Abstract
Agile cryptography allows for a resource-efficient swap of a cryptographic core in case the security of an underlying classical cryptographic algorithm becomes compromised. Conversely, versatile cryptography allows the user to switch the cryptographic task without requiring any knowledge of its inner workings. In this paper, we suggest how these related principles can be applied to the field of quantum cryptography by explicitly demonstrating two quantum cryptographic protocols, quantum digital signatures (QDS) and quantum secret sharing (QSS), on the same hardware sender and receiver platform. Crucially, the protocols differ only in their classical postprocessing. The system is also suitable for quantum key distribution (QKD) and is highly compatible with deployed telecommunication infrastructures, since it uses standard quadrature phase-shift keying encoding and heterodyne detection. For the first time, QDS protocols are modified to allow for postselection at the receiver, enhancing protocol performance. The cryptographic primitives QDS and QSS are inherently multipartite, and we prove that they are secure not only when a player internal to the task is dishonest, but also when (external) eavesdropping on the quantum channel is allowed. In our first proof-of-principle demonstration of an agile and versatile quantum communication system, the quantum states are distributed at GHz rates. A 1-bit message may be securely signed using our QDS protocols in less than 0.05 ms over a 2-km fiber link and in less than 0.2 s over a 20-km fiber link. To our knowledge, this also marks the first demonstration of a continuous-variable direct QSS protocol.
1 More- Received 27 January 2020
- Revised 24 November 2020
- Accepted 18 December 2020
- Corrected 9 March 2021
DOI:https://doi.org/10.1103/PhysRevX.11.011038
Published by the American Physical Society under the terms of the Creative Commons Attribution 4.0 International license. Further distribution of this work must maintain attribution to the author(s) and the published article’s title, journal citation, and DOI.
Published by the American Physical Society
Physics Subject Headings (PhySH)
Corrections
9 March 2021
Correction: The affiliation indicator for the second author was set incorrectly during production and has been fixed.
Popular Summary
Throughout history, cryptography has been threatened by advances in mathematics and computational power. This typically leads to a cat-and-mouse effect as cryptosystems are repeatedly developed, attacked, and then hardened. Redeployment of a cryptosystem in the face of new attacks is a difficult and costly endeavor. But by providing a flexible and opaque middleware between the end user and the cryptographic algorithm, the deployed architecture can stay in place while the vulnerable algorithm is replaced. In our paper, we demonstrate this concept of “cryptographic agility” in a quantum communication setting.
Quantum communication protocols already offer provable security against the most powerful adversaries, but often require bespoke hardware setups. To translate agility to the quantum setting, we propose two related concepts: quantum cryptoagility, in which a cryptographic algorithm may be replaced without affecting the end user; and quantum cryptoversatility, in which multiple cryptographic tasks are performed over the same system. Our design structures allow for quantum-secure networks that can be more easily upgraded if a new attack vector emerges and can automatically pick the most efficient quantum protocol from an available pool to accomplish the selected task.
To illustrate these concepts we investigate three protocols—quantum digital signatures, quantum secret sharing, and quantum key distribution—over the same off-the-shelf hardware. Our digital signatures protocol can securely authenticate a single message in less than 0.05 ms, making it the fastest-ever demonstration of such a protocol.