Optimization and Implementation of Efficient and Universal Quantum Key Distribution

Huang, Da-jun; Zhong, Wen-zhe; Zhong, Jin; Jiang, Dong; Wu, Hao

doi:https://doi.org/10.1155/2020/3418780

Journal of Electrical and Computer Engineering

On this page

Abstract Introduction Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Research Article | Open Access

Volume 2020 | Article ID 3418780 | https://doi.org/10.1155/2020/3418780

Optimization and Implementation of Efficient and Universal Quantum Key Distribution

Da-jun Huang,¹Wen-zhe Zhong,²Jin Zhong,^1,3Dong Jiang ,⁴and Hao Wu¹

Academic Editor: Jit S. Mandeep

Received14 Jan 2020

Accepted28 Apr 2020

Published25 May 2020

Abstract

Since quantum key distribution (QKD) can provide proven unconditional security guaranteed by the fundamental laws of quantum mechanics, it has attracted increasing attention over the past three decades. Its low bit rate, however, cannot meet the requirements of modern applications. To solve this problem, recently, an efficient and universal QKD protocol based on chaotic cryptography and middleware technology was proposed, which efficiently increases the bit rate of the underlying QKD system. Nevertheless, we find that this protocol does not take the bit errors into account, and one error bit may lead to the failure of the protocol. In this paper, we give an optimized protocol and deploy it on a BB84 QKD platform. The experimental results show that the optimized version provides resistance to bit errors compared with the original version. And the statistical properties of the generated bits are fully assessed using different methods. The evaluation results prove that the proposed protocol can generate bits with outstanding properties.

1. Introduction

Quantum key distribution (QKD), invented by Bennett and Brassard in 1984 [1], is a technology for sharing keys between two legitimate users, Alice and Bob. Since the quantum mechanics laws guarantee that the keys are perfectly secret from the eavesdropper, Eve [2], it has attracted widespread attention, and many advanced works have been proposed over recent years [3, 4]. Especially, the successful launch of the Micius quantum satellite [5] proves the arrival of the global quantum communication era. Despite these developments, the bit rates of existing QKD systems cannot meet the requirements of high-speed applications [6]. Many research communities are dedicated to solve this problem, and some advanced protocols have been proposed in recent years [7, 8]. However, these protocols are neither efficient enough to fit the modern applications nor compatible with different QKD protocols or optical platforms.

To solve these problems, recently, Jiang et al. proposed an efficient and universal quantum key distribution (EUQKD) protocol [9] based on chaotic cryptography and middleware techniques. It uses a chaotic pseudorandom bit generator (PRBG) as a middleware, directly deploying on a QKD platform. The middleware initially takes the bits generated by the platform as input, periodically updates the chaotic systems, and efficiently generates the bit strings. By employing PRBG, EUQKD improves the bit rate of the underlying QKD system, resulting in higher efficiency. And by using the middleware technologies, it divides the cryptosystem to different layers and isolates the details of QKD platform from the users, leading to better compatibility. And EUQKD can be easily realized by software or hardware.

However, we find that EUQKD does not consider the bit errors. Due to the impact of channel noise or Eve’s attacks, errors are common in the generated bits. If Alice and Bob use a set of bits to update their input-sensitive middleware, even though there is only one error bit in these bits, the execution results will be completely different, resulting in the failure of the communication. To solve this problem, in this paper, we optimize EUQKD protocol and provide it with the ability to resist bit errors by checking part of the execution results. Then, we deploy a polarized state-based QKD platform and realize the optimized protocol. The experimental results present that compared with the original version, the proposed scheme achieves better performance in terms of error resistance. We also use different approaches to assess the statistical properties of the generated bits. The evaluation results show that the optimized protocol can efficiently output bits with outstanding properties.

This paper is organized as follows: we first give a brief review of EUQKD protocol, followed by analyzing the problem of the protocol, introducing the optimized scheme, and realizing it on a BB84 QKD platform. Then, the statistical properties of the generated bits are evaluated by different methods. Finally, a brief conclusion is given.

2. Review of EUQKD

As shown in Figure 1(a), EUQKD can be divided into three layers. The bottom layer is a QKD platform, the middle layer is a chaos-based PRBG, and the top layer is a software application which implements encrypting, decrypting, and communicating components to transmit messages between two legitimate users.

(a)

(b)

The core of EUQKD protocol is the middle layer; it contains two piecewise linear chaotic maps (PLCMs) defined as follows:where is referred to as the initial condition and is referred to as the control parameter. The bit strings can be generated by iterating the PLCM according to . As plotted in Figure 1(b), the middle layer runs as follows:(1)Alice randomly selects initial conditions , and control parameters , , encrypts them with QKD bits, and sends the ciphertext to Bob. Then, Alice and Bob initialize their PLCMs with the selected parameters.(2)Alice and Bob iterate their PLCMs to generate two sets of iteration results , ( are discarded for security), where is the upper bound of iterations. Then, they construct two integers with QKD bits, act XOR on mantissa parts of and to obtain a set of bits (Cbits). Alice and Bob repeat this step times, and then they jump to the next step.(3)Alice and Bob use QKD bits to construct four integers and select as and (if ) and select as and (if ) to update their PLCMs.(4)Alice and Bob repeat steps 2 and 3 until they generate enough Cbits for encrypting and decrypting the secret message.

The middle layer isolates the bottom layer to achieve compatibility; it can be easily realized by both software and hardware and can be rapidly deployed on any QKD platform. It also takes QKD bits as input and efficiently outputs Cbits, resulting in higher efficiency.

3. Optimization and Realization of EUQKD

3.1. Optimization of EUQKD

EUQKD significantly improves the efficiency of the physical layer; however, it does not consider bit errors. Generally, a QKD protocol consists quantum and classical parts [10]. In the former part, Alice and Bob generate a set of bits (raw key) by preparing and measuring photon states. Then, they broadcast their basis choices. For each bit of the generated raw key, if Alice’s basis is the same as Bob’s, it is stored as the sifted key; otherwise, it is discarded. Due to the channel noise and Eve’s attacks, there may exist some errors in the sifted key, and part of the information of the sifted key may be leaked. Thus, Alice and Bob need to execute the classical part, i.e., postprocessing [11], to correct the errors and cover the information leakage. They first run the first step known as the parameter estimation [12] to estimate the error rate of the sifted key. The second step, i.e., the key reconciliation [13], uses the estimated error rate as input to correct the errors. Finally, they run the privacy amplification [14] step to cover the leaked information.

Existing key reconciliation algorithms, e.g., belief propagation [15, 16], shuffled belief propagation [17], layer belief propagation [18, 19], etc., use a piecewise function to extract useful information from Alice’s syndrome to correct Bob’s QKD bits. To avoid information leakage, such information is not accurate and reliable. Thus, there may be some bit errors after key reconciliation. According to EUQKD protocol, if an error bit affects the second step, it will cause 52-bit errors in the Cbits (IEEE 754 standard represents a double-precision float number in the form ). We know that chaotic system is sensitive to initial condition and control parameter. As shown in Figure 2, the iteration results of PLCM (1) with very close initial conditions and control parameters are totally different. Thus, if the error bit affects the third step, it will lead to the failure of the protocol. To solve this problem, we optimize EUQKD protocol as follows:(1)Alice randomly selects initial conditions , and control parameters , , encrypts them with QKD bits, and sends the ciphertext to Bob. Then, Alice and Bob initialize their PLCMs with the selected parameters.(2)Alice and Bob iterate their PLCMs to generate two sets of iteration results , . Then, they broadcast part of the results over the classical channel and calculate the error rate. If the error rate exceeds the threshold, they jump to step 1.(3)They construct two integers with QKD bits. If the selected iteration result or has been broadcasted, they select the next iteration result until they find an iteration result that has not been broadcasted. Then, they act XOR on mantissa parts of the two iteration results to obtain a set of Cbits. Alice and Bob repeat this step times, and then they jump to the next step.(4)Alice and Bob use QKD bits to construct four integers and select as and (if ) and select as and (if ) to update their PLCMs.(5)Alice and Bob repeat steps 2, 3, and 4 until they generate enough Cbits for encrypting and decrypting the secret message.

Clearly, in each round of the optimized protocol, Alice and Bob check part of the iteration results. Since PLCM (1) is sensitive to the initial condition and the control parameter, they can easily detect the failure. And if the protocol fails, they will randomly select a set of parameters to synchronize their PLCMs. This can avoid the failure of the protocol and guarantee that the users can generate enough bits for encryption and decryption, even if there exist error bits in QKD bits. Compared with the original protocol, the optimized scheme, therefore, achieves higher robustness. Although the legitimate users broadcast part of their iteration results to resist bit errors, these iteration results are not used to generate the secret key. And many papers have proved that the eavesdropper cannot break digital chaotic PRBG, even if he obtains part of the iteration results [20–22]. Therefore, the eavesdropper cannot obtain useful information during the communication.

3.2. Realization of EUQKD

In this paper, a BB84 QKD platform based on polarization states is deployed as the physical layer. The optical setup of the platform is shown in Figure 3. Alice can control four lasers to send horizontal, vertical, , and polarization pulses, which are denoted as , , , and , respectively. Because the intensity of these pulses may be different, we first attenuate them to the same level. Then, the pulses are combined by two polarizing beam splitters (PBSs) to guarantee the orthogonality between and pulses and the orthogonality between and pulses. The manual polarization controllers adjust the angle between and pulses and the angle between and pulses to . Finally, all pulses are combined by a beam splitter (BS), attenuated to single photon level, and sent to Bob over the quantum channel. In Bob’s optical platform, the state first passes a BS to randomly select a measurement basis. Since the optical fiber may change the state of the photon, two manual polarization controllers are used to adjust the state. In our platform, only one single photon detector (SPD) is deployed. Since the four states are distinguished by delay lines of different lengths, SPD can determine the state according to the time tag of the measurement.

We run BB84 protocol on our optical platform and generate 30 sets of sifted keys. Then, we use the postprocessing algorithm proposed in Ref. [23] to process the generated sifted keys. The error rates of the generated sifted keys and the results of parameter estimation are plotted in Figure 4(a). The error rates of the generated QKD bits are shown in Figure 4(b).

(a)

(b)

Because the bit error rates of the generated QKD bits are very low, we slightly change Bob’s QKD bits and use the QKD bits to update Alice’s and Bob’s PLCMs. We simulate this process for 10,000 times, and all errors are detected in the second step of the optimized protocol. Our protocol, thus, provides the ability to resist bit errors.

4. Statistical Evaluation

In this section, we evaluate the statistical properties of the generated Cbits from aspects of uniformity and correlation. Cbits should show perfect uniformity; otherwise, Eve may extract some information from the ciphertext. To evaluate the uniformity, we set the rounds to 100, set the upper bound of iterations to 1000, and run the proposed protocol 100 times. The distribution of iteration results, control parameters, and initial conditions is plotted in Figures 5(a)–5(c), respectively. Obviously, the results show perfect uniformity.

(a)

(b)

(c)

To evaluate the correlation of the generated bits, first, the Hamming distance and Pearson’s correlation coefficient are calculated [24]. For two binary sequences and , Hamming distance can be calculated as follows:

If and are two truly random sequences, should approach 0.5. For two integer sequences and , Pearson’s correlation coefficient can be calculated according to the following equation:where and are the average values of and , respectively. If and are uncorrelated, should approach 0. We generate 20 pairs of Cbits. The Hamming distances of each pair of Cbits are shown in Figure 6(a). Then, we generate 20 pairs of Cbits and construct 20 pairs of integer sequences. Pearson’s correlation coefficient of each pair of integer sequences is plotted in Figure 6(b).

(a)

(b)

(c)

(d)

Second, we calculate the autocorrelation of generated Cbits, and the cross correlation of two pair of Cbits generated with very close initial conditions. The results are drawn in Figures 6(c) and 6(d), respectively. Clearly, the results prove that the generated Cbits have outstanding correlation properties.

5. Image Encryption and Decryption

In this section, we use image encryption to further evaluate the statistical properties of Cbits. First, the histogram analysis method is employed to evaluate the uniformity of the generated bits. As shown in Figure 7(a), we choose a gray scale image as the plain image. The histogram of the plain image is plotted in Figure 7(b). Then, we generate a set of Cbits and encrypt the plain image. The cipher image and its histogram are drawn in Figures 7(c) and 7(d), respectively. Clearly, the generated bits uniformly conceal the information of the plain image. The variances of the histograms can be calculated according to the following equation:where and are the width and the height of the image, is the number of pixels with a gray value equal to , and is the gray value vector of the image. The higher value of variance indicates the lower uniformity of the image. The variances of the plain and the cipher images are 66200 and 272.53, respectively. The generated Cbits, thus, show perfect uniformity properties.

(a)

(b)

(c)

(d)

Generally, two adjacent pixels in an image show strong correlation. Therefore, we analyze the correlation between two adjacent pixels in the plain and cipher images to evaluate the correlation properties of the generated Cbits. We randomly choose 1000 pairs of two horizontally, vertically, and diagonally adjacent pixels. Figures 8(a)–8(c) plot the distribution of two horizontally, vertically, and diagonally adjacent pixels selected in the plain image. And Figures 8(d)–8(f) present the distribution of two horizontally, vertically, and diagonally adjacent pixels selected in the cipher image. Obviously, the plain image is decorrelated by the generated bits.

(a)

(b)

(c)

(d)

(e)

(f)

Pearson’s correlation coefficient of adjacent pixels is shown in Table 1. Obviously, the adjacent pixels selected from the plain image are highly correlated. And there is negligible correlation between the adjacent pixels selected from the cipher image. The generated bits, therefore, show outstanding correlation properties.

For a well-designed cryptosystem, high key sensitivity is also required, i.e., Eve cannot obtain any information of the plain image, even if she uses a key which is very close to the correct key to decrypt the plain image. To evaluate the key sensitivity, we select a set of initial conditions and control parameters as the key to synchronize Alice’s and Bob’s PLCMs, use a set of QKD bits to generate Cbits to encrypt the plain image, and plot the cipher image in Figure 9(a). Then, we use the correct key and QKD bits to generate Cbits, decrypt the cipher image, and show the decrypted image in Figure 9(b). Finally, we slightly change the key, use the changed key and QKD bits to generate Cbits, decrypt the cipher image, and draw the decrypted image in Figure 9(c).

(a)

(b)

(c)

Pearson’s correlation coefficient between encrypted and decrypted images is shown in Table 2. Obviously, Eve cannot obtain any information even if she obtains a key which is very close to the correct key, thus proving the high key sensitivity of our protocol.

6. Conclusion

EUQKD efficiently improves the efficiency of the underlying QKD platform; however, it does not consider the bit errors, which may lead to the failure of the protocol. In this paper, we optimize EUQKD against bit errors and realize the protocol with a BB84 QKD platform. Experimental results show that the optimized protocol significantly reduces the impact of error bits and efficiently generates Cbits with outstanding statistical properties.

Data Availability

All data generated or analyzed during this study are included within this article.

Conflicts of Interest

The authors declare that there are no conflicts of interest regarding the publication of this article.

Acknowledgments

This research was financially supported by the Natural Science Foundation of Jiangsu Province (no. BK20190297) and the Natural Science Foundation of Anhui Province (no. 1708085qf157).

References

H. Bennett Ch and G. Brassard, “Quantum cryptography: public key distribution and coin tossing,” in Proceedings of the IEEE International Conference on Computers, Systems and Signal Processing, p. 175, Bangalore, India, December 1984.
View at: Google Scholar
V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Dušek, N. Lütkenhaus, and M. Peev, “The security of practical quantum key distribution,” Reviews of Modern Physics, vol. 81, no. 3, pp. 1301–1350, 2009.
View at: Publisher Site | Google Scholar
H.-K. Lo, X. Ma, and K. Chen, “Decoy state quantum key distribution,” Physical Review Letters, vol. 94, no. 23, Article ID 230504, 2005.
View at: Publisher Site | Google Scholar
H.-K. Lo, M. Curty, and B. Qi, “Measurement-device-independent quantum key distribution,” Physical Review Letters, vol. 108, no. 13, Article ID 130503, 2012.
View at: Publisher Site | Google Scholar
S.-K. Liao, W.-Q. Cai, W.-Y. Liu et al., “Satellite-to-ground quantum key distribution,” Nature, vol. 549, no. 7670, pp. 43–47, 2017.
View at: Publisher Site | Google Scholar
H.-K. Lo, H. F. Chau, and M. Ardehali, “Efficient quantum key distribution scheme and a proof of its unconditional security,” Journal of Cryptology, vol. 18, no. 2, pp. 133–165, 2005.
View at: Publisher Site | Google Scholar
P. Xue, C.-F. Li, and G.-C. Guo, “Efficient quantum-key-distribution scheme with nonmaximally entangled states,” Physical Review A, vol. 64, no. 3, Article ID 032305, 2001.
View at: Publisher Site | Google Scholar
X.-H. Li, F.-G. Deng, and H.-Y. Zhou, “Efficient quantum key distribution over a collective noise channel,” Physical Review A, vol. 78, no. 2, Article ID 022321, 2008.
View at: Publisher Site | Google Scholar
D. Jiang, Y. Chen, X. Gu, L. Xie, and L. Chen, “Efficient and universal quantum key distribution based on chaos and middleware,” International Journal of Modern Physics B, vol. 31, no. 2, Article ID 1650264, 2017.
View at: Publisher Site | Google Scholar
N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, “Quantum cryptography,” Reviews of Modern Physics, vol. 74, no. 1, pp. 145–195, 2002.
View at: Publisher Site | Google Scholar
M. Tomamichel, C. C. W. Lim, N. Gisin, and R. Renner, “Tight finite-key analysis for quantum cryptography,” Nature Communications, vol. 3, p. 634, 2012.
View at: Publisher Site | Google Scholar
X. Ma, C.-H. F. Fung, and M. Razavi, “Statistical fluctuation analysis for measurement-device-independent quantum key distribution,” Physical Review A, vol. 86, no. 5, Article ID 052305, 2012.
View at: Publisher Site | Google Scholar
J. Martinez-Mateo, D. Elkouss, and V. Martin, “Key reconciliation for high performance quantum key distribution,” Scientific Reports, vol. 3, p. 1576, 2013.
View at: Publisher Site | Google Scholar
C. H. Bennett, G. Brassard, C. Crepeau, and U. M. Maurer, “Generalized privacy amplification,” IEEE Transactions on Information Theory, vol. 41, no. 6, pp. 1915–1923, 1995.
View at: Publisher Site | Google Scholar
S.-Y. Sae-Young Chung, T. J. Richardson, and R. L. Urbanke, “Analysis of sum-product decoding of low-density parity-check codes using a Gaussian approximation,” IEEE Transactions on Information Theory, vol. 47, no. 2, pp. 657–670, 2001.
View at: Publisher Site | Google Scholar
Y. Kou, S. Lin, and M. P. C. Fossorier, “Low-density parity-check codes based on finite geometries: a rediscovery and new results,” IEEE Transactions on Information Theory, vol. 47, no. 7, pp. 2711–2736, 2001.
View at: Publisher Site | Google Scholar
J. Zhang and M. Fossorier, “Shuffled belief propagation decoding,” in Proceedings of the Conference Record of the Thirty-Sixth Asilomar Conference on Signals, Systems and Computers, vol. 1, pp. 8–15, IEEE, Pacific Grove, CA, USA, 2002.
View at: Google Scholar
D. E. Hocevar, “A reduced complexity decoder architecture via layered decoding of LDPC codes,” in Proceedings of the IEEE Workshop on Signal Processing Systems, SIPS 2004, pp. 107–112, IEEE, New York, NY, USA, 2004.
View at: Google Scholar
E. Sharon, S. Litsyn, and J. Goldberger, “An efficient message-passing schedule for LDPC decoding,” in Proceedings of the 2004 23rd IEEE Convention of Electrical and Electronics Engineers in Israel, pp. 223–226, IEEE, Tel-Aviv, Israel, September 2004.
View at: Google Scholar
S. Li, X. Mou, and Y. Cai, “Pseudo-random bit generator based on couple chaotic systems and its applications in stream-cipher cryptography,” in International Conference on Cryptology in India, pp. 316–329, Springer, Berlin, Germany, 2001.
View at: Google Scholar
S. Li, G. Chen, and X. Mou, “On the dynamical degradation of digital piecewise linear chaotic maps,” International Journal of Bifurcation and Chaos, vol. 15, no. 10, pp. 3119–3151, 2005.
View at: Publisher Site | Google Scholar
J. Zhong, D. Jiang, Q.-G. Huang, and Y. Cao, “A self-updating digital chaotic stream cipher,” International Journal of Modern Physics C, vol. 29, no. 8, Article ID 1850074, 2018.
View at: Publisher Site | Google Scholar
C. Gao, D. Jiang, Y. Guo, and L. Chen, “Multi-matrix error estimation and reconciliation for quantum key distribution,” Optics Express, vol. 27, no. 10, pp. 14545–14566, 2019.
View at: Publisher Site | Google Scholar
J. Lee Rodgers and W. A. Nicewander, “Thirteen ways to look at the correlation coefficient,” The American Statistician, vol. 42, no. 1, pp. 59–66, 1988.
View at: Publisher Site | Google Scholar

Copyright

Copyright © 2020 Da-jun Huang et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

995

Downloads

876

Citations