QKD: WIP, add more sources
This commit is contained in:
jaseg
parent
6237eff32d
commit
5c616830e8
4 changed files with 3373 additions and 3308 deletions
|
|
@ -8,12 +8,15 @@ MAKEFLAGS += --no-builtin-rules
|
|||
|
||||
VERSION_STRING := $(shell git describe --always --tags --long)
|
||||
|
||||
all: chapter.pdf
|
||||
all: clean chapter.pdf
|
||||
|
||||
# We need three runs for biblatex's defernumbers
|
||||
%.pdf: %.tex ../main.bib version.tex
|
||||
pdflatex -shell-escape $<
|
||||
biber $*
|
||||
pdflatex -shell-escape $<
|
||||
biber $*
|
||||
pdflatex -shell-escape $<
|
||||
|
||||
.PHONY: preview
|
||||
preview:
|
||||
|
|
|
|||
|
|
@ -52,6 +52,8 @@
|
|||
url=false,
|
||||
doi=true,
|
||||
eprint=false,
|
||||
% Make the split online / other resource bibliographies behave
|
||||
defernumbers=true,
|
||||
]{biblatex}
|
||||
\addbibresource{../main.bib}
|
||||
\DeclareSourcemap{
|
||||
|
|
@ -331,7 +333,7 @@ single, short key\footnote{
|
|||
data\cite{bhargavanPracticalSecurity64bit2016,}.
|
||||
}.
|
||||
|
||||
\section{The Practical Security Implications of Quantum Computing}
|
||||
\subsection{The Practical Security Implications of Quantum Computing}
|
||||
\label{qc-practical-implications}
|
||||
|
||||
Given that as of yet, noone has claimed to have a quantum computer powerful enough to pose a threat to current
|
||||
|
|
@ -435,7 +437,6 @@ various aspects of currents in superconducters as well as phonons\cite{berriosHi
|
|||
\todoplaceholder{Something is missing here.}
|
||||
|
||||
\subsection{Practical Challenges}
|
||||
\todo{I don't like this paragraph.}
|
||||
The central challenge in general quantum computers is extending the lifetime of the quantum state encoding a qubit.
|
||||
Quantum states are extremely sensitive to disturbances, and despite the best efforts to shield them against external
|
||||
influence, their lifetime is still inconveniently short compared to the timescales required for quantum computation,
|
||||
|
|
@ -447,35 +448,53 @@ lifetime spent in transit between the two endpoints of the QKD protocol.
|
|||
While QKD systems are easy to build and operationally robust compared to general quantum computers, at their core they
|
||||
still exchange information through quantum states that physically need to transit the distance from one endpoint to the
|
||||
other. For classical computer networks, bridging distances of hundreds or thousands of kilometers is no big challenge.
|
||||
Using appropriate high-power transceivers, a single optical link can already bridge upwards of 100km. \todo{Citation on
|
||||
distance} Longer ranges can easily be achieved by either logically chaining multiple links, or by using optical
|
||||
Using appropriate high-power transceivers, a single, \emph{unrepeatered} span of an optical link can bridge hundreds of
|
||||
kilometers while simultaneously achieving data rates of several terabits per second. Longer ranges are regularly
|
||||
achieved through the use of (analog!) optical amplifiers, with recent \emph{repeatered} systems approaching the petabit
|
||||
per second boundary
|
||||
\footnote{
|
||||
cf.\ this encyclopedic entry \cite{JUNOSubmarineNetworks}, press releases by participating companies
|
||||
\cite{NECBuildNew, NewCompanyBuilds}.
|
||||
}. These classical optical systems operate at hundreds of milliwatts of optical power, a limit resulting from nonlinear
|
||||
effects in the optical fibers used, power limitations of optical amplifiers, and limitations in power delivery to these
|
||||
amplifiers.
|
||||
|
||||
In contrast, the quantum states at the core of QKD systems must necessarily be ``weak''. A single quantum state on the
|
||||
wire on average must consist of approximately a single photon. If the system's quantum states consisted of more than one
|
||||
photon carrying the same information, this would enable a \emph{Photon Number Splitting Attack}, in which an attacker
|
||||
extracts one of the state's photons for later analysis, and forwards the remaining photons to the
|
||||
receiver\cite{loSecureQuantumKey2014}. The attacker can then later measure the captured photons to extract the same
|
||||
information that the receiver measured. In practical QKD setups, attenuated pulsed lasers are often used, as there are
|
||||
no practical single-photon sources. The laser and its attenuator are tuned such that the average photon count of a pulse
|
||||
is in the order of $0.1$ \cite{loSecureQuantumKey2014}. For such setups, mitigations exist that prevent photon number
|
||||
splitting attacks\cite{wangBeatingPhotonNumberSplittingAttack2005}. However, while these mitigations patch this security
|
||||
weakness for weak, attenuated pulsed lasers, they still do not allow for higher transmit power.
|
||||
In contrast, QKD systems operate on signals that are weaker by several orders of magnitude. While classical optical
|
||||
signals use millions of photons per bit, the quantum states at the core of QKD systems must necessarily be ``weak''. A
|
||||
single quantum state in the fiber on average should consist of approximately a single photon. If the system's quantum
|
||||
states consisted of more than one photon carrying the same information, this would enable a \emph{Photon Number
|
||||
Splitting Attack}, in which an attacker extracts one of the state's photons for later analysis, and forwards the
|
||||
remaining photons to the receiver\cite{loSecureQuantumKey2014}. The attacker can then later measure the captured photons
|
||||
to extract the same information that the receiver measured. In practical QKD setups, attenuated pulsed lasers are often
|
||||
used, as there are no practical single-photon sources. The laser and its attenuator are tuned such that the average
|
||||
photon count of a pulse is in the order of $0.1$ \cite{loSecureQuantumKey2014}. For such setups, mitigations exist that
|
||||
prevent photon number splitting attacks\cite{wangBeatingPhotonNumberSplittingAttack2005}. However, while these
|
||||
mitigations patch this security weakness for weak, attenuated pulsed lasers, they still do not allow for higher transmit
|
||||
power.
|
||||
|
||||
The practical implication of this is that the optical brightness of a QKD system is directly proportional to the rate
|
||||
at which the system can prepare, and later measure the individual quantum states. With today's electronics, rates up to
|
||||
a few \unit{\GHz} are feasible\cite{grunenfelderFastSinglephotonDetectors2023}. Alas, the brightness limit interacts
|
||||
The practical implication of this is that the optical brightness of a QKD system is directly proportional to the rate at
|
||||
which the system can prepare, and later measure the individual quantum states. The primary limitation is the speed and
|
||||
recovery time of the single-photon detector. In contrast to e.g.\ a simple photodiode that (mostly) linearly converts
|
||||
incident photons into electron flow, SPDs are designed to provide a large intrinsic gain. This improves their bandwidth
|
||||
as each photon's pulse must charge the detector's own parasitic capacitance as well as that of any wiring between it and
|
||||
the frontend preamplifier, but in many detector designs this intrinsic amplification process is also the origin of a
|
||||
long recovery time that limit's the detector's possible repetition rate. With today's electronics, repetition rates up
|
||||
to a few \unit{\GHz} are feasible\cite{grunenfelderFastSinglephotonDetectors2023}. Alas, the brightness limit interacts
|
||||
poorly with the reality of optical communication, especially through fibers. Even modern, high-quality fiber-optic
|
||||
cables have attenuation in the order of \qty{0.5}{\dB\per\km}, which corresponds to roughly half of the signal being
|
||||
lost every \qty{5}{\km}. In classical optical networks, this can be compensated by increasing transmit power--i.e.
|
||||
packing more photons into each bit--or by optically amplifying the signal partway through the fiber. In QKD systems
|
||||
however, the signal cannot be amplified, and the system's bit rate exponentially decreases with distance due to
|
||||
absorption. Some QKD systems can reach ranges of several hundred kilometers, but the useable data rate (here called
|
||||
\emph{secret key rate}) of these systems usually is in the kilobits per second or worse.
|
||||
|
||||
QKD signals cannot be amplified because their security rests on the fact that each transmitted quantum state on average
|
||||
only contains on the order of one photon each. Security rests on the Nomegabits Theorem, which implies that not just
|
||||
attackers, but even the system's operators are unable to duplicate the quantum state in flight without destroying it.
|
||||
cables have attenuation in the order of \qty{0.2}{\dB\per\km}\cite{chesnoyUnderseaFiberCommunication2015}, which
|
||||
corresponds to roughly half of the signal being lost every \qty{15}{\km}. In classical optical networks, this can be
|
||||
compensated by increasing transmit power--i.e. packing more photons into each bit--or by optically amplifying the signal
|
||||
partway through the fiber. cIn QKD systems however, the signal's quantum states cannot be amplified both out of a
|
||||
concern of photon number splitting attacks and because of decoherence\footnote{
|
||||
Note that this impossibility is not a consequence of the No-Cloning Theorem. The No-Cloning Theorem only asserts
|
||||
that it is impossible to create a second, \emph{independent} copy of an arbitrary quantum state, which can then
|
||||
independently be measured without disturbing the original state. Despite this, a hypothetical ``quantum amplifier''
|
||||
could increase the quantum state's photon number, adding entangled photons that share the original quantum state.
|
||||
Alas, doing this would not gain us much in a QKD system because an interaction of any of the quantum state's photons
|
||||
with the fiber---that is, the same loss as before---would disturb the entire entangled state.
|
||||
}, and thus the system's bit rate decreases exponentially with distance due to absorption. Some QKD systems can reach
|
||||
ranges of several hundred kilometers, but the resulting payload data rate---usually called \emph{secret key rate}---of
|
||||
these long distance systems is measured in kilobits per second.
|
||||
|
||||
When transmitted over a fiber, there are multiple effects that degrade the quantum-optical signal of a QKD system, which
|
||||
are collectively referred to as \emph{loss}. We can coarsely classify these degrading effects into two categories:
|
||||
|
|
@ -903,7 +922,14 @@ meshes do not have to rotate at the same rate of rotation. Instead, harmonic rat
|
|||
\section{Outlook}
|
||||
|
||||
\newpage
|
||||
\printbibliography[heading=bibintoc]
|
||||
% TODO when breaking this out into a template for building both the whole thesis and individual chapters, we have to
|
||||
% decide whether we want to keep the bibliography per-chapter or only once for the whole thesis. In the latter case, we
|
||||
% probably want to replace subbibintoc with bibintoc, or add a custom "bibliography" chapter and adjust the second
|
||||
% bibliography's heading
|
||||
\newrefcontext[labelprefix={W}]
|
||||
\printbibliography[type={online},title={Web sources},heading=subbibintoc]
|
||||
\newrefcontext
|
||||
\printbibliography[nottype={online},resetnumbers,heading=subbibintoc]
|
||||
|
||||
\appendix
|
||||
|
||||
|
|
|
|||
|
|
@ -1 +1 @@
|
|||
Subproject commit 601159904f4269366e29d85c2e90cbf000157f4f
|
||||
Subproject commit 3a7edbd1127cacc8f4c90376595b894105f3d479
|
||||
Loading…
Add table
Add a link
Reference in a new issue