Abstract
In our previous work, it was demonstrated that the attacker could not pin-down the correct keys to start the Y00 protocol with a probability of one under the assistance of unlimitedly long known-plaintext attacks and optimal quantum measurements on the attacker’s quantum memory. However, there were several assumptions that the Y00 system utilized linear-feedback shift registers as pseudo-random-number generators, and a fast correlation attack was disabled by irregular mapping on the Y00 systems. This study generalizes such an attack to remove the assumptions of the previous work. The framework of the security analyses of this study reiterates two well-known results from the past: (1) Y00 systems would be cryptanalyzed when the system is not designed well; (2) the system is possibly information-theoretically secure when the system is designed well, although the attacker’s confidence in the correct key increases over time but the success probability of key recovery does not reach unity in finite time; (3) the breach probability of the shared keys increases with time. Hence, a key-refreshment procedure for the Y00 protocol is provided herein. Such security analyses are important not only in key refreshment but also in initial key agreement.
Highlights
INTRODUCTIONSince the first concept of quantum key distribution (QKD) was invented [1], [2], whether informationtheoretically secure (ITS) communication is realizable using the laws of quantum physics is a topic that has garnered immense attention
Since the first concept of quantum key distribution (QKD) was invented [1], [2], whether informationtheoretically secure (ITS) communication is realizable using the laws of quantum physics is a topic that has garnered immense attention.Around the year 2000, the Y00 protocol was proposed by Yuen [3]–[6] for compatibility to existing high-speed and long-distance optical communication infrastructure [3]–[15]
In our previous work [19], it was shown that the attacker “Eve” could not guess the correct secret keys shared by legitimate users “Alice” and “Bob” with a probability of one even under an unlimitedly long known-plaintext attack (KPA) with the assistance of quantum memory to utilize the quantum and classical multiple-hypotheses testing theory [20]–[22]
Summary
Since the first concept of quantum key distribution (QKD) was invented [1], [2], whether informationtheoretically secure (ITS) communication is realizable using the laws of quantum physics is a topic that has garnered immense attention. In our previous work [19], it was shown that the attacker “Eve” could not guess the correct secret keys shared by legitimate users “Alice” and “Bob” with a probability of one even under an unlimitedly long known-plaintext attack (KPA) with the assistance of quantum memory to utilize the quantum and classical multiple-hypotheses testing theory [20]–[22]. The purpose of this study is to show that well-designed Y00 systems are immune to the quantum generalization of FCA with the assistance of the unlimitedly long KPA and quantum memories that Eve possesses without any computational assumptions. The analyses in this study demonstrate two results: the main claim of the FCA was recovered against a certain class of Y00 systems not well-designed, while the others would be ITS under the unlimitedly long KPA with the generalized framework of FCA.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
