Biased basis ratio, e.g., 90% for Z-basis and 10% for X-basis Bit reconciliation Error correction: straightforward* Authentication and error verification Privacy amplification Amount: phase error rate estimation Efficiency: hash matrix construction Confidence level on the final key Security parameters 7
  • 8. Objectives Link between security analyses and experiments Infinite-key analysis to finite-key analysis Post-processing From raw key to final key, step by step Parameter optimization Biased basis choice Security parameter vs. secure-key cost Towards a security analysis standard Security claim Final key size evaluation Underlying assumptions 8
  • 9. Take-home messages A practical post-processing scheme: step by step Basis independent source Squashing model compatible detection system Biased basis ratio Typically, 90:10 Authentication: can be done efficiently in practice Error verification: essentially an authentication scheme Phase error estimation: a strict bound Main contribution to the finite-key effect Efficiency of privacy amplification: high Other sources and protocols: yet to be done Decoy state, COW, DPS, … X. Ma, C.-H. F. Fung, J.-C. Boileau, H. F. Chau, Computers & Security 30, 172 – 177 (2011) 9
  • 10. Why is it secure? 10
  • 11. A quick review Prepare-and-measure protocols BB84, six-state… Entanglement based protocols Ekert91, BBM92 Unconditional security proof Mayers (1996) Lo and Chau (1999) Shor and Preskill (2000) Devetak and Winter (2003), Renner (2005) Security analysis for QKD with imperfect devices E.g. Mayers, Lütkenhaus, ILM Koashi-Preskill Gottesman-Lo-Lütkenhaus-Preskill (GLLP) 11
  • 12. Entanglement based protocols Alice (or Eve) prepares an EPR pair Ψ AB = 1 2 ( 00 + 11 ) Alice and Bob each measures one half of the pair Estimate bit and phase error rates Z basis measurement (bit) |0> or |1> X basis measurement (phase) |0>+|1> or |0>-|1> C. H. Bennett, D. P. DiVincenzo, J. A. Smolin, and W. K. Wootters, PRA 54, 3824 (1996). 12
  • 13. Entanglement distillation protocol Entanglement distillation (Lo & Chau 99) 1. Bit error correction 2. Phase error correction 3. Share (almost) pure EPR pairs 4. Measure in Z basis to get final key Reduce to prepare-and-measure schemes (Shor & Preskill 00) Put the final key measurement ahead by moving 4 ahead of 1 Error correction Privacy amplification 13
  • 14. Underlying assumptions Characterized source or basis-independent source Single photon (qubit) source Coherent state source: decoy state Entangled source Detection system: compatible with the squashing model Threshold detector No efficiency mismatch Classical accessories authentication; error correction; classical communication; random number generators; key management; Secure key cost: asymptotically negligible Infinite key limit Rates → probabilities Failure probability → 0 N. J. Beaudry, T. Moroder, and N. Lütkenhaus, Phys. Rev. Lett. , 101, 093601, (2008). 14
  • 15. Basis independent setup BBM92 (Bennett, Brassard & Mermin 1992) One can assume Eve has a full control of the source. The basis choice is independent of the state in the channel. The source can be treated as a perfect single photon (qubit) Eve or EPR source. M. Koashi and J. Preskill, Phys. Rev. Lett. , 90, 057902, (2003). X. Ma, C.-H. F. Fung, and H.-K. Lo, PRA 76, 012307 (2007). 15
  • 17. Finite-key issues Initial key Authentication: man-in-the-middle attack Other uses: encryption of classical communication in the post- processing Composability Generated key may be used for the next round of QKD Key growth rather than key distribution No perfect key in real-life Identical: Alice and Bob share the same key Real-life: no perfect error correction code, i.e., any error correction code can only guarantee with a certain confidence interval Private: Eve knows nothing about the final key Real-life: Eve can just guess the bit values of the initial key with a successful probability, ε=2-k 17
  • 18. Naïve security definitions Secure key cost in post-processing Key cost (k) < key generation (n) A fixed failure probability for an arbitrary number of rounds, ε, [too strong] With Eve’s simple guess + man-in-the-middle attack: ε=2-k, for each round The failure probability for n rounds (potentially n attacks) is at least n2-k, linear dependence Small portion of the initial key known by Eve, [too weak] Even exponentially small is not strong enough due to continuous use of the QKD system Requirement of composability 18
  • 19. Composable security Confidence interval / Failure probability Confidence interval: the probability that the final key is identical and private, 1-ε The failure probability for n rounds: nε, linear dependence Exponentially decreasing with key cost k A rough guess: ε=2-O(k) per round Smaller than a certain threshold determined by some practical use of the key, say 10-10 Remark: it does not mean Eve knows nε-bit information about the final key Composable security definition Failure probability is smaller than the pre-determined threshold for all rounds of QKD system usages M. Ben-Or et al, in TCC (2005), 386. R. Renner and R. König, in TCC (2005), 407. 19
  • 20. Security measures Fidelity: failure probability Lo, Chau and other prior works M. Hayashi M. Koashi Trace distance R. Canetti (2001) M. Ben-Or, M. Horodecki, D. W. Leung, D. Mayers, and J. Oppenheim (2005) R. Renner and R. König (2005) Workshop, Finite-Size Effects in QKD (Singapore, 2008) Two approaches are equivalent Renner: we should use trace distance 20
  • 21. To-do list Re-exam security proofs Underlying assumptions Formulas from asymptotic security analyses should be re- derived Note: all the security analyses are about privacy amplification Calculate failure probability and secure-key cost For each step: basis sift, error correction, authentication, error verification, and phase error rate estimation Efficiency of privacy amplification Parameter optimization Biased basis choice secure-key cost for each step We have all the recipes ready: put them together 21
  • 23. Underlying assumptions A single photon (qubit) source or a basis- independent source Coherent state (e.g., with decoy state) QKD: in progress A detection system: compatible with the squashing model Classical communication Random number generator and key management 23
  • 24. Flow chart M. Hayashi, D. W. Leung, H.-K. Lo, N. Lütkenhaus, M. Koashi, X. Mo, B. Qi, R. Renner, V. Scarani, D. Stebila, K. Tamaki, W. Tittel Workshop, Quantum Works QKD Meeting (Waterloo, Canada) Workshop, Finite-Size Effects in QKD (Singapore) N. Lütkenhaus, Phys. Rev. A 59, 3301 (1999): using error verification to replace error testing. 24
  • 25. Procedures I Key sift [neither authenticated nor encrypted] Discard all no-clicks and randomly assign double- clicks Other sift scheme might be applied, e.g., Ma, Moroder and Lütkenhaus, arXiv:0812.4301 (2008) tkenhaus Basis sift [authenticated but not encrypted] Use a 2k-bit secure key to generate a Toeplitz matrix Calculate the tag by multiply the matrix with her/his basis string Send each other the basis string with the tag Discard those bits that used different bases Other sift scheme might be applied, e.g., SARG’04 25
  • 26. Procedures II Error correction [not authenticated but encrypted] Any error correction scheme can be applied here Count the number of bits in the classical communication Error verification [essentially an authentication problem] Alice sends an encrypted tag to Bob Bob verify the tag If failed, they can go back to error correction again 26
  • 27. Procedures III Phase error rate estimation Prob.{phase error} = Prob.{bit error} Asymptotically, rates → probabilities A simple random sampling problem 27
  • 28. Procedure IV Privacy amplification [authenticated but not encrypted] Alice generates an nx+nz+l-1bit random bit string and sends it to Bob through an authenticated channel They use this random bit string to generate a Teoplitz matrix to do privacy amplification 28
  • 29. Final key rate Key rate formula Finite-key effect Phase error rate estimation, which determines the biased basis choice k3: cost of authentication, error verification, efficiency of privacy amplification 29
  • 30. Optimization Parameters to be optimized Failure probabilities: Key costs: Finite-key effect Net key growth: NR≥l-kec-k3 Failure probability: ε=εph + ε3 The contribution of ε3 is negligible, when the final key length >> 37 bits 30
  • 31. Finite-key effects Error correction [fixed] Phase error Other parts rate estimation: Authentication The amount of Error privacy verification amplification Efficiency of Optimal basis privacy bias amplification 31
  • 32. Quick results An extreme example Raw key size n=1030 and ε=10-30; k3=947 bits and ε3<10-32 A typical example n=107, ε=10-7; k3=202 bits and ε3<10-9 Observation Main effect comes from phase error estimation The efficiency of privacy amplification is close to 1 The costs of authentication and error verification are negligible in a normal (say, data size >10k) experiment 32
  • 33. 1 0.95 0.9 0.85 0.8 ex=ez=4% Bias 0.75 ε=10-7 100% error correction efficiency 0.7 0.65 0.6 px set by Alice 0.55 qx obtained by Bob 0.5 2 4 6 8 10 12 10 10 10 10 10 10 Raw key data size 33
  • 34. 0.7 0.6 Key rate per raw key 0.5 0.4 0.3 ex=ez=4% ε=10-7 0.2 100% error correction efficiency 0.1 Finite key Asymptotic key 0 2 4 6 8 10 12 10 10 10 10 10 10 Raw key data size 34
  • 35. 5 10 min data size to yield a positive key minimun data size 4 10 3 10 ex=ez=4% 100% error correction efficiency 2 10 -100 -80 -60 -40 -20 0 10 10 10 10 10 10 failure probability ε 35
  • 36. Conclusion A practical post-processing scheme with failure probability as the security definition Error verification: essentially an authentication scheme Phase error estimation: a strict bound Efficiency of privacy amplification: high Parameter optimization: main finite-key effect comes from phase error rate estimation 36
  • 37. Further discussion Further improvement in the privacy amplification step: no classical communication needed? Efficiency: failure probability, secure-key cost Extractors for privacy amplification Detector efficiency mismatch Squashing model Finite-key analysis for the decoy-state QKD Statistics (software) Hardware Computational complexity On-line post-processing Random number consumption Extractors 37
  • 38. References X. Ma, C.-H. F. Fung, J.-C. Boileau, H. F. Chau, Computers & Security 30, 172 – 177 (2011) C.-H. F. Fung, X. Ma, and H. F. Chau, Phys. Rev. A 81, 012318 (2010) H. Krawczyk, in Advances in Cryptology - CRYPTO'94 (Springer- Verlag, 1994), 893, 129-139. N. Lütkenhaus, Phys. Rev. A 59, 3301 (1999). M. Koashi and J. Preskill, Phys. Rev. Lett. , 90, 057902, (2003). M. Ben-Or et al, in TCC (2005), 386. R. Renner and R. König, in TCC (2005), 407. M. Hayashi, Phys. Rev. A 74, 022307 (2006). X. Ma, C.-H. F. Fung, and H.-K. Lo, PRA 76, 012307 (2007). V. Scarani and R. Renner, Phys. Rev. Lett. 100, 200501 (2008). T. Tsurumaru and K. Tamaki, Phys. Rev. A 78, 032302 (2008). N. J. Beaudry, T. Moroder, and N. Lütkenhaus, Phys. Rev. Lett. 101, 093601 (2008). 38
  • 39. Another interesting topic Efficiency loophole Long existing problem in Bell’s inequality tests QKD system Detector efficiency mismatch Dead time / after pulse Attacks Time-shift attack Other freedoms: space, frequency, … Even practical one-time encryption Efficiency-loophole free QKD X. Ma, T. Moroder, and N. Lütkenhaus, arXiv:0812.4301, (2008). 39
  • 40. Thank you! Xiongfeng Ma, July 06th, 2011 40