Takehisa Iwakoshi

Takehisa Iwakoshi

In our previous work, it was demonstrated that the attacker could not pin-down the correct keys to start the Y00 protocol with a probability of one under the assistance of unlimitedly long known-plaintext attacks and optimal quantum measurements on the attacker's quantum memory. However, there were several assumptions that the Y00 system utilized linear-feedback shift registers as pseudo-random-number generators, and a fast correlation attack was disabled by irregular mapping on the Y00 systems. This study generalizes such an attack to remove the assumptions of the previous work. The framework of the security analyses of this study reiterates two well-known results from the past: (1) Y00 systems would be cryptanalyzed when the system is not designed well; (2) the system is possibly information-theoretically secure when the system is designed well, although the attacker's confidence in the correct key increases over time but the success probability of key recovery does not reach unity in finite time; (3) the breach time of the shared keys is increasingly threatened with time. Hence, a key-refreshment procedure for the Y00 protocol is provided herein. Such security analyses are important not only in key refreshment but also in initial key agreement situations.

Takehisa Iwakoshi

The previous work showed that the Y00 protocol could stay secure with the eavesdropper's guessing probability on the secret keys being strictly less than one under an unlimitedly long known-plaintext attack with quantum memory. However, an assumption that at least a fast correlation attack is completely disabled by irregular mapping. The present study shows that the Y00 protocol can be information-theoretic secure under any quantum-computational crypto-analyses if the Y00 system is well designed. The Y00 protocol directly encrypts messages with short secret keys expanded into pseudo-random running keys unlike One-Time Pad. However, it may offer information-theoretic security beyond the Shannon limit of cryptography.

Takehisa Iwakoshi

Although quantum key distribution is regarded as promising secure communication, security of Y00 protocol proposed by Yuen in 2000 for the affinity to conventional optical communication is not well-understood yet; its security has been evaluated only by the eavesdropper's error probabilities of detecting individual signals or masking size, the number of hidden signal levels under quantum and classical noise. Our study is the first challenge of evaluating the guessing probabilities on shared secret keys for pseudorandom number generators in a simplified Y00 communication system based on quantum multiple hypotheses testing theory. The result is that even unlimitedly long known-plaintext attack only lets the eavesdropper guess the shared secret keys of limited lengths with a probability strictly < 1. This study will give some insights for detailed future works on this quantum communication protocol.

Takehisa Iwakoshi

In 2005, trace distance between an ideal quantum state to be distributed and an actual quantum state distributed was introduced as a valid security measure of Quantum Key Distribution (QKD) by R. Renner et al., then it has been perceived that the trace can be interpreted as a maximum failure probability of QKD. While such a perspective has been widely accepted, H. P. Yuen and O. Hirota have been warning that such an interpretation is not correct since 2009. The author of this study has been giving questions on the interpretation of the trace distance based on their criticisms since QIT30 in May 2014, and has been proposing Yuen's idea to evaluate the security of QKD by the probability for the attacker to guess the correct key. However, the author could not give the guessing probability concretely. In this study, the author explains how to derive the average guessing probability for the attacker, where its result equals to Yuen's derivation firstly seen in 2010. From this result, one will see the problems with the maximum failure probability interpretation of the trace distance clearly. This study also explains the indistinguishability advantage interpretation is also invalid.

Takehisa Iwakoshi

Quantum Key Distribution (QKD) has been attracting researchers that it would provide provable security to distribute secret keys since its birth in 1984. Since 2005, the trace distance between an ideal quantum state and an actually distributed state has been employed to evaluate its security level, and the trace distance was given an interpretation that it would be a maximum failure probability in distributing perfectly secure keys. However, in 2009, H. P. Yuen criticized that the trace distance would not have such an interpretation. Since then, O. Hirota, K. Kato, and T. Iwakoshi have been warning to make people pay attention to Yuen's criticisms. In 2015, T. Iwakoshi precisely explained why Yuen has been correct. In 2016, Yuen himself published a paper to explain the potentially unsolved problems in QKD. This study precisely explains the most important problems given in Yuen's paper, and gives recent topics around QKD and other quantum cryptographic protocols.