QUANTUM CRYPTOGRAPHY AND ITS ADVANCES


SahrdayaCollege Of Engineering and Technology 1

QUANTUM CRYPTOGRAPHY AND ITS ADVANCES

ABSTRACT

In this era, the need for security has attained paramount importance.As more of our sensitive information is stored in computers the need of data security becomes increasingly important. Protecting this information against unauthorized usage is therefore a major concern for both operating systems and users alike. Cryptography is one such method of safeguarding sensitive data from being stolen or intercepted by unwanted third parties. Traditional cryptology is certainly clever, but as with all encoding methods in code-breaking history, it's being phased out.

Quantum Cryptology is based on physics and not mathematics, unlike the present ones. By harnessing the unpredictable nature of matter at the quantum level, physicists have figured out a way to exchange information on secret keys. Attaching information to the photons spin is the essence of Quantum Cryptology.In brief, the processes of encoding (cryptography) and decoding (crypto analysis) information or messages (called plaintext) into an otherwise meaningless data (cipher text) combined are cryptology.and when the keys used for this process are photons, it’s called Quantum Cryptology.

INTRODUCTION

In our contemporary world,security has attained paramount importance. The necessity for security has increased beyond everything. And that is why ways of staying secure has to developed and implemented.

The concept of cryptology dates back to B.C. It’s a method used to encrypt our data securely. Though present day security systems offer a good level of protection, they are incapable of providing a "trust worthy" environment and are vulnerable to unexpected attacks. Many organizations posses valuable information they guard closely. As more of this information is stored in computers the need of data security becomes increasingly important. Protecting this information against unauthorized usage is therefore a major concern for both operating systems and users alike. Cryptography is one such method of safeguarding sensitive data from being stolen or intercepted by unwanted third parties. Traditional cryptology is certainly clever, but as with all encoding methods in code-breaking history, it's being phased out.

Quantum Cryptology is based on physics and not mathematics, unlike the present ones. By harnessing the unpredictable nature of matter at the quantum level, physicists have figured out a way to exchange information on secret keys.

The foundation of quantum physics is the unpredictability factor. This unpredictability is pretty much defined by Heisenberg's Uncertainty Principle. This principle says, essentially, that it's impossible to know both an object's position and velocity -at the same time. But when dealing with photons for encryption, Heisenberg's principle can be used to our advantage. To create a photon, quantum cryptographers use LEDs , a source of unpolarized light, capable of creating just one photon at a time, which is how a string of photons can be created, rather than a wild burst.

Through the use of polarization filters, we can force the photon to take one state or another -- or polarize it. The thing about photons is that once they're polarized, they can't be accurately measured again, except by a filter like the one that initially produced their current spin.

So if a photon with a vertical spin is measured through a diagonal filter, either the photon won't pass through the filter or the filter will affect the photon's behavior, causing it to take a diagonal spin. In this sense, the information on the photon's original polarization is lost, and so, too, is any information attached to the photon's spin.

Attaching information to the photons spin is the essence of Quantum Cryptology. Quantum cryptography uses photons to transmit a key. Once the key is transmitted, coding and encoding using the normal secret-key method can take place.

In brief, the processes of encoding (cryptography) and decoding (crypto analysis) information or messages (called plaintext) into an otherwise meaningless data (cipher text) combined are cryptology.and when the keys used for this process are photons, it’s called Quantum Cryptology.

LITERATURE REVIEW

SECURITY

NEED FOR SECURITY

From a security perspective computer systems have 3 general goals with corresponding threats to them as listed below:

The first one data confidentiality is concerned with secret data remaining secret. More specifically if the owner of some data has decided that the data should be available
only to certain people and no others, then the system should guarantee that release of data to unauthorized people does not occur. Another aspect of this is individual privacy.

The second goal, data integrity, means that unauthorized users should not be able to modify any data without the owner's permission. Data modification in this context includes not only changing the data, but also removing data and adding false data as well. Thus it is very important that a system should guarantee that data deposited in it remains unchanged until the owner decides to do so.

The third goal, system availability, means that nobody can disturb the system to make unstable. It must be able to ensure that authorized persons have access to the data and do not suffer form denial of service.

Types of Data Threats

Intruders:
In security literature people who are nosing around places where they have no business being are called intruders or sometimes adversaries. Intruders can be broadly divided as passive and active. Passive intruders just want to read the files they are not authorized to. Active intruders are more malicious and intend to make unauthorized changes to data. Some of the common activities indulged by intruders are:

Casual Prying: non-technical users who wish to read other people's e-mail and private files mostly do this.
Snooping: This term refers to the breaking of the security of a shared computer system or a server. Snooping is generally done as a challenge and is not aimed at stealing or tampering of confidential data.
Commercial Espionage: This refers to the determined attempts to make money using secret data. For example an employee in an organization can secure sensitive data and sell it away to rival companies for monetary gains.

It is very important that potential intruders (and their corresponding activities) are taken into consideration before devising a security system. This is essential as the level of threat and intended damage differ from one to another.

Virus:

Basically a virus is a piece of code that replicates itself and usually does some damage. In a sense the writer of a virus is also an intruder, often with high technical skills. In the same breath it must be said that a virus need not always be intentional and can simply be a code with disastrous run time errors. The difference between a conventional intruder and a virus is that the former refers to person who is personally trying to break into a system to cause damage whereas the latter is a program written by such a person and then released into the world hoping it causes damage.
The most common types of viruses are: executable program viruses, memory resident viruses, boot sector viruses, device driver viruses, macro viruses, source code viruses, Trojan horses etc.

AN OVERVIEW OF SOME OF THE PRESENT DAY DATA SECURITY SYSTEMS:

User authentication:

It is a method employed by the operating system or a program of a computer to determine the identity of a user. Types of user authentication are:
Authentication using passwords, authentication using physical objects (like smart cards, ATM cards etc.), authentication using biometrics (like Finger prints, retinal pattern scan, signature analysis, voice recognition etc.). Inherent problems of user authentication are password cracking, duplication of physical objects and simulation of biometrics by artificial objects.

Anti-virus software:

An antivirus software scans every executable file on a computer's disk looking for viruses known in its database. It then repairs, quarantines or deletes an infected files. However a clever virus can infect the anti-virus software itself. Some of the popular anti-virus soft wares are K7, PCcillin, MCcafee,Eset Nod32 etc.

Firewalls:

It is a method of preventing unauthorized access to a computer system often found in network computes. A firewall is designed to provide normal service to authorized users while at the same time preventing unauthorized users from gaining access to the system. In reality they add a level of inconvenience to legal users and their ability to control illegal access may be questionable. They also stop ones computer from sending malicious software to another computer.

Cryptography:

Cryptography is the method in which a message or file, called plain text, is taken and encrypted into cipher text in such a way that only authorized people know how to convert it back to plane text. This is done commonly in four ways:
Secret key cryptography, public key cryptography, one way function cryptography and digital signatures.

QUANTUM CRYPTOGRAPHY

CRYPTOLOGY

Cryptography is the method in which a message or file, called plain text,is taken and encrypted into cipher text in such a way that only authorized people know how to convert it back to plain text. There are limitless possibilities for keys used in cryptology. But there are only two widely used methods of employing keys: public-key cryptology and secret-key cryptology. In both of these methods (and in all cryptology), the sender (point A) is referred to as Alice. Point B is known as Bob.

In the public-key cryptology (PKC) method, a user chooses two interrelated keys. He lets anyone who wants to send him a message know how to encode it using one key. He makes this key public. The other key he keeps to himself. In this manner, anyone can send the user an encoded message, but only the recipient of the encoded message knows how to decode it. Even the person sending the message doesn't know what code the user employs to decode it.

The other usual method of traditional cryptology is secret-key cryptology (SKC). In this method, only one key is used by both Bob and Alice. The same key is used to both encode and decode the plaintext. Even the algorithm used in the encoding and decoding process can be announced over an unsecured channel. The code will remain uncracked as long as the key used remains secret.

Traditional cryptology is certainly clever, but as with all encoding methods in code-breaking history, it's being phased out.

Traditional Cryptology Problems

The keys used to encode messages are so long that it would take a trillion years to crack one using conventional computers. The problem with public-key cryptology is that it's based on the staggering size of the numbers created by the combination of the key and the algorithm used to encode the message. These numbers can reach unbelievable proportions. What's more, they can be made so that in order to understand each bit of output data, you have to also understand every other bit as well. This means that to crack a 128-bit key, the possible numbers used can reach upward to the 1038 power. That's a lot of possible numbers for the correct combination to the key. The keys used in modern cryptography are so large, in fact, that a billion computers working in conjunction with each processing a billion calculations per second would still take a trillion years to definitively crack a key [source: Dartmouth College]. This isn't a problem now, but it soon will be.

Current computers will be replaced in the near future with quantum computers, which exploit the properties of physics on the immensely small quantum scale.Since they can operate on the quantum level, these computers are expected to be able to perform calculations and operate at speeds no computer in use now could possibly achieve. So the codes that would take a trillion years to break with conventional computers could possibly be cracked in much less time with quantum computers. This means that secret-key cryptology (SKC) looks to be the preferred method of transferring ciphers in the future. But SKC has its problems as well. The chief problem with SKC is how the two users agree on what secret key to use. The problem with secret-key cryptology is that there's almost always a place for an unwanted third party to listen in and gain information the users don't want that person to have. This is known in cryptology as the key distribution problem.

It's one of the great challenges of cryptology: To keep unwanted parties - from learning of sensitive information.

Quantum physics has provided a way around this problem. By harnessing the unpredictable nature of matter at the quantum level, physicists have figured out a way to exchange information on secret keys.

Quantum physics

Photons are some pretty amazing particles. They have no mass, they're the smallest measure of light, and they can exist in all of their possible states at once, called the wave function. This means that whatever direction a photon can spin in -- say, diagonally, vertically and horizontally -- it does all at once. Light in this state is called unpolarized. This is exactly the same as if you constantly moved east, west, north, south, and up-and-down at the same time.

The foundation of quantum physics is the unpredictability factor. This unpredictability is pretty much defined by Heisenberg's Uncertainty Principle. This principle says, essentially, that it's impossible to know both an object's position and velocity -- at the same time. But when dealing with photons for encryption, Heisenberg's principle can be used to our advantage. To create a photon, quantum cryptographers use LEDs -- light emitting diodes, a source of unpolarized light. LEDs are capable of creating just one photon at a time, which is how a string of photons can be created, rather than a wild burst. Through the use of polarization filters, we can force the photon to take one state or another -- or polarize it. If we use a vertical polarizing filter situated beyond a LED, we can polarize the photons that emerge: The photons that aren't absorbed will emerge on the other side with a vertical spin ( | ).

The thing about photons is that once they're polarized, they can't be accurately measured again, except by a filter like the one that initially produced their current spin. So if a photon with a vertical spin is measured through a diagonal filter, either the photon won't pass through the filter or the filter will affect the photon's behavior, causing it to take a diagonal spin. In this sense, the information on the photon's original polarization is lost, and so, too, is any information attached to the photon's spin.

Fig 1 Polarization of photons.

Using Quantum cryptology

Quantum cryptography uses photons to transmit a key. Once the key is transmitted, coding and encoding using the normal secret-key method can take place. But how does a photon become a key? How do you attach information to a photon's spin?

Fig. 2 Photons as keys.

This is where binary code comes into play. Each type of a photon's spin represents one piece of information -- usually a 1 or a 0, for binary code. This code uses strings of 1s and 0s to create a coherent message. For example, 1110010011 could correspond to h-e-l-l-o. So a binary code can be assigned to each photon -- for example, a photon that has a vertical spin ( | ) can be assigned a 1.

Alice can send her photons through randomly chosen filters and record the polarization of each photon. She will then know what photon polarizations Bob should receive. When Alice sends Bob her photons using an LED, she'll randomly polarize them through either the X or the + filters, so that each polarized photon has one of four possible states: (|), (--), (/) or (\ ) . As Bob receives these photons, he decides whether to measure each with either his + or X filter -- he can't use both filters together. Keep in mind, Bob has no idea what filter to use for each photon, he's guessing for each one. After the entire transmission, Bob and Alice have a non-encrypted discussion about the transmission.

The reason this conversation can be public is because of the way it's carried out. Bob calls Alice and tells her which filter he used for each photon, and she tells him whether it was the correct or incorrect filter to use.

Their conversation may sound a little like this:

Bob: Plus

Alice: Correct

Bob: Plus

Alice: Incorrect

Bob: X

Alice: Correct

Since Bob isn't saying what his measurements are -- only the type of filter he used -- a third party listening in on their conversation can't determine what the actual photon sequence is.

Here's an example. Say Alice sent one photon as a ( / ) and Bob says he used a + filter to measure it. Alice will say "incorrect" to Bob. But if Bob says he used an X filter to measure that particular photon, Alice will say "correct." A person listening will only know that that particular photon could be either a ( / ) or a ( ), but not which one definitively.

Bob will know that his measurements are correct, because a (--) photon traveling through a + filter will remain polarized as a (--) photon after it passes through the filter.

After their odd conversation, Alice and Bob both throw out the results from Bob's incorrect guesses. This leaves Alice and Bob with identical strings of polarized protons. It my look a little like this: -- / | | | / -- -- | | | -- / | … and so on. To Alice and Bob, this is a meaningless string of photons. But once binary code is applied, the photons become a message. Bob and Alice can agree on binary assignments, say 1 for photons polarized as ( \ ) and ( -- ) and 0 for photons polarized like ( / ) and ( | ). This means that their string of photons now looks like this: 11110000011110001010. Which can in turn be translated into English, Spanish, Navajo, prime numbers or anything else the Bob and Alice use as codes for the keys used in their encryption.