Claes-Goran Granqvist

Laszlo Bela Kish, Kamran Entesari, Claes-Goran Granqvist et al.

The statistical-physics-based Kirchhoff-law-Johnson-noise (KLJN) key exchange offers a new and simple unclonable system for credit/debit card chip authentication and payment. The key exchange, the authentication and the communication are unconditionally secure so that neither mathematics- nor statistics-based attacks are able to crack the scheme. The ohmic connection and the short wiring lengths between the chips in the card and the terminal constitute an ideal setting for the KLJN protocol, and even its simplest versions offer unprecedented security and privacy for credit/debit card chips and applications of physical unclonable functions.

Laszlo Bela Kish, Claes-Goran Granqvist

We introduce two new Kirchhoff-law-Johnson-noise (KLJN) secure key distribution schemes which are generalizations of the original KLJN scheme. The first of these, the Random-Resistor (RR-) KLJN scheme, uses random resistors with values chosen from a quasi-continuum set. It is well-known since the creation of the KLJN concept that such a system could work in cryptography, because Alice and Bob can calculate the unknown resistance value from measurements, but the RR-KLJN system has not been addressed in prior publications since it was considered impractical. The reason for discussing it now is the second scheme, the Random-Resistor-Random-Temperature (RRRT-) KLJN key exchange, inspired by a recent paper of Vadai, Mingesz and Gingl, wherein security was shown to be maintained at non-zero power flow. In the RRRT-KLJN secure key exchange scheme, both the resistances and their temperatures are continuum random variables. We prove that the security of the RRRT-KLJN scheme can prevail at non-zero power flow, and thus the physical law guaranteeing security is not the Second Law of Thermodynamics but the Fluctuation-Dissipation Theorem. Alice and Bob know their own resistances and temperatures and can calculate the resistance and temperature values at the other end of the communication channel from measured voltage, current and power-flow data in the wire. However, Eve cannot determine these values because, for her, there are four unknown quantities while she can set up only three equations. The RRRT-KLJN scheme has several advantages and makes all former attacks on the KLJN scheme invalid or incomplete.

Laszlo B. Kish, Zoltan Gingl, Robert Mingesz et al.

A recent paper by Gunn-Allison-Abbott (GAA) [L.J. Gunn et al., Scientific Reports 4 (2014) 6461] argued that the Kirchhoff-law-Johnson-noise (KLJN) secure key exchange system could experience a severe information leak. Here we refute their results and demonstrate that GAA's arguments ensue from a serious design flaw in their system. Specifically, an attenuator broke the single Kirchhoff-loop into two coupled loops, which is an incorrect operation since the single loop is essential for the security in the KLJN system, and hence GAA's asserted information leak is trivial. Another consequence is that a fully defended KLJN system would not be able to function due to its built-in current-comparison defense against active (invasive) attacks. In this paper we crack GAA's scheme via an elementary current comparison attack which yields negligible error probability for Eve even without averaging over the correlation time of the noise.

Laszlo B. Kish, Claes-Goran Granqvist, Sergey M. Bezrukov et al.

Neural spikes in the brain form stochastic sequences, i.e., belong to the class of pulse noises. This stochasticity is a counterintuitive feature because extracting information - such as the commonly supposed neural information of mean spike frequency - requires long times for reasonably low error probability. The mystery could be solved by noise-based logic, wherein randomness has an important function and allows large speed enhancements for special-purpose tasks, and the same mechanism is at work for the brain logic version of this concept.

Laszlo B. Kish, Derek Abbott, Claes-Goran Granqvist et al.

This paper deals with the Kirchhoff-law-Johnson-noise (KLJN) classical statistical physical key exchange method and surveys criticism - often stemming from a lack of understanding of its underlying premises or from other errors - and our related responses against these, often unphysical, claims. Some of the attacks are valid, however, an extended KLJN system remains protected against all of them, implying that its unconditional security is not impacted.

Hsien-Pu Chen, Laszlo B. Kish, Claes-Goran Granqvist et al.

We refute a physical model, recently proposed by Gunn, Allison and Abbott (GAA) [arXiv:1402.2709v2], to utilize electromagnetic waves for eavesdropping on the Kirchhoff-law-Johnson-noise (KLJN) secure key distribution. Their model, and its theoretical underpinnings, is found to be fundamentally flawed because their assumption of electromagnetic waves violates not only the wave equation but also the Second Law of Thermodynamics, the Principle of Detailed Balance, Boltzmann's Energy Equipartition Theorem, and Planck's formula by implying infinitely strong blackbody radiation. We deduce the correct mathematical model of the GAA scheme, which is based on impedances at the quasi-static limit. Mathematical analysis and simulation results confirm our approach and prove that GAA's experimental interpretation is incorrect too.

Hsien-Pu Chen, Laszlo B. Kish, Claes-Goran Granqvist et al.

Recently, Gunn, Allison and Abbott (GAA) [http://arxiv.org/pdf/1402.2709v2.pdf] proposed a new scheme to utilize electromagnetic waves for eavesdropping on the Kirchhoff-law-Johnson-noise (KLJN) secure key distribution. We proved in a former paper [Fluct. Noise Lett. 13 (2014) 1450016] that GAA's mathematical model is unphysical. Here we analyze GAA's cracking scheme and show that, in the case of a loss-free cable, it provides less eavesdropping information than in the earlier (Bergou)-Scheuer-Yariv mean-square-based attack [Kish LB, Scheuer J, Phys. Lett. A 374 (2010) 2140-2142], while it offers no information in the case of a lossy cable. We also investigate GAA's claim to be experimentally capable of distinguishing - using statistics over a few correlation times only - the distributions of two Gaussian noises with a relative variance difference of less than 10^-8. Normally such distinctions would require hundreds of millions of correlations times to be observable. We identify several potential experimental artifacts as results of poor KLJN design, which can lead to GAA's assertions: deterministic currents due to spurious harmonic components caused by ground loops, DC offset, aliasing, non-Gaussian features including non-linearities and other non-idealities in generators, and the time-derivative nature of GAA's scheme which tends to enhance all of these artifacts.

Laszlo B. Kish, Derek Abbott, Claes-Goran Granqvist

Recently, Bennett and Riedel (BR) (http://arxiv.org/abs/1303.7435v1) argued that thermodynamics is not essential in the Kirchhoff-law-Johnson-noise (KLJN) classical physical cryptographic exchange method in an effort to disprove the security of the KLJN scheme. They attempted to demonstrate this by introducing a dissipation-free deterministic key exchange method with two batteries and two switches. In the present paper, we first show that BR's scheme is unphysical and that some elements of its assumptions violate basic protocols of secure communication. All our analyses are based on a technically-unlimited Eve with infinitely accurate and fast measurements limited only by the laws of physics and statistics. For non-ideal situations and at active (invasive) attacks, the uncertainly principle between measurement duration and statistical errors makes it impossible for Eve to extract the key regardless of the accuracy or speed of her measurements. To show that thermodynamics and noise are essential for the security, we crack the BR system with 100% success via passive attacks, in ten different ways, and demonstrate that the same cracking methods do not function for the KLJN scheme that employs Johnson noise to provide security underpinned by the Second Law of Thermodynamics. We also present a critical analysis of some other claims by BR; for example, we prove that their equations for describing zero security do not apply to the KLJN scheme. Finally we give mathematical security proofs for each BR-attack against the KLJN scheme and conclude that the information theoretic (unconditional) security of the KLJN method has not been successfully challenged.