Abstract
Key establishment is a crucial primitive for building secure channels in a multi-party setting. Without quantum mechanics, key establishment can only be done under the assumption that some computational problem is hard. Since digital communication can be easily eavesdropped and recorded, it is important to consider the secrecy of information anticipating future algorithmic and computational discoveries which could break the secrecy of past keys, violating the secrecy of the confidential channel.
Quantum key distribution (QKD) can be used generate secret keys that are secure against any future algorithmic or computational improvements. QKD protocols still require authentication of classical communication, although existing security proofs of QKD typically assume idealized authentication. It is generally considered folklore that QKD when used with computationally secure authentication is still secure against an unbounded adversary, provided the adversary did not break the authentication during the run of the protocol.
We describe a security model for quantum key distribution extending classical authenticated key exchange (AKE) security models. Using our model, we characterize the long-term security of the BB84 QKD protocol with computationally secure authentication against an eventually unbounded adversary. By basing our model on traditional AKE models, we can more readily compare the relative merits of various forms of QKD and existing classical AKE protocols. This comparison illustrates in which types of adversarial environments different quantum and classical key agreement protocols can be secure.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
LaMacchia, B., Lauter, K., Mityagin, A.: Stronger security of authenticated key exchange. In: Susilo, W., Liu, J.K., Mu, Y. (eds.) ProvSec 2007. LNCS, vol. 4784, pp. 1–16. Springer, Heidelberg (2007)
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols (extended abstract). In: Proc. 42nd Annual IEEE Symposium on Foundations of Computer Science (FOCS), pp. 136–145. IEEE Press (2001)
Bennett, C.H., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: Proc. IEEE International Conf. on Computers, Systems and Signal Processing, pp. 175–179. IEEE (December 1984)
Ekert, A.K.: Quantum cryptography based on Bell’s theorem. Physical Review Letters 67, 661–663 (1991)
Biham, E., Huttner, B., Mor, T.: Quantum cryptographic network based on quantum memories. Physical Review A 54(4), 2651–2658 (1996)
Mayers, D.: Quantum key distribution and string oblivious transfer in noisy channels. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 343–357. Springer, Heidelberg (1996)
Lo, H.K., Chau, H.F.: Unconditional security of quantum key distribution over arbitrarily long distances. Science 283(5410), 2050–2056 (1999)
Biham, E., Boyer, M., Boykin, P.O., Mor, T., Roychowdhury, V.: A proof of the security of quantum key distribution (extended abstract). In: Proc. 32nd Annual ACM Symposium on the Theory of Computing (STOC), pp. 715–724. ACM Press (2000)
Shor, P., Preskill, J.: Simple proof of security of the BB84 quantum key distribution protocol. Physical Review Letters 85(2), 441–444 (2000)
Inamori, H.: Security of practical time-reversed EPR quantum key distribution. Algorithmica 34(4), 340–365 (2002)
Gottesman, D., Lo, H.K., Lütkenhaus, N., Preskill, J.: Security of quantum key distribution with imperfect devices. Quantum Information and Computation 4(5), 325–360 (2004)
Renner, R.: Security of Quantum Key Distribution. PhD thesis, Swiss Federal Institute of Technology Zürich (2005)
Paterson, K.G., Piper, F., Schack, R.: Quantum cryptography: A practical information security perspective. In: Zukowski, M., Kilin, S., Kowalik, J. (eds.) Proc. NATO Advanced Research Workshop on Quantum Communication and Security. NATO Science for Peace and Security Series, Sub-Series D: Information and Communication Security, vol. 11. IOS Press (2007), http://arxiv.org/abs/quant-ph/0406147
Alléaume, R., Bouda, J., Branciard, C., Debuisschert, T., Dianati, M., Gisin, N., Godfrey, M., Grangier, P., Länger, T., Leverrier, A., Lütkenhaus, N., Painchault, P., Peev, M., Poppe, A., Pornin, T., Rarity, J., Renner, R., Ribordy, G., Riguidel, M., Salvail, L., Shields, A., Weinfurter, H., Zeilinger, A.: SECOQC white paper on quantum key distribution and cryptography (January 2007), http://www.arxiv.org/abs/quant-ph/0701168
Stebila, D., Mosca, M., Lütkenhaus, N.: The case for quantum key distribution. In: Sergienko, A., Pascazio, S., Villoresi, P. (eds.) QuantumComm 2009. LNICST, vol. 36, pp. 283–296. Springer, Heidelberg (2010)
Ioannou, L.M., Mosca, M.: A new spin on quantum cryptography: Avoiding trapdoors and embracing public keys. In: Yang, B.-Y. (ed.) PQCrypto 2011. LNCS, vol. 7071, pp. 255–274. Springer, Heidelberg (2011)
Unruh, D.: Everlasting quantum security. Cryptology ePrint Archive, Report 2012/177 (2012), http://eprint.iacr.org/
Goldberg, I., Stebila, D., Ustaoglu, B.: Anonymity and one-way authentication in key exchange protocols. Designs, Codes and Cryptography 67(2), 245–269 (2013)
Cachin, C., Maurer, U.: Unconditional security against memory-bounded adversaries. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1297, pp. 292–306. Springer, Heidelberg (1997)
Müller-Quade, J., Unruh, D.: Long-term security and universal composability. Journal of Cryptology 23(4), 594–671 (2010)
Ustaoglu, B.: Comparing SessionStateReveal and EphemeralKeyReveal for Diffie-Hellman protocols. In: Pieprzyk, J., Zhang, F. (eds.) ProvSec 2009. LNCS, vol. 5848, pp. 183–197. Springer, Heidelberg (2009)
Carter, J.L., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences 18(2), 143–154 (1979)
Wegman, M.N., Carter, J.L.: New hash functions and their use in authentication and set equality. Journal of Computer and System Sciences 22(3), 265–279 (1981)
Ben-Or, M., Horodecki, M., Leung, D.W., Mayers, D., Oppenheim, J.: The universal composable security of quantum key distribution. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 386–406. Springer, Heidelberg (2005)
Ben-Or, M., Mayers, D.: General security definition and composability for quantum & classical protocols (2004); arXiv:quant-ph/0409062.
Fehr, S., Schaffner, C.: Composing quantum protocols in a classical environment. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 350–367. Springer, Heidelberg (2009)
Unruh, D.: Simulatable security for quantum protocols arXiv:quant-ph/0409125. Extended abstract published as [31]
Unruh, D.: Universally composable quantum multi-party computation (full version) (October 2009); arXiv:0910.2912. Short version published as [31]
Unruh, D.: Universally composable quantum multi-party computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 486–505. Springer, Heidelberg (2010)
Aharonov, D., Ben-Or, M., Eban, E.: Interactive proofs for quantum computations. In: Yao, A.C.C. (ed.) Proc. Innovations in Computer Science (ICS 2010), pp. 453–469 (October 2010)
Cremers, C.: Examining indistinguishability-based security models for key exchange protocols: the case of CK, CK-HMQV, and eCK. In: Proc. 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), pp. 80–91. ACM (2011)
Mosca, M., Stebila, D., Ustaoğlu, B.: Quantum key distribution in the classical authenticated key exchange framework. Cryptology ePrint Archive, Report 2012/361 (2012), http://eprint.iacr.org/2012/361 , http://arxiv.iacr.org/2012/361
Boyd, C., Mathuria, A.: Protocols for Authentication and Key Establishment. Springer (2003)
Christandl, M., Renner, R., Ekert, A.: A generic security proof for quantum key distribution (February 2004), http://arxiv.org/abs/quant-ph/0402131v2
Shoup, V.: Sequences of games: A tool for taming complexity in security proofs, http://www.shoup.net/papers/games.pdf (2006) (first version appeared in 2004)
Law, L., Menezes, A., Qu, M., Solinas, J., Vanstone, S.A.: An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography 28(2), 119–134 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mosca, M., Stebila, D., Ustaoğlu, B. (2013). Quantum Key Distribution in the Classical Authenticated Key Exchange Framework. In: Gaborit, P. (eds) Post-Quantum Cryptography. PQCrypto 2013. Lecture Notes in Computer Science, vol 7932. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38616-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-38616-9_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38615-2
Online ISBN: 978-3-642-38616-9
eBook Packages: Computer ScienceComputer Science (R0)