Combinatorial design of key distribution mechanisms for wireless sensor networks

Key distribution is one of the most challenging security issues in wireless sensor networks where sensor nodes are randomly scattered over a hostile territory. In such a sensor deployment scenario, there will be no prior knowledge of post deployment configuration. For security solutions requiring pair wise keys, it is impossible to decide how to distribute key pairs to sensor nodes before the deployment. Existing approaches to this problem are to assign more than one key, namely a key-chain, to each node. Key-chains are randomly drawn from a key-pool. Either two neighbouring nodes have a key in common in their key-chains, or there is a path, called key-path, among these two nodes where each pair of neighbouring nodes on this path has a key in common. Problem in such a solution is to decide on the key-chain size and key-pool size so that every pair of nodes can establish a session key directly or through a path with high probability. The size of the key-path is the key factor for the efficiency of the design. This paper presents novel, deterministic and hybrid approaches based on Combinatorial Design for key distribution. In particular, several block design techniques are considered for generating the key-chains and the key-pools. Comparison to probabilistic schemes shows that our combinatorial approach produces better connectivity with smaller key-chain sizes.

Post-quantum key exchange for the TLS protocol from the ring learning with errors problem

Lattice-based cryptographic primitives are believed to offer resilience against attacks by quantum computers. We demonstrate the practicality of post-quantum key exchange by constructing cipher suites for the Transport Layer Security (TLS) protocol that provide key exchange based on the ring learning with errors (R-LWE) problem, we accompany these cipher suites with a rigorous proof of security. Our approach ties lattice-based key exchange together with traditional authentication using RSA or elliptic curve digital signatures: the post-quantum key exchange provides forward secrecy against future quantum attackers, while authentication can be provided using RSA keys that are issued by today's commercial certificate authorities, smoothing the path to adoption. Our cryptographically secure implementation, aimed at the 128-bit security level, reveals that the performance price when switching from non-quantum-safe key exchange is not too high. With our R-LWE cipher suites integrated into the Open SSL library and using the Apache web server on a 2-core desktop computer, we could serve 506 RLWE-ECDSA-AES128-GCM-SHA256 HTTPS connections per second for a 10 KiB payload. Compared to elliptic curve Diffie-Hellman, this means an 8 KiB increased handshake size and a reduction in throughput of only 21%. This demonstrates that provably secure post-quantum key-exchange can already be considered practical.

Deterministic schemes for key distribution in wireless sensor networks

In this paper, we propose a new security metric for measuring resilience of a symmetric key distribution scheme in wireless sensor network. A polynomial-based and a novel complete connectivity schemes are proposed and an analytical comparison, in terms of security and connectivity, between the schemes is shown. Motivated by the schemes, we derive general expressions for security and connectivity. A number of conclusions are made using these general expressions.

Mobile node authentication using key distribution scheme in wireless sensor networks

We consider the problem of secure communication in mobile Wireless Sensor Networks (WSNs). Achieving security in WSNs requires robust encryption and authentication standards among the sensor nodes. Severe resources constraints in typical Wireless Sensor nodes hinder them in achieving key agreements. It is proved from past studies that many notable key management schemes do not work well in sensor networks due to their limited capacities. The idea of key predistribution is not feasible considering the fact that the network could scale to millions. We prove a novel algorithm that provides robust and secure communication channel in WSNs. Our Double Encryption with Validation Time (DEV) using Key Management Protocol algorithm works on the basis of timed sessions within which a secure secret key remains valid. A mobile node is used to bootstrap and exchange secure keys among communicating pairs of nodes. Analysis and simulation results show that the performance of the DEV using Key Management Protocol Algorithm is better than the SEV scheme and other related work.

Quantum criptography in optical fibers

As comunicações quânticas aplicam as leis fundamentais da física quântica para codificar, transmitir, guardar e processar informação. A mais importante e bem-sucedida aplicação é a distribuição de chaves quânticas (QKD). Os sistemas de QKD são suportados por tecnologias capazes de processar fotões únicos. Nesta tese analisamos a geração, transmissão e deteção de fotões únicos e entrelaçados em fibras óticas. É proposta uma fonte de fotões única baseada no processo clássico de mistura de quatro ondas (FWM) em fibras óticas num regime de baixas potências. Implementamos essa fonte no laboratório, e desenvolvemos um modelo teórico capaz de descrever corretamente o processo de geração de fotões únicos. O modelo teórico considera o papel das nãolinearidades da fibra e os efeitos da polarização na geração de fotões através do processo de FWM. Analisamos a estatística da fonte de fotões baseada no processo clássico de FWM em fibras óticas. Derivamos um modelo teórico capaz de descrever a estatística dessa fonte de fotões. Mostramos que a estatística da fonte de fotões evolui de térmica num regime de baixas potências óticas, para Poissoniana num regime de potências óticas moderadas. Validamos experimentalmente o modelo teórico, através do uso de fotodetetores de avalanche, do método estimativo da máxima verossimilhança e do algoritmo de maximização de expectativa. Estudamos o processo espontâneo de FWM como uma fonte condicional de fotões únicos. Analisamos a estatística dessa fonte em termos da função condicional de coerência de segunda ordem, considerando o espalhamento de Raman na geração de pares de fotões, e a perda durante a propagação de fotões numa fibra ótica padrão. Identificamos regimes apropriados onde a fonte é quase ideal. Fontes de pares de fotões implementadas em fibras óticas fornecem uma solução prática ao problema de acoplamento que surge quando os pares de fotões são gerados fora da fibra. Exploramos a geração de pares de fotões através do processo espontâneo de FWM no interior de guias de onda com suceptibilidade elétrica de terceira ordem. Descrevemos a geração de pares de fotões em meios com elevado coeficiente de absorção, e identificamos regimes ótimos para o rácio contagens coincidentes/acidentais (CAR) e para a desigualdade de Clauser, Horne, Shimony, and Holt (CHSH), para o qual o compromisso entre perda do guia de onda e não-linearidades maximiza esses parâmetros.

Entanglement analysis of atomic processes and quantum registers

During recent years, quantum information processing and the study of N−qubit quantum systems have attracted a lot of interest, both in theory and experiment. Apart from the promise of performing efficient quantum information protocols, such as quantum key distribution, teleportation or quantum computation, however, these investigations also revealed a great deal of difficulties which still need to be resolved in practise. Quantum information protocols rely on the application of unitary and non–unitary quantum operations that act on a given set of quantum mechanical two-state systems (qubits) to form (entangled) states, in which the information is encoded. The overall system of qubits is often referred to as a quantum register. Today the entanglement in a quantum register is known as the key resource for many protocols of quantum computation and quantum information theory. However, despite the successful demonstration of several protocols, such as teleportation or quantum key distribution, there are still many open questions of how entanglement affects the efficiency of quantum algorithms or how it can be protected against noisy environments. To facilitate the simulation of such N−qubit quantum systems and the analysis of their entanglement properties, we have developed the Feynman program. The program package provides all necessary tools in order to define and to deal with quantum registers, quantum gates and quantum operations. Using an interactive and easily extendible design within the framework of the computer algebra system Maple, the Feynman program is a powerful toolbox not only for teaching the basic and more advanced concepts of quantum information but also for studying their physical realization in the future. To this end, the Feynman program implements a selection of algebraic separability criteria for bipartite and multipartite mixed states as well as the most frequently used entanglement measures from the literature. Additionally, the program supports the work with quantum operations and their associated (Jamiolkowski) dual states. Based on the implementation of several popular decoherence models, we provide tools especially for the quantitative analysis of quantum operations. As an application of the developed tools we further present two case studies in which the entanglement of two atomic processes is investigated. In particular, we have studied the change of the electron-ion spin entanglement in atomic photoionization and the photon-photon polarization entanglement in the two-photon decay of hydrogen. The results show that both processes are, in principle, suitable for the creation and control of entanglement. Apart from process-specific parameters like initial atom polarization, it is mainly the process geometry which offers a simple and effective instrument to adjust the final state entanglement. Finally, for the case of the two-photon decay of hydrogenlike systems, we study the difference between nonlocal quantum correlations, as given by the violation of the Bell inequality and the concurrence as a true entanglement measure.

QUANTUM CORRELATIONS OF LIGHTS IN MACROSCOPIC ENVIRONMENTS

This dissertation presents a detailed study in exploring quantum correlations of lights in macroscopic environments. We have explored quantum correlations of single photons, weak coherent states, and polarization-correlated/polarization-entangled photons in macroscopic environments. These included macroscopic mirrors, macroscopic photon number, spatially separated observers, noisy photons source and propagation medium with loss or disturbances. We proposed a measurement scheme for observing quantum correlations and entanglement in the spatial properties of two macroscopic mirrors using single photons spatial compass state. We explored the phase space distribution features of spatial compass states, such as chessboard pattern by using the Wigner function. The displacement and tilt correlations of the two mirrors were manifested through the propensities of the compass states. This technique can be used to extract Einstein-Podolsky-Rosen correlations (EPR) of the two mirrors. We then formulated the discrete-like property of the propensity Pb(m,n), which can be used to explore environmental perturbed quantum jumps of the EPR correlations in phase space. With single photons spatial compass state, the variances in position and momentum are much smaller than standard quantum limit when using a Gaussian TEM00 beam. We observed intrinsic quantum correlations of weak coherent states between two parties through balanced homodyne detection. Our scheme can be used as a supplement to decoy-state BB84 protocol and differential phase-shift QKD protocol. We prepared four types of bipartite correlations ±cos2(θ12) that shared between two parties. We also demonstrated bits correlations between two parties separated by 10 km optical fiber. The bits information will be protected by the large quantum phase fluctuation of weak coherent states, adding another physical layer of security to these protocols for quantum key distribution. Using 10 m of highly nonlinear fiber (HNLF) at 77 K, we observed coincidence to accidental-coincidence ratio of 130±5 for correlated photon-pair and Two-Photon Interference visibility >98% entangled photon-pair. We also verified the non-local behavior of polarization-entangled photon pair by violating Clauser-Horne-Shimony-Holt Bell’s inequality by more than 12 standard deviations. With the HNLF at 300 K (77 K), photon-pair production rate about factor 3(2) higher than a 300 m dispersion-shifted fiber is observed. Then, we studied quantum correlation and interference of photon-pairs; with one photon of the photon-air experiencing multiple scattering in a random medium. We observed that depolarization noise photon in multiple scattering degrading the purity of photon-pair, and the existence of Raman noise photon in a photon-pair source will contribute to the depolarization affect. We found that quantum correlation of polarization-entangled photon-pair is better preserved than polarization-correlated photon-pair as one photon of the photon-pair scattered through a random medium. Our findings showed that high purity polarization-entangled photon-pair is better candidate for long distance quantum key distribution.

Analysis of a rate-adaptive reconciliation protocol and the effect of leakage on the secret key rate

Quantum key distribution performs the trick of growing a secret key in two distant places connected by a quantum channel. The main reason is so that the legitimate users can bound the information gathered by the eavesdropper. In practical systems, whether because of finite resources or external conditions, the quantum channel is subject to fluctuations. A rate-adaptive information reconciliation protocol, which adapts to the changes in the communication channel, is then required to minimize the leakage of information in the classical postprocessing. We consider here the leakage of a rate-adaptive information reconciliation protocol. The length of the exchanged messages is larger than that of an optimal protocol; however, we prove that the min-entropy reduction is limited. The simulation results, both in the asymptotic and in the finite-length regime, show that this protocol allows to increase the amount of a distillable secret key.

Quantum communications in optical networks

La posibilidad de utilizar sistemas cuánticos para procesar y transmitir información ha impulsado la aparición de tecnologías de información cuántica, p. ej., distribución cuántica de claves. Aunque prometedoras, su uso fuera del laboratorio es actualmente demasiado costoso y complicado. En este trabajo mostramos como utilizarlas en redes ópticas de telecomunicaciones. Al utilizar una infraestructura existente y pervasiva, y compartirla con otras señales, tanto clásicas como cuánticas, el coste se reduce drásticamente y llega a un mayor público. Comenzamos integrando señales cuánticas en los tipos más utilizados de redes ópticas pasivas, por su simplicidad y alcance a usuarios finales. Luego ampliamos este estudio, proponiendo un diseño de red óptica metropolitana basado en la división en longitud de onda para multiplexar y direccionar las señales. Verificamos su funcionamiento con un prototipo. Posteriormente, estudiamos la distribución de pares de fotones entrelazados entre los usuarios de dicha red con el objetivo de abarcar más tecnologías. Para ampliar la capacidad de usuarios, rediseñamos la red troncal, cambiando tanto la topología como la tecnología utilizada en los nodos. El resultado es una red metropolitana cuántica que escala a cualquier cantidad de usuarios, a costa de una mayor complejidad y coste. Finalmente, tratamos el problema de la limitación en distancia. La solución propuesta está basada en codificación de red y permite, mediante el uso de varios caminos y nodos, modular la cantidad de información que tiene cada nodo, y así, la confianza depositada en él. ABSTRACT The potential use of quantum systems to process and transmit information has impulsed the emergence of quantum information technologies such as quantum key distribution. Despite looking promising, their use out of the laboratory is limited since they are a very delicate technology due to the need of working at the single quantum level. In this work we show how to use them in optical telecommunication networks. Using an existing infrastructure and sharing it with other signals, both quantum and conventional, reduces dramatically the cost and allows to reach a large group of users. In this work, we will first integrate quantum signals in the most common passive optical networks, for their simplicity and reach to final users. Then, we extend this study by proposing a quantum metropolitan optical network based on wavelength-division multiplexing and wavelengthaddressing, verifying its operation mode in a testbed. Later, we study the distribution of entangled photon-pairs between the users of the network with the objective of covering as much different technologies as possible. We further explore other network architectures, changing the topology and the technology used at the nodes. The resulting network scales better at the cost of a more complex and expensive infrastructure. Finally, we tackle the distance limitation problem of quantum communications. The solution offered is based on networkcoding and allows, using multiple paths and nodes, to modulate the information leaked to each node, and thus, the degree of trust placed in them.

Proposal for a Wavelength Multiplexed Quantum Metropolitan Area Network

Quantum Key Distribution (QKD) is maturing quickly. However, the current approaches to its network use require conditions that make it an expensive technology. All the QKD networks deployed to date are designed as a collection of dedicated point-to-point links that use the trusted repeater paradigm. Instead, we propose a novel network model in which QKD systems use simultaneously quantum and conventional signals that are wavelength multiplexed over a common communication infrastructure. Signals are transmitted end-to-end within a metropolitan area using optical components. The model resembles a commercial telecom network and takes advantage of existing components, thus allowing for a cost-effective and reliable deployment.

Quantum metropolitan optical network based on wavelength division multiplexing

Quantum Key Distribution (QKD) is maturing quickly. However, the current approaches to its application in optical networks make it an expensive technology. QKD networks deployed to date are designed as a collection of point-to-point, dedicated QKD links where non-neighboring nodes communicate using the trusted repeater paradigm. We propose a novel optical network model in which QKD systems share the communication infrastructure by wavelength multiplexing their quantum and classical signals. The routing is done using optical components within a metropolitan area which allows for a dynamically any-to-any communication scheme. Moreover, it resembles a commercial telecom network, takes advantage of existing infrastructure and utilizes commercial components, allowing for an easy, cost-effective and reliable deployment.

Information reconciliation methods in secret key distribution

We consider in this thesis the problem of information reconciliation in the context of secret key distillation between two legitimate parties. In some scenarios of interest this problem can be advantageously solved with low density parity check (LDPC) codes optimized for the binary symmetric channel. In particular, we demonstrate that our method leads to a significant efficiency improvement, with respect to earlier interactive reconciliation methods. We propose a protocol based on LDPC codes that can be adapted to changes in the communication channel extending the original source. The efficiency of our protocol is only limited by the quality of the code and, while transmitting more information than needed to reconcile Alice’s and Bob’s sequences, it does not reveal any more information on the original source than an ad-hoc code would have revealed.---ABSTRACT---En esta tesis estudiamos el problema de la reconciliación de información en el contexto de la destilación de secreto entre dos partes. En algunos escenarios de interés, códigos de baja densidad de ecuaciones de paridad (LDPC) adaptados al canal binario simétrico ofrecen una buena solución al problema estudiado. Demostramos que nuestro método mejora significativamente la eficiencia de la reconciliación. Proponemos un protocolo basado en códigos LDPC que puede ser adaptado a cambios en el canal de comunicaciones mediante una extensión de la fuente original. La eficiencia de nuestro protocolo está limitada exclusivamente por el código utilizado y no revela información adicional sobre la fuente original que la que un código con la tasa de información adaptada habría revelado.

Quantum cryptography without switching

We propose a new coherent state quantum key distribution protocol that eliminates the need to randomly switch between measurement bases. This protocol provides significantly higher secret key rates with increased bandwidths than previous schemes that only make single quadrature measurements. It also offers the further advantage of simplicity compared to all previous protocols which, to date, have relied on switching.