E. O. Kiktenko

M. A. Gavreev, A. S. Mastiukova, E. O. Kiktenko et al.

Quantum technologies require methods for preparing and manipulating entangled multiparticle states. However, the problem of determining whether a given quantum state is entangled or separable is known to be an NP-hard problem in general, and even the task of detecting entanglement breakdown for a given class of quantum states is difficult. In this work, we develop an approach for revealing entanglement breakdown using a machine learning technique, which is known as 'learning by confusion'. We consider a family of quantum states, which is parameterized such that there is a single critical value dividing states within this family into separate and entangled. We demonstrate the 'learning by confusion' scheme allows us to determine the critical value. Specifically, we study the performance of the method for the two-qubit, two-qutrit, and two-ququart entangled state. In addition, we investigate the properties of the local depolarization and the generalized amplitude damping channel in the framework of the confusion scheme. Within our approach and setting the parameterization of special trajectories, we obtain an entanglement-breakdown 'phase diagram' of a quantum channel, which indicates regions of entangled (separable) states and the entanglement-breakdown region. Then we extend the way of using the 'learning by confusion' scheme for recognizing whether an arbitrary given state is entangled or separable. We show that the developed method provides correct answers for a variety of states, including entangled states with positive partial transpose. We also present a more practical version of the method, which is suitable for studying entanglement breakdown in noisy intermediate-scale quantum devices. We demonstrate its performance using an available cloud-based IBM quantum processor.

E. O. Kiktenko, A. S. Zelenetsky, A. K. Fedorov

Digital signatures are widely used for providing security of communications. At the same time, the security of currently deployed digital signature protocols is based on unproven computational assumptions. An efficient way to ensure an unconditional (information-theoretic) security of communication is to use quantum key distribution (QKD), whose security is based on laws of quantum mechanics. In this work, we develop an unconditionally secure signature scheme that guarantees authenticity and transferability of arbitrary length messages in a QKD network. In the proposed setup, the QKD network consists of two subnetworks: (i) an internal network that includes the signer and with limitation on the number of malicious nodes and (ii) an external network that has no assumptions on the number of malicious nodes. A consequence of the absence of the trust assumption in the external subnetwork is the necessity of assistance from internal subnetwork recipients for the verification of message-signature pairs by external subnetwork recipients. We provide a comprehensive security analysis of the developed scheme, perform an optimization of the scheme parameters with respect to the secret key consumption, and demonstrate that the developed scheme is compatible with the capabilities of currently available QKD devices.

S. E. Yunakovsky, M. Kot, N. O. Pozhar et al.

Quantum computing technologies pose a significant threat to the currently employed public-key cryptography protocols. In this paper, we discuss the impact of the quantum threat on public key infrastructures (PKIs), which are used as a part of security systems for protecting production environments. We analyze security issues of existing models with a focus on requirements for a fast transition to post-quantum solutions. Although our primary focus is on the attacks with quantum computing, we also discuss some security issues that are not directly related to the used cryptographic algorithms but are essential for the overall security of the PKI. We attempt to provide a set of security recommendations regarding the PKI from the viewpoints of attacks with quantum computers.

M. A. Kudinov, E. O. Kiktenko, A. K. Fedorov

In this work, we discuss in detail a flaw in the original security proof of the W-OTS${^+}$ variant of the Winternitz one-time signature scheme, which is an important component for various stateless and stateful many-time hash-based digital signature schemes. We update the security proof for the W-OTS${^+}$ scheme and derive the corresponding security level. Our result is of importance for the security analysis of hash-based digital signature schemes.

M. A. Kudinov, A. A. Chilikov, E. O. Kiktenko et al.

We construct a new protocol for attribute-based encryption with the use of the modification of the standard secret sharing scheme. In the suggested modification of the secret sharing scheme, only one master key for each user is required that is achieved by linearly enlarging public parameters in the access formula. We then use this scheme for designing an attribute-based encryption protocol related to some access structure in terms of attributes. We demonstrate that the universe of possible attributes does not affect the resulting efficiency of the scheme. The security proofs for both constructions are provided.

E. O. Kiktenko, M. A. Kudinov, A. A. Bulychev et al.

In the present work, a peculiar property of hash-based signatures allowing detection of their forgery event is explored. This property relies on the fact that a successful forgery of a hash-based signature most likely results in a collision with respect to the employed hash function, while the demonstration of this collision could serve as convincing evidence of the forgery. Here we prove that with properly adjusted parameters Lamport and Winternitz one-time signatures schemes could exhibit a forgery detection availability property. This property is of significant importance in the framework of crypto-agility paradigm since the considered forgery detection serves as an alarm that the employed cryptographic hash function becomes insecure to use and the corresponding scheme has to be replaced.

E. O. Kiktenko, M. A. Kudinov, A. K. Fedorov

Blockchain is a distributed ledger, which is protected against malicious modifications by means of cryptographic tools, e.g. digital signatures and hash functions. One of the most prominent applications of blockchains is cryptocurrencies, such as Bitcoin. In this work, we consider a particular attack on wallets for collecting assets in a cryptocurrency network based on brute-force search attacks. Using Bitcoin as an example, we demonstrate that if the attack is implemented successfully, a legitimate user is able to prove that fact of this attack with a high probability. We also consider two options for modification of existing cryptocurrency protocols for dealing with this type of attacks. First, we discuss a modification that requires introducing changes in the Bitcoin protocol and allows diminishing the motivation to attack wallets. Second, an alternative option is the construction of special smart-contracts, which reward the users for providing evidence of the brute-force attack. The execution of this smart-contract can work as an automatic alarm that the employed cryptographic mechanisms, and (particularly) hash functions, have an evident vulnerability.

E. O. Kiktenko, A. A. Bulychev, P. A. Karagodin et al.

Many commonly used public key cryptosystems will become insecure once a scalable quantum computer is built. New cryptographic schemes that can guarantee protection against attacks with quantum computers, so-called post-quantum algorithms, have emerged in recent decades. One of the most promising candidates for a post-quantum signature scheme is SPHINCS$^+$, which is based on cryptographic hash functions. In this contribution, we analyze the use of the new Russian standardized hash function, known as Streebog, for the implementation of the SPHINCS$^+$ signature scheme. We provide a performance comparison with SHA-256-based instantiation and give benchmarks for various sets of parameters.

E. O. Kiktenko, A. O. Malyshev, M. A. Gavreev et al.

Quantum key distribution (QKD) enables unconditionally secure communication between distinct parties using a quantum channel and an authentic public channel. Reducing the portion of quantum-generated secret keys, that is consumed during the authentication procedure, is of significant importance for improving the performance of QKD systems. In the present work, we develop a lightweight authentication protocol for QKD based on a `ping-pong' scheme of authenticity check for QKD. An important feature of this scheme is that the only one authentication tag is generated and transmitted during each of the QKD post-processing rounds. For the tag generation purpose, we design an unconditionally secure procedure based on the concept of key recycling. The procedure is based on the combination of almost universal$_2$ polynomial hashing, XOR universal$_2$ Toeplitz hashing, and one-time pad (OTP) encryption. We demonstrate how to minimize both the length of the recycled key and the size of the authentication key, that is required for OTP encryption. As a result, in real case scenarios, the portion of quantum-generated secret keys that is consumed for the authentication purposes is below 1\%. Finally, we provide a security analysis of the full quantum key growing process in the framework of universally composable security.

Y. A. Kharkov, V. E. Sotskov, A. A. Karazeev et al.

Understanding properties of quantum matter is an outstanding challenge in science. In this paper, we demonstrate how machine-learning methods can be successfully applied for the classification of various regimes in single-particle and many-body systems. We realize neural network algorithms that perform a classification between regular and chaotic behavior in quantum billiard models with remarkably high accuracy. We use the variational autoencoder for autosupervised classification of regular/chaotic wave functions, as well as demonstrating that variational autoencoders could be used as a tool for detection of anomalous quantum states, such as quantum scars. By taking this method further, we show that machine learning techniques allow us to pin down the transition from integrability to many-body quantum chaos in Heisenberg XXZ spin chains. For both cases, we confirm the existence of universal W shapes that characterize the transition. Our results pave the way for exploring the power of machine learning tools for revealing exotic phenomena in quantum many-body systems.

A. V. Duplinskiy, E. O. Kiktenko, N. O. Pozhar et al.

Quantum key distribution (QKD) provides theoretic information security in communications based on the laws of quantum physics. In this work, we report an implementation of quantum-secured data transmission in the infrastructure of Sberbank of Russia in standard communication lines in Moscow. The experiment is realized on the basis of already deployed urban fiber-optics communication channels with significant losses. We realize the decoy-state BB84 QKD protocol using the one-way scheme with polarization encoding for generating keys. Quantum-generated keys are then used for continuous key renewal in the hardware devices for establishing a quantum-secured VPN Tunnel between two offices of Sberbank. The hybrid approach used offers possibilities for long-term protection of the transmitted data; it is promising for integrating into the already existing information security infrastructure.

A. S. Trushechkin, P. A. Tregubov, E. O. Kiktenko et al.

Quantum key distribution (QKD) offers a way for establishing information-theoretically secure communications. An important part of QKD technology is a high-quality random number generator (RNG) for quantum states preparation and for post-processing procedures. In the present work, we consider a novel class of prepare-and-measure QKD protocols, utilizing additional pseudorandomness in the preparation of quantum states. We study one of such protocols and analyze its security against the intercept-resend attack. We demonstrate that, for single-photon sources, the considered protocol gives better secret key rates than the BB84 and the asymmetric BB84 protocol. However, the protocol strongly requires single-photon sources.

E. O. Kiktenko, N. O. Pozhar, M. N. Anufriev et al.

Blockchain is a distributed database which is cryptographically protected against malicious modifications. While promising for a wide range of applications, current blockchain platforms rely on digital signatures, which are vulnerable to attacks by means of quantum computers. The same, albeit to a lesser extent, applies to cryptographic hash functions that are used in preparing new blocks, so parties with access to quantum computation would have unfair advantage in procuring mining rewards. Here we propose a possible solution to the quantum era blockchain challenge and report an experimental realization of a quantum-safe blockchain platform that utilizes quantum key distribution across an urban fiber network for information-theoretically secure authentication. These results address important questions about realizability and scalability of quantum-safe blockchains for commercial and governmental applications.

E. O. Kiktenko, N. O. Pozhar, A. V. Duplinskiy et al.

We report the results of the implementation of a quantum key distribution (QKD) network using standard fibre communication lines in Moscow. The developed QKD network is based on the paradigm of trusted repeaters and allows a common secret key to be generated between users via an intermediate trusted node. The main feature of the network is the integration of the setups using two types of encoding, i.e. polarisation encoding and phase encoding. One of the possible applications of the developed QKD network is the continuous key renewal in existing symmetric encryption devices with a key refresh time of up to 14 s.