Professional Documents
Culture Documents
Lec 02
Lec 02
• • • • •
0 1
+
×
Calcite Crystal
Calcite Crystal
& Photodetection
1/2 1/2
Quantum Key
Distribution
Quantum Key
Distribution
Α: 0 1 1 0 0 1 0 0 1 1 0 1 0 0 0 1 1 1 0 1 1 0 0 0
× + × + + + × × × × + + + + × × × + × + + + × +
Β: × × + + × + + + × + + × × × + × × × + + × + × +
0 0 1 0 0 1 0 0 1 0 0 0 0 1 1 1 0 0 0 1 1 0 0 0
Α: × + × + + + × × × × + + + + × × × + × + + + × +
Β: 0 ææ 0 æ 1 ææ 1 æ 0 ææææ 1 0 ææ 1 æ 0 0 0
Β: 0 0 1 1 0 1 0 1 0 0 0
Α: 0 0 1 1 0 1 1 1 0 0 0
Α: 0 1 0 1 0
Β: = = = ≠ = 20%
Β: 0 1 1 1 0 0
Α: 0 1 1 1 0 0
Bennett-Brassard
Quantum Key
Distribution
• • • • •
Theoretical
Cryptography
Complexity Theoretical Symmetric Cryptography
• • • • •
Encryption
Authentication
Identification
• • • • •
Pseudo-random Bit Generator
g g(x) SEEMS
RANDOM x RANDOM
Truelyrandom
Truly Random bits
Bits .
Pseudo-random Bits
?
Encryption
»
pseudo-key
cleartext
⊕ =
ciphertext
ciphertext
pseudo-key
⊕ =
Stream Cipher from Pseudo-random Bits
cleartext
»
The Enigma Machine
Arthur Scherbius
Plaintext
Data
Data EncyptIIPiPon SStandard
Encryption tandatrd .
L0 L0 R0 R0
F K1
L1 =L1
R 0= R0 R 1 = L 0 ⊕ F ( R0 , K 1 )
F K2
L2 = R 1 R 2 = L 1 ⊕ F ( R1, K 2 )
F K16
-1
inv I PI P
Ciphertext
AdvancedEncryption
Advanced Encyption StStandard
andatrd .
ByteSub
ShiftRow
AddRoundKey
» »
?
⊕ = ⊕ =
?
tag
tag
⊗ ⊗
message
message
pseudo-key
pseudo-key
identification
On-line Identification
ALICE ALICE
TEST TEST
» ANSWER
OK
ANSWER
OK
»
On-line Identification
ALICE ALICE
TEST TEST
» ANSWER
OK
ANSWER
OK
»
ALICE ALICE
TEST TEST
» ANSWER
OK
ANSWER
OK
»
On-line Identification
ALICE ALICE
TEST TEST
» ANSWER
OK
ANSWER
OK
»
ALICE ALICE
TEST TEST
» ANSWER
OK
ANSWER
OK
»
ALICE ALICE
TEST ' TEST '
» ANSWER '
NO!
ANSWER '
NO!
»
Truely Random Function
Pseudo-random Function Generator
?
Identification from PRFG
#6
» »
pseudo-key #6
OK ! pseudo-key #6
Identification from PRFG
#6
» »
pseudo-key #6
fail ! pseudo-key #6
Complexity Theoretical Asymmetric Cryptography
• • • • •
asymmetric encryption
asymmetric authentication
zero-knowledge identification
• • • • •
Public Key
Distribution
Public-Key Distribution
x:=f(p,a) y:=f(p,b)
x
y
k:=f(y,a) k:=f(x,b)
f(f(p,a),b)=k=f(f(p,b),a)
Public-Key Distribution
x:=f(p,a) y:=f(p,b)
x
y
k:=f(y,a) k:=f(x,b)
f(f(p,a),b)=k=f(f(p,b),a)
Public-Key Distribution
x:=f(p,a) y:=f(p,b)
x
y
k:=f(y,a) k:=f(x,b)
f(f(p,a),b)=k=f(f(p,b),a)
Public-Key Distribution
x:=f(p,a) y:=f(p,b)
x
y
k:=f(y,a) k:=f(x,b)
f(f(p,a),b)=k=f(f(p,b),a)
Public-Key Distribution
x:=f(p,a) y:=f(p,b)
x
y
k:=f(y,a) k:=f(x,b)
f(f(p,a),b)=k=f(f(p,b),a)
Public-Key Distribution
x:=f(p,a) y:=f(p,b)
x
y
k:=f(y,a) k:=f(x,b)
f(f(p,a),b)=k=f(f(p,b),a)
Public Key
Encryption
Asymmetric Encryption
(Public-Key Cryptography)
Encryption
Ke
P C
Kd
Decryption
»
»»»
»
»
»
Decryption Encryption
»
»
Will you marry me ? marry me ?
Public-Key Cryptography
»
»»»
»
»
»
Decryption Encryption
»
»
Will you marry me ? marry me ?
Public-Key Cryptography
»
»»»
»
»
»
Decryption Encryption
»
»
Will you marry me ? marry me ?
Digital
Signatures
Asymmetric Authentication
(Digital Signature Scheme)
Authentication
Ka
M T
Kv
Verification
Digital Signature
»
»»»
Authentication
»
»
»
»
»
»»»
»
Verification Authentication
»
VALID
» marry me ?
Will you marry me ?
Digital Signature
Will you marry me ?
?
Digital Signature
»
»»»
Authentication
»
»
»
»
»
»»»
»
Verification Authentication
»
VALID
» marry me ?
Will you marry me ?
Digital Signature
Will you marry me ?
?
Digital Signature
»
»»»
Authentication
»
»
»
»
»
»»»
»
Verification Authentication
»
VALID
» marry me ?
Will you marry me ?
Zero-Knowledge
Identification
Off-line Identification
ALICE »
TEST ALICE
»
» ANSWER
OK PUBLIC CERTIFICATE
Off-line Identification
ALICE »
TEST ALICE
»
» ANSWER
OK PUBLIC CERTIFICATE
ALICE » ALICE
»
TEST
» ANSWER
OK PUBLIC CERTIFICATE
Off-line Identification
ALICE »
TEST ALICE
»
» ANSWER
OK PUBLIC CERTIFICATE
ALICE » ALICE
»
TEST
» ANSWER
OK PUBLIC CERTIFICATE
ALICE »
TEST ' ALICE
»
» ANSWER '
NO! PUBLIC CERTIFICATE
Interactive Proofs and Zero-Knowledge
x∈L
YES !
x∉L
NO !
x∈L
YES !
Interactive Proofs and NOT Zero-Knowledge
?
x∈L
x∈L
WOW !
YES !
Zero-Knowledge with Simulator
x∈L
S
x∈L
YES !
Claude Crépeau