Skip to main content
SpringerLink
Log in

Quantum key distribution with PRF(Hash, Nonce) achieves everlasting security

  • Published:
Quantum Information Processing Aims and scope Submit manuscript

Abstract

Peev et al. (Int J Quantum Inf 03:225–231, 2005) introduced a key-efficient two-step hash function for authentication in quantum key distribution (QKD). They suggested using a publicly known hash function as part of this scheme. Improving on this, Pacher et al. (Quantum Inf Process 15:327–362, 2016) suggested a method to restore information-theoretic security (ITS) by using almost universal hash functions instead of publicly known hash functions. While their scheme is a key-efficient almost-strongly universal (ASU) family, like any other ASU family, it only provides a one-time MAC. Here, we propose the use of a MAC paradigm called PRF(Hash, Nonce) for authentication in QKD. This MAC has several advantages which make it suited for QKD. In particular, unlike the above constructions, it is a many-time MAC and is also more key-efficient. In fact, PRF(Hash, Nonce) is even more key-efficient than the Wegman–Carter paradigm, the most widely used MAC scheme for authentication in QKD. Furthermore, it provides everlasting security, which means that if authentication remains unbroken during the execution of QKD, then the resulting keys retain ITS, which guarantees that the adversary cannot gain any new information on the keys even with unlimited computational power.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Alléaume, R., Branciard, C., Bouda, J., Debuisschert, T., Dianati, M., Gisin, N., Godfrey, M., Grangier, P., Länger, T., Lütkenhaus, N., Monyk, C., Painchault, P., Peev, M., Poppe, A., Pornin, T., Rarity, J., Renner, R., Ribordy, G., Riguidel, M., Salvail, L., Shields, A., Weinfurter, H., Zeilinger, A.: Using quantum key distribution for cryptographic purposes: a survey. Theor. Comput. Sci. 560, 62–81 (2014). Theoretical Aspects of Quantum Cryptography - celebrating 30 years of BB84

  2. Stebila, D., Mosca, M., Lütkenhaus, N.: The case for quantum key distribution. In: Sergienko, A., Pascazio, S., Villoresi, P. (eds.) Quantum Communication and Quantum Networking, pp. 283–296. Springer, Berlin, Heidelberg (2010)

  3. Unruh, D.: Everlasting multi-party computation. In: Canetti, R., Garay, J.A. (eds.) Advances in Cryptology—CRYPTO 2013, pp. 380–397 (2013)

  4. Sasaki, M.: Quantum key distribution and its applications. IEEE Secur. Priv. 16(5), 42–48 (2018)

  5. Peev, M., Nölle, M., Maurhart, O., Lorünser, T., Suda, M., Poppe, A., Ursin, R., Fedrizzi, A., Zeilinger, A.: A novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography. Int. J. Quantum Inf. 03, 225–231 (2005)

  6. Abidin, A., Larsson, J.-Å.: Vulnerability of ‘a novel protocol-authentication algorithm ruling out a man-in-the-middle attack in quantum cryptography’. Int. J. Quantum Inf. 07, 1047–1052 (2009)

    Article  Google Scholar 

  7. Pacher, C., Abidin, A., Lorünser, T., Peev, M., Ursin, R., Zeilinger, A., Larsson, J.-Å.: Attacks on quantum key distribution protocols that employ non-ITS authentication. Quantum Inf. Process. 15, 327–362 (2016)

    Article  ADS  MathSciNet  Google Scholar 

  8. Price, A., Rarity, J., Erven, C.: A quantum key distribution protocol for rapid denial of service detection. EPJ Quantum Technol. 7, 8 (2020)

    Article  Google Scholar 

  9. Sasaki, M., Fujiwara, M., Ishizuka, H., Klaus, W., Wakui, K., Takeoka, M., Miki, S., Yamashita, T., Wang, Z., Tanaka, A., Yoshino, K., Nambu, Y., Takahashi, S., Tajima, A., Tomita, A., Domeki, T., Hasegawa, T., Sakai, Y., Kobayashi, H., Asai, T., Shimizu, K., Tokura, T., Tsurumaru, T., Matsui, M., Honjo, T., Tamaki, K., Takesue, H., Tokura, Y., Dynes, J.F., Dixon, A.R., Sharpe, A.W., Yuan, Z.L., Shields, A.J., Uchikoga, S., Legré, M., Robyr, S., Trinkler, P., Monat, L., Page, J.-B., Ribordy, G., Poppe, A., Allacher, A., Maurhart, O., Länger, T., Peev, M., Zeilinger, A.: Field test of quantum key distribution in the Tokyo QKD network. Opt. Express 19(11), 10387–10409 (2011)

    Article  ADS  Google Scholar 

  10. Stucki, D., Legré, M., Buntschu, F., Clausen, B., Felber, N., Gisin, N., Henzen, L., Junod, P., Litzistorf, G., Monbaron, P., Monat, L., Page, J.-B., Perroud, D., Ribordy, G., Rochas, A., Robyr, S., Tavares, J., Thew, R., Trinkler, P., Ventura, S., Voirol, R., Walenta, N., Zbinden, H.: Long-term performance of the SwissQuantum quantum key distribution network in a field environment. New J. Phys. 13(12), 123001 (2011)

    Article  ADS  Google Scholar 

  11. Black, J., Halevi, S., Krawczyk, H., Krovetz, T., Rogaway, P.: UMAC: fast and secure message authentication. In: Advances in Cryptology—CRYPTO’99, vol. 1666 of Lecture Notes in Computer Science, pp. 216–233 (1999)

  12. Carter, J.L., Wegman, M.N.: Universal classes of hash functions. J. Comput. Syst. Sci. 18(2), 143–154 (1979)

    Article  MathSciNet  Google Scholar 

  13. Bennett, C.H., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. Theor. Comput. Sci. 560, 7–11 (2014)

    Article  MathSciNet  Google Scholar 

  14. Portmann, C.: Key recycling in authentication. IEEE Trans. Inf. Theory 60(7), 4383–4396 (2014)

    Article  MathSciNet  Google Scholar 

  15. Dodis, Y., Reyzin, L., Smith, A.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Advances in Cryptology—EUROCRYPT 2004, vol. 3027 of Lecture Notes in Computer Science, pp. 523–540 (2004)

  16. Halevi, S., Krawczyk, H.: MMH: software message authentication in the Gbit/second rates. In: Biham, E. (Ed.) Fast Software Encryption—FSE’97, vol. 1267 of Lecture Notes in Computer Science, pp. 172–189 (1997)

  17. Gilbert, E.N., Macwilliams, F.J., Sloane, N.J.A.: Codes which detect deception. Bell Syst. Tech. J. 53(3), 405–424 (1974)

    Article  MathSciNet  Google Scholar 

  18. Handschuh, H., Preneel, B.: Key-recovery attacks on universal hash function based MAC algorithms. In: Wagner, D. (ed.) Advances in Cryptology—CRYPTO’08, Lecture Notes in Computer Science, pp. 144–161 (2008)

  19. Hayashi, M.: General nonasymptotic and asymptotic formulas in channel resolvability and identification capacity and their application to the wiretap channel. IEEE Trans. Inf. Theory 52(4), 1562–1575 (2006)

    Article  MathSciNet  Google Scholar 

  20. Hayashi, M.: Exponential decreasing rate of leaked information in universal random privacy amplification. IEEE Trans. Inf. Theory 57(6), 3989–4001 (2011)

    Article  MathSciNet  Google Scholar 

  21. Renner, R., Wolf, S.: Simple and tight bounds for information reconciliation and privacy amplification. In: Advances in Cryptology—ASIACRYPT 2005, Lecture Notes in Computer Science, pp. 199–216 (2005)

  22. Rogaway, P.: Bucket hashing and its application to fast message authentication. In: Coppersmith, D. (ed.) Advances in Cryptology—CRYPTO’ 95, vol. 12 of Lecture Notes in Computer Science, pp. 29–42 (1995)

  23. Tyagi, H., Vardy, A.: Universal hashing for information-theoretic security. Proc. IEEE 103(10), 1781–1795 (2015)

    Article  Google Scholar 

  24. Cramer, R., Damgård, I.B., Döttling, N., Fehr, S., Spini, G.: Linear secret sharing schemes from error correcting codes and universal hash functions. In: Oswald, E., Fischlin, M. (Eds.) Advances in Cryptology—EUROCRYPT 2015 - 34th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, April 26-30, 2015, Proceedings, Part II, vol. 9057 of Lecture Notes in Computer Science, pp. 313–336. Springer (2015)

  25. Stinson, D.R.: On the connections between universal hashing, combinatorial designs and error-correcting codes. Congr. Numer. 114, 7–27 (1996)

    MathSciNet  MATH  Google Scholar 

  26. Håstad, J., Impagliazzo, R., Levin, L., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)

    Article  MathSciNet  Google Scholar 

  27. Nisan, N.: Pseudorandom generators for space-bounded computations. Combinatorica 12(4), 449–461 (1992)

    Article  MathSciNet  Google Scholar 

  28. Rudich, S., Wigderson, A.: Computational Complexity Theory, vol. 10 of IAS/Park City Mathematics Series. American Mathematical Society, Philadelphia (2004)

    Book  Google Scholar 

  29. Sipser, M.: A complexity theoretic approach to randomness. In: ACM Symposium on Theory of Computing—STOC’83, STOC ’83, pp. 330–335 (1983)

  30. Impagliazzo, R., Zuckerman, D.: How to recycle random bits. In: Symposium on Foundations of Computer Science—SFCS’89, pp. 248–253 (1989)

  31. Motwani, R., Raghavan, P.: Randomized Algorithms. Cambridge University Press, Cambridge (1995)

    Book  Google Scholar 

  32. Pagh, A., Pagh, R.: Uniform hashing in constant time and optimal space. SIAM J. Comput. 38(1), 85–96 (2008)

    Article  MathSciNet  Google Scholar 

  33. Siegel, A.: On universal classes of extremely random constant-time hash functions. SIAM J. Comput. 33(3), 505–543 (2004)

    Article  MathSciNet  Google Scholar 

  34. Karloff, H., Suri, S., Vassilvitskii, S.: A model of computation for mapreduce. In: ACM-SIAM Symposium on Discrete Algorithms—SODA ’10, pp. 938–948 (2010)

  35. Leiserson, C.E., Schardl, T.B., Sukha, J.: Deterministic parallel random-number generation for dynamic-multithreading platforms. In: ACM SIGPLAN Symposium on Principles and Practice of Parallel Programming—PPoPP’12, pp. 193–204 (2012)

  36. Ritchie, R., Bibak, K.: SQUAREMIX: a faster pseudorandom number generator for dynamic-multithreading platforms. In: 2020 Data Compression Conference (DCC), p. 391 (2020)

  37. Ritchie, R., Bibak, K.: DOTMIX-Pro: faster and more efficient variants of DOTMIX for dynamic-multithreading platforms. J. Supercomput. (2021). https://doi.org/10.1007/s11227-021-03904-3

  38. Krawczyk, H.: LFSR-based hashing and authentication. In: Desmedt, Y.G. (ed.) Advances in Cryptology—CRYPTO ’94, Lecture Notes in Computer Science, pp. 129–139 (1994)

  39. Stinson, D.R.: Universal hashing and authentication codes. Des. Codes Cryptogr. 4(3), 369–380 (1994)

    Article  MathSciNet  Google Scholar 

  40. Wegman, M.N., Carter, J.L.: New hash functions and their use in authentication and set equality. J. Comput. Syst. Sci. 22(3), 265–279 (1981)

    Article  MathSciNet  Google Scholar 

  41. Boesgaard, M., Christensen, T., Zenner, E.: Badger—a fast and provably secure MAC. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, pp. 176–191. Springer, Berlin, Heidelberg (2005)

  42. Minematsu, K., Tsunoo, Y.: Provably secure MACs from differentially-uniform permutations and AES-based implementations. In: Robshaw, M. (ed.) Fast Software Encryption—FSE’06, Lecture Notes in Computer Science, pp. 226–241 (2006)

  43. Duval, S., Leurent, G.: Lightweight MACs from universal hash functions. In: Smart Card Research and Advanced Applications, vol. 11833 of Lecture Notes in Computer Science, pp. 195–215 (2020)

  44. ISO/IEC 9797-1:2011: Information technology—security techniques—message authentication codes (MACs)—part 1: mechanisms using a block cipher (2011)

  45. Black, J., Rogaway, P.: CBC MACs for arbitrary-length messages: the three-key constructions. In: Advances in Cryptology—CRYPTO’00, vol. 1880 of Lecture Notes in Computer Science, pp. 197–215 (2000)

  46. Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC. In: Johansson, T. (ed.) Fast Software Encryption—FSE’03, vol. 2887 of Lecture Notes in Computer Science, pp. 129–153 (2003)

  47. Iwata, T., Kurosawa, K.: OMAC: one-key CBC MAC—addendum (2003)

  48. Black, J., Rogaway, P.: A block-cipher mode of operation for parallelizable message authentication. In: Advances in Cryptology—EUROCRYPT’02, vol. 2332 of Lecture Notes in Computer Science, pp. 384–397 (2002)

  49. Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) Advances in Cryptology—CRYPTO ’96, Lecture Notes in Computer Science, pp. 1-15 (1996)

  50. McGrew, D.A., Viega, J.: The security and performance of the Galois/Counter mode (GCM) of operation. In: Canteaut, A., Viswanathan, K. (eds.) Progress in Cryptology—INDOCRYPT 2004, Lecture Notes in Computer Science, pp. 343–355 (2005)

  51. Bernstein, D.: The Poly1305-AES message-authentication code. In: Fast Software Encryption—FSE’05, vol. 3557 of Lecture Notes in Computer Science, pp. 32–49 (2005)

  52. Boneh, D., Shoup, V.: A Graduate Course in Applied Cryptography, 0.5 ed. (2020)

  53. Brassard, G.: On computationally secure authentication tags requiring short secret shared keys. In: Advances in Cryptology—CRYPTO ’82

  54. Shoup, V.: On fast and provably secure message authentication based on universal hashing. In: Koblitz, N. (ed.) Advances in Cryptology—CRYPTO ’96, Lecture Notes in Computer Science, pp. 313–328 (1996)

  55. Joux, A.: Authentication failures in NIST version of GCM. Comments submitted to NIST Modes of Operation Process (2006)

  56. Abidin, A., Larsson, J.-Å.: New universal hash functions. In: Armknecht, F., Lucks, S. (eds.) Research in Cryptology, pp. 99–108. Springer, Berlin (2012)

    Chapter  Google Scholar 

  57. Beth, T., Müller-Quade, J., Steinwandt, R.: Cryptanalysis of a practical quantum key distribution with polarization-entangled photons. Quantum Inf. Comput. 5(3), 181–186 (2005)

    MathSciNet  MATH  Google Scholar 

  58. Mehlhorn, K., Vishkin, U.: Randomized and deterministic simulations of PRAMs by parallel machines with restricted granularity of parallel memories. Acta Inform. 21(4), 339–374 (1984)

    Article  MathSciNet  Google Scholar 

  59. Johansson, T., Kabatianskii, G., Smeets, B.: On the relation between a-codes and codes correcting independent errors. In: Helleseth, T. (ed.) Advances in Cryptology—EUROCRYPT ’93, (Berlin, Heidelberg), pp. 1–11. Springer, Berlin (1994)

    Google Scholar 

  60. Kabatianskii, G.A., Smeets, B., Johansson, T.: On the cardinality of systematic authentication codes via error-correcting codes. IEEE Trans. Inf. Theory 42(2), 566–578 (1996)

    Article  MathSciNet  Google Scholar 

  61. Krovetz, T.D.: Software-optimized universal hashing and message authentication. Ph.D thesis, University of California, Davis (2000)

  62. Black, J., Cochran, M.: MAC reforgeability. In: Fast Software Encryption—FSE’09, vol. 5665 of Lecture Notes in Computer Science, pp. 345–362 (2009)

  63. Bibak, K., Ritchie, R., Zolfaghari, B.: Everlasting security of quantum key distribution with 1K-DWCDM and quadratic hash. Quantum Inf. Comput. 21(3 & 4), 181–202 (2021)

    MathSciNet  Google Scholar 

  64. Thorup, M.: High speed hashing for integers and strings. arXiv:1504.06804 (2020)

  65. Krovetz, T.D., Rogaway, P.: Software-optimized universal hashing and message authentication. University of California, Davis (2000)

    MATH  Google Scholar 

Download references

Acknowledgements

The authors would like to thank the editor and the referees for carefully reading the paper and for their useful comments which helped improve the paper.

Author information

Authors and Affiliations

  1. Department of Computer Science and Software Engineering, Miami University, Oxford, OH, 45056, USA

    Khodakhast Bibak & Robert Ritchie

Authors
  1. Khodakhast Bibak
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Robert Ritchie
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Khodakhast Bibak.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bibak, K., Ritchie, R. Quantum key distribution with PRF(Hash, Nonce) achieves everlasting security. Quantum Inf Process 20, 228 (2021). https://doi.org/10.1007/s11128-021-03164-3

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11128-021-03164-3

Keywords

Search

Navigation