节点文献
安全量子密钥分配的实用化研究
The Security of Quantum Key Distribution for Practical Applications
【作者】 许方星;
【作者基本信息】 中国科学技术大学 , 光学, 2010, 博士
【摘要】 从古代的荒蛮时代到如今人们生活的信息时代,对于安全的信息传输的需求无处不在。大至军事外交小至个人隐私,它都起到至关重要的作用。经典密码长久以来能够良好地完成这个目标,但一种重要的问题是,经典密码学的安全性是基于计算复杂度的,比如离散对数或者大数分解等困难问题。经典密码学面临很大的挑战。特别是现今计算机技术的飞速发展以及量子计算机概念的提出,使得人们开始寻找更加安全的信息传输方式。作为量子力学和密码学的交叉产物,量子密码学则可以很好地解决上述的问题。量子密码,或者称为量子密钥分配,可以实现分离的两个用户A1ice和Bob之间通过在量子信道中传输量子态来实现安全密钥的扩展。相比于经典密码,量子密码的最大优势就是它的绝对安全性。量子密码的安全性是基于量子力学的基本原理:不可克隆定律和不确定性原理。只要量子力学的基本原理是正确的,量子密码的安全性就能得以保证。自从Bennett和Brassard在1984年提出了第一个量子密钥分配协议以来,这个全新的领域得到了长足的发展,并在实际商用通讯系统中的到了应用。在实际应用中,量子密钥分配系统必须为了迎合用户需求和适应现场条件进行改进。本篇博士论文正是以研究量子密钥分配技术的实用化为主要内容,我们可以将其分为以下三个部分:1.我们建立了一个结合主动检测光强的实际量子密钥分配系统。实际通讯网络中的量子密钥分配系统的光源多采用商用激光器作为弱相干态光源。虽然工艺成熟且使用便捷,但输出光强仍然会有波动,甚至有被窃听者操控的危险。在这套改进系统中,我们添加了一个主动检测光强的模块,利用随机切换光开关来进行光强抽样测量。不仅保证了对于光源属性的实时测量,也能察觉出窃听者的攻击活动。最终的实验结果显示,当总的光强波动被限制在一定范围内时,安全密钥生成率的减小是很有限的,对最远的安全传输距离同样影响不大。2.我们研究了实用的光子数解析探测器对于量子密钥分配系统的影响。我们利用光子数解析探测器和参量下转换光源搭建了标记单光子源,可以通过探测器的不同结果输出,将编码脉冲调整到不同的亚泊松分布上去。以此为系统的光源,我们分析了BB84和SARG04协议的被动诱骗态方案的性能。同时,我们考虑了两种基于不同原理的光子数解析探测器,超导量子相变探测器和时分复用探测器。结果显示,光子数解析探测器对于系统的安全传输距离以及安全密钥生成率都有一定的提升。有趣的是,这种提升与光子数解析探测器的量子效率以及暗计数关系不大,这也暗示了现今不完美的光子数解析探测器在量子密钥分配系统中的实用性。3.我们在实际商用通讯光纤网上搭建并试运行成功了七用户多层级量子密码城域网。量子密码技术的网络架构和应用模式研究是其实用化进程中的关键环节。此量子密码网络以“法拉第-迈克尔逊”干涉环结构为基础通讯模块,能够保证长时稳定的安全密钥分配。为了提高网络通讯效率,我们把网络分成了两个层级:一层是保证高网络容量和低信息阻塞率的全时全通主干网;另一层则是为了网络的灵活性和扩展性,利用光开关和可信中继的子网。在这个安全网络中分发的密钥,可以用于实现用户之间实时的视频、声音、实时短消息以及保密文件等各种数据的保密传输。整个网络应用包含有完整的量子密钥分配过程和配套的应用程序软件,是一个真正的面向用户具有无条件安全性的实际保密网络。这项工作代表着量子密码实际应用卖出了关键的一步。
【Abstract】 From ancient times to Information Ages that we live now, secure communications are requiring everywhere. Not just for military and diplomacy of countries but also for personal privacy, it acts more and more important. Conventional cryptography serves well to achieve this goal for a long time. Nevertheless, the security of conventional cryptography is based on the assumption of computational complexity, such as finding the discrete log or factoring. As a result, it meets a huge challenge as the computer technology develops rapidly and the concept of quantum computer is presented. That is why people start seeking a better method to keep secrets.As the interdiscipline of quantum mechanics and cryptography, quantum cryptography can solve the problem well. Quantum cryptography, precisely named quantum key distribution, can supply two distant users, Alice and Bob, expanding the sharing secure key by transmitting quantum states through a quantum channel. Compared to the conventional one, the advantage of quantum cryptography is its absolute security, because it is based on the quantum principles:the no-clone theorem and the uncertainty principle. As long as quantum mechanics is correct, the secrecy of quantum cryptography can be guaranteed. Since the first quantum key distribution protocol is presented by Bennett and Brassard in 1984, the whole field is blooming in research and implementation in practical commercial communication systems.Considering its application in practice, system of quantum key distribution has to refined, in order to adapt to massive user services and tough field environments. This dissertation exactly focuses on applications of quantum key distribution technology and is arranged as follows:1. We built a practical quantum key distribution system with active monitoring. Commercial laser generators are used in the real communication, as a weak coherent state source. It is true that they are convenient and refined, but there are fluctuations of the output intensity. What is worse, the laser can be manipulated by eavesdroppers to foil the quantum cryptography process. In this improved system, a module of active monitoring is add to randomly inspect the pulse intensity, which will give us a real-time knowledge and an alert if someone try to crack the system. The final result shows that, the decrease of key generation rate is not significant when the whole fluctuation of the intensity is limited. So does the maximal secure distance.2. We did research about the influence of a photon-number-resolving detector to the quantum key distribution system. Combing the photon-number-resolving detector and a parameter down conversion source, we can build a heralded single photon source, which can use to generate different sub-Possionian distribution states as we choose different output of the detector. With such a virtual source, we analyze the performance of BB84 and SARG04 protocols. Meanwhile, two types of photon-number-resolving detectors are taken into consideration. One is a superconducting transition-edge sensor and the other is a time multiplexing detector. The simulation result indicates that both of them can boost the key generation rate and the secure distance at the same time. Quantum efficiency and dark count of the detectors affect the result a bit, which infers that an imperfect photon-number-resolving detector can also help a lot.3. We demonstrated the first hierarchical metropolitan quantum cryptography network with seven nodes on the inner-city commercial telecom fibers, realized by Faraday-Michelson Interferometer set-ups. For a high running efficiency, the whole network is divided into two parts:one is a full-mesh backbone net and a subnet based on the technique of the optical switch and the trusted rely which can well guarantee the feasibility and expandability of the quantum network. Meanwhile, we utilize the secure key distributed by the quantum network in a practical video conference for all the nodes including the transmittance of instant video, sound, text messages and confidential files. The whole implementation with hierarchical quantum key distribution network links and well-developed application software clearly shows a big step toward the practical user-oriented quantum network.
【Key words】 quantum cryptography; quantum key distribution; quantum cryptography network; photon-number-resolving detector;