Chapter 6 Quantum Communication: Cryptography
advertisement
Chapter 6
Quantum Communication: Cryptography
This chapter include an important application of the basic principles of QM to the quantum
information. First of all we will briefly overview to the classical cryptography then we discuss
contribution of QM to cryptography. Quantum Cryptography enables two communication parties
named Alice(Sender) and Bob (Receiver), to detect whether the transmitted message has been
intercepted by Eve (Eavesdropper). This is a consequence of basic theory of QM:
No- cloning theorem: an unknown quantum state cannot be cloned!
Classical Cryptography
The origin of the cryptography go back to before Christ, because of importance of secret
communication. Historically one of the significant example is Ceaser Cipher, used more than 2000
years during the Gallic war.
Ceaser Cipher
In his code eachletter shifted by a fixednumber of steps
Examples: Encrypt the code:
"YOU WILL GET FIVE POINTS DUE TO SECOND EXAM IF YOU SOLVE THIS CODE."
Decypher the codes:
(Z)ZPV XJMM HFU GJWF QPJOUT EVF UP TFDPOE FYBN JG ZPV TPMWF UIJT DPEF.
(Y)AQW YKNN IGV HKXG RQKPVU FWG VQ UGEQPF GZCO KH AQW UQNXG VJKU
EQFG.
(X)BRX ZLOO JHW ILYH SRLQWV GXH WR VHFRQG HADP LI BRX VROYH WKLV FRGH.
(W)CSY AMPP KIX JMZI TSMRXW HYI XS WIGSRH IBEQ MJ CSY WSPZI XLMW GSHI.
(V)DTZ BNQQ LJY KNAJ UTNSYX IZJ YT XJHTSI JCFR NK DTZ XTQAJ YMNX HTIJ.
Decrypt the following.:
JHLZHY JPWOLYZ HYL LHZF AV IYLHR
(T)CAESAR CIPHERS ARE EASY TO BREAK
Today it is easy to break this code.
Before send the information:
Alice and Bob communicate over a secure channel and give the secret key.
Alice encrypts her tex into cypher tex using secret key.
Bob decrypt the text using secret key.
X
Y
Z
A
B
C
D
...
...
...
X
Y
Z
A
B
C
D
E
F
G
Ceasar cypher system also consist of more than one key. That is known as modifiedCeaser Cypher
system. For example in the Ceaser system if the key=3 then the message AA we will get DD. For
modified Ceaser Cypher we have 2 key. For example for the key={1,2}, AA becomes BC.
Another approach is to match up the frequency distribution of the letters. By graphing the frequencies
of letters in the cipher text, and by knowing the expected distribution of those letters in the original
language of the plaintext, a human can easily spot the value of the shift by looking at the displacement
of particular features of the graph. This is known as frequency analysis.
For example in the English language the plaintext frequencies of the letters E, T, (usually most
frequent), and Q, Z (typically least frequent) are particularly distinctive. Computers can also do this by
measuring how well the actual frequency distribution matches up with the expected distribution.
For natural language plaintext, there will, in all likelihood, be only one plausible decryption, although
for extremely short plaintexts, multiple candidates are possible. For example, the cipher text MPQY
could, plausibly, decrypt to either "aden" or "know" (assuming the plaintext is in English); similarly,
"ALIIP" to "dolls" or "wheel"; and "AFCCP" to "jolly" or "cheer"
Frequency distribution of letters Εn English language for crypto analysis.
Example. We consider a Caesar cipher and assume that the plaintext message is in English. Decrypt
the following cipher text by giving a brief explanation:
EGGSVHMRK XS TPERGO IEGL IRIVKC IPIQIRX MW TVSTSVXMSREP XS MXW JVIUYIRGC.
Note: Use the frequency distribution of the letters in the English language for the cryptanalysis.
Vernam Cypher (one time pad)
The first unbreakable code, Vernam Cypher, only one has been mathematically proved to be
completely secure. In theory, every classical cryptographic algorithm except for the Vernam cipher
can be broken given enough ciphertext and time. The protocol can be prepared as follows:
(1) Write a plani text as a binary sequences of 0's and 1's.
(2) The secret key is completely random and same elngth as the binary sequence of the plain text.
(3)The cypher text is obtained by adding secret key.
Secret Key
Secure Channel
Output
Bit sequence of
Plain text
5-bit sequence of letters
Letter Bit sequence Letter Bit sequence
a
00000
q
10000
b
00001
r
10001
c
00010
s
10010
d
00011
t
10011
e
00100
u
10100
f
00101
v
10101
g
00110
w
10110
h
00111
x
10111
i
01000
y
11000
j
01001
z
11001
k
01010
0
11010
l
01011
1
11011
m
01100
2
11100
n
01101
3
11101
o
01110
4
11110
p
01111
-
11111
Example. Consider the letter encodings in the table.
A message M = HELLO is Vernam encrypted into ciphertext C = AOAMV ; C = M ο
K where ο
shows modulo 2 XOR operation. Find the corresponding encryption key. Provide details of your
cryptanalaysis.
Public Key Crypto System
Difficulty of supplying random key for every message in the Vernam cipher is obvious. Therefore it is
worth to develop public key cryptosystems whose principles were discovered by Diffie and Hellmann
in the middle of 1970's.
The fundamental difference between public-key crypto system and tradiational crypto sysyem is:
1. In the secret key crypto system Alice encrypt her message using secret key then send it to Bob. Bob
Decrypt the message using his own secret key. Securacy of the message raised in the securacy of the
key.
2. In the public key crypto system Alice and Bob do not exchange a secret key. Bob makes a public
key and Alice encrypt the message. The message cannot be decrypted by that secret key. It can be
decrypted by another key (private key) which is possessed by Bob.
The safe has two keys:
One public to lock the message and other private to open it.
The private key can be calculated by calculating inverse of a function f. This is a hard problem. If
verification of a problem easy but its solution is difficult then in principle it can be used for crypto
systems. In this system Alice easily encrypt the message by using f but Bob decrypt the message by
calculating inverse of f.
The RSA Protocol (Rivest-Shamir-Adleman Encryption Algorithm)
This famous cryptosystem is devised in 1977. This protocol works as follows:
1. Bob choose two large enough prime numbers p and q and calculate N=pq. (p and q must be kept
secret). Only someone with knowledge of the prime factors can feasibly decode the message.
2. Bob choose a random number d, is co prime with the number (p-1)(q-1).
3. Bob compute e from the relation Mod[e*d,(p-1)(q-1)]=1. From now forget about p and q.
4. Bop publish the pair (e,N). This is the public key. Anybody use this public key to send message to
Bop.
5. The pair (d,N) is private decryption key possessed by Bob alone. Then only the message encrypted
by the public key, only decrypted by Bob.
6. Alice divides her message into blocks and each block can be written as a number. For each block
the number is mi, mi<N. Alice encrypt each block as follows:
ππ → ππ′ = (πππ )ππππ
7. Bob decrypt the message using
ππ = (π′ππ )ππππ
In this crypto system there is no need to distribute a secret key and to prepare a secret key for every
message. The code can be broken if p and q can be calculated. This can be done by factorizing N.
When someone knoq p and q then easily calculate d using the public number e.
Example: Alice and Bob want to communicate using RSA protocol. Bob send a message to Alice
"1275". (In practice, we convert our text message to decimal using ASCI encoding.)
Bob put a key to the internet modulus N=28459 and key e=121.
(Bob's private key is d=14641)
Alice encrypt and send the information
1275121 (πππ 28459) = 3362
Bob decrypt the information:
336214641 (πππ 28459) = 1275
The no-cloning theorem
The classical bit can be copied. In contrast, the generic state of quantum qubit can not be cloned.
Consider a qubit is polarization state of a photon. The state of photon is labelled as |0⟩ for horizontal
polarization and |1⟩ for vertical polarization.
The wave function is given by
|π⟩ = πππ π½|0⟩ + π πππ½|1⟩
We assume that such a photon send to a polarization analyzer (such as calcite crystal). The photon
emerges from the analyzer horizontally polarized or vertically polarized as in the figure, with
probabilities π0 = |⟨0|π⟩|2 = cos 2 π½ πππ π1 = |⟨1|π⟩|2 = sin2 π½ .
The measurement gives a single bit information about polarization state. (QM Postulate).
If we use a measuring apparatus we can just measure the angle π½ with an accuracy. Since there is no
unitary measuring apparatus then the qubit can not be cloned or copied.
We assume that there is a such measuring apparatus, represented with unitary tensformation matrix U.
It is applied to the state |π⟩,
π|π⟩|π⟩|π΄π ⟩ = |π⟩|π⟩|π΄π ⟩ = (πππ π½|0⟩ + π πππ½|1⟩)(πππ π½|0⟩ + π πππ½|1⟩)|π΄π ⟩
Consider action of U on the states
π|0⟩|π⟩|π΄π ⟩ = |0⟩|0⟩|π΄π ⟩
π|1⟩|π⟩|π΄π ⟩ = |1⟩|1⟩|π΄π ⟩
when it is acting on (πππ π½|0⟩ + π πππ½|1⟩)
π(πππ π½|0⟩ + π πππ½|1⟩)|π⟩|π΄π ⟩ = (πππ π½|0⟩|0⟩ + π πππ½|1⟩|1⟩)|π΄π ⟩
It is obvious that these are not equall to each other. Therefore there is no cloning of qubits.
Note that single qubit state act as a bit and copies of single qubit is possible.
Is transmission of information faster than light?
The existence of cloner would violate basic principle of relativity, that is information could be
transmitted faster than light. Consider EPR pairs in the Bell state:
|π⟩ =
1
√2
(|0⟩|0⟩ + |1⟩|1⟩)
This state can also be written as:
|π⟩ =
1
(|0⟩π₯ |0⟩π₯ + |1⟩π₯ |1⟩π₯ )
√2
where |0⟩π₯ πππ |1⟩π₯ are eigen state of Pauli X matrices with the eigenvalues +1 and -1 respectively.
A member of each EPR pair send to Alice and the other Bob and they can located arbitrarily far apart.
Alice code a message and she wants to send to Bob in a binary string. She then performs
ameasurement on her member of each EPR pair then she chooses Pauli X- or Z depending on
corresponding digit 0 or 1.
Quantum Key Distribution (BB84 Protocol)
As we have discussed before Vernam Cypher (One time pad) method is an absolutely secure
cryptosystem if and only if the key for encoding and decoding is shared only between the sender and
receiver. The message is encrypted by using the secret key (Binary XOR addition) and encrypted
message is decrypted by using the same secret key.
This crpto system is not secure if the same key is used many times.
On the other hand RSA crypto system is not absolutely secure. The encrypted messages can be
decrypted if public key (integer N) is factorized. Using a code breaking algorithm for classical
computer:
128 digit integer is factorized in 6 × 10−4 π ππ
1024 digit integer is factorized in 11.29 π¦ππππ
When we use Shor's quantum algorithm:
128 digit integer is factorized in 6 × 10−5 π ππ
1024 digit integer is factorized in π. ππ πππ
There is a surprisingly secure way of distributing a cryptographickey using a sequence of individual
qubits called BB84 protocol. This protocol is already available commerically. Quantum key
distribution is a secureway of distributing an encryption and decryption key by using qubits.
The protocol BB84, introduced by Bennett and Brassard in 1984, requires four statesand two binary
alphabets.
|0⟩ πππ |1⟩ (π§ − πππβππππ‘)
1
(|0⟩ + |1⟩) πππ | −⟩ ≡ |1⟩π₯ =
1
(|0⟩ − |1⟩) (π₯ − πππβππππ‘).
√2
√2
Here the letters of z-alphabet (z-coding) and x-alphabet (x-coding) are associated with eigenstates of
Pauli Z and X respectively.
| +⟩ ≡ |0⟩π₯ =
Description of the BB84 protocol is presented as follows:
(Alice and Bob preparing a key using quantum channel. The key will be used during the
communication by means of Vernam Cypher)
1. Alice send photons to Bob. The photons associated "0" bit if they are |0⟩ ππ | +⟩ ,associated to "1"
bit if they are |1⟩ ππ | −⟩.
2. A coding alphabet (x or z) are chosen randomly for each photon.
3. Bob measures the photons and he also chose a rondom alphabet x or z for each photon send by
alice.
From now, Alice and Bob communicate on a classical public channel.
4. Bob inform Alice which alphabet he used for each qubit measurement.
5. Alice compare the alphabets and they delete all bits corresponding to the cases in which they used
different alphabets. After this they share a key is called raw key.
This key is the same for alice and Bob, if insofar Eve and noise were absent.
Example: Prepare a raw key using 16 qubit BB84 protocol.
Transmitted qubits
|0⟩
| +⟩
|1⟩
|1⟩
| −⟩
| −⟩
|0⟩
| +⟩
|1⟩
|0⟩
| −⟩
| +⟩
|0⟩
|1⟩
|0⟩
| −⟩
Alice Data bits
0
0
1
1
1
1
0
0
1
0
1
0
0
1
0
1
Alice Alphabet
x
x
z
x
z
x
z
z
z
x
x
z
x
x
x
z
Bob Alphabet
z
x
x
z
z
x
x
z
x
x
z
z
x
z
x
z
Bob Reads
?
0
?
?
1
1
?
0
?
0
?
0
0
?
0
1
Raw key
0
1
1
0
0
0
0
0
1
where "?" stands for "0" or "1".
In order to obtain N bit secret key it is appropriate to use 4N photons.
All the stages of the BB84 protocol are implementable using standard quantum optics laboratory
equipment.
Suppose that Eve eavesdrops their communication.
In this case their reading may for example:
Transmitted qubits
|0⟩
| +⟩
|1⟩
|1⟩
| −⟩
| −⟩
|0⟩
| +⟩
|1⟩
|0⟩
| −⟩
| +⟩
|0⟩
|1⟩
|0⟩
| −⟩
Alice Data bits
0
0
1
1
1
1
0
0
1
0
1
0
0
1
0
1
Alice Alphabet
x
x
z
x
z
x
z
z
z
x
x
z
x
x
x
z
Eve's alphabet
x
x
z
x
z
z
x
z
x
z
x
x
z
x
x
z
Eve reads
0
0
1
1
1
1
?
0
?
?
1
?
?
1
0
1
Bob Alphabet
z
x
x
z
z
x
x
z
x
x
z
z
x
z
x
z
Bob Reads
?
0
?
?
1
?
?
0
?
?
?
?
?
?
0
1
1
1
0
0
0
1
Raw key?
0
0
0
Raw key
During communication if an eavesdropper, say Eve, exist she measure each qubit sent by Alice, the re
transmit it to Bob. She will only guess values of qubit with a probability 1/2. If she send correct qubit
and measurement basis of Alice, Eve and Bob are the same then 3 of them has the same bit. If
measurement basis of Bob and Alice same but not Eve then if Eve retransmitted correct bit then Alice
and Bob has same bit otherwise they have different bit.
To test for the presence of an eavesdropper, Alice and Bob agree to sacrifice a portion of their
matching bits and disclose (publicly) their bit values. In order to obtain N bit key they used 4N qubit.
Alice and Bob obtain 2N bit key. They share N of then using public channel and as a result Eve will be
3 π
detected with a probability of 1 − (4 ) .
If Alice and Bob can thereby determine whether or not an eavesdropper was present they use a new
quantum channel to prepare a key. Using the prepared key they send their messages by using Vernam
Cypher method.
Dense Coding and Quantum Teleportation
Dense coding
Dense coding and quantum teleportation is a simple application of qubits and quantum gates and
shows how entanglement is used in quantum communication. We will show that one of the qubit
carries two classical bits of information in the dense coding system. On the other hand, in quantum
teleportation two classical bit are used to transmit a qubit.
Note that entanglement plays fundamental role in both applications. Suppose Alice want to send
information to Bob. Each of them has been send each of the qubits of the Bell state (initially they share
a Bell state):
|ψ+ ⟩ =
1
(|00⟩ + |11⟩)
√2
Alice has two classical bits x and y and she want to send to Bob. Alice and Bob have agreed in
advance some unitary operations that Alice will perform depending on the values of x and y. xy
values ans performed transformations are shown in the table
xy Transformation State after trans.
00 IοI
|π0 ⟩ =
01 XοI
|π1 ⟩ =
10 iYοI
|π2 ⟩ =
11 ZοI
|π3 ⟩ =
1
√2
1
√2
1
√2
1
√2
(|00⟩ + |11⟩)
(|01⟩ + |10⟩)
(|01⟩ − |10⟩)
(|00⟩ − |11⟩)
Alice sends Bob her qubit after the transformation given in the table is applied. Bob applies CNOT to
the entangled pair in which the first qubit, the received qubit, is the control bit, while the second one,
which Bob keeps, is the target bit. This results in a tensor-product state:
Received State Output of CNOT
|π0 ⟩
|π1 ⟩
|π2 ⟩
|π3 ⟩
1
√2
1
√2
1
√2
1
√2
(|00⟩ + |10⟩)
(|11⟩ + |01⟩)
(|11⟩ − |01⟩)
(|00⟩ − |10⟩)
1st qubit
1
√2
1
√2
1
√2
1
√2
2nd qubit
(|0⟩ + |1⟩)
|0⟩
(|1⟩ + |0⟩)
|1⟩
(|1⟩ − |0⟩)
|1⟩
(|0⟩ − |1⟩)
|0⟩
Note that Bob can measure the first and second qubits independently since the output is a tensorproduct state. The number x is either 00 or 11 if the measurement outcome of the second qubit is
|0⟩, while it is either 01 or 10 if the meansurement outcome is |0⟩.
Finally, a Hadamard transformation H is applied on the first qubit. Bob obtains
Received State 1st qubit
|π0 ⟩
|π1 ⟩
1
√2
1
√2
H(1st qubit)
(|0⟩ + |1⟩)
|0⟩
(|1⟩ + |0⟩)
|0⟩
|π2 ⟩
|π3 ⟩
1
√2
1
√2
(|1⟩ − |0⟩)
−|1⟩
(|0⟩ − |1⟩)
|1⟩
The number x is either 00 or 01 if the measurement of the first qubit results in |0⟩, while it is either 10
or 11 if it is |1⟩. Therefore, Bob can tell what x is in every case.
Figure of dense coding protocol. π generates EPR pair shared by Alice and Bob.
For dense coding the implemented circuit is given in the figure.
Where U is a unitary gate, depending on the bits Alice want to send.
For 00 communication U is identity I
For 01 communication U is X-gate
For 10 communication U is Z-gate
For 11 communication U is iY-gate.
Alice send her half of the EPR pair to the Bob. Bob performs the appropriate unitary operations on the
EPR pair measures 2 qubits and obtain 2 classical bits.
Consequently, Bob measures the 2 qubits in the computational basis, obtaining with unit probability
the two desired classical bits. This coding is impossible in classical physics. (the classical bits are well
defined). In quantum physics there is an entanglement.
Quantum Teleportation
The purpose of quantum teleportation is to transmit an unknown quantum state of a qubit using two
classical bits such that the recipient reproduces exactly the same state as the original qubit state. On
the other words Alice send only classical information to Bob. Quantum teleportation has already been
realized under laboratory conditions using photons.
Alice: Alice has a qubit, whose state she does not know. She wishes to send Bob the quantum state of
this qubit through a classical communication channel. Let the qubit is
|π⟩ = (π|0⟩ + π|1⟩)
She want to send (teleport) this qubit using a classical channel. She will send classical “bits” not
quantum “qubits”. Note that description of |π⟩ include infinity classical information, because it is in
the continuous space. This problem can be solved by entangled states. Consider the entangled pair:
|π + ⟩ =
1
(|00⟩ + |11⟩)
√2
Alice and Bob are far apart. Alice applies decoding step in the dense coding to the qubit |π⟩ =
(π|0⟩ + π|1⟩):
|π⟩β¨|π + ⟩ =
1
(π|000⟩ + π|011⟩ + π|100⟩ + π|111⟩)
√2
where Alice has the first two qubits while Bob has the third.
Next Alice applies a CNOT gate onto the qbits in her hands and then Hadamard gate suchthat:
(π»οπΌοπΌ)(πΆππποπΌ)|π⟩β¨|π+ ⟩ =
1
(|00⟩(π|0⟩ + π|1⟩) + |01⟩(π|1⟩ + π|0⟩) + |10⟩(π|0⟩ − π|1⟩) + |11⟩(π|1⟩ − π|0⟩)
2
Obviously Alice obtains one of the four possible two-bit results among 00, 01, 10 or 11 as
measurement outcome. Each of them is in close connection with the state of Bob’s qbit hence Alice
sends these two classical bits to Bob. It is easy to realize the following relations
Alice Bits Bobs Bits
00
(π|0⟩ + π|1⟩) = πΌ|π⟩
01
(π|1⟩ + π|0⟩) = π|π⟩
10
(π|0⟩ − π|1⟩) = π|π⟩
11
(π|1⟩ − π|0⟩) = ππ|π⟩
Therefore Bob has only to apply the inverse of the appropriate transform(s) in compliance with the
received classical bits.
There are several important aspects and consequences of the above explained teleportation technique:
• Alice needs no information about |π⟩ to teleport it.
• Without Alice’s classically transferred bit pair Bob is not able to produce |π⟩ thus no ‘faster than
light’ communication is possible in this way, which is in full harmony with the relativity theory.
• In order to encode and transfer a and b, i.e. |π⟩ classically, Alice may require a very large amount
of classical bits let alone the measurement problem about how to gain them. Conversely teleportation
needs only two classical and two quantum bits altogether.
