liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Vulnerability of "A Novel Protocol-Authentication Algorithm Ruling out a Man-in-the-Middle Attack in Quantum Cryptography"
Linköping University, Department of Mathematics, Applied Mathematics. Linköping University, The Institute of Technology.
Linköping University, Department of Mathematics, Applied Mathematics. Linköping University, The Institute of Technology.ORCID iD: 0000-0002-1082-8325
2009 (English)In: International Journal of Quantum Information, ISSN 0219-7499, Vol. 7, no 5, 1047-1052 p.Article in journal (Refereed) Published
Abstract [en]

In this paper, we review and comment on "A novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography" [M. Peev et al., Int. J. Quant. Inf. 3 (2005) 225]. In particular, we point out that the proposed primitive is not secure when used in a generic protocol, and needs additional authenticating properties of the surrounding quantum-cryptographic protocol.

Place, publisher, year, edition, pages
2009. Vol. 7, no 5, 1047-1052 p.
Keyword [en]
Quantum cryptography, quantum key distribution, authentication
National Category
Natural Sciences
Identifiers
URN: urn:nbn:se:liu:diva-20405DOI: 10.1142/S0219749909005754OAI: oai:DiVA.org:liu-20405DiVA: diva2:234516
Projects
ICG QC
Available from: 2009-09-08 Created: 2009-09-07 Last updated: 2016-08-31Bibliographically approved
In thesis
1. Weaknesses of Authentication in Quantum Cryptography and Strongly Universal Hash Functions
Open this publication in new window or tab >>Weaknesses of Authentication in Quantum Cryptography and Strongly Universal Hash Functions
2010 (English)Licentiate thesis, comprehensive summary (Other academic)
Abstract [en]

Authentication is an indispensable part of Quantum Cryptography, which is an unconditionally secure key distribution technique based on the laws of nature. Without proper authentication, Quantum Cryptography is vulnerable to “man-in-the-middle” attacks. Therefore, to guarantee unconditional security of any Quantum Cryptographic protocols, the authentication used must also be unconditionally secure. The standard in Quantum Cryptography is to use theWegman-Carter authentication, which is unconditionally secure and is based on the idea of universal hashing.

In this thesis, we first investigate properties of a Strongly Universal hash function family to facilitate understanding the properties of (classical) authentication used in Quantum Cryptography. Then, we study vulnerabilities of a recently proposed authentication protocol intended to rule out a "man-in-the-middle" attack on Quantum Cryptography. Here, we point out that the proposed authentication primitive is not secure when used in a generic Quantum Cryptographic protocol. Lastly, we estimate the lifetime of authentication using encrypted tags when the encryption key is partially known. Under simplifying assumptions, we derive that the lifetime is linearly dependent on the length of the authentication key. Experimental results that support the theoretical results are also presented.

Place, publisher, year, edition, pages
Linköping: Linköping University Electronic Press, 2010. 37 p.
Series
Linköping Studies in Science and Technology. Thesis, ISSN 0280-7971 ; 1447
National Category
Mathematics
Identifiers
urn:nbn:se:liu:diva-57290 (URN)978-91-7393-354-4 (ISBN)
Supervisors
Projects
ICG QC
Available from: 2010-06-16 Created: 2010-06-16 Last updated: 2016-08-31Bibliographically approved
2. Authentication in Quantum Key Distribution: Security Proof and Universal Hash Functions
Open this publication in new window or tab >>Authentication in Quantum Key Distribution: Security Proof and Universal Hash Functions
2013 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Quantum Key Distribution (QKD) is a secret key agreement technique that consists of two parts: quantum transmission and measurement on a quantum channel, and classical post-processing on a public communication channel. It enjoys provable unconditional security provided that the public communication channel is immutable. Otherwise, QKD is vulnerable to a man-in-the-middle attack. Immutable public communication channels, however, do not exist in practice. So we need to use authentication that implements the properties of an immutable channel as well as possible. One scheme that serves this purpose well is the Wegman-Carter authentication (WCA), which is built upon Almost Strongly Universal2 (ASU2) hashing. This scheme uses a new key in each authentication attempt to select a hash function from an ASU2 family, which is then used to generate the authentication tag for a message.

The main focus of this dissertation is on authentication in the context of QKD. We study ASU2 hash functions, security of QKD that employs a computationally secure authentication, and also security of authentication with a partially known key. Specifically, we study the following.

First, Universal hash functions and their constructions are reviewed, and as well as a new construction of ASU2 hash functions is presented. Second, security of QKD that employs a specific computationally secure authentication is studied. We present detailed attacks on various practical implementations of QKD that employs this authentication. We also provide countermeasures and prove necessary and sufficient conditions for upgrading the security of the authentication to the level of unconditional security. Third, Universal hash function based multiple authentication is studied. This uses a fixed ASU2 hash function followed by one-time pad encryption, to keep the hash function secret. We show that the one-time pad is necessary in every round for the authentication to be unconditionally secure. Lastly, we study security of the WCA scheme, in the case of a partially known authentication key. Here we prove tight information-theoretic security bounds and also analyse security using witness indistinguishability as used in the Universal Composability framework.

Place, publisher, year, edition, pages
Linköping: Linköping University Electronic Press, 2013. 55 p.
Series
Linköping Studies in Science and Technology. Dissertations, ISSN 0345-7524 ; 1517
National Category
Engineering and Technology
Identifiers
urn:nbn:se:liu:diva-91265 (URN)978-91-7519-625-1 (ISBN)
Public defence
2013-05-17, Visionen, B-huset, Campus Valla, Linköpings universitet, Linköping, 13:15 (English)
Opponent
Supervisors
Projects
ICG QC
Available from: 2013-04-18 Created: 2013-04-18 Last updated: 2016-08-31Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full text

Authority records BETA

Abidin, AysajanLarsson, Jan-Åke

Search in DiVA

By author/editor
Abidin, AysajanLarsson, Jan-Åke
By organisation
Applied MathematicsThe Institute of Technology
Natural Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 2008 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf