arXiv Index: Asymmetric(like RSA) quantum crypto using symmetric keys

Thursday, April 26, 2012

Asymmetric(like RSA) quantum crypto using symmetric keys

Quantum asymmetric cryptography with symmetric keys

Based on quantum encryption, we present a new idea for quantum public-key cryptography (QPKC) and construct a whole theoretical framework of a QPKC system. We show that the quantum-mechanical nature renders it feasible and reasonable to use symmetric keys in such a scheme, which is quite different from that in conventional public-key cryptography. The security of our scheme is analyzed and some features are discussed. Furthermore, the state-estimation attack to a prior QPKC scheme is demonstrated.

http://arxiv.org/abs/0810.2859

As a result, most of PKC schemes will be broken by future quantum computer. It is natural to ask, at that time, what is the substitution for PKC to distribute a key? One possible way is to exploit quantum mechanics, which is called quantum key distri- bution (QKD) or quantum cryptography [6]. QKD has a unique property, that is, the potential eavesdropping would be exposed by the users, and consequently it can achieve unconditional security in theory. This security is assured by fundamental principles in quantum mechanics instead of hardness of computational problems. In fact, QKD can only realize one application of PKC, i.e., key distribution. But about digital signature, the other important application, what can we do? Obviously we do not want to give up the significant flexibility of PKC even in the era of quantum computer. To this end the research is progressing along two directions. One is to look for difficult problems under quantum computa- tion (especially the existing quantum algorithms [4, 5]) and construct PKC based on them [7, 8, 9, 10]. In these schemes the key is still composed of classical bits, and it follows that the flexibility of PKC is retained. But the fact that their security lies on unproved computational assumptions is unchanged. For simplicity, we call this kind of cryptosystems the first class of quantum PKC (QPKC class I). The other direction pursues PKC with perfect security by adding more quantum elements in the schemes, which is just like that of QKD [11, 12]. In these schemes the security is assured by physical laws instead of unproved assumptions. However, the keys generally contain qubits, which are, at least within current tech- niques, more difficult to deal with, and then the flexibil- ity of PKC would be reduced to some extent. We call these cryptosystems the second class of quantum PKC (QPKC class II). In our opinion, both classes of QPKC are of significance for the future applications. Class I is more practical, whereas class II is more ideal and still needs more related researches. In this paper we study the latter.