Add to collection(s) Add to saved
  1. Science
  2. Physics
  3. Quantum Physics

Lecture 16: Blocking and Catching Photons David Evans CS588: Security and Privacy

advertisement 
Lecture 16:
Blocking and Catching Photons
CS588: Security and Privacy
University of Virginia
Computer Science
David Evans
http://www.cs.virginia.edu/~evans
Menu
•
•
•
•
Trick-or-Treat “Answers”
Visual Cryptography
Quantum Cryptography
Quantum Computing
7 Nov 2001
University of Virginia CS 588
2
What is a “Protocol”?
What is an “Algorithm”?
7 Nov 2001
University of Virginia CS 588
3
Algorithm
• David Harel: “The ingredients are the
inputs to the process, the cake is its
output, and the recipe is the algorithm.”
• Garrett (MBC): “A computational or
decision-making procedure that can be
completely automated.”
7 Nov 2001
University of Virginia CS 588
4
Algorithm
• The American Heritage Dictionary of the
English Language: “A step-by-step
problem-solving procedure, especially
an established, recursive computational
procedure for solving a problem in a
finite number of steps.”
7 Nov 2001
University of Virginia CS 588
5
What is a Protocol?
An algorithm involving 2 or more parties.
Schneier: “A series of steps, involving two
or more parties, designed to accomplish
a task.”
Garrett (MBC):
7 Nov 2001
University of Virginia CS 588
6
Jargon File 4.2.0
protocol n. As used by hackers, this never refers to niceties
about the proper form for addressing letters to the Papal Nuncio
or the order in which one should use the forks in a Russian-style
place setting; hackers don't care about such things. It is used
instead to describe any set of rules that allow different machines
or pieces of software to coordinate with each other without
ambiguity. So, for example, it does include niceties about the
proper form for addressing packets on a network or the order in
which one should use the forks in the Dining Philosophers
Problem. It implies that there is some common message format
and an accepted set of primitives or commands that all parties
involved understand, and that transactions among them follow
predictable logical sequences.
7 Nov 2001
University of Virginia CS 588
7
What is a Cryptographic Protocol?
A protocol involving one or more secrets.
7 Nov 2001
University of Virginia CS 588
8
Algorithm, Protocol,
Cryptographic Protocol?
TCP
Dating
Dining at McDonald’s
Dining at Hamilton’s
Japanese Tea Ceremony
Trick-or-Treating
…
7 Nov 2001
University of Virginia CS 588
9
What is
Computer Science?
“The Chinese tea ceremony, unlike the
Japanese tea ceremony, emphasizes the
tea, rather than the ceremony.”
http://desires.com/1.4/Food/Docs/tea.html
7 Nov 2001
University of Virginia CS 588
10
Let AB and CD be the two given numbers not
relatively prime. It is required to find the greatest
common measure of AB and CD.
If now CD measures AB, since it also measures
itself, then CD is a common measure of CD and
AB. And it is manifest that it is also the greatest, for
no greater number than CD measures CD. But, if
CD does not measure AB, then, when the less of
the numbers AB and CD being continually
subtracted from the greater, some number is left
which measures the one before it.
7 Nov 2001
University of Virginia CS 588
11
For a unit is not left, otherwise AB and CD would be relatively prime, which is contrary to
the hypothesis. Therefore some number is left which measures the one before it. Now
let CD, measuring BE, leave EA less than itself, let EA, measuring DF, leave FC less
than itself, and let CF measure AE.
Since then, CF measures AE, and AE measures DF, therefore CF also measures DF.
But it measures itself, therefore it also measures the whole CD. But CD measures BE,
therefore CF also measures BE. And it also measures EA, therefore it measures the
whole BA. But it also measures CD, therefore CF measures AB and CD. Therefore CF
is a common measure of AB and CD.
I say next that it is also the greatest. If CF is not the greatest common measure of AB
and CD, then some number G, which is greater than CF, measures the numbers AB and
CD.
Now, since G measures CD, and CD measures BE, therefore G also measures BE. But
it also measures the whole BA, therefore it measures the remainder AE. But AE
measures DF, therefore G also measures DF. And it measures the whole DC, therefore
it also measures the remainder CF, that is, the greater measures the less, which is
impossible. Therefore no number which is greater than CF measures the numbers AB
and CD. Therefore CF is the greatest common measure of AB and CD.
Euclid’s Elements, Book VII, Proposition 2 (300BC)
7 Nov 2001
University of Virginia CS 588
12
By the word operation, we mean any process which
alters the mutual relation of two or more things, be this
relation of what kind it may. This is the most general
definition, and would include all subjects in the universe.
Again, it might act upon other things besides number,
were objects found whose mutual fundamental relations
could be expressed by those of the abstract science of
operations, and which should be also susceptible of
adaptations to the action of the operating notation and
mechanism of the engine... Supposing, for instance,
that the fundamental relations of pitched sounds in the
science of harmony and of musical composition were
susceptible of such expression and adaptations, the
engine might compose elaborate and scientific pieces of
music of any degree of complexity or extent.
Ada, Countess of Lovelace, around 1830
7 Nov 2001
University of Virginia CS 588
13
What is the difference
between Euclid and Ada?
“It depends on what your definition of ‘is’ is.”
Bill Gates
(speaking at Microsoft’s anti-trust trial)
7 Nov 2001
University of Virginia CS 588
14
Geometry vs. Computer Science
• Geometry (mathematics) is about
declarative knowledge: “what is”
If now CD measures AB, since it also measures itself,
then CD is a common measure of CD and AB
• Computer Science is about imperative
knowledge: “how to”
Computer Science has nothing to do
with beige (or translucent blue) boxes
called “computers” and is not a science.
7 Nov 2001
University of Virginia CS 588
15
Computer Science
• “How to” knowledge:
– Ways of describing imperative processes
(computations)
– Ways of reasoning about (predicting) what
imperative processes will do
• CS 588 is:
~ 50% Mathematics
~ 25% Computer Science
~ 25% Coloring, History, Physics,
Linguistics, Politics, Banking,
Psychology, etc.
7 Nov 2001
University of Virginia CS 588
16
New Course – Spring 2002
CS200: Foundations of Computer Science
CS 200
From Ada and Euclid to Quantum Computers and the World Wide Web
Computer Science is the study of imperative knowledge. Where mathematics is about
declarative (“what is”) knowledge, computer science is all about “how to” knowledge.
• > 75% Computer
Science
• Tell smart 1st and
2nd year College
students to take
it
This course will focus on three simple but powerful ideas:
1. You can define things in terms of themselves (recursive definitions).
2. You can treat procedures and data as one and the same (first class procedures).
3. When you give something a name, it becomes more useful (abstraction).
Some things you will learn:
How languages work and what they are made of
Why there is no largest English word
How to create photomosaics and fractals
How the Allies deciphered German secrets during WWII
That there are hard problems, really hard problems and impossible problems
That all really hard problems are actually the same
What is the true meaning of “true”
How to create infinitely many functions that return infinitely many functions
How to program a quantum computer
How to use DNA to calculate the best route for your cross-country tour
Meetings: Mondays, Wednesdays and Fridays at 11:00-11:50 am in Cabell Hall Room 431.
First and second year CLAS
students are especially encouraged
to take this course. No prior
background is expected. Others may
be allowed to take it with my
permission. The course will be
limited to about 30 students.
Teacher: David Evans developed
this course as part of his University
Teaching Fellowship.
For more Information:
http://www.cs.virginia.edu/cs200
evans@virginia.edu
7 Nov 2001
University of Virginia CS 588
17
Visual Cryptography
7 Nov 2001
University of Virginia CS 588
18
Visual Cryptography
• Can we quickly do a lot of XORs without
a computer?
• Yes:
Key Ciphertext
Key Ciphertext
0:
1:
.5 probability
7 Nov 2001
.5 probability
University of Virginia CS 588
19
Key + Ciphertext
Key Ciphertext
Key Ciphertext
+
+
+
+
=0
=1
7 Nov 2001
University of Virginia CS 588
20
Perfect Cipher?
Plaintext
0
Key Ciphertext
Key Ciphertext
1
.5 probability
7 Nov 2001
.5 probability
University of Virginia CS 588
21
Perfect Cipher
Plaintext
0
Key Ciphertext
Key Ciphertext
1
.5 probability
.5 probability
P (C =
P (C =
| M = 0) = .5
=
| M = 1) = .5
P (C =
P (C =
| M = 0) = .5
=
| M = 1) = .5
7 Nov 2001
University of Virginia CS 588
Yes!
22
Quantum Cryptography
7 Nov 2001
University of Virginia CS 588
23
Quantum Physics
for Dummies
• Light behaves like both a wave and a
particle at the same time
• A single photon is in many states at
once
• Can’t observe its state without forcing
it into one state
• Schrödinger’s Cat
– Put a live cat in a box with cyanide vial
that opens depending on quantum state
– Cat is both dead and alive at the same
time until you open the box
7 Nov 2001
University of Virginia CS 588
24
Heisenberg’s Uncertainty
Principle
“We cannot know, as a matter of
principle, the present in all its details.”
Werner Heisenberg, 1920s
If you can’t know all the details about
something you can’t copy it.
Bits are easy to copy; photons are
impossible to copy.
7 Nov 2001
University of Virginia CS 588
25
Quantum Cash
Stephen Wiesner, late 60s:
“I didn’t get any support from my thesis
advisor – he showed no interest in it at
all. I showed it to several other people,
and they all pulled a strange face, and
went straight back to what they were
already doing.”
(Quoted in Singh, The Code Book)
7 Nov 2001
University of Virginia CS 588
26
Photon Polarity
Photons have “spin”:
V
H
+45º -45º
Vertical filter:
100% of V photons
50% of +45º photons (become V photons)
50% of -45º photons (become V photons)
0% of H photons
Horizontal filter:
100% of H photons
50% of +45º photons (become H photons)
50% of -45º photons (become H photons)
0% of V photons
7 Nov 2001
University of Virginia CS 588
27
Photon Stream
Can’t tell difference
between V and +45º
and –45º photons
Vertical filter:
100% of V photons
50% of +45º photons (become V photons)
50% of -45º photons (become V photons)
0% of H photons
7 Nov 2001
University of Virginia CS 588
28
Quantum Cash
$10000
First Photon Bank
$10000
Spinning Photons
Unique ID
258309274917392
Richard Feynman, Safecracker, Father of Quantum Computing
$10000
7 Nov 2001
In Light We Trust
University of Virginia CS 588
$10000
29
Bank Verifies Bill
Unique ID
258309274917392
Spinning Photons
First Photon Bank
ID
…
Amount Photons
…
…
$10000
258309274917392
…
…
V-45H+45+45V
…
Bank aligns filters according to expected values. If photons on
bill all pass through filters, the bill is valid.
7 Nov 2001
University of Virginia CS 588
30
Counterfeiting Quantum Cash
• To copy a bill, need to know the
photons.
• Counterfeiter can guess, but loses
information. Physics says there is no
way to measure the spins without
knowing them!
7 Nov 2001
University of Virginia CS 588
31
Perfect Security?
• Bill photons: V (¼), +45 (¼), -45 (¼), H (¼)
• Guess V-filter: passes 100% of V photons, ½ of
+45 and ½ of -45
– p (M = V | passes V filter) =
.25 / (.25 + (.5 * .25) + (.5 * .25)) = .25/.5 = .5
If photon passes, counterfeiter can guess it is a V
photon, right ½ of the time. If photon doesn’t pass,
guess it’s a H photon, right ½ of the time.
– p (M = +45 | passes V filter) = .25
• Actually a bit more complicated – can guess
some photons wrong, and 50% chance bank
won’t notice.
7 Nov 2001
University of Virginia CS 588
32
Guessing One +45º Photon
• Passes through V-filter (.5)
– Counterfeiter guesses V-photon
– Passes through Banks +45 filter (.5)
– .25 chance of getting it right
• Doesn’t passes through V-filter (.5)
– Counterfeiter guesses H-photon
– Passes through Banks +45 filter (.5)
– .25 chance of getting it right
• Probability of not getting caught = .5
• Forge bill with 6 photons = 1/26; use more
photons for more valuable bills.
7 Nov 2001
University of Virginia CS 588
33
Quantum Key Distribution
7 Nov 2001
University of Virginia CS 588
34
Quantum Key Distribution
• Charles Bennett (1980s)
• Use quantum physics to transmit a key with
perfect secrecy
• Alice sends a stream of random photons
• Bob selects random filters to try and guess
photons
• After, they communicate over insecure
channel to figure out which bits were
transmitted correctly
7 Nov 2001
University of Virginia CS 588
35
Quantum Key Distribution
1. Alice generates a random sequence.
Transmits:
0:
or
(Randomly pick H or –45)
1:
or
(Randomly pick V or +45)
2. Bob randomly guesses filter:
Rectilinear detector: recognizes H and V
photons with 100% accuracy, randomly
misrecognizes diagonal photons.
Diagonal detector: recognizes -45 and +45
photons with 100% accuracy, randomly
misrecognizes H and V photons.
7 Nov 2001
University of Virginia CS 588
36
Detecting Photons
• Bob picks the right detector:
– 100% chance of correctly recognizing bit
• Bob picks the wrong detector:
– 50% chance of “guessing” bit
• Bob can’t tell the difference
• But, Alice can (since she picked the
photon encoding)
7 Nov 2001
University of Virginia CS 588
37
Finding Correct Guesses
3. Alice calls Bob over an insecure line,
and tell him rectangular/diagonal for
each bit. Bob tells Alice if he guessed
right. They use the bits he guessed
right on as the key.
4. Alice and Bob do some error checking
(e.g., use a checksum) to make sure
they have the same key.
7 Nov 2001
University of Virginia CS 588
38
What about Eve?
• Eve can intercept the photon stream,
and guess filters.
• If she guesses right, she can resend
the same photon.
• If she guesses wrong, 50% chance
she will send the wrong photon.
• 50% chance Bob will guess the right
filter on this photon, so 25% chance
of error
7 Nov 2001
University of Virginia CS 588
39
Eve is Caught
• When Alice and Bob agree on
which bits to use, Eve will have the
wrong ones since she guesses
different polarities.
• Eve cannot eavesdrop without Alice
and Bob noticing an unusually high
error rate!
7 Nov 2001
University of Virginia CS 588
40
Practical Quantum Cryptography
• This may seem wacky and crazy, but it
is real!
• Los Alamos Lab
Bob’s photon
detector
48 km fiber-optic wire loop
Alice’s photon
transmitter
What about quantum cash?
7 Nov 2001
Richard Hughes, et. al.
University of Virginia CS 588
41
7 Nov 2001
University of Virginia CS 588
42
Though Air
• Can transmit and recognize spinning photons
through normal atmosphere!
• Los Alamos group has demonstrated quantum
key distribution over 0.5km in daylight
• Depends on sending laser pulse before photon
to obtain nano-second timing
• Perhaps possible to send keys to satellites this
way
7 Nov 2001
University of Virginia CS 588
43
What’s in the “Sneakers”
Black Box?
A Quantum Computer
7 Nov 2001
University of Virginia CS 588
44
Quantum Computing
• Feynman, 1982
• David Deustch, 1985 – design for general
purpose quantum computer
• Quantum particles are in all possible states
• Can try lots of possible computations at once with
the same particles
• In theory, can test all possible
factorizations/keys/paths/etc. and get the right
one!
• In practice, major advances required before we
can build it (unless the NSA knows something we
don’t…)
7 Nov 2001
University of Virginia CS 588
45
Summary/Charge
• We can really use quantum physics to
distribute keys with perfect secrecy!
• People with a lot of resources may
(someday?) be able to use a quantum
computer to factor quickly
• Next week:
– Monday: Malicious Code, Beer Bottle Deciphering
– Wednesday: Dan Ortiz, Law School
– Read the Napster Case
7 Nov 2001
University of Virginia CS 588
46
Related documents
Effective Date: March 25, 2004 Authority Reference: WV Code 18B-1-6
Effective Date: March 25, 2004 Authority Reference: WV Code 18B-1-6
Chapter 6 Vocabulary Review
Chapter 6 Vocabulary Review
Class Activity
Class Activity
You Are Invited
You Are Invited
Download
advertisement