Summary of Quantum Cryptography

By -

Quantum cryptography applies principles of quantum mechanics to encrypt messages in a way that it is never read by anyone outside of the intended recipient.
It takes advantage of quantum’s multiple states, coupled with its "no change theory," which means it cannot be unknowingly interrupted. 

Why need quantum cryptography?

Development of quantum computer, capable to break public-key cryptography algorithm

Key distribution

The task of distributing secret keys between transmitter and receiver by providing security properties.
If the key is known to the third party (forger/eavesdropper) then the whole security mechanism becomes worthless.

Two aspects for Key Management

Distribution of public keys.
Use of public-key encryption to distribute secrets.

The public key can be distributed in four ways

1. Public announcement
The public key is broadcasted to everyone.
Weakness : forgery.
Anyone can create a key claiming to be someone else and broadcast it.
Until forgery is discovered can masquerade as claimed user. 


2. Publicly available directory
The public key is stored in a public directory.
Directories are trusted here, with properties like Participant Registration, access and allow to modify values at any time, contains entries like {name, public-key}.
Directories can be accessed electronically still vulnerable to forgery or tampering.

3. Public-key authority
Similar to the directory but, improves security by tightening control over the distribution of keys from the directory.
It requires users to know the public key for the directory.
Whenever the keys are needed, real-time access to the directory is made by the user to obtain any desired public key securely. 

4. Public-key certificates
Authority provides a certificate (which binds an identity to the public key) to allow key exchange without real-time access to the public authority each time.
The certificate is accompanied by some other info such as period of validity, rights of use, etc.
All of this content is signed by the private key of the certificate authority and it can be verified by anyone possessing the authority’s public key. 

Quantum Key Distribution (QKD)

Allows users to securely distribute classical keys which can then be used for encrypted communication. It doesn’t encrypt the actual data.

Technical limitations of QKD

1. Quantum key distribution is only a partial solution. QKD generates keying material for an encryption algorithm that provides confidentiality. Such keying material could also be used in symmetric key cryptographic algorithms to provide integrity and authentication if one has the cryptographic assurance that the original QKD transmission comes from the desired entity (i.e. entity source authentication). QKD does not provide a means to authenticate the QKD transmission source. Therefore, source authentication requires the use of asymmetric cryptography or preplaced keys to provide that authentication. Moreover, the confidentiality services QKD offers can be provided by quantum-resistant cryptography, which is typically less expensive with a better understood risk profile.

2. Quantum key distribution requires special purpose equipment. QKD is based on physical properties, and its security derives from unique physical layer communications. This requires users to lease dedicated fiber connections or physically manage free-space transmitters. It cannot be implemented in software or as a service on a network, and cannot be easily integrated into existing network equipment. Since QKD is hardware-based it also lacks flexibility for upgrades or security patches.

3. Quantum key distribution increases infrastructure costs and insider threat risks. QKD networks frequently necessitate the use of trusted relays, entailing additional cost for secure facilities and additional security risk from insider threats. This eliminates many use cases from consideration.

4. Securing and validating quantum key distribution is a significant challenge. The actual security provided by a QKD system is not the theoretical unconditional security from the laws of physics (as modeled and often suggested), but rather the more limited security that can be achieved by hardware and engineering designs. The tolerance for error in cryptographic security, however, is many orders of magnitude smaller than in most physical engineering scenarios making it very difficult to validate. The specific hardware used to perform QKD can introduce vulnerabilities, resulting in several well-publicized attacks on commercial QKD systems.2

5. Quantum key distribution increases the risk of denial of service. The sensitivity to an eavesdropper as the theoretical basis for QKD security claims also shows that denial of service is a significant risk for QKD.

Quantum Encryption

Using quantum mechanics to encrypt the data itself, not just the key used to read it. This task is much more difficult than QKD.

Types of Post-Quantum Algorithms 

Lattices
Codes
Isogenies
Hash-Based Signatures

Quantum bit can occupy both 0 and 1 at the same time 


References :
https://medium.com/hackernoon/a-guide-to-post-quantum-cryptography-d785a70ea04b
https://www.csoonline.com/article/3235970/what-is-quantum-cryptography-it-s-no-silver-bullet-but-could-improve-security.html
https://www.qmunity.tech/post/quantum-cryptography-explained
https://ieeexplore.ieee.org/document/5438052
https://www.geeksforgeeks.org/easy-key-management-in-cryptography/
https://www.nsa.gov/Cybersecurity/Quantum-Key-Distribution-QKD-and-Quantum-Cryptography-QC/

Comments

Post a Comment

Popular posts from this blog

Contoh Inheritance (Pewarisan) di Java

By -
Image
diupdate 24 November 2023 Inheritance atau pewarisan, dalam paradigma pemrograman berorientasi objek bisa diartikan membuat suatu class yang mirip seperti class yang lain. Ada class yang ditiru (class induk / parent / superclass) dan ada class hasil tiruan / hasil turunan (class child / subclass). Subclass akan mewarisi atribut dan method-method yang ada pada superclass. Contoh inheritance atau pewarisan dalam OOP misalnya sebagai berikut. Ada class Karyawan yang memiliki atribut NIP, nama, dan jenis kelamin serta dua buah method yaitu masukKerja() dan beriNama(String nama). Apabila digambarkan dalam class diagram seperti berikut Dibuat source code dalam bahasa pemrograman Java sebagai berikut Dibuat class baru yaitu Dosen, class Dosen adalah turunan dari class Karyawan. Dalam bahasa pemrograman Java untuk membuat pewarisan digunakan keyword extends ketika menuliskan deklarasi class (lihat baris ke tiga di source berikut). Class Dosen akan mewarisi atribut NIP, nama, dan je
Read more

Contoh Penerapan Interface di Pemrograman Java

By -
Image
Dalam pemrograman Java kita mengenal adanya Class dan Interface. Class adalah template dari suatu object. Di dalam sebuah class kita bisa mendefinisikan atribut-atribut yag mewakili data-data yang dimiliki oleh sebuah object, di dalam Class juga didefinisikan method-method / fungsi yang mewakili behaviour atau operasi yang bisa dilakukan oleh suatu object. Sedangkan Interface sendiri bisa dianalogikan sebagai template dari class. Di dalam sebuah Interface terdapat method-method abstract, ada nama method beserta parameternya namun isi / code dari method di dalam Interface tersebut belum dituliskan. Untuk menggunakan Interface kita perlu membuat Class yang mengimplementasikan Interface tersebut, Class yang dibuat nanti otomatis akan memiliki method-method yang dituliskan di dalam Interface dan kode dari method-method tersebut dituliskan dalam Class yang dibuat. Agar lebih jelas mari kita simat ilustrasi berikut : Kita akan membuat sebuah Interface dengan nama BangunDatar. Di dalam Interf
Read more

Review Singkat Pilihan Transportasi Umum Rute Solo - Wonosobo

By -
Karena satu hal, saya cukup sering bolak balik Solo - Wonosobo. Jarak dua kota tersebut cukup jauh, sebenarnya bisa saja ditempuh dengan kendaraan pribadi seperti sepeda motor namun kadang untuk meminimalisir rasa capek akibat mengemudi saya memilih naik kendaraan umum. Terdapat beberapa pilihan moda transportasi umum untuk rute Solo - Wonosobo. Sejumlah bus AKAP asal Jawa Timur saat ini telah memperluas jangkauannya hingga mencapai Purbalingga, kita dapat memilih naik Eka atau Sugeng Rahayu jurusan Purbalingga yang melalui Wonosobo. Bus-bus AKAP ini cukup nyaman dengan fasilitas standar bus PATAS Jawa Timuran : AC dingin, interior terawat, dan tidak ketinggalan full music Jawa.  Dari segi harga, saya sudah agak lupa karena sudah lama tidak naik bus ini, namun kalau saya tidak salah ingat saat ini untuk jurusan Solo - Wonosobo sudah tembus di atas 100 ribu rupiah. Kenaikan harga BBM yang kemudian diikuti pandemi Covid-19 berkontribusi mengerek tarif bus, padahal dulu di tahun 2018 untu
Read more