Cryptosystems based on quantum key distribution

Abstract

In this section, I wish to put quantum key distribution (QKD) in the wider context of a cryptosystem. I shall discuss informally some aspects that are considered important. The questions I wish to answer here are: “What are the ingredients needed to make a QKD-based cryptosystem work? What services does it bring? What are its limitations?” As I shall detail below, QKD may be used to provide the users with confidential communications. This can be achieved when we combine QKD and the one-time pad. For the quantum modulation, QKD needs a source of truly random numbers. Also, QKD requires a classical authenticated channel to work, so authentication plays an essential role. As a consequence, QKD must start with a secret key, making it a secret-key encryption scheme. I will also discuss what happens if classical cryptography is introduced in the system. Finally, I will describe the implementation of a simple cryptosystem on top of QKD. A key distribution scheme The first function of QKD is to distribute a secret key between two parties. The use of this key is outside the scope of this first section – the need for a secret key is omnipresent in cryptography. As depicted in Fig. 5.1, QKD relies on a classical authenticated channel for sifting and secret-key distillation and on random bits for the modulation of quantum states. The key produced by QKD can be intended for encryption purposes – this will be discussed in Section 5.2 – but is also required by authentication. A part of the distributed key is used for authentication. When QKD is run for the first time, however, an initial secret key must be used instead.