WO2013179094A1 - Secured wireless communications - Google Patents
Secured wireless communications Download PDFInfo
- Publication number
- WO2013179094A1 WO2013179094A1 PCT/IB2012/052745 IB2012052745W WO2013179094A1 WO 2013179094 A1 WO2013179094 A1 WO 2013179094A1 IB 2012052745 W IB2012052745 W IB 2012052745W WO 2013179094 A1 WO2013179094 A1 WO 2013179094A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- polarisation
- events
- basis
- information
- polarisations
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
- H04L9/0858—Details about key distillation or coding, e.g. reconciliation, error correction, privacy amplification, polarisation coding or phase coding
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B10/00—Transmission systems employing electromagnetic waves other than radio-waves, e.g. infrared, visible or ultraviolet light, or employing corpuscular radiation, e.g. quantum communication
- H04B10/70—Photonic quantum communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/24—Key scheduling, i.e. generating round keys or sub-keys for block encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Definitions
- This disclosure relates to wireless communications and more particularly to secured wireless communications.
- wireless channels are provided between two or more nodes such as fixed and/or mobile communication devices, access points such as base stations, servers, machine type devices, and so on.
- wireless systems include public land mobile networks (PLMN) such as cellular networks, satellite based communication systems and different wireless local networks, for example wireless local area networks (WLAN) and/or Worldwide Interoperability for Microwave Access (WiMax).
- PLMN public land mobile networks
- WLAN wireless local area networks
- WiMax Worldwide Interoperability for Microwave Access
- a device for such systems is provided with appropriate signal receiving and transmitting apparatus for enabling communications with other parties.
- Wireless systems enable mobility for users where a mobile device can communicate over an air interface with another communication device such as e.g. a base station and/or other user equipment.
- Data transmissions between parties may need to be secured.
- Applications for example banking, shopping, email and so on, may rely on secure transactions over the Internet or other networks open to attacks.
- Increase in Internet commerce and transfer of computing tasks to remote servers has emphasized the need to maintain appropriate security of communications.
- Security can be provided based on a cryptographic protocol.
- Current cryptographic schemes e.g. public key encryption
- RSA encryption algorithm is based on the hardness of factoring a large number into its prime factors. This is a hard problem using standard computer technology but can become solvable with development of more powerful computing technologies, for example by a future quantum computer.
- Embodiments of the invention aim to address one or several of the above issues.
- a method comprising emitting from a sender device randomly photons in a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations with a recipient device, the recipient device being adapted for detection of events in association with six polarisations, receiving information of detected events from the recipient device, and processing the received information and stored information to determine events where same polarisation basis was used by the sender device and the recipient device.
- a method comprising receiving at a recipient device photons from a sender device via an optical channel emitted on a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations with the sender device, selecting randomly polarisation basis for measurement of received photons for detection of events on six polarisations, sending information of detected events in association with three basis to the sender device, and receiving information from the sender device of events where same polarisation basis was used by the sender device and the recipient device.
- an apparatus configured to cause emission of photons using randomly a first polarisation, a second polarisation and a third polarisation for sending the photons without aligning a polarisation system in a plane perpendicular to the first and second polarisations with a recipient device, the recipient device being adapted for detection of events in association six polarisations, and process information of detected events received from the recipient device and information stored in the sender device to determine events where same polarisation basis was used by the sender device and the recipient device.
- an apparatus configured to randomly select basis for measurement of photons received from a sender device emitted on a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations, and detect events in association with said six polarisations, cause sending of information of detected events, and receive information of events where the same polarisation basis was used by the sender device and the recipient device.
- a raw key is determined based on events where the first polarisation and/or second polarisation basis was used by the sender device and the recipient device.
- Certain predefined events dependent of the use of bases can be used for parameter estimation.
- the received information and stored information may be compared to determine bits for a raw key and bits for error correction.
- Bit values for use in error correction may be communicated when use of the same basis for at least one event is determined.
- the polarisations may be provided on the Poincare sphere.
- the polarisations by a sender device may comprise a main polarisation, an opposite to the main polarisation and a polarisation perpendicular to the main polarisation.
- Key distribution rate may be controlled based on distribution between polarisations.
- Synchronised timing may be used in association with the events.
- a time synchronised record of events detected by the recipient device may be correlated with a record of events maintained by the sender device, and the information obtained may be sifted to obtain raw keys based on bits in times when the same basis was used by the sender and recipient devices.
- a mobile device and/or a base station arranged to implement the embodiments may also be provided.
- a computer program comprising program code means adapted to perform the herein described methods may also be provided.
- apparatus and/or computer program product that can be embodied on a computer readable medium for providing at least one of the above methods is provided.
- Figure 1 shows polarisations on a Poincare sphere
- Figure 2 shows a schematic diagram of two devices in accordance with an embodiment
- Figures 3 and 4 show block diagrams of exemplifying optical encoders
- Figures 5 and 6 show block diagrams of exemplifying optical decoders
- FIGS 7 to 9 show flowcharts according certain embodiments
- Figure 10 is a diagram visualising key sifting process
- Figure 1 1 shows an example of control apparatus.
- a mobile device for communications with e.g. a base station is often referred to as user equipment (UE) or terminal.
- UE user equipment
- a mobile device for implementing the embodiments may be provided by any device capable of sending wireless signals to and/or receiving wireless signals on a wireless channel.
- the mobile device is also provided with apparatus for communication on an optical channel.
- Non-limiting examples of mobile devices include a mobile station (MS) such as a mobile phone or what is known as a 'smart phone', a portable computer such as a laptop, tablet or a personal data assistant (PDA) provided with wireless communication capabilities, or any combinations of these or the like.
- MS mobile station
- PDA personal data assistant
- An appropriate mobile device is provided with at least one data processing entity, at least one memory, and other possible components for use in software and hardware aided execution of tasks it is designed to perform, including control of communications with other parties and features relating to secure communications.
- the data processing, storage and other relevant control apparatus can be provided on an appropriate circuit board and/or in chipsets.
- a quantum key distribution system is used in the below described embodiments for securing mobile communications.
- a possible use case can be a mobile device establishing a shared key with a stationary terminal.
- Cryptographic schemes that use properties of quantum mechanical systems to distribute a secure key are considered as providing high levels of security.
- the current belief is that even a powerful eavesdropper who would only be limited by the laws of physics should not be able to compromise the security of the scheme.
- Implementations of quantum key distribution schemes rely on sending single photons between two terminals.
- a lightweight quantum key distribution arrangement suitable for mobile use is provided where the need for precise alignment of polarisation can be avoided.
- polarisation basis and polarisation (direction) refer to different features.
- the polarisation can be denoted for example as H, V, A, D, L, R.
- Polarisation pairs form each a basis (H, V), (A, D), and (L, R).
- a sender device can emit single photons of three possible polarisations on what is known as the Poincare sphere shown schematically in Figure 1.
- the possible polarisations, or states can be a main polarisation (1), its exact opposite (2) and a polarisation perpendicular to the main polarisation (3).
- a second or recipient devise can be adapted to measure the polarization in six directions. These polarisations can be the main direction and its opposite, two mutually perpendicular polarisations which are also perpendicular to the main polarisation, and their two opposites.
- a quantum key distribution scheme can be provided between two devices.
- Figure 2 shows a sender device 10, labelled terminal A, and a recipient device 10, labelled terminal B.
- terminal A comprises a mobile device, for example a mobile phone or a smartphone, a laptop, a notebook, a tablet computer and so forth and terminal B comprises a fixed node, for example a base station of a cellular system or a local network system.
- a radio frequency (RF) wireless link 19 is provided between devices 10 and 20. Both devices are provided with a communications subsystem for the wireless communications, for example appropriate radio apparatus 15 and 25, respectively, to facilitate wireless communications on link 16. It is noted that a wireless channel between the devices can also be provided based on other technologies, such as via an optical link.
- RF radio frequency
- Apparatus for generating and emitting the photons can comprise an optical encoder 12 emitting single photons, a beam controller 13 which allows directing the photons towards the recipient device, control electronics 14 for creating the electrical pulses needed to emit single photons, a (quantum) random number generator 1 1 , and a processor apparatus 18 for controlling these components.
- the apparatus 12 for optical encoding can be adapted to probabilistically convert light pulses emitted by the three light sources into a single photons polarised in three possible polarisations. Each light source can correspond to one polarisation. Two examples of the optical encoder are discussed below with reference to Figures 3 and 4.
- an optical encoder 30 comprises three light sources 1 , 2, 3.
- the light sources can be provided by any appropriate source, for example by laser diodes or light emitting diodes (LEDs).
- a 3-2 converter 34, a polarisation rotator - combiner 35, a spectral and spatial filter 36 and an attenuator 37 are also provided.
- Light generated by the light sources 1 - 3 can be converted to dual-rail encoding by the 3-2 converter such that light source 1 creates a pulse on a first rail 38 and light source 2 creates a pulse on a second rail 39 whilst light source 3 creates a pulse on both rails.
- the intensity of the pulse generated by light source 3 can be equal on both rails.
- the 3-2 converter apparatus can be implemented as integrated waveguides on a chip.
- the 3-2 converter can comprise a 50-50 beam splitter and two y-junctions connected as depicted in Figure 3.
- the polarisation rotator - combiner 35 converts the dual rail encoding into the polarisation encoding (1 , 2, 3). After that a spectral and spatial filter is applied to ensure that the three pulses are indistinguishable due to their spatial and frequency characteristics. Attenuation is applied before the photons exit the apparatus to bring the light pulses down to single photon level.
- the attenuator 37 is provided as the last element of the optical encoder.
- the attenuation can be used to introduce a probabilistic element as the attenuation can be chosen in such a way that the average photon number per pulse is much smaller than one.
- a problem that can arise when using attenuated light is that a small fraction of pulses can contain more than one photon. This may in certain occasions make the key distribution open to a photon number splitting attack where an eavesdropper intercepts one photon while letting the second one pass to terminal B.
- a technique that can be used to detect photon number splitting attacks is to use pulses with a variable number of photons.
- a variant of the scheme implementing decoy states can be provided by means of a tuneable attenuator.
- a second embodiment of the optical encoder addressing these is shown in Figure 4.
- An apparatus 40 can comprise three light sources 1 to 3, a polarising beam splitter (PBS) 44, a quarter wave plate ( ⁇ /4) 45, a beam splitter 46, a spectral and spatial filter 47, and an attenuator 48.
- PBS polarising beam splitter
- ⁇ /4 quarter wave plate
- a single photon based scheme can be provided also in various other ways. According to a possibility true single photon emitters are used. In these each input pulse is converted to a single photon. No further attenuation at the end of a circuit is need. Another example is heralded single photon sources. In these, whenever a single photon is produced a second signal announces the presence of a single photon. Other events can be rejected.
- Light sources 1 and 2 emit into the two arms of the polarising beam splitter (PBS) 44. After the PBS the originally linear polarisation (H, V) is converted to circular (L, R) by the quarter wave plate 45. The pulses then pass a beam splitter (BS) 46 with reflectivity a. The third light source 3 emits into the other arm of the beam splitter.
- a pulse in light source 1 creates a pulse of a first polarisation after the BS, similarly for diodes 2 and 3. Spectral and spatial filtering is the same as in the example of Figure 3.
- Terminal B can comprise a receiver that is able to receive a beam from terminal A.
- An optical decoder 22 capable of detecting single photons and their polarisation along three axes i.e. capable of providing six possible outputs is also provided.
- Control electronics 24 adapted for processing detector outputs and record their time trace, a communications subsystem 25 for the wireless communication, and a computer or processor 26 for controlling the above components are also shown.
- a decoder 50 is provided that comprises a spectral filter 51 to filter out ambient light and allow only light sent from terminal A.
- a polarisation rotator - splitter 52 is provided to convert the photon polarisation to dual rail encoding, a 2-6 converter 53 is used to convert dual rail encoding to six separate channels.
- Six single photon detectors 54 e.g. avalanche photodiodes are also shown.
- the 2-6 converter 53 can be implemented as integrated waveguides on a chip. A possible layout of the chip is shown in Fig. 5.
- the 2-6 converter can consist of 2 beamsplitters, two phaseshifters and four y-junctions. The transmission of the y-junctions can be adjusted to influence the relative frequency of detection events.
- FIG. 6 Another example for a decoder 60 shown in Figure 6.
- PBS polarising beamsplitters
- the half wave plate rotates the z-direction (L,R) to the x-direction (H,V), while the quarter wave plate rotates y-direction (A,D) to the x-direction (H,V), so that they can be detected by the polarizing beam-splitter-detector assembly.
- the two beam splitters with reflectivity a and ⁇ , respectively, determine the relative frequency of detection in three bases.
- a secure shared key can be obtained by means of this hardware.
- a unique combination of reference frame independence with a three state protocol is provided.
- an explicit implementation of the protocol using integrated or bulk optics can be provided. This can be combined with a lightweight design tailored for handheld short-range line-of-sight use.
- an operation according to the flowchart of Figure 7 is provided at a sender device.
- An optical channel is established at with a recipient device at 100 for emission of photons in a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane defined based on the first and second polarisations with the recipient device.
- the plane can be defined as being perpendicular to the first and second polarisations. It is noted that perpendicular in here refers to polarisation directions on the Poincare sphere, and not directions in real space.
- Photons are emitted at 102 in the direction of the recipient device using randomly the first, second and third polarisations as the basis for sending the photons.
- the sending takes place in arrangement where the recipient device is capable of detecting events in association with six polarisations. Information of detected events is then received at 104 from the recipient device. The sender device processes at 106 the received information and information stored in the sender device to determine events where the same basis was used by the sender device and the recipient device.
- This information can be used in generation of raw keys and/or detection of eavesdropping. For example, it can be determined based on comparison of the received and stored information which bits are to be used for the raw key and which bits are to be used for error correction. For example, when a bit in a first or a second polarisation was sent and the measurement basis was along one/two the bits are used for the raw key. Thus only events where polarisation one or two was sent and measured contribute to a raw key. All other combinations containing the third direction enter to other procedures to determine secure key rate and /or corresponding shortening of the raw key using hash functions. Events where the third polarisation is sent and measured may not contribute to the raw key. More detailed examples of these operations will be explained with reference to Figure 9.
- the number of polarisations of the sender device can be more than three.
- the three polarisations comprise two opposite polarisations, the third being in a plane perpendicular to the two opposite polarisations. Additional polarisations can be added so that the added polarisation is perpendicular or opposite the other polarisations.
- the sender device is configured to send four or five polarisations.
- Figure 8 shows actions taken by the recipient device.
- the recipient device After establishment of the optical channel at 1 10 the recipient device receives at 1 12 from the sender device photons via the optical channel based on a first polarisation, a second polarisation and a third polarisation. Alignment of a polarisation system in a plane perpendicular to the first and second polarisations is not necessary.
- Basis for measurement of received photons for detection of events on six polarisation bases is randomly selected at 114.
- Information of detected events in association with three basis is then sent at 1 16 to the sender device. Thus in steps 1 12 and 1 16 information only about the three basis is sent and information of the polarisations is not exchanged as this could reveal the key.
- Information is then received at 1 18 from the sender device regarding events where the same basis was used by the sender device and the recipient device. Examples of use of this information will be given below with reference to Figure 9.
- FIG. 9 A more detailed procedure for distributing a key between the first and recipient devices in accordance with an embodiment is shown in Figure 9 for the terminals shown in Figure 2.
- An optical channel is established between terminal A and terminal B at 70.
- a steering mechanism consisting of e.g. movable mirrors and/or other optical elements (e.g. lenses, pinholes, spatial phase modulators) can be used to direct the light beam from terminal A to terminal B as well as adjusting the receiver in terminal B in a way to receive the beam from terminal A.
- terminal A can start sending photons to terminal B at 71.
- the sender basis can be chosen at this stage in a truly random way.
- a quantum random number generator can act as a source for the randomness.
- the random number generator can be operated in real-time or fill up a random number buffer for later use.
- Distribution between the three possible sender states can be used influence the final key distribution rate.
- the distribution can be chosen such that the key rate can be optimised.
- Light sources s in terminal A may be activated periodically with a fixed period. This allows suppression of dark counts on the receiver side.
- Terminal B receives and detects at 72 the photons and records their arrival time.
- the design of the optical decoder can be such that the measurement basis is chosen randomly.
- the clocks of terminal A and terminal B are synchronised. This can be provided for example by sending a clocking signal between terminal A and terminal B as part of a transmission or by adjusting the clock in terminal B in order to maximise the count rate.
- Terminal B maintains a record of valid detector events for all six detectors.
- the record of the measured bases and the timing information is sent at 73 to terminal A.
- Terminal A correlates the record received at 74 from terminal B with its own record and returns at 75 the sent basis states and the bit values if the basis is not z for both terminal A and terminal B.
- Terminal B receives this information at 76 and obtains a raw key and check bits at 77.
- a small number of bit values for the case when both bases are z can be sent for the purpose of estimating the error rate at 78 for an error correction procedure. Thus not all bits where both bases are z may be used for the raw key.
- a small number can be used for parameter estimation and error correction step.
- Terminal A then performs a sifting of the received information and uses it to (see Fig. 10) obtain a raw key from events where the basis was z for both terminal A and terminal B.
- the sifting can consist of retaining only bits where the basis was z for both terminals.
- the raw key in figure 10 example would then be 0101 .
- the remaining events (check bits) are used to detect the presence of an eavesdropper. The presence of an eavesdropper may be detected for example based on a parameter estimation process.
- an error correcting code is constructed at 79 by terminal B and is sent at 80 to terminal A over a wireless link between the terminals.
- An example of a possible error correction code is a Low-density parity-check (LDPC) code.
- Terminal A receives the code at 81 and computes at 82 an error syndrome from the error correcting code and returns the error syndrome at 83 to terminal B.
- Terminal B receives the error syndrome at 84 and then performs error correction at 87 using e.g. a sum - product algorithm. Authentication may be performed at 85 and 86.
- LDPC Low-density parity-check
- Errors may be introduced during transmission either by random events or an eavesdropper.
- the raw key held by the recipient terminal may have errors which need to be corrected, while the key in the sender terminal is correct since it comes from a guaranteed random source. Error correction can take place in terminal B.
- an eavesdropper may have had the possibility to collect information about the key in two stages: during the transmission of optical pulses from terminal A to terminal B and during the unsecure exchange of information during error correction. Loss of information to an eavesdropper during optical transmission can be estimated from the check bits. An example for this is discussed below.
- D a is the number of detector events in detector a and shunt is the number of sent photons in direction b.
- the potential loss of information to an eavesdropper during error correction is the number of bits exchanged during error correction which are correlated with the raw key.
- the partially secure raw key can be shortened using a two-universal hash-function at privacy amplification step 88.
- the amount of shortening depends on the amount of information leaked during error correction and the estimated leak during the optical communication.
- the embodiments may be beneficial e.g. because a simple polarisation based quantum key distribution system may be provided that tolerates misalignment of polarisation direction between a sender and a receiver device and a precise alignment of the polarisations (HP) is not necessary.
- the scheme may make efficient use of distributed photons as no send/measure pairs are discarded.
- FIG. 1 1 shows an example of a control apparatus 90 capable of operating in accordance with the embodiments, for example to be coupled to and/or for controlling devices 10 and 20.
- the control apparatus can be configured to provide control functions in association with determination of various information, generation and communication of information between the various entities and/or control functions based on such information by means of the data processing facility in accordance with the certain embodiments described above.
- the control apparatus comprises at least one memory 91 , at least one data processing unit 92, 93 and an input/output interface 94.
- the control apparatus can be coupled to a receiver and/or transmitter of the relevant node via the interface.
- the control apparatus can be configured to execute an appropriate software code to provide the control functions.
- the control apparatus and functions may be distributed between a plurality of control units.
- the required data processing apparatus and functions may be provided by means of one or more data processors.
- the described functions may be provided by separate processors or by an integrated processor.
- the data processors may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), gate level circuits and processors based on multi core processor architecture, as non-limiting examples.
- the data processing may be distributed across several data processing modules.
- a data processor may be provided by means of, for example, at least one chip. Appropriate memory capacity can also be provided in the relevant devices.
- the memory or memories may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory.
- the various embodiments may be implemented in hardware or special purpose circuits, software, logic or any combination thereof. Some aspects of the invention may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although the invention is not limited thereto. While various aspects of the invention may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof.
- the software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Electromagnetism (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Optics & Photonics (AREA)
- Optical Communication System (AREA)
Abstract
The disclosure relates to secured wireless communications. A sender device emits randomly photons in a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations with a recipient device. The recipient device is adapted for detection of events in association with six polarisations. The recipient device selects randomly polarisation basis for measurement of the received photons. Information of detected events in association with three basis is communicated to the sender device. The information from the recipient device and information stored in the sender device is processed to determine events where same polarisation basis was used by the sender device and the recipient device.
Description
Secured wireless communications
This disclosure relates to wireless communications and more particularly to secured wireless communications.
In wireless communications wireless channels are provided between two or more nodes such as fixed and/or mobile communication devices, access points such as base stations, servers, machine type devices, and so on. Examples of wireless systems include public land mobile networks (PLMN) such as cellular networks, satellite based communication systems and different wireless local networks, for example wireless local area networks (WLAN) and/or Worldwide Interoperability for Microwave Access (WiMax). A device for such systems is provided with appropriate signal receiving and transmitting apparatus for enabling communications with other parties. Wireless systems enable mobility for users where a mobile device can communicate over an air interface with another communication device such as e.g. a base station and/or other user equipment.
Data transmissions between parties may need to be secured. Applications, for example banking, shopping, email and so on, may rely on secure transactions over the Internet or other networks open to attacks. Increase in Internet commerce and transfer of computing tasks to remote servers (e.g. "cloud computing") has emphasized the need to maintain appropriate security of communications. Security can be provided based on a cryptographic protocol. Current cryptographic schemes (e.g. public key encryption) rely on the hardness of solving certain mathematical problems. For example, the commonly used RSA encryption algorithm is based on the hardness of factoring a large number into its prime factors. This is a hard problem using standard computer technology but can become solvable with development of more powerful computing technologies, for example by a future quantum computer. In the context of mobile communications an issue may arise in that the mobile devices are often handheld or otherwise portable and thus should be as lightweight and simple as possible. Because of the mobility of the devices their location relative to the other party might not be known.
It is noted that the above discussed issues are not limited to any particular communication environments and apparatus but may occur in any context where security is needed for wireless communications.
Embodiments of the invention aim to address one or several of the above issues.
In accordance with an embodiment there is provided a method comprising emitting from a sender device randomly photons in a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations with a recipient device, the recipient device being adapted for detection of events in association with six polarisations, receiving information of detected events from the recipient device, and processing the received information and stored information to determine events where same polarisation basis was used by the sender device and the recipient device.
In accordance with an embodiment there is provided a method comprising receiving at a recipient device photons from a sender device via an optical channel emitted on a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations with the sender device, selecting randomly polarisation basis for measurement of received photons for detection of events on six polarisations, sending information of detected events in association with three basis to the sender device, and receiving information from the sender device of events where same polarisation basis was used by the sender device and the recipient device.
In accordance with an embodiment there is provided an apparatus configured to cause emission of photons using randomly a first polarisation, a second polarisation and a third polarisation for sending the photons without aligning a polarisation system in a plane perpendicular to the first and second polarisations with a recipient device, the recipient device being adapted for detection of events in association six polarisations, and process information of detected events received from the recipient device and information stored in the sender device to determine events where same polarisation basis was used by the sender device and the recipient device.
In accordance with an embodiment there is provided an apparatus configured to randomly select basis for measurement of photons received from a sender device emitted on a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations, and detect events in association with said six polarisations, cause sending of information of detected events, and receive information of events where the same polarisation basis was used by the sender device and the recipient device.
In accordance with a more detailed embodiment a raw key is determined based on events where the first polarisation and/or second polarisation basis was used by the sender device and the recipient device.
Certain predefined events dependent of the use of bases can be used for parameter estimation.
The received information and stored information may be compared to determine bits for a raw key and bits for error correction.
Bit values for use in error correction may be communicated when use of the same basis for at least one event is determined.
The polarisations may be provided on the Poincare sphere. The polarisations by a sender device may comprise a main polarisation, an opposite to the main polarisation and a polarisation perpendicular to the main polarisation.
Key distribution rate may be controlled based on distribution between polarisations.
Synchronised timing may be used in association with the events. A time synchronised record of events detected by the recipient device may be correlated with a record of events maintained by the sender device, and the information obtained may be sifted to obtain raw keys based on bits in times when the same basis was used by the sender and recipient devices.
A mobile device and/or a base station arranged to implement the embodiments may also be provided.
A computer program comprising program code means adapted to perform the herein described methods may also be provided. In accordance with further embodiments apparatus and/or computer program product that
can be embodied on a computer readable medium for providing at least one of the above methods is provided.
It should be appreciated that any feature of any aspect may be combined with any other feature of any other aspect.
Embodiments will now be described in further detail, by way of example only, with reference to the following examples and accompanying drawings, in which:
Figure 1 shows polarisations on a Poincare sphere;
Figure 2 shows a schematic diagram of two devices in accordance with an embodiment;
Figures 3 and 4 show block diagrams of exemplifying optical encoders;
Figures 5 and 6 show block diagrams of exemplifying optical decoders;
Figures 7 to 9 show flowcharts according certain embodiments;
Figure 10 is a diagram visualising key sifting process; and
Figure 1 1 shows an example of control apparatus.
In the following certain exemplifying embodiments are explained in the context of wireless or mobile communications where secure communications are provided for a mobile communication device. A mobile device for communications with e.g. a base station is often referred to as user equipment (UE) or terminal. A mobile device for implementing the embodiments may be provided by any device capable of sending wireless signals to and/or receiving wireless signals on a wireless channel. The mobile device is also provided with apparatus for communication on an optical channel. Non-limiting examples of mobile devices include a mobile station (MS) such as a mobile phone or what is known as a 'smart phone', a portable computer such as a laptop, tablet or a personal data assistant (PDA) provided with wireless communication capabilities, or any combinations of these or the like. An appropriate mobile device is provided with at least one data processing entity, at least one memory, and other possible components for use in software and hardware aided execution of tasks it is designed to perform, including control of communications with other parties and features
relating to secure communications. The data processing, storage and other relevant control apparatus can be provided on an appropriate circuit board and/or in chipsets.
A quantum key distribution system is used in the below described embodiments for securing mobile communications. A possible use case can be a mobile device establishing a shared key with a stationary terminal. Cryptographic schemes that use properties of quantum mechanical systems to distribute a secure key are considered as providing high levels of security. For example, the current belief is that even a powerful eavesdropper who would only be limited by the laws of physics should not be able to compromise the security of the scheme. Implementations of quantum key distribution schemes rely on sending single photons between two terminals. In accordance with an embodiment a lightweight quantum key distribution arrangement suitable for mobile use is provided where the need for precise alignment of polarisation can be avoided.
Before explaining possible terminal devices in more detail, a reference is made to a possible polarization system is represented on a Poincare sphere in Figure 1. Perpendicularity of different polarizations can be defined on the Poincare sphere which is different from perpendicularity of polarization directions in a real space. The term perpendicular is used herein in this manner throughout this document. It is noted that terms polarisation basis and polarisation (direction) refer to different features. The polarisation can be denoted for example as H, V, A, D, L, R. Polarisation pairs form each a basis (H, V), (A, D), and (L, R).
A sender device can emit single photons of three possible polarisations on what is known as the Poincare sphere shown schematically in Figure 1. The possible polarisations, or states, can be a main polarisation (1), its exact opposite (2) and a polarisation perpendicular to the main polarisation (3). A second or recipient devise can be adapted to measure the polarization in six directions. These polarisations can be the main direction and its opposite, two mutually perpendicular polarisations which are also perpendicular to the main polarisation, and their two opposites.
A quantum key distribution scheme can be provided between two devices. Figure 2 shows a sender device 10, labelled terminal A, and a recipient device 10, labelled terminal B. In accordance with an embodiment terminal A comprises a mobile device, for example a mobile phone or a smartphone, a laptop, a notebook, a tablet computer and so forth and terminal B comprises a fixed node, for example a base station of a cellular system or a local network system.
In Figure 2 a radio frequency (RF) wireless link 19 is provided between devices 10 and 20. Both devices are provided with a communications subsystem for the wireless communications, for example appropriate radio apparatus 15 and 25, respectively, to facilitate wireless communications on link 16. It is noted that a wireless channel between the devices can also be provided based on other technologies, such as via an optical link.
Distribution of keys between devices 10 and 20 is based on sending of photons from device 10 to device 20 over optical link 17. In accordance with an embodiment single photons are sent in each polarisation. Apparatus for generating and emitting the photons can comprise an optical encoder 12 emitting single photons, a beam controller 13 which allows directing the photons towards the recipient device, control electronics 14 for creating the electrical pulses needed to emit single photons, a (quantum) random number generator 1 1 , and a processor apparatus 18 for controlling these components. The apparatus 12 for optical encoding can be adapted to probabilistically convert light pulses emitted by the three light sources into a single photons polarised in three possible polarisations. Each light source can correspond to one polarisation. Two examples of the optical encoder are discussed below with reference to Figures 3 and 4.
In accordance with the example shown in Figure 3 an optical encoder 30 comprises three light sources 1 , 2, 3. The light sources can be provided by any appropriate source, for example by laser diodes or light emitting diodes (LEDs). A 3-2 converter 34, a polarisation rotator - combiner 35, a spectral and spatial filter 36 and an attenuator 37 are also provided. Light generated by the light sources 1 - 3 can be converted to dual-rail encoding by the 3-2 converter such that light source 1 creates a pulse on a first rail 38
and light source 2 creates a pulse on a second rail 39 whilst light source 3 creates a pulse on both rails. The intensity of the pulse generated by light source 3 can be equal on both rails.
In the encoders of Figures 3 and 4 three polarisations can be used. The decoders of Figures 5 and 6 can measure six polarisations (two in each basis).
In accordance with a possibility the 3-2 converter apparatus can be implemented as integrated waveguides on a chip. The 3-2 converter can comprise a 50-50 beam splitter and two y-junctions connected as depicted in Figure 3. The polarisation rotator - combiner 35 converts the dual rail encoding into the polarisation encoding (1 , 2, 3). After that a spectral and spatial filter is applied to ensure that the three pulses are indistinguishable due to their spatial and frequency characteristics. Attenuation is applied before the photons exit the apparatus to bring the light pulses down to single photon level. Thus the attenuator 37 is provided as the last element of the optical encoder. The attenuation can be used to introduce a probabilistic element as the attenuation can be chosen in such a way that the average photon number per pulse is much smaller than one.
In probabilistic sources a strong light pulse is attenuated in such a way that it contains on average a photon number much smaller than one. As a result of the attenuation most of the pulses contains no photons, a small number contains one photon and an even smaller number contains multiple photons.
A problem that can arise when using attenuated light is that a small fraction of pulses can contain more than one photon. This may in certain occasions make the key distribution open to a photon number splitting attack where an eavesdropper intercepts one photon while letting the second one pass to terminal B. A technique that can be used to detect photon number splitting attacks is to use pulses with a variable number of photons. A variant of the scheme implementing decoy states can be provided by means of a tuneable attenuator. A second embodiment of the optical encoder addressing these is shown in Figure 4. An apparatus 40 according to this embodiment can comprise three light sources 1 to 3, a polarising beam splitter (PBS) 44,
a quarter wave plate (λ/4) 45, a beam splitter 46, a spectral and spatial filter 47, and an attenuator 48.
A single photon based scheme can be provided also in various other ways. According to a possibility true single photon emitters are used. In these each input pulse is converted to a single photon. No further attenuation at the end of a circuit is need. Another example is heralded single photon sources. In these, whenever a single photon is produced a second signal announces the presence of a single photon. Other events can be rejected.
Light sources 1 and 2 emit into the two arms of the polarising beam splitter (PBS) 44. After the PBS the originally linear polarisation (H, V) is converted to circular (L, R) by the quarter wave plate 45. The pulses then pass a beam splitter (BS) 46 with reflectivity a. The third light source 3 emits into the other arm of the beam splitter. A pulse in light source 1 creates a pulse of a first polarisation after the BS, similarly for diodes 2 and 3. Spectral and spatial filtering is the same as in the example of Figure 3.
Terminal B (see Fig. 2) can comprise a receiver that is able to receive a beam from terminal A. An optical decoder 22 capable of detecting single photons and their polarisation along three axes i.e. capable of providing six possible outputs is also provided. Control electronics 24 adapted for processing detector outputs and record their time trace, a communications subsystem 25 for the wireless communication, and a computer or processor 26 for controlling the above components are also shown.
Two different exemplifying implementations of the optical decoder for the recipient device 20, or terminal B of Figure 2, are now discussed with reference to Figures 5 and 6. In Fig. 5 example a decoder 50 is provided that comprises a spectral filter 51 to filter out ambient light and allow only light sent from terminal A. A polarisation rotator - splitter 52 is provided to convert the photon polarisation to dual rail encoding, a 2-6 converter 53 is used to convert dual rail encoding to six separate channels. Six single photon detectors 54 (e.g. avalanche photodiodes) are also shown.
The 2-6 converter 53 can be implemented as integrated waveguides on a chip. A possible layout of the chip is shown in Fig. 5. The 2-6 converter can consist of 2 beamsplitters, two phaseshifters and four y-junctions. The
transmission of the y-junctions can be adjusted to influence the relative frequency of detection events.
Another example for a decoder 60 shown in Figure 6. Two beamsplitters (BS) 61 , 62 with reflectivities a and β, respectively, three polarising beamsplitters (PBS) 63 - 65, a quarter wave plate 66, a half wave plate 67, and six single photon detectors 68 (e.g. avalanche photodiodes) are shown. Each block of two detectors 68 with their adjoining polarising beam splitter can detect if a photon is horizontally or vertically polarised. Thus, to detect in the x-direction (see Fig. 1) no additional polarisation rotation is necessary. The half wave plate rotates the z-direction (L,R) to the x-direction (H,V), while the quarter wave plate rotates y-direction (A,D) to the x-direction (H,V), so that they can be detected by the polarizing beam-splitter-detector assembly. The two beam splitters with reflectivity a and β, respectively, determine the relative frequency of detection in three bases.
The local polarisation coordinate systems for terminal A and terminal
B are not aligned in the xy-plane. Choice of (L,R) coordinates for the z- direction can be used to stabilise the system against perturbations.
A secure shared key can be obtained by means of this hardware. In the embodiment a unique combination of reference frame independence with a three state protocol is provided. In accordance with a possibility an explicit implementation of the protocol using integrated or bulk optics can be provided. This can be combined with a lightweight design tailored for handheld short-range line-of-sight use.
In accordance with an embodiment an operation according to the flowchart of Figure 7 is provided at a sender device. An optical channel is established at with a recipient device at 100 for emission of photons in a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane defined based on the first and second polarisations with the recipient device. The plane can be defined as being perpendicular to the first and second polarisations. It is noted that perpendicular in here refers to polarisation directions on the Poincare sphere, and not directions in real space. Photons are emitted at 102 in the direction of the recipient device using randomly the first, second and third polarisations
as the basis for sending the photons. The sending takes place in arrangement where the recipient device is capable of detecting events in association with six polarisations. Information of detected events is then received at 104 from the recipient device. The sender device processes at 106 the received information and information stored in the sender device to determine events where the same basis was used by the sender device and the recipient device.
This information can be used in generation of raw keys and/or detection of eavesdropping. For example, it can be determined based on comparison of the received and stored information which bits are to be used for the raw key and which bits are to be used for error correction. For example, when a bit in a first or a second polarisation was sent and the measurement basis was along one/two the bits are used for the raw key. Thus only events where polarisation one or two was sent and measured contribute to a raw key. All other combinations containing the third direction enter to other procedures to determine secure key rate and /or corresponding shortening of the raw key using hash functions. Events where the third polarisation is sent and measured may not contribute to the raw key. More detailed examples of these operations will be explained with reference to Figure 9.
The number of polarisations of the sender device can be more than three. The three polarisations comprise two opposite polarisations, the third being in a plane perpendicular to the two opposite polarisations. Additional polarisations can be added so that the added polarisation is perpendicular or opposite the other polarisations. In accordance with an embodiment the sender device is configured to send four or five polarisations.
Figure 8 shows actions taken by the recipient device. After establishment of the optical channel at 1 10 the recipient device receives at 1 12 from the sender device photons via the optical channel based on a first polarisation, a second polarisation and a third polarisation. Alignment of a polarisation system in a plane perpendicular to the first and second polarisations is not necessary. Basis for measurement of received photons for detection of events on six polarisation bases is randomly selected at 114.
Information of detected events in association with three basis is then sent at 1 16 to the sender device. Thus in steps 1 12 and 1 16 information only about the three basis is sent and information of the polarisations is not exchanged as this could reveal the key. Information is then received at 1 18 from the sender device regarding events where the same basis was used by the sender device and the recipient device. Examples of use of this information will be given below with reference to Figure 9.
A more detailed procedure for distributing a key between the first and recipient devices in accordance with an embodiment is shown in Figure 9 for the terminals shown in Figure 2. An optical channel is established between terminal A and terminal B at 70. A steering mechanism consisting of e.g. movable mirrors and/or other optical elements (e.g. lenses, pinholes, spatial phase modulators) can be used to direct the light beam from terminal A to terminal B as well as adjusting the receiver in terminal B in a way to receive the beam from terminal A. Once the optical channel is established terminal A can start sending photons to terminal B at 71. There is no need to align polarisations coordinate systems are in the XY plane. The sender basis can be chosen at this stage in a truly random way. In accordance with a possibility a quantum random number generator can act as a source for the randomness. The random number generator can be operated in real-time or fill up a random number buffer for later use.
Distribution between the three possible sender states can be used influence the final key distribution rate. The distribution can be chosen such that the key rate can be optimised.
Light sources s in terminal A may be activated periodically with a fixed period. This allows suppression of dark counts on the receiver side.
After appropriate attenuation only a small fraction of time slots may contain a photon. Terminal B receives and detects at 72 the photons and records their arrival time. The design of the optical decoder can be such that the measurement basis is chosen randomly.
In order to allow the suppression of random counts the clocks of terminal A and terminal B are synchronised. This can be provided for example by sending a clocking signal between terminal A and terminal B as
part of a transmission or by adjusting the clock in terminal B in order to maximise the count rate.
Any random / non-valid detection events can be rejected. Terminal B maintains a record of valid detector events for all six detectors. The record of the measured bases and the timing information is sent at 73 to terminal A. Terminal A correlates the record received at 74 from terminal B with its own record and returns at 75 the sent basis states and the bit values if the basis is not z for both terminal A and terminal B. Terminal B receives this information at 76 and obtains a raw key and check bits at 77. A small number of bit values for the case when both bases are z can be sent for the purpose of estimating the error rate at 78 for an error correction procedure. Thus not all bits where both bases are z may be used for the raw key. A small number can be used for parameter estimation and error correction step. Terminal A then performs a sifting of the received information and uses it to (see Fig. 10) obtain a raw key from events where the basis was z for both terminal A and terminal B. The sifting can consist of retaining only bits where the basis was z for both terminals. The raw key in figure 10 example would then be 0101 . The remaining events (check bits) are used to detect the presence of an eavesdropper. The presence of an eavesdropper may be detected for example based on a parameter estimation process.
Based on the error estimate in the z-z basis an error correcting code is constructed at 79 by terminal B and is sent at 80 to terminal A over a wireless link between the terminals. An example of a possible error correction code is a Low-density parity-check (LDPC) code. Terminal A receives the code at 81 and computes at 82 an error syndrome from the error correcting code and returns the error syndrome at 83 to terminal B. Terminal B receives the error syndrome at 84 and then performs error correction at 87 using e.g. a sum - product algorithm. Authentication may be performed at 85 and 86.
After successful error correction terminal A and terminal B have identical raw keys.
Errors may be introduced during transmission either by random events or an eavesdropper. The raw key held by the recipient terminal may have errors which need to be corrected, while the key in the sender terminal is
correct since it comes from a guaranteed random source. Error correction can take place in terminal B.
During the procedure an eavesdropper may have had the possibility to collect information about the key in two stages: during the transmission of optical pulses from terminal A to terminal B and during the unsecure exchange of information during error correction. Loss of information to an eavesdropper during optical transmission can be estimated from the check bits. An example for this is discussed below.
In order to estimate error rates we consider the vector ¾ =(xt>, yt>, zt>) corresponding to each transmitted direction b = (x+, z+, z-),
where
xb = Vx+\b ~ Vx-\b and similarly for the polarisations y and z with the probability to register a click in detector a = (x+, x-, y+, y-, z+, z-) given by
In the above Da is the number of detector events in detector a and s„ is the number of sent photons in direction b.
Similar considerations apply for polarisations y and z. For an errorless transmission we obtain rx+ =(cos a, sin a, 0), rz+ =(0, 0, 1 ) and rz- =(0, 0, -1 ), where a is the misalignment of the polarisations between terminal A and terminal B. Note that for an errorless transmission the length of the vector is unity, and thus independent of the misalignment. Any eavesdropping attempt will result in deviations from this ideal behaviour. The leaked information can be estimated from this using an appropriate method.
The potential loss of information to an eavesdropper during error correction is the number of bits exchanged during error correction which are correlated with the raw key. In order to obtain a secure key the partially secure raw key can be shortened using a two-universal hash-function at privacy amplification step 88. The amount of shortening depends on the
amount of information leaked during error correction and the estimated leak during the optical communication.
In the above examples single photons per pulse were emitted in each polarisation. This is not necessary in all scenarios and multiple photons may be also used in certain applications.
The embodiments may be beneficial e.g. because a simple polarisation based quantum key distribution system may be provided that tolerates misalignment of polarisation direction between a sender and a receiver device and a precise alignment of the polarisations (HP) is not necessary. The scheme may make efficient use of distributed photons as no send/measure pairs are discarded.
It is noted that whilst embodiments have been described using a mobile system as an example, similar principles can be applied to any other communication system where security needs to be provided between communicating devices. For example, instead of communications between a mobile station and a base station the communications may be provided between two mobile devices, or between two static or semi-static devices. For example, the principles can be applied where no fixed equipment is provided but a communication system is provided by means of a plurality of user equipment, for example in adhoc networks. Therefore, although certain embodiments were described above by way of example with reference to certain exemplifying architectures for wireless networks, technologies and standards, embodiments may be applied to any other suitable forms of communication systems than those illustrated and described herein.
Mobile devices, base stations and other communicating devices are typically controlled by at least one appropriate controller apparatus so as to enable operation thereof and control of wireless communications between the devices and/or the base station. The control apparatus can be interconnected with other control entities. Figure 1 1 shows an example of a control apparatus 90 capable of operating in accordance with the embodiments, for example to be coupled to and/or for controlling devices 10 and 20. The control apparatus can be configured to provide control functions in association with determination of various information, generation and
communication of information between the various entities and/or control functions based on such information by means of the data processing facility in accordance with the certain embodiments described above. For this purpose the control apparatus comprises at least one memory 91 , at least one data processing unit 92, 93 and an input/output interface 94. The control apparatus can be coupled to a receiver and/or transmitter of the relevant node via the interface. The control apparatus can be configured to execute an appropriate software code to provide the control functions. The control apparatus and functions may be distributed between a plurality of control units.
The required data processing apparatus and functions may be provided by means of one or more data processors. The described functions may be provided by separate processors or by an integrated processor. The data processors may be of any type suitable to the local technical environment, and may include one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), gate level circuits and processors based on multi core processor architecture, as non-limiting examples. The data processing may be distributed across several data processing modules. A data processor may be provided by means of, for example, at least one chip. Appropriate memory capacity can also be provided in the relevant devices. The memory or memories may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory.
In general, the various embodiments may be implemented in hardware or special purpose circuits, software, logic or any combination thereof. Some aspects of the invention may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although the invention is not limited thereto. While various aspects of the invention may be illustrated and described as block diagrams, flow charts, or using some
other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof. The software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.
The foregoing description has provided by way of exemplary and non- limiting examples a full and informative description of the exemplary embodiment of this invention. However, various modifications and adaptations may become apparent to those skilled in the relevant arts in view of the foregoing description, when read in conjunction with the accompanying drawings and the appended claims. However, all such and similar modifications of the teachings of this invention will still fall within the spirit and scope of this invention as defined in the appended claims. Indeed there is a further embodiment comprising a combination of one or more of any of the other embodiments previously discussed.
Claims
1. A method comprising
emitting from a sender device randomly photons in a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations with a recipient device, the recipient device being adapted for detection of events in association with six polarisations,
receiving information of detected events from the recipient device, and processing the received information and stored information to determine events where same polarisation basis was used by the sender device and the recipient device.
2. A method comprising
receiving at a recipient device photons from a sender device via an optical channel emitted on a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations with the sender device, selecting randomly polarisation basis for measurement of received photons for detection of events on six polarisations,
sending information of detected events in association with three basis to the sender device, and
receiving information from the sender device of events where same polarisation basis was used by the sender device and the recipient device.
3. A method according to claim 1 or 2, comprising determining a raw key based on first events where the first polarisation and/or second polarisation was used by the sender device and the recipient device.
4. A method according to claim 3, comprising using second events for parameter estimation.
5. A method according to any preceding claim, comprising comparing the received information and stored information to determine bits for a raw key and bits for error correction.
6. A method according to any preceding claim, comprising
determining use of different basis by the sender device and the recipient device for an event, and
communicating information of sender basis and bit values in response to determination of at least one event with different basis.
7. A method according to any preceding claim, comprising communication bit values for use in error correction when use of the same basis for at least one event is determined.
8. A method according to any preceding claim, comprising emitting a single photon per pulse in each polarisation.
9. A method according to any of claims 1 to 7, comprising emitting pulses with a different number of photons , wherein the average number of photons per pulse is less than one.
10. A method according to any preceding claim, wherein the polarisations are provided on the Poincare sphere and comprise a main polarisation, an opposite to the main polarisation and a polarisation perpendicular to the main polarisation.
1 1. A method according to any preceding claim, wherein the sender device further emits a fourth polarisation or a fourth and fifth polarisations. .
12. A method according to any preceding claim, comprising using synchronised timing for the events.
13. A method according to any preceding claim, comprising controlling key distribution rate based on distribution between the polarisations.
14. A method according to any preceding claim, comprising periodic activation of the emitting of photons for a fixed period.
15. A method according to any preceding claim, comprising
correlating a time synchronised record of events detected by the recipient device with a record of events maintained by the sender device, and sifting the information to obtain raw keys based on bits in times when the same basis was used by the sender and recipient devices.
16. An apparatus configured to
cause emission of photons using randomly a first polarisation, a second polarisation and a third polarisation for sending the photons without aligning a polarisation system in a plane perpendicular to the first and second polarisations with a recipient device, the recipient device being adapted for detection of events in association six polarisations, and
process information of detected events received from the recipient device and information stored in the sender device to determine events where same polarisation basis was used by the sender device and the recipient device.
17. An apparatus configured to
randomly select basis for measurement of photons received from a sender device emitted on a first polarisation, a second polarisation and a third polarisation without aligning a polarisation system in a plane perpendicular to the first and second polarisations, and
detect events in association with said six polarisations,
cause sending of information of detected events, and
receive information of events where the same polarisation basis was used by the sender device and the recipient device.
18. An apparatus according to claim 16 or 17, configured to determine a raw key based on events where the first polarisation and/or second polarisation was used by the sender device and the recipient device.
19. An apparatus according to claim 18, configured to use information of second events in parameter estimation.
20. An apparatus according to any of claims 16 to 19, configured to determine bits for a raw key and bits for error correction based on comparison of information of the basis used by the sender and recipient devices.
21. An apparatus according to any of claims 16 to 20, configured to determine use of different basis by the sender device and the recipient device for an event, and
cause communication of information of sender basis and bit values in response to determination of at least one event with different basis.
22. An apparatus according to any of claims 16 to 21 , configured to cause communication of bit values for use in error correction when use of same basis for at least one event is determined.
23. An apparatus according to any of claims 16 to 22, configured to use synchronised timing for the events.
24. An apparatus according to any of claims 16 to 23, comprising a quantum random number generator for providing randomness for the basis selection.
25. An apparatus according to any of claims 16 to 24, configured to control key distribution rate based on distribution between the polarisations.
26. An apparatus according to any of claims 16 to 25, configured to periodically activate a period of photon emission.
27. An apparatus according to any of claims 16 to 26, configured to
correlate a time synchronised record of events detected by the recipient device with a record of events maintained by the sender device, and sift the information to obtain raw keys based on bits in times when the same basis was used by the sender and recipient devices.
28. A mobile device comprising the apparatus of claim 16 or any claim dependent on claim 16.
29. A base station comprising the apparatus of claim 17 or any claim dependent on claim 17.
30. A computer program comprising code means adapted to perform the steps of any of claims 1 to 15 when the program is run on a processor.
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP12878031.9A EP2856697A4 (en) | 2012-05-31 | 2012-05-31 | Secured wireless communications |
CN201280073589.7A CN104350701B (en) | 2012-05-31 | 2012-05-31 | The radio communication of safety |
US14/402,677 US9641326B2 (en) | 2012-05-31 | 2012-05-31 | Secured wireless communications |
PCT/IB2012/052745 WO2013179094A1 (en) | 2012-05-31 | 2012-05-31 | Secured wireless communications |
US15/090,851 US10225081B2 (en) | 2012-05-31 | 2016-04-05 | Secured wireless communications |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/IB2012/052745 WO2013179094A1 (en) | 2012-05-31 | 2012-05-31 | Secured wireless communications |
Related Child Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/402,677 A-371-Of-International US9641326B2 (en) | 2012-05-31 | 2012-05-31 | Secured wireless communications |
US15/090,851 Continuation US10225081B2 (en) | 2012-05-31 | 2016-04-05 | Secured wireless communications |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2013179094A1 true WO2013179094A1 (en) | 2013-12-05 |
Family
ID=49672550
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2012/052745 WO2013179094A1 (en) | 2012-05-31 | 2012-05-31 | Secured wireless communications |
Country Status (4)
Country | Link |
---|---|
US (2) | US9641326B2 (en) |
EP (1) | EP2856697A4 (en) |
CN (1) | CN104350701B (en) |
WO (1) | WO2013179094A1 (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015189456A1 (en) | 2014-06-09 | 2015-12-17 | Nokia Technologies Oy | Fibre-based communication |
CN105940635A (en) * | 2014-02-06 | 2016-09-14 | 诺基亚技术有限公司 | Reception and generation of light |
WO2016170223A1 (en) * | 2015-04-22 | 2016-10-27 | Nokia Technologies Oy | Fibre-optic communication based on dual-rail and polarization encoding |
CN106357399A (en) * | 2016-10-26 | 2017-01-25 | 深圳市太赫兹科技创新研究院有限公司 | Quantum key distribution light source monitoring device and monitoring method thereof |
CN106500739A (en) * | 2016-11-18 | 2017-03-15 | 威科达(东莞)智能控制有限公司 | A kind of method communicated with absolute value encoder |
WO2017055677A1 (en) | 2015-10-02 | 2017-04-06 | Nokia Technologies Oy | Dual rail compensation in phase encoded communication |
US9794065B2 (en) | 2012-10-15 | 2017-10-17 | Nokia Technologies Oy | Quantum key distribution |
US10097526B2 (en) | 2014-02-14 | 2018-10-09 | Nokia Technologies Oy | Key distribution in a wireless system |
US10254556B2 (en) | 2014-04-28 | 2019-04-09 | Nokia Technologies Oy | Polarization rotator-combiner for optical communications |
US10367638B2 (en) | 2013-12-16 | 2019-07-30 | Nokia Technologies Oy | Method and apparatus for quantum cryptography |
US10601507B2 (en) | 2013-03-25 | 2020-03-24 | Nokia Technologies Oy | Optical link establishment |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR101718781B1 (en) * | 2015-01-23 | 2017-04-04 | 서울시립대학교 산학협력단 | Mobile device with quantum cryptography capability for secure moble commerce and authentification method therefor |
US20160260013A1 (en) * | 2015-03-06 | 2016-09-08 | Nokia Technologies Oy | Method and apparatus for optimization |
JP6490613B2 (en) * | 2016-03-14 | 2019-03-27 | 株式会社東芝 | COMMUNICATION DEVICE, QUANTUM KEY DISTRIBUTION SYSTEM, QUANTUM KEY DISTRIBUTION METHOD, AND PROGRAM |
JP2018050122A (en) * | 2016-09-20 | 2018-03-29 | 株式会社東芝 | Transmitter, quantum communication system and quantum communication method |
CN108777614B (en) * | 2018-07-05 | 2023-08-18 | 清华大学 | Encryption and decryption device and encryption and decryption method based on general hash function |
US11223424B2 (en) * | 2018-08-10 | 2022-01-11 | Nokia Technologies Oy | Fibre-based communication |
CN110224819B (en) * | 2019-06-04 | 2020-10-30 | 中国科学院半导体研究所 | On-chip decoder for time BB84 protocol |
US11233579B1 (en) | 2020-12-11 | 2022-01-25 | Robert Bosch Gmbh | Current injection based generation of indistinguishable Glauber-state and decoy-state optical signals |
GB2607105B (en) * | 2021-05-28 | 2023-05-31 | Toshiba Kk | An optical emitter, communication system and method |
CA3126975A1 (en) * | 2021-08-05 | 2023-02-05 | Com Dev Ltd. | Quantum key distribution system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080310856A1 (en) * | 2007-06-15 | 2008-12-18 | Austrian Research Centers Gmbh - Arc | Method and Device for Readjusting a Polarization Drift |
WO2012018246A1 (en) * | 2010-08-05 | 2012-02-09 | Mimos Berhad | A six quantum state producing encoder system and a method of producing thereof |
US20120087500A1 (en) | 2010-10-06 | 2012-04-12 | Sony Corporation | Quantum encryption communication apparatus, quantum encryption communication method, and quantum encryption communication system |
US20120195430A1 (en) * | 2011-02-02 | 2012-08-02 | Nokia Corporation | Quantum Key Distribution |
Family Cites Families (24)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4445780A (en) * | 1982-03-01 | 1984-05-01 | The United States Of America As Represented By The Secretary Of The Navy | Fiber optic rotation-sensing gyroscope with (3×2) coupler |
US6188768B1 (en) * | 1998-03-31 | 2001-02-13 | International Business Machines Corporation | Autocompensating quantum cryptographic key distribution system based on polarization splitting of light |
US6289104B1 (en) * | 1998-08-07 | 2001-09-11 | Ilinois Institute Of Technology | Free-space quantum cryptography system |
WO2002084337A2 (en) * | 2001-04-11 | 2002-10-24 | Magiq Technologies, Inc. | Polarization to phase converter |
JP4462806B2 (en) * | 2002-02-22 | 2010-05-12 | 日本電気株式会社 | Quantum cryptographic key distribution system |
US7403623B2 (en) * | 2002-07-05 | 2008-07-22 | Universite Libre De Bruxelles | High-rate quantum key distribution scheme relying on continuously phase and amplitude-modulated coherent light pulses |
JP4290401B2 (en) * | 2002-09-18 | 2009-07-08 | 三菱電機株式会社 | Quantum key distribution method and communication apparatus |
WO2005060139A2 (en) * | 2003-12-17 | 2005-06-30 | General Dynamics Advanced Information Systems, Inc. | Secure quantum key distribution using entangled photons |
US20060083379A1 (en) * | 2004-10-19 | 2006-04-20 | Brookner George M | Cryptographic communications session security |
US7805079B1 (en) * | 2005-03-18 | 2010-09-28 | The United States Of America As Represented By The Secretary Of The Army | Free-space quantum communications process operative absent line-of-sight |
GB2427336B (en) | 2005-06-16 | 2010-01-20 | Hewlett Packard Development Co | Secure transaction method and transaction terminal for use in implementing such method |
JP4822811B2 (en) * | 2005-11-02 | 2011-11-24 | 株式会社日立製作所 | Optical communication device |
CN101401350A (en) * | 2006-03-16 | 2009-04-01 | 日本电气株式会社 | Quantum cryptography device |
US20100241912A1 (en) * | 2006-04-04 | 2010-09-23 | Magiq Technologies, Inc. | Fast bit-error rate calculation mode for QKD systems |
GB2441364B (en) * | 2006-08-31 | 2009-02-11 | Toshiba Res Europ Ltd | A quantum communication system and method |
GB2449290B (en) * | 2007-05-17 | 2010-09-22 | Toshiba Res Europ Ltd | An optical system |
US20090034737A1 (en) * | 2007-07-30 | 2009-02-05 | Magiq Technologies, Inc. | Diamond nanocrystal single-photon source with wavelength converter |
JP5013521B2 (en) | 2007-09-05 | 2012-08-29 | 独立行政法人情報通信研究機構 | Quantum cryptographic communication apparatus and method |
WO2009054894A1 (en) * | 2007-10-23 | 2009-04-30 | Bvp Holding, Inc. | Multi-directional body swing, turn and twist trainer with interchangeable and adjustable attachments |
WO2009112286A1 (en) * | 2008-03-13 | 2009-09-17 | University College Cork, National University Of Ireland, Cork | An optical communication system and method for secure data communication using quantum key distribution |
KR100983008B1 (en) * | 2008-05-30 | 2010-09-20 | 한국전자통신연구원 | System And Method For Quantum Cryptograpy |
US8170214B2 (en) | 2008-10-01 | 2012-05-01 | Hewlett-Packard Development Company, L.P. | QKD transmitter and transmission method |
WO2010044709A2 (en) * | 2008-10-17 | 2010-04-22 | Dmitry Ivanovich Sychev | Methods and devices of quantum encoding on dwdm (roadm) network and fiber optic links |
WO2011014184A1 (en) | 2009-07-31 | 2011-02-03 | Hewlett-Packard Development Company, L.P. | Photonic quantum system alignment using multiple beams |
-
2012
- 2012-05-31 WO PCT/IB2012/052745 patent/WO2013179094A1/en active Application Filing
- 2012-05-31 US US14/402,677 patent/US9641326B2/en active Active
- 2012-05-31 EP EP12878031.9A patent/EP2856697A4/en active Pending
- 2012-05-31 CN CN201280073589.7A patent/CN104350701B/en active Active
-
2016
- 2016-04-05 US US15/090,851 patent/US10225081B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080310856A1 (en) * | 2007-06-15 | 2008-12-18 | Austrian Research Centers Gmbh - Arc | Method and Device for Readjusting a Polarization Drift |
WO2012018246A1 (en) * | 2010-08-05 | 2012-02-09 | Mimos Berhad | A six quantum state producing encoder system and a method of producing thereof |
US20120087500A1 (en) | 2010-10-06 | 2012-04-12 | Sony Corporation | Quantum encryption communication apparatus, quantum encryption communication method, and quantum encryption communication system |
US20120195430A1 (en) * | 2011-02-02 | 2012-08-02 | Nokia Corporation | Quantum Key Distribution |
Non-Patent Citations (4)
Title |
---|
LANA, S. ET AL.: "Finite-key security against coherent attacks in quantum key distribution.", PUB, vol. 12, no. 12, 12 January 2010 (2010-01-12), pages 123019, XP020201780 * |
LI, J.-L. ET AL.: "Six-State Quantum Key Distribution Using Photons with Orbital Angular Momentum.", PUB, vol. 27, no. 11, 1 November 2010 (2010-11-01), pages 110303, XP020179762 * |
LIU, X.-B. ET AL.: "Quantum key distribution system with six polarization states encoded by phase modulation.", PUB, vol. 25, no. 11, November 2008 (2008-11-01), pages 3856 - 3859, XP020141718 * |
See also references of EP2856697A4 |
Cited By (27)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9794065B2 (en) | 2012-10-15 | 2017-10-17 | Nokia Technologies Oy | Quantum key distribution |
US10601507B2 (en) | 2013-03-25 | 2020-03-24 | Nokia Technologies Oy | Optical link establishment |
US10367638B2 (en) | 2013-12-16 | 2019-07-30 | Nokia Technologies Oy | Method and apparatus for quantum cryptography |
KR101944167B1 (en) * | 2014-02-06 | 2019-01-30 | 노키아 테크놀로지스 오와이 | Reception and generation of light |
CN105940635A (en) * | 2014-02-06 | 2016-09-14 | 诺基亚技术有限公司 | Reception and generation of light |
JP2017507593A (en) * | 2014-02-06 | 2017-03-16 | ノキア テクノロジーズ オサケユイチア | Light reception and light generation |
KR20160118314A (en) * | 2014-02-06 | 2016-10-11 | 노키아 테크놀로지스 오와이 | Reception and generation of light |
EP3103213A4 (en) * | 2014-02-06 | 2017-09-06 | Nokia Technologies OY | Reception and generation of light |
US9967037B2 (en) | 2014-02-06 | 2018-05-08 | Nokia Technologies Oy | Reception and generation of light |
CN105940635B (en) * | 2014-02-06 | 2019-03-12 | 诺基亚技术有限公司 | The reception and generation of light |
US10097526B2 (en) | 2014-02-14 | 2018-10-09 | Nokia Technologies Oy | Key distribution in a wireless system |
US10254556B2 (en) | 2014-04-28 | 2019-04-09 | Nokia Technologies Oy | Polarization rotator-combiner for optical communications |
WO2015189456A1 (en) | 2014-06-09 | 2015-12-17 | Nokia Technologies Oy | Fibre-based communication |
CN106576002A (en) * | 2014-06-09 | 2017-04-19 | 诺基亚技术有限公司 | Fibre-based communication |
CN106576002B (en) * | 2014-06-09 | 2019-07-19 | 诺基亚技术有限公司 | Communication device, method and computer-readable medium based on optical fiber |
EP3152847A4 (en) * | 2014-06-09 | 2018-02-21 | Nokia Technologies OY | Fibre-based communication |
EP3286853A4 (en) * | 2015-04-22 | 2019-02-27 | Nokia Technologies Oy | Fibre-optic communication based on dual-rail and polarization encoding |
TWI618366B (en) * | 2015-04-22 | 2018-03-11 | 諾基亞科技公司 | Optical communication |
WO2016170223A1 (en) * | 2015-04-22 | 2016-10-27 | Nokia Technologies Oy | Fibre-optic communication based on dual-rail and polarization encoding |
US10574449B2 (en) | 2015-04-22 | 2020-02-25 | Nokia Technologies Oy | Fibre-optic communication based on dual-rail and polarization encoding |
US20180294960A1 (en) * | 2015-10-02 | 2018-10-11 | Nokia Technologies Oy | Dual rail compensation in phase encoded communication |
CN108370275A (en) * | 2015-10-02 | 2018-08-03 | 诺基亚技术有限公司 | Double track compensation in phase code communication |
WO2017055677A1 (en) | 2015-10-02 | 2017-04-06 | Nokia Technologies Oy | Dual rail compensation in phase encoded communication |
US10862677B2 (en) | 2015-10-02 | 2020-12-08 | Nokia Technologies Oy | Dual rail compensation in phase encoded communication |
CN106357399A (en) * | 2016-10-26 | 2017-01-25 | 深圳市太赫兹科技创新研究院有限公司 | Quantum key distribution light source monitoring device and monitoring method thereof |
CN106500739B (en) * | 2016-11-18 | 2019-01-25 | 威科达(东莞)智能控制有限公司 | A method of it is communicated with absolute value encoder |
CN106500739A (en) * | 2016-11-18 | 2017-03-15 | 威科达(东莞)智能控制有限公司 | A kind of method communicated with absolute value encoder |
Also Published As
Publication number | Publication date |
---|---|
US9641326B2 (en) | 2017-05-02 |
US20150172048A1 (en) | 2015-06-18 |
CN104350701B (en) | 2018-03-27 |
US20160218869A1 (en) | 2016-07-28 |
US10225081B2 (en) | 2019-03-05 |
EP2856697A1 (en) | 2015-04-08 |
CN104350701A (en) | 2015-02-11 |
EP2856697A4 (en) | 2016-03-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10225081B2 (en) | Secured wireless communications | |
Milicevic et al. | Quasi-cyclic multi-edge LDPC codes for long-distance quantum cryptography | |
JP6708062B2 (en) | Quantum key distribution system | |
KR100697476B1 (en) | Quantum key distribution method and communication device | |
US9031236B2 (en) | Generating identical numerical sequences utilizing a physical property and secure communication using such sequences | |
US9794065B2 (en) | Quantum key distribution | |
Bacco et al. | Experimental quantum key distribution with finite-key security analysis for noisy channels | |
Bourgoin et al. | Experimental quantum key distribution with simulated ground-to-satellite photon losses and processing limitations | |
EP2979389B1 (en) | Optical link establishment | |
US20120087500A1 (en) | Quantum encryption communication apparatus, quantum encryption communication method, and quantum encryption communication system | |
US9722785B2 (en) | Method and apparatus for quantum cryptographic communication | |
Pan et al. | Free-space quantum secure direct communication: Basics, progress, and outlook | |
CN106254072B (en) | Quantum key distribution method | |
US11018797B2 (en) | Fiber optic light intensity encryption | |
Zhang et al. | Timing and synchronisation for high‐loss free‐space quantum communication with Hybrid de Bruijn Codes | |
CN108712254B (en) | Quantum key distribution system and method | |
EP3105880B1 (en) | Key distribution in a wireless system | |
Wong et al. | Software Security and Quantum Communication: A Long-distance Free-space Implementation Plan of QSDC Without Quantum Memory | |
Nguyen et al. | Reliability improvement of satellite-based quantum key distribution systems using retransmission scheme | |
Huang et al. | Optimization and Implementation of Efficient and Universal Quantum Key Distribution | |
Daneshgaran et al. | Information reconciliation (IR) for continuous variable quantum key distribution (QKD) over free space optics (FSO) channel | |
Edor et al. | Wireless Device Key Generation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12878031 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 14402677 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2012878031 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: DE |