09/05/2008, 15:00 — 16:00 — Room P3.10, Mathematics Building
Geraldo A. Barbosa, Center for Photonic Communication and Computing, Northwestern University, USA
Platform for telecommunications secured by physical noise
Classical: Protection existing in classical cryptographic systems widely used is based on keys generated by pseudo-random number generators or computational complexities (e.g., factoring large numbers into primes). However, pseudo-random sequences have formation rules and algorithms can be used or discovered to find the sequences. Also, other than historical difficulties nothing indicates that an efficient (classical) factoring algorithm cannot be found. “One-time pad” encryption is the only classical method offering unconditional security. It uses secret symmetric keys [G. S. Vernam, J. Amer. Inst. Elec. Eng. 55, 109 (1926). C. E. Shannon, Bell Syst. Tech. J. 28, 656 (1949)] shared between two users. The difficulty to securely renew the shared keys in modern fast communications is an unsolved challenge that ruled out this technique for broad use. Quantum: Quantum protocols, such as the well studied single-photon protocol BB84 offer outstanding protection in dedicated networks for short distances and at slow speeds . These systems do not work in generic Internet channels and networks. Good signal amplification is not possible with single photon protocols [Wootters-Zurek theorem: Wooters WK, Zurek WH, Nature, 299 (5886) 1982, 802-803] and the system security reduces to zero if signals are converted from optical to electrical and vice-versa; these conversions are necessary in generic Internet channels. Although systems using continuous variables and other schemes are constantly being proposed, there is no widely accepted vision on purely quantum systems being incorporated to the Internet. Systems protected by physical noise: A new class of systems was recently created based on physical noise that, even not offering unconditional security, offer security levels compatible or higher than current protocols. They do not rely on the factoring difficulty and do not need certificate centers; they are under strict control of the users, sender and receiver. They mix classical protocols and quantum noise features. They do not use single photons in entangled states. These systems were created to offer high level of security and at the same time work at high speeds compatible to modern communications. It is practical to have them classified in data encryption systems and key distribution systems. The data encryption systems are known as alpha eta systems (and as Y00 in Japan) and were created at Northwestern University through a DARPA supported project that led to Patent No. US 7,333,611 (Feb. 19, 2008) [Assignee: Northwestern University, Inventors: H. P. Yuen, P. Kumar, and G. A. Barbosa]. They were created to operate in fiber channels and use the intrinsic light noise associate to the signal carrier to blur the signal to the attacker while giving the legitimate users a clear signal (see patent). They operate at the physical layer of the communication networks. This kind of system has already been tested in the United States (experimental networks in Washington and currently in the DARPA Quantum Network in Boston) and Japan. It is already being developed by a new company called NuCrypt, directed by one of the inventors (P. Kumar). The key distribution system (patented by US-2005-0152540-A1, Inventor: G. A. Barbosa) is the main object of this talk. This system has two versions, one for fiber channels and another one to operate on the user layer. Both start with a sequence of truly random keys shared by the legitimate users. These keys are generated by a Physical Random Generator (PhRG). There is no intrinsic physical limitation for the key generation process speed. This speed may evolve according to the electronic technology advances and may follow computation and the web’s speed evolution. This is in contrast with single-photon cryptographic methods that are inherently slow. This starting shared sequence provides the security core onto which an attacker has to brake in to obtain the fresh key sequences being constantly generated by the same PhRG and constantly shared by the users. This difficulty is easily set at a computational difficulty level well above current capabilities and is also easily adapted to any computational advances. The sequences of fresh keys shared by the users are used for fast bit-by-bit or block encryption.
Joint with the Information Security Seminar. Note exceptional room