See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/224326466

Quantum cryptography: State-of-art, challenges and future perspectives

Conference Paper · September 2007

DOI: 10.1109/NANO.2007.4601420 · Source: IEEE Xplore

CITATIONS READS
23 978

4 authors, including:

Vishnu Teja N.N. Sharma

University of Wollongong in Dubai Birla Institute of Technology and Science Pilani
2 PUBLICATIONS 27 CITATIONS 85 PUBLICATIONS 1,015 CITATIONS

SEE PROFILE SEE PROFILE

R. K. Mittal
Birla Institute of Technology and Science Pilani
73 PUBLICATIONS 1,050 CITATIONS

SEE PROFILE

All content following this page was uploaded by N.N. Sharma on 03 June 2015.

The user has requested enhancement of the downloaded file.

 Proceedings of the 7th IEEE
International Conference on Nanotechnology
August 2 - 5, 2007, Hong Kong
Quantum Cryptography: State-of-Art,Challenges and Future
Perspectives
Vishnu Teja1, Payel Banerjee2, N. N. Sharma3 and R. K. Mittal3
1
Physics Group and Electrical and Electronics Group, BITS-Pilani, India
2
Electrical and Electronics Group, BITS-Pilani, India
3
Mechanical Group, BITS-Pilani, India
Abstract — With quantum computing, we are witnessing an
exciting and very promising merging of three of the deepest and
most successful scientific and technological developments of
modern era: quantum physics, computer science, and
nanotechnology. Quantum computers have the potential to
perform certain calculations billions of times faster than any
silicon-based computer. A functional quantum computer will be
invaluable in factoring large numbers, and therefore extremely
useful for decoding and encoding secret information.
In this paper we have discussed contemporary cryptographic
systems and their strengths and drawbacks. Two of the most
common quantum key distribution protocols have been
explained. This is followed by a note on the experimental
realizations of quantum key distribution and the associated
technological challenges. A few novel extensions of this concept in
the future have also been dealt with. This paper aims at
familiarizing the reader with the field of quantum cryptography
and gives an insight about the latest developments.
Keywords — BB84 protocol, data encryption standard, one-
time pad, public key cryptography, Shannon’s condition, quantum
cryptography , quantum key distribution
I. INTRODUCTION
Cryptography is the technique by which a message that has
to be transmitted over an insecure channel is rendered
indecipherable to any unauthorized party who might eavesdrop.
To achieve secure transmission, an algorithm is used to
combine the message with additional information to produce a
cryptogram. The algorithm is also called a cryptosystem or
cipher and the additional information is known as the key. The
technique is known as encryption [1].
Encryption in conventional cryptography is based on
mathematical relations wherein security is ensured by choosing
mathematical functions that have super-polynomial time
complexity. Classical computers thus are not capable of
breaking them. As improving processor speeds render existing
algorithms increasingly vulnerable to cracking, the security of
the classical encryption technique is debatable [1].
Quantum key distribution (QKD) [2] is a method in which
quantum states are used for encryption. The strength of
quantum cryptography (QC) is that the codes that are generated
are not even in theory decodable. QC is based on Heisenberg’s
uncertainty principle [3] which states that measuring a quantum
system in general disturbs the system and yields incomplete
information about the state of the system before the
measurement. Eavesdropping on a quantum communication
channel therefore causes an unavoidable disturbance alerting
1-4244-0608-0/07/$20.00 © 2007 IEEE.
the legitimate users. The fact that QC draws largely from the
fundamental randomness of quantum mechanics yields a robust
cryptographic system. Two parties initially sharing no secret
information can thus exchange a secret random cryptographic
key using quantum cryptography that is secure against an
eavesdropper. The present work extends the compilation of
state-of-art applications and research done [4] so far in the field
of Quantum Cryptography. Various classical cryptography
schemes, their strengths and weaknesses explaining the need
for QC have been described in Section 2. The BB84 protocol
[5-6] and an alternate protocol with encoding built upon
quantum entanglement [7] have been detailed in Section 3. In
Section 4, the technological challenges associated with the
implementation of the BB84 protocol have been discussed. The
future scope of encryption and tasks beyond quantum key
distribution are given in Section 5. Conclusions drawn from
present work are presented in Section 6.
II. CLASSICAL CRYPTOGRAPHY
Classical cryptography [1] employs various mathematical
techniques to restrict eavesdroppers from learning the contents
of encrypted messages. The three most popular schemes
adopted worldwide have been explained below. Throughout the
paper, the transmitter is referred as ‘A’, the receiver as ‘B’, and
an adversarial eavesdropper as ‘E’.
A. Data Encryption Standard (DES)
In DES [1] , the encrypting and decrypting algorithms are
publicly announced; the security of the cryptogram depends
entirely on the secrecy of the key and the key consist of
randomly chosen, sufficiently long string of bits. Once the key
is established between the sender and the receiver, subsequent
communication involves sending cryptograms over a public
channel which is vulnerable to total passive eavesdropping.
However in order to establish the key, two users, who share no
secret information initially, must at a certain stage of
communication use a reliable and a very secure channel.
A random key must first be communicated through a secret
channel prior to the actual message transfer. The major
drawback of DES is no classical cryptographic mechanism can
guarantee ultimate security of a communication channel.
B. Public Key Cryptographic (PKC) Systems
An improvement over DES, public key cryptography [8]
eliminates the problem of key distribution prior to
communication. In the PKC system, every user would have a
public encoding key and a secret (private) decoding key such
1296
that encryption and decryption using the keys would be inverse
functions. If ‘A’ wants to send a secret message to ‘B’, he
would encrypt his message with B’s public key and send it
through an insecure channel. ‘B’ receiving the message would
then decode it using his private key. The methodology ensures
that the sender can’t decode his own message once encrypted.
The PKC systems exploit the fact that certain mathematical
operations are easier to do in one direction than the other. For
example, multiplication of two large prime numbers is easy but
factoring the result would be infeasible if computational
resources are insufficient and the number is large. The best
classical algorithm known to factor takes super-polynomial
time. RSA (Rivest-Shamir-Adleman encryption Algorithm),
the first PKC cryptosystem [9] gets its security from the simple
fact that factoring large numbers is excessively tough.
The disadvantage is that classical cryptosystem provides no
mechanism for detecting eavesdropping. Moreover, once
researchers succeed in building a feasible quantum computer,
Shor’s algorithm [10] could break RSA easily in polynomial
time.
C. One-time pad (OTP) Cryptosystem
The one-time pad cryptosystem [11] created by Gilbert
Vernam in 1917 is very simple and yet, very effective. The
system ensures perfect secrecy. But again the key has to remain
secret. The major disadvantage with one-time pad is despite its
security it is very impractical. For every message encoded with
the system, the participants need to exchange a secret key that
has at least the same length. Also, one must not use the same
key twice.
III. QUANTUM CRYPTOGRAPHY
Quantum cryptographic systems work on Heisenberg’s
uncertainty principle. A quantum system when measured is
disturbed and yields incomplete information about the system’s
state before the measurement. Eavesdropping on a quantum
communication channel therefore alerts legitimate users.
The ‘No Cloning Theorem’ [12] states that an unknown
quantum state cannot be cloned. If such a quantum copier
existed, then ‘E’ could have measured the quantum system, and
then could have sent the copied state to ‘B’. Since cloning is
not possible, an act of eavesdropping would be detected. The
possibility of detection of eavesdropping makes quantum
cryptography superior to conventional cryptography.
A. BB84 protocol
The first Quantum Key Distribution used in Quantum
Cryptography scheme was presented by Bennett and Brassard
in 1984 and is now commonly referred as BB84 protocol [5, 6].
The first experimental demonstration of the protocol was
performed in 1991 using the polarization states of single
photons to transmit a random key. The polarization state of
single photon is characterized by polarization angle %.
Photons emerging from a light source often have an
unknown polarization angle. To induce a µ& polarization to a
photon, a light filter is used that allows only photons polarized
at µ& to pass through. Photons having any other degree of
polarization either gets stopped or gets re-polarized to µ& .The
1297
two possibilities are dictated by the laws of probability.
According to quantum mechanics [13] a photon polarized at
angle a passing through a µ filter has probability cos2 (% * µ) of
emerging with polarization µ and a probability sin2 (% * µ) of
being stopped by the filter.
Polarization angles are used to encode bits to be
transmitted. A basis is chosen to distinguish the two values 0
and 1 without ambiguity. One choice is the rectilinear basis
where photons are polarized at angle 0& or 90& representing 0
and 1 respectively. Another choice is the diagonal basis where
0 is represented by photons polarized at 45& and 1 by photons
polarized at 135&.
The quantum protocol BB84 is a key distribution technique
that when clubbed with the one-time pad system (classical
cryptographic scheme) makes communication unconditionally
secure.
For simplicity, denote the 0&, 90&, 45& and 135& as H,V,D
and A respectively. The polarization basis H, V is denoted by +
and {D, A} by *. The steps of the protocol have been
illustrated below.
Step 1: ‘A’ sends a sequence of randomly polarized
photons.
Polarization basis: + + + + * + * *. . .
Polarization angle: V V V H A V A A . . .
Interpreted as: 1 1 10 1 1 1 1...
Step 2: ‘B’ receives the photons and for each one the
rectilinear or the diagonal basis for measurement is
independently chosen. The result is noted down accordingly.
Some photons may not be received due to imperfection of the
transmitting and the measuring devices. ‘B’ notes down the
result as follows:
Polarization basis: * + * + * * * *. . .
Polarization angle: D V A H A D A A. . .
Interpreted as: 0 1 1 0 1 0 1 1. . .
Step 3: Next ‘A’ and ‘B’ communicates through the public
channel the sequences of encoding basis of ‘A’ and the
decoding basis of ‘B’, as well as B’s failures in detection.
Neither the specific states prepared by ‘A’ in each basis nor the
resulting states obtained by ‘B’ upon measuring is
communicated. The communication is as follows:
A to B (as in Step 1): + + + + * + * *. . .
B to A (as in Step 2): * + * + * * * *. . .
Step 4: Cases in which ‘B’ detects no photons and also the
cases in which the encoding basis used by ‘A’ and the
decoding basis used by ‘B’ differ are discarded. After this
distillation, both are left out with the same random
subsequence of bits 0, 1, which is adopted as the shared sifted
key.

Initial
A’s bits: 1 1 1 0 1 1 1 1. . .
A’s polarization basis: + + + + * + * *. . .
B’s bits: 0 1 1 0 1 0 1 1...
B’s polarization basis: * + * + * * * *. . .
Final after distillation
A’s substring: - 1 - 0 1 - 1 1. . .
B’s substring: -1 - 0 1 - 1 1. . .
The distilled key is 10111... with length, on average, one
half of the length of the initial sequence. In the ideal case with
no eavesdroppers, no noise in the transmission or defects in the
encoding and decoding, the distilled keys of ‘A’ and ‘B’ match.
Thus encryption is secure. In case ‘E’ “taps” the quantum
channel having the same equipment as B’s, analyzes the
polarization state of each photon, forwarding them next to ‘B’,
the keys of ‘A’ and ‘B’ after distillation wouldn’t match.
The Shannon’s theorem [14] states that in any situation, the
amount of information ‘B’ has should exceed the information
possessed by ‘E’ i.e. ‘B’ must have more information on A’s
bits than ‘E’. If this isn’t the case, then the bits transmitted so
far are discarded and the Steps 1 to 3 is carried on again until
this condition is satisfied.
Once the sifted key is obtained, ‘A’ and ‘B’ publicly
compare a randomly chosen subset of the sifted key. The
disclosed bits are discarded but serve to estimate the error rate
or more precisely the marginal probability distribution. If the
Shannon’s condition (calculated by substituting the marginal
probability in the equation [14]) is satisfied, the following
algorithm is processed as follows showing how ‘A’ and ‘B’ can
establish a secret key from the sifted key.
1) ‘A’ randomly chooses pairs of bits and announces the
XOR value over an insecure channel. If ‘B’ has the same XOR
value for corresponding bits, ‘B’ replies “accept” else “reject”.
2) If ‘B’ accepts, both ‘A’ and ‘B’ keep the first bit intact
and eliminate the second one. While in the “reject” case, both
the bits are rejected. This procedure continues for a
considerable number of times so as to produce identical copies
of a key. The first two steps are for error correction [15].
3) But ‘E’ may still have some information about the key.
Privacy amplification [16], a classical protocol, is implemented
to reduce E’s knowledge of the key. ‘A’ chooses pairs of bits,
computes their XOR values but unlike error correction A only
announces the bit positions chosen. Then ‘A’ and ‘B’ both
replace the announced bit positions by the XOR value. ‘E’ only
has partial information on the two bits; with the information on
XOR value even lower.
In this way, they can shorten the key while keeping the key
error free.
1298
For example ‘E’ knows the value of both the bits
with 60% probability, then the probability that E
guesses correctly the value of XOR is only of 0.62 +
0.42 = 0.52 i.e. 52% probability. The process when repeated
several times reduces the probability of E’s correct guessing.
The following figure gives an illustration of the
aforementioned algorithm.
In Fig. 1a, the initial situation is depicted. During the
public phase of the protocol, because of the one-way
communication, ‘E’ receives as much information as
‘B’; the initial information difference shown by * thus
remains.
In Fig. 1b, after error correction B’s information equals 1.
In Fig. 1c, after privacy amplification E’s informa-
tion is zero.
In Fig. 1d, ‘B’ replaces all bits to be disregarded by
random bits. Hence the key has still the original length, but the
information content gets reduced. Finally, on removal of the
random bits, the key is shortened to the initial information
difference.
Figure 1. Illustration of an algorithm that’s a part of BB84 cryptography
scheme.
Every key distribution system must incorporate some
authentication [17] scheme i.e. the two parties must identify
themselves. If not, ‘A’ could actually be communicating
directly with ‘E’. A possibility is that ‘A’ and ‘B’ initially
share a short secret. Then quantum cryptography provides them
with a longer one of which a small portion is kept for
authentication at the next session. From this perspective, QC is
a Quantum Secret Growing protocol [1].
B. Cryptosystems with encoding built upon quantum
entanglement
Entanglement [7] is the non-local quantum-mechanical
correlation that can exist between two quantum systems that
have interacted at some point. A source of entangled-photon
pairs is configured to send one photon to ‘A’ and one photon to
‘B’. ‘A’ and B’s detectors are both configured to measure
randomly in one of two measurement bases. ‘A’ and ‘B’ then
record the bit value, measurement basis, and exact time for
each detection. Arrival times are used to establish coincident
detections. Due to entanglement, when measurement bases
coincide, the bits are near 100% correlated and can be used to
form a secret key. Eavesdropping will cause errors as the
entangled state will be measured in one basis and the ensuing
state collapse leads to imperfect correlations in the other basis.
IV. TECHNOLOGICAL CHALLENGES
The above mentioned BB84 protocol for Quantum
cryptography requires achieving the technology of generating
single photons states, the transfer of these states without
decoherence through a proper channel [1] and finally a
sensitive detection unit [1]. Following ways have been
proposed for generating the single photons states: - faint laser
pulses [18] , parametric down conversion [19], single
electrons in a mesoscopic p-n junctions [20], photon emission
of electron-hole pairs in a semiconductor quantum dot [21]
with advantage that these dots can be integrated in solid-state
micro cavities with strong enhancements.
Once the photon states have been successfully generated,
these can then be transmitted through a suitable channel, like
optical fibers. More versatility can be achieved if a way can be
found out to perform transmission through satellites as laying
optical cables seems to be a great technological challenge
again. But optical fibers offer less noise in transmission
against the very fluctuating and high impedance free space
transmission. Moreover only single mode fibers can be put to
some use as multimode fibers give rise to mixed states thus
deteriorating signal quality. In addition, it is also required to
take care of phase shifts, birefringence and polarization
dependent losses. Transmission over free space features offers
some advantages compared to the use of optical fibers. The
atmosphere has a high transmission window at a wavelength
of around 770 nm, where photons can easily be detected using
commercial, high-efficiency photon counting modules.
Furthermore, the atmosphere is essentially non-birefringent at
these wavelengths. It will thus not alter the polarization state
of a photon.
Now coming to the final unit of the module we require an
efficient photon detection unit which will be the deciding
parameter for the whole success of quantum cryptography.
The variety of techniques available to achieve photon
detection is photomultipliers, avalanche photo-diodes,
multichannels plates and superconducting Josepheson
junctions. The detectors should have a high efficiency over a
large spectral range and a short recovery time. Based on
efficiency, recovery time and commercial aspects avalanche
photo diodes are more advantageous. Three semiconductors
silicon, germanium and indium gallium arsenide can be used
depending on the wavelengths at which detection occurs. Also
the inclusion of semiconductors allows us to integrate the
technology with present IC fabrication scenario with no need
of further dedicated machinery. The photo diodes operate in
Geiger-mode with possibility of passive/active quenching and
gated-mode operation. The gated mode operation works best
with faint laser pulses photo-generation unit. Silicon has been
used in photon detection at wavelength 1 Zm and germanium
and indium gallium arsenide at second telecommunication
wavelength. However no industrial effort has been made to
optimize APD’s operating at telecommunications wavelengths
1299
for photon counting, and their performance still lags far
behind that one of silicon APDs. However, there is no
fundamental reason why photon counting at wavelengths
above 1 Zm should be more difficult than at wavelengths
below 1 Zm except that the high- wavelengths are less
energetic. The first commercial photon counter at
telecommunications wavelengths is Hamamatsu
photomultiplierR5509-72. However, its efficiency is not yet
sufficient for use in quantum cryptography. The real reasons
for the lack of commercial products for photon counting are
two-fold. Firstly, silicon, the most common semiconductor
material, is not sensitive enough (the band gap is too large),
and secondly the market for photon counting is not yet mature.
But, without great risk, one can predict that good commercial
photon counters will become available in the near future and
that they will have a major impact on quantum cryptography.
V. FUTURE FRONTIERS
Beyond Quantum Key Distribution, there are many other
cryptographic tasks for which quantum protocols offer
significant potential advantages over classical protocols. A
brief overview of some of the recent developments is given as
follows.
A. Bit commitment
Bit commitment is a special case of a commitment
protocol where the data ‘m’ consists of only a single bit.
Unconditionally secure quantum bit commitment is
impossible. A commitment protocol is a procedure in which
‘A’ deposits a message such that no one can either read or
change the message. ‘A’ commits himself to the data ‘m’ by
computing c= f(m) and sends ‘c’ to ‘B’. ‘A’ unveils the
commitment by showing ‘B’ the pre-image ‘m’ of ‘c’.
In bit-commitment ‘A’ chooses a bit and keeps the bit
secret until ready to reveal to ‘B’. A bit-commitment [22]
protocol is “binding” if ‘A’ is unable to change the value of
his bit after committing to it, and “concealing” if ‘B’ is unable
to learn the bit before ‘A’ unveils the bit. The protocol is
secure in case it is both binding and concealing.
B. Quantum fingerprinting
Buhrman, Cleve, Watrous, and de Wolf showed that
fingerprints consisting of quantum information can be
exponentially shorter than the original strings but with a
distinct advantage. There need not be any correlations between
the parties preparing the fingerprints [23].
A fingerprint is a short bit string associated with a long
string, such that any two long strings can be distinguished with
high probability by comparing the fingerprints alone.
Classically, the fingerprint can be exponentially shorter than
the original string, but the parties preparing the fingerprints
need to share a random key.
C. Quantum Data Hiding
Schemes for hiding classical data in bipartite quantum
states were first formulated by Di Vincenzo, Leung, and Terha
[24]. Hayden, Leung, Shor, and Winter [25] have shown that
when the amount of hidden information is large, one hidden
qubit can be encoded per each pair of physical qubits shared
by ‘A’ and ‘B’.
Information is encoded in a bipartite quantum state and is
distributed to ‘A’ and ‘B’. The way in which it’s distributed is
such that both of them are able to recover the encoded
information with high fidelity if they get together and
communicate using quantum cryptography schemes. But if
‘A’ and ‘B’ are limited to classical communication, they
cannot learn more than a negligible amount about the encoded
information, even if their local computational power is
unlimited.
D. Authentication of quantum messages
In classical authentication as discussed in Section 3.1, a
shared private random key has to be used to verify that a
message sent from ‘A’ to ‘B’ has not been modified during
transmission. Barnum, Cr ´epeau, Gottesman, Smith, and Tapp
[26] showed that quantum states sent from ‘A’ and ‘B’ can be
similarly authenticated. Furthermore, it has been shown that
when authentication is successful, most of the classical key
can be safely reused in further rounds of authentication.
Gottesman [27] has shown that a quantum authentication
scheme can be used for uncloneable encryption of classical
messages; which means that an eavesdropper will not be able
to decipher the message even if he later discovers the classical
key that was used to encode.
Quantum cryptography is a fast emerging technology and
with high potential for commercial applications as compiled
above.
E. QKD with satellites
It is possible to exchange keys using quantum
cryptography between a terrestrial station and a low orbit
satellite (absorption in the atmosphere takes place mainly over
the first few kilometers. It can be low, if an adequate
wavelength is selected and the weather is clear.) Such a
satellite moves with respect to the earth surface.
When passing over a second station, located thousands of
kilometers away from the first one, it can retransmit the key.
The satellite is implicitly considered as a secure intermediary
station. Presently this technology is less mature than that
based on optical fibers. Research groups have already
performed preliminary tests of such a system, but an actual
key exchange with a satellite remains to be demonstrated [1]. .
The conclusion of the present study is given in the next
section.
CONCLUSION
Quantum cryptography is an illustration of the
dialog between basic and applied physics. It is based
on combinations of concepts from quantum physics
and information theory. The security principle in QC
relies on theorems in classical information theory and
on a profound understanding of the Heisenberg’s
uncertainty principle. Quantum mechanics provides
an intrusion detection mechanism never thought
possible within the world of classical cryptography. QC
could well be the first application of quantum
1300
mechanics at the single quanta level. Experiments have
demonstrated that keys can be exchanged over distances of a
few tens of kilometers at rates at least of
the order of a thousand bits per second.
Using QC, the security of cryptography does not
depend any more on the computing resources of
the adversary, nor does it depend on mathematical progress.
Quantum cryptography allows exchanging encryption keys,
whose secrecy is future-proof and guaranteed by the laws of
quantum physics. Its combination with conventional secret-
key cryptographic algorithms allows raising the confidentiality
of data transmissions to an unprecedented level.
REFERENCES
[1] N. Gisin, G. Ribordy, W. Tittel and H. Zbinden, “Quantum
Cryptography” ,Reviews of Modern Physics, vol. 74, January 2002, pp.
145-195.
[2] C. Elliott, D. Pearson and G. Troxel, “Quantum Cryptography in
Practice” , Preprint of SIGCOMM 2003 paper.
[3] I. V. Volovich and Y. I. Volovich, “On Classical and Quantum
Crytography” , unpublished.
[4] Vishnu Teja, Payel Banerjee, N.N.Sharma and R.K.Mittal, “ Quantum
Cryptrography: State-of-Art and Future Perspectives”, Proceedings of
the International Conference on Emerging Mechanical Technology-
Macro to Nano , Febuary 2007, pp. 355-361
[5] M. Boyer, “Security of Quantum Key Distribution the BB84
protocol”, unpublished.
[6] P. W. Shor and J. Preskill, “Simple Proof of Security of the BB84
Quantum Key Distribution Protocol”, Phys. Rev.Lett. 85, 2000, pp. 441-
444.
[7] A. Poppe , A. Fedrizzi, H. H¨ubel, R. Ursin and A. Zeilinger, “Entangled
State Quantum Key Distribution and Teleportation”, unpublished.
[8] C. Paquin, “Quantum Cryptography: a new hope” , unpublished.
[9] R. Rivest, A. Shamir and L. Adleman, “A method for obtaining digital
signatures and public-key cryptosystems” ,Communications of the ACM,
vol. 21, 1978, pp. 120-126.
[10] S. Devitt, A. G. Fowler, C. L. Lloyd and Hollenberg, “Robustness of
Shor ’s Algorithm” ,Quant. Inf. Comp.,vol. 6, 2006, pp. 616-629.
[11] G. R. Blakley, “One Time Pads Are Key Safeguarding Schemes, Not
Cryptosystems Fast Key Safeguarding Schemes (Threshold Schemes)
Exist.” , Proceedings of the 1980 IEEE Symposium on Security and
Privacy, 1980, pp. 108-113.
[12] S. J. Lomonaco, “A Quick Glance at Quantum Cryptography” , To
appear at Cryptologia.
[13] J. Preskill, “Quantum Information and Computation” , Lecture Notes
for Physics 219, California Institute of Technology.
[14] M. A. Galindo, Martin-Delgado, “Information and Computation:
Classical and Quantum Aspects” , Reviews of Modern Physics, vol. 74
(2002), pp. 347-423.
[15] R. Renner, “Security of Quantum Key Distribution” , unpublished.
[16] C. H. Bennett, G. Brassard, C. Crepeau and U. M. Maurer, “Generalized
privacy amplification” ,Proceedings IEEE International Symposium on
Information Theory, vol. 41, Nov. 1995, pp. 1915—1923.
[17] R. Kuhn, “A Hybrid Authentication Protocol Using Quantum
Entanglement and Symmetric Cryptography” , unpublished
[18] Grégoire Ribordy1, “Practical Quantum Key Distribution Systems
Based on Faint Laser Pulses” , LEOS Summer Topical Meetings, 2006
Digest, pp.28-29.
[19] S. Takeuchi, R. Okamoto and K. Sasaki, “A single photon source
using parametric down conversion PDC”, Quantum Electronics
Conference,European Volume , Issue , 22-27 June 2003, pp. 320 .
[20] Yoshihisa Yamamoto, “Single Photons for Quantum Information
Systems”, AAPPS Bulletin ,Vol. 14, No. 5.
 [21] Christelle Monat, Blandine Alloing, Carl Zinoni, Lianhe H. Li and hiding” , IEEE Transactions on Information Theory 48 (3), pp. 580-599.
Andrea Fiore, “Nanostructured Current-Confined Single Quantum Dot [25] P. Hayden, D. Leung, P. W. Shor and A. Winter, “Randomizing quantum
Light-Emitting Diode at 1300 nm”, Nano letters, 2006, vol.6 no.7, pp. states: Constructions and applications,” Commun. Math. Phys.
1464-1467. 250(2):pp. 371-391, 2004.
[22] G. Brassard, C. Crepeau, R. Jozsa and D. Langlois, “A quantum bit
[26] H. Barnum, C. Cr ´epeau, D. Gottesman, A. Smith and A. Tapp,
commitment scheme provably unbreakable by both parties” ,
“Authentication of quantum messages” , Proceedings of the 43rd
Proceedings of the 34th Annual IEEE Symposium on Foundations of
Annual IEEE Symposium on the Foundations of Computer Science
Computer Science, November 1993, pp. 362 - 371.
(FOCS ’02), (IEEE Press, New York,2002), pp. 449-458.
[23] H. Buhrman, R. Cleve, J. Watrous and R. D. Wolf, “Quantum
[27] D. Gottesman, “Uncloneable encryption”, Quantum Information and
fingerprinting” , Physical Review Letters 87, 167902 (2001).
Computing 3(6), pp. 581-602 (2003).
[24] D. P. Di Vincenzo, D. W. Leung, and Terhal, 2002, “Quantum data

1301

View publication stats