SYSTEM AND METHOD FOR PROTECTING CONVENTIONAL QUANTUM KEY DISTRIBUTION PROTOCOLS

Abstract

A system with methods to enhance key strength for a quantum shared key which is derived by a conventional quantum key distribution protocol and the system provides a single optical communication channel with security protection mechanism for key distribution without relying on an authenticated public classical channel. The system is implemented with technology in combination of key-strength enhancement, re-encoding operation, density-matrix verification, and grating control for a single optical communication channel where the system can be integrated with a conventional Quantum-Key-Distribution protocol such as BB84 or B92, but excluding GHz-clocked QKD system. Thereby, the system can help a known QKD system to overcome current drawbacks of an apparatus implemented over a conventional QKD protocol so as to derive an enhanced quantum shared key.

Claims

1. A system for protecting conventional Quantum-Key-Distribution protocols, the system comprising: a) a single optical communication channel collaborating with Bragg gratings, for transceiving photons with prepared polarization states, and supporting basis measurement for a conventional Quantum-Key-Distribution protocol; b) an encoding generator, for re-encoding q-bits which will be transmitted according to the conventional Quantum-Key-Distribution protocol, so as to generate corresponding re-encoded q-bits; wherein the re-encoded q-bits will be transmitted through the single optical communication channel; c) a density-matrix generator for deriving a density operator according to a density matrix generated from the re-encoded q-bits; thereby a receiver side will be able to determine whether there is any transmission loss according to the received density operator via leveraging an operation of measurement on the received q-bits through the single optical communication channel; and d) an error correction module for performing an operation of information reconciliation with a cascade protocol on the received q-bits, so as to correct the wrong q-bits of the received q-bits; thereby the receiver side will perform a decoding operation on the corrected q-bits based on an available encoding configuration, so as to retrieve a quantum shared key derived within an enhanced protection system.

2. The system for protecting conventional Quantum-Key-Distribution protocols according to claim 1, in order to verify whether there is any transmission loss with the received q-bits, wherein the operation of the density matrix performed by the receiver side through the single optical communication channel comprises: a) adopting a measurement operator to measure the received density matrix; b) deriving a density operator on the receiver side according to a measured density matrix derived via the measurement operator; c) deriving sum of the probability of each measured quantum state based on the derived density operator; and d) once the sum of the probability of each measured quantum state is equal to or larger than 1, meanwhile each element of the measured density matrix is non-negative, determining that there is no transmission loss with the received q-bits.

3. The system for protecting conventional Quantum-Key-Distribution protocols according to claim 1, in order to retrieve a quantum shared key, the decoding operation performed by the receiver side further comprises: a) measuring and analyzing on the received polarization states for determining whether there is any phase variation with the received polarization states; b) once determining that there is a phase variation with the received polarization states, restoring corresponding phasing status for the received q-bits; and c) performing communication of a Quantum-Key-Distribution protocol on the received q-bits between a transmitter side and the receiver side to determine bases and matched q-bits for use in a quantum shared key.

4. A method for protecting conventional Quantum-Key-Distribution protocols, the method comprising: a) only adopting a single optical communication channel to support transmission for a conventional Quantum-Key-Distribution protocol; b) a transmitter side and a receiver side adopting at least three bases coupled to a conventional Quantum-Key-Distribution protocol for use, so that the transmitter side will be able to prepare at least six kinds of polarization states; c) configuring a security length L.sub.s of a quantum key; once the length of an original quantum key K.sub.1 being smaller than L.sub.s wherein K.sub.1 is derived according to a conventional Quantum-Key-Distribution protocol, deriving an extended quantum key K.sub.2 via performing duplicated operations on the original quantum key K.sub.1 wherein the length of K.sub.2 is L.sub.K2 which shall be equal to or larger than L.sub.s, so as to generate the extended quantum key K.sub.2 based on the derived K.sub.1 and the configured L.sub.s; otherwise letting the extended quantum key K.sub.2 be the same as the original quantum key K.sub.1; and d) letting the extended quantum key K.sub.2 as an updated quantum shared key for distribution, and conducting a scramble mechanism into the extended quantum key K.sub.2 so as to derive an enhanced quantum key K.sub.3 embedded with the extended quantum key K.sub.2; wherein the enhanced quantum key K.sub.3 is for key transmission through the single optical communication channel.

5. The method for protecting conventional Quantum-Key-Distribution protocols according to claim 4, in order to configure a security length L.sub.s, the method further comprising the following means: a) setting a first length L.sub.s1 based on the block size of a data which will be encrypted by a quantum shared key; b) setting a second length L.sub.s2 based on the L.sub.s1 adding a padding size; wherein the L.sub.s2 shall be an integral multiple of the optical wave length for data transmission through the single optical communication channel; c) L.sub.s1 and L.sub.s2 shall be reset for each data which is to be encrypted for transmission; d) if the data size is less than the length L.sub.K1 of the original quantum key K.sub.1, add a padding message to the data to be transmitted, such that makes the data size at least equal to L.sub.K1; and e) setting the final L.sub.s2 as a feasible L.sub.s.

6. The method for protecting conventional Quantum-Key-Distribution protocols according to claim 4, in order to enhance key strength of a quantum shared key, after deriving K.sub.1 and setting up L.sub.s, the method requiring the following restricted terms for deriving the enhanced quantum key K.sub.3 embedded with the extended quantum key K.sub.2: a) letting the length of K.sub.3 be L.sub.K3 which shall be larger than L.sub.K2 for assuring that K.sub.3 is embedded with K.sub.2 and L.sub.K2 is not equal to L.sub.K3; and b) letting the total length of conducted scramble be L.sub.scr, and assuring that all of L.sub.scr, L.sub.K2, and L.sub.K3 shall be an integral multiple of L.sub.s.

7. The method for protecting conventional Quantum-Key-Distribution protocols according to claim 4, in order to enhance security strength in transmission, the method providing the following available encoding means through the single optical communication channel: a) re-encoding the q-bits for transmission with an expression of a Bloch-ball coordinate system; b) re-encoding the q-bits for transmission with an expression of probability amplitude; c) re-encoding the q-bits for transmission with an expression of density matrix; and d) re-encoding the q-bits for transmission via mapping polarization angles onto a time coordinate system formed with clock scales.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0015] FIG. 1 is a structural block diagram of a system for protecting conventional QKD protocols according to a user scenario regarding the present disclosure integrated with a conventional QKD system excluding any authenticated public classical channel.

[0016] FIG. 2A is a dataflow diagram showing how the system of the present disclosure implements the main security enhanced method to achieve the object of protecting a conventional QKD system.

[0017] FIG. 2B is a dataflow diagram showing how the system of the present disclosure implements the main security enhanced method to achieve the object of protecting a conventional QKD system.

[0018] FIG. 2C is a dataflow diagram showing how the system of the present disclosure implements the main security enhanced method to achieve the object of protecting a conventional QKD system.

[0019] FIG. 3A is a dataflow diagram showing how the system of the present disclosure configures a security length to derive an enhanced quantum key related to FIG. 1.

[0020] FIG. 3B is a dataflow diagram showing how the system of the present disclosure configures a security length to derive an enhanced quantum key related to FIG. 1.

DETAILED DESCRIPTION OF THE INVENTION

[0021] To facilitate understanding of the objects, characteristics, dataflow and effects of this present disclosure, embodiments together with the attached drawings for the detailed description of the present disclosure are provided.

[0022] A plurality of embodiments in regard to a system and methods for protecting conventional Quantum-Key-Distribution protocols are provided as follows. In some embodiments, this disclosure is implemented as a system with technology in the combination of key-strength enhancement, re-encoding operation, density-matrix verification, and grating control for a single optical communication channel where the system can be integrated with a conventional Quantum-Key-Distribution protocol such as BB84 or B92, but excluding GHz-clocked Quantum-Key-Distribution system. Thereby, through a single optical communication channel with a protection mechanism for key distribution, a quantum shared key derived by a conventional Quantum-Key-Distribution (hereafter, QKD) protocol can couple to the system, so as to generate an enhanced quantum shared key for overcoming the drawbacks of a conventional QKD protocol.

[0023] In some embodiments, this technology provides a mechanism with security enhanced method for integration with a known QKD system. Wherein the security enhanced method comprises the following means: a) only adopting a single optical communication channel to support transmission for a conventional Quantum-Key-Distribution protocol (such as BB84 or B92, but excluding GHz-clocked QKD systems); b) a transmitter side and a receiver side shall adopt at least three bases with binary bit-states coupled to a conventional Quantum-Key-Distribution protocol for use, so that the transmitter side will be able to prepare at least six kinds of polarization states; c) configuring a security length L.sub.s of a quantum key; once the length L.sub.K1 of an original quantum key K.sub.1 being smaller than L.sub.s wherein K.sub.1 is derived according to a conventional Quantum-Key-Distribution protocol, deriving an extended quantum key K.sub.2 via performing duplicated operations on the original quantum key K.sub.1 wherein the length of K.sub.2 is L.sub.K2 which shall be equal to or larger than L.sub.s, so as to generate the extended quantum key K.sub.2 based on the derived K.sub.1 and the configured L.sub.s; otherwise letting the extended quantum key K.sub.2 be the same as the original quantum key K.sub.1; and d) letting the extended quantum key K.sub.2 as a quantum shared key for distribution and conducting a scramble mechanism into the extended quantum key K.sub.2 so as to derive an enhanced quantum key K.sub.3 embedded with the extended quantum key K.sub.2; wherein the enhanced quantum key K.sub.3 is for key transmission through the single optical communication channel. Thus, that will achieve the effect of deriving an enhanced quantum shared key according to a conventional QKD protocol with superior protection.

[0024] Refer to FIG. 1, which is a structural block diagram of a system for protecting conventional QKD protocols according to an embodiment of the present disclosure. In an embodiment, in order to implement the above-mentioned security enhanced method so as to be integrated with a known conventional QKD system (for example, a BB84 system), the system S1000 of the present disclosure comprises a single optical communication channel D101 collaborating with Bragg gratings D102, an encoding generator D103, a density-matrix generator D104, and an error correction module M101. Wherein, the single optical communication channel D101 and Bragg gratings D102 form a single transmission path for QKD communications, and that means a known QKD system such as a BB84 system that integrates the present disclosure will no longer rely on an authenticated public classical channel. Besides, the encoding generator D103 and the density-matrix generator D104 are able to be integrated on the transmitter side S1001 of the QKD system, and the error correction module M101 is able to be integrated on the receiver side S1002 of the same QKD system.

[0025] Still refer to FIG. 1 and also refer to FIG. 2A, FIG. 2B, and FIG. 2C, which are dataflow diagrams showing how the system S1000 of the present disclosure implements the main security enhanced method to achieve the object of protecting a known QKD system. The dataflow of a preferred user case includes the following stages: 1) first, as shown at block p001, the system S1000 makes a transmitter side S1001 and a receiver side S1002 adopt at least three bases with binary bit-states coupled to a conventional Quantum-Key-Distribution protocol (such as BB84) for use, so that the transmitter side S1001 will be able to prepare at least six kinds of polarization states; for example, adopting a polarization angle of π/3, π/4, and π/6 as available bases such that π/3 stands for binary 0, 5π/6 stands for binary 1, π/6 stands for binary 0, 2π/3 stands for binary 1, π/4 stands for binary 0, and 3π/4 stands for binary 1; 2) thereafter, as shown at block p002, the system S1000 sets up a single optical communication channel D101 collaborating with Bragg gratings D102, for transceiving photons with prepared polarization states, and supporting basis measurement for a conventional Quantum-Key-Distribution protocol (BB84 in an embodiment); wherein the Bragg gratings D102 are controlled by the system S1000 to perform an operation of phasing variations; in an embodiment, the operation of phasing variations is performed with π/4 scales (for example, let phasing θ as π/4, π/2, or 3π/4) so as to provide a signal protection mechanism for optical communications; thereby, via the operation of combining phasing variations provided by the signal protection mechanism, it will be able to gain or shield optical signals without reducing power output of optical sources and can deal with eavesdropping or interference issues as well; 3) thereafter, as shown at block p003, a security length L.sub.s of a quantum key is configured on the transmitter side S1001; once the length L.sub.K1 of an original quantum key K.sub.1 being smaller than L.sub.s wherein K.sub.1 is derived according to a conventional Quantum-Key-Distribution protocol (BB84 in an embodiment), deriving an extended quantum key K.sub.2 via performing duplicated operations on the original quantum key K.sub.1 wherein the length of K.sub.2 is L.sub.K2 which shall be equal to or larger than L.sub.s, so as to generate the extended quantum key K.sub.2 based on the derived K.sub.1 and the configured L.sub.s (when L.sub.K1<L.sub.s.fwdarw.L.sub.K2=n.Math.L.sub.K1 where n∈.sup.+, and L.sub.K2≥L.sub.s); otherwise letting the extended quantum key K.sub.2 be the same as the original quantum key K.sub.1 (if L.sub.K1≥L.sub.s.fwdarw.K.sub.2=K.sub.1);

[0026] 4) thereafter, as shown at block p004, the transmitter side S1001 sets the extended quantum key K.sub.2 as an updated quantum shared key for distribution, and conducts a scramble mechanism into the extended quantum shared key K.sub.2 so as to derive an enhanced quantum key K.sub.3 embedded with the extended quantum shared key K.sub.2; wherein the enhanced quantum key K.sub.3 comprises the q-bits for key transmission through the single optical communication channel D101; 5) thereafter, as shown at block p005, the transmitter side S1001 calls an encoding generator D103, for re-encoding messages (such as q-bits or communication information) which will be transmitted according to the conventional Quantum-Key-Distribution protocol (BB84 in an embodiment), so as to generate corresponding re-encoded q-bits or communication information; wherein the re-encoded messages will be transmitted through the single optical communication channel D101. In some embodiments, in addition to re-encoding the q-bits of K.sub.3, the encoding generator D103 can also be called for re-encoding other quantum information for communication of a known QKD protocol (like BB84) before deriving K.sub.3; for example, for some processes, a conventional QKD protocol may require an authenticated public classical channel to perform communications between the transmitter side S1001 and the receiver side S1002 to check where the matched bits are, but the system of the present disclosure can provide various available encodings for the single optical communication channel D101 to replace the use of a public classical channel. In some embodiments, the encoding generator D103 can be implemented with a stand-alone embedded system which can be triggered or driven by the transmitter side S1001;

[0027] 6) thereafter, as shown at block p006, the transmitter side S1001 calls a density-matrix generator D104 to derive a density operator according to a density matrix generated from the re-encoded q-bits; thereby the receiver side S1002 will be able to determine whether there is any transmission loss according to the received density operator via leveraging an operation of measurement on the received q-bits through the single optical communication channel D101. In some embodiments, the density-matrix generator D104 can be implemented with an embedded FPGA device which can be triggered or driven by the transmitter side S1001; 7) moreover, as shown at block p007, the receiver side S1002 will request an error correction module M101 to perform an operation of information reconciliation with a cascade protocol on the received q-bits, so as to correct the wrong q-bits of the current received q-bits. In some embodiments, the error correction module M101 can be implemented with a virtual machine performed by multiple x86 structured processors, which can be accessed by the receiver side S1002; 8) further, as shown at block p008, the receiver side S1002 performs a decoding operation on the corrected q-bits based on an available encoding configuration, so as to retrieve a quantum shared key derived within an enhanced protection system. For more details, also refer to FIG. 3A and FIG. 3B which are dataflow diagrams showing how the transmitter side S1001 configures a security length L.sub.s with restricted terms to derive an enhanced quantum key K.sub.3 related to blocks p003˜p004 of FIG. 2A and FIG. 2B.

[0028] In an embodiment, there are the following means for configuring the above-mentioned security length L.sub.s: as shown at block p101 of FIG. 3A, a) setting a first length L.sub.s1 based on the block size L.sub.BLK of a data which will be encrypted by a quantum shared key; that means the system had better adopt a larger L.sub.s1 for a big-sized data since the block size L.sub.BLK shall be an integral multiple of the length L.sub.K1 of the original quantum key K.sub.1 (L.sub.BLK=n.Math.L.sub.K1 where n∈.sup.+); b) setting a second length L.sub.s2 based on the L.sub.s1 adding a padding size L.sub.PD; wherein the L.sub.s2 shall be an integral multiple of the optical wave length L.sub.W for data transmission through the single optical communication channel D101 (L.sub.S2=i.Math.L.sub.W where i∈.sup.+); wherein the padding size L.sub.PD is for filling a rest of the block size with changeable stuffs and the padding size L.sub.PD shall be smaller than the length L.sub.K1 of K.sub.1 (L.sub.PD<L.sub.K1, L.sub.S1+L.sub.PD=L.sub.BLK); as shown at block p102 of FIG. 3A, c) L.sub.s1 and L.sub.s2 shall be reset for each data which is to be encrypted for transmission; that means the system will set L.sub.s1 and L.sub.s2 again for a new data transmission; as shown at block p103 of FIG. 3A, d) if the data size is less than the length L.sub.K1 of the original quantum key K.sub.1, add a padding message to the data to be transmitted, such that makes the data size at least equal to L.sub.K1; and as shown at block p104 of FIG. 3A, e) setting the final L.sub.s2 as a feasible L.sub.s.

[0029] However, in some embodiments, in order to enhance key strength of a quantum shared key, after deriving K.sub.1 and setting up L.sub.s, the extended quantum key K.sub.2 is derived based on K.sub.1 and L.sub.s as shown at block p105 of FIG. 3B. Thereafter, as shown at blocks p106˜p107 of FIG. 3B, the transmitter side S1001 not only makes the extended quantum key K.sub.2 as an updated quantum shared key for distribution but also conducts a scramble mechanism into the extended quantum key K.sub.2 so as to derive an enhanced quantum key K.sub.3 embedded with the extended quantum key K.sub.2. Further, the transmitter side S1001 requires the following restricted terms for deriving the enhanced quantum key K.sub.3 embedded with the extended quantum key K.sub.2: a) letting the length of K.sub.3 be L.sub.K3 which shall be larger than L.sub.K2 for assuring that K.sub.3 is embedded with K.sub.2 and L.sub.K2 is not equal to L.sub.K3 (L.sub.K3>L.sub.K2); and b) letting the total length of conducted scramble be L.sub.scr, and assuring that all of L.sub.scr, L.sub.K2, and L.sub.K3 shall be an integral multiple of L.sub.s. (L.sub.scr=p.Math.L.sub.s, L.sub.K3=q.Math.L.sub.s and L.sub.K2=r.Math.L.sub.s where p, q, r∈.sup.+). Finally, satisfying the above-mentioned restricted terms, the enhanced quantum key K.sub.3 is derived with key-strength enhancement for key transmission through the single optical communication channel D101.

[0030] Further, still referring to FIG. 1, in an embodiment, in order to enhance security strength in transmission, the transmitter side S1001 usually collaborates with the above-mentioned encoding generator D103 to provide the following available encoding means for setting the system encoding configurations: a) re-encoding the q-bits for transmission with an expression of a Bloch-ball coordinate system; for example, since the state of each q-bit can be expressed as

[00004]$.Math.\psi .Math.=\cos \frac{\theta }{2}.Math.0.Math.+e^{i\phi }\sin \frac{\theta }{2}.Math.1.Math.\theta \in \left[0,\pi \right],\phi \in \left[0,2,\pi \right]$

based on a Bloch-ball coordinate system, each q-bit can be encoded according to the parameter set [γ, θ, φ] wherein γ is the distance from the origin to the point (θ, φ); b) re-encoding the q-bits for transmission with an expression of probability amplitude; c) re-encoding the q-bits for transmission with an expression of density matrix; for example, treating a series of q-bits as a mixed state, so as to derive the density operator

[00005]$\rho =\underset{i}{.Math.}{w}_i.Math.{\psi }_i.Math..Math.{\psi }_i.Math.,$

wherein ψ.sub.i is expressed for available bases and ω.sub.i is expressed for corresponding probability, thus the corresponding density matrix will be Q wherein each element Q.sub.ij of the density matrix Q shall be

[00006]$\underset{k}{.Math.}{w}_k.Math.b_i|{\psi }_i.Math..Math.{\psi }_k|b_j.Math.$

such that a series of q-bits can be encoded according to the parameter pair [ω, ψ]; and d) re-encoding the q-bits for transmission via mapping polarization angles onto a time coordinate system formed with clock scales; for example, a q-bit with state of polarization angle π/3 can be encoded according to the numerical pair [02,00] while a q-bit with state of polarization angle 3π/4 can be encoded according to the numerical pair [04,30].

[0031] Moreover, in an embodiment, the above-mentioned operation of the density matrix will be performed by the receiver side S1002 through the single optical communication channel D101 and such operation comprises: a) adopting a measurement operator M to measure the received density matrix; wherein, for m.sub.th element of the received density matrix, the measured result is M.sub.m, and the corresponding probability of the measured result is

[00007]$p\left(m\right)=.Math.\psi .Math.M_m^{†}{M}_m.Math.\psi .Math.;$

b) deriving a density operator on the receiver side according to a measured density matrix derived via the measurement operator; in other words, since the receiver side S1002 can collect the measured probabilities through each p(m) derived from the measurement operator M, the collected probabilities can be converted to a density operator

[00008]$\rho =\underset{i}{.Math.}{w}_i.Math.{\psi }_i.Math..Math.{\psi }_i.Math.$

wherein ω.sub.i is the probability of |ψ.sub.i; c) deriving Σ.sub.iω.sub.i which is the sum of the probability of each measured quantum state based on the derived density operator ρ; and d) once the sum of the probability of each measured quantum state is equal to or larger than 1, meanwhile each element of the measured density matrix is non-negative, determining that there is no transmission loss with the received q-bits.

[0032] Moreover, in the same embodiment, in order to retrieve the quantum shared key such as the above-mentioned K.sub.1, K.sub.3 or hand-shaking information within q-bits, the above-mentioned decoding operation performed by the receiver side S1002 further comprises the following subroutines: a) measuring and analyzing on the received polarization states for determining whether there is any phase variation with the received polarization states; b) once determining that there is a phase variation with the received polarization states, restoring corresponding phasing status for the received q-bits; and c) performing corresponding communication of a Quantum-Key-Distribution protocol (BB84 in the embodiment) on the received q-bits between the transmitter side and the receiver side to determine bases and matched q-bits for use in a quantum shared key.

[0033] While the present disclosure has been described by means of specific embodiments, numerous modifications and variations could be made thereto by those skilled in the art without departing from the scope and spirit of the present disclosure set forth in the claims.