Initial commit

.gitignore

@@ -0,0 +1,10 @@
+*.log
+*.aux
+*.run.xml
+*.bcf
+*.blg
+*.mtc
+*.mtc[0-9]*
+*.maf
+*.out
+*.toc

chapter-qkd/Makefile

@@ -0,0 +1,29 @@
+
+SHELL := bash
+.ONESHELL:
+.SHELLFLAGS := -eu -o pipefail -c
+.DELETE_ON_ERROR:
+MAKEFLAGS += --warn-undefined-variables
+MAKEFLAGS += --no-builtin-rules
+
+VERSION_STRING := $(shell git describe --tags --long --dirty)
+
+all: chapter.pdf
+
+%.pdf: %.tex %.bib version.tex
+	pdflatex -shell-escape $<
+	biber $* 
+	pdflatex -shell-escape $<
+
+.PHONY: preview
+preview:
+	pdflatex -shell-escape chapter.tex
+
+version.tex: chapter.tex
+	echo "${VERSION_STRING}" > $@
+
+.PHONY: clean
+clean:
+	rm -f **.aux **.bbl **.bcf **.log **.blg
+	rm -f **.out **.run.xml **/texput.log 
+

chapter-qkd/chapter.tex

@@ -0,0 +1,177 @@
+\documentclass[12pt,a4paper,notitlepage]{report}
+\usepackage[ngerman, english]{babel}
+\usepackage[utf8]{inputenc}
+\usepackage[a4paper, top=2cm, bottom=3.5cm, left=3cm, right=4cm]{geometry}
+% Matti remarkable tablet special size
+%\usepackage[paperwidth=15cm, paperheight=244mm, top=1cm, bottom=1cm, left=5mm, right=5mm]{geometry}
+\usepackage[T1]{fontenc}
+\usepackage[
+    backend=biber,
+    style=numeric,
+    natbib=true,
+    url=false, 
+    doi=true,
+    eprint=false
+    ]{biblatex}
+\addbibresource{chapter.bib}
+\usepackage{amssymb,amsmath}
+\usepackage{listings}
+\usepackage{eurosym}
+\usepackage{wasysym}
+\usepackage{extdash}
+\usepackage{amsthm}
+\usepackage{tabularx}
+\usepackage{multirow}
+\usepackage{multicol}
+\usepackage{tikz}
+\usepackage{mathtools}
+\DeclarePairedDelimiter{\ceil}{\lceil}{\rceil}
+\DeclarePairedDelimiter{\paren}{(}{)}
+
+\usetikzlibrary{arrows}
+\usetikzlibrary{chains}
+\usetikzlibrary{backgrounds}
+\usetikzlibrary{calc}
+\usetikzlibrary{decorations.markings}
+\usetikzlibrary{decorations.pathreplacing}
+\usetikzlibrary{fit}
+\usetikzlibrary{patterns}  
+\usetikzlibrary{positioning}
+\usetikzlibrary{shapes}
+
+\usepackage[binary-units]{siunitx}
+\DeclareSIUnit{\baud}{Bd}
+\usepackage{hyperref}
+\usepackage{tabularx}
+\usepackage{commath}
+\usepackage{graphicx,color}
+\usepackage{ccicons}
+\usepackage{subcaption}
+\usepackage{float}
+\usepackage{footmisc}
+\usepackage{array}
+\usepackage[underline=false]{pgf-umlsd}
+\usetikzlibrary{calc}
+%\usepackage[pdftex]{graphicx,color}
+\usepackage{epstopdf}
+\usepackage{pdfpages}
+\usepackage{minitoc}
+\usepackage{minted} % pygmentized source code
+
+\newcommand{\degree}{\ensuremath{^\circ}}
+\newcolumntype{P}[1]{>{\centering\arraybackslash}p{#1}}
+
+\begin{document}
+\dominitoc
+
+\chapter{Physical Security in Quantum Key Distribution}
+\minitoc
+\newpage
+
+\section{Cryptography in the Age of Quantum Computers}
+
+For a decade or two now, Quantum Computing has been creating a buzz that nobody in Computer Science and adjacent fields
+could evade. Originating in the 1980ies as a highly academic fusion applying concepts from Computer Science in Quantum Physics,
+% FIXME citation
+its concepts have long found their way into popular science articles. Quantum Computing encompasses a model of
+computation that is fundamentally different from the \emph{classical}\footnote{
+    In Quantum Computing, the term \emph{classical} is used as the complement of \emph{quantum}, and refers to the
+    digital computers we know and (maybe) love. This terminology stems from the distinction between classical and
+    quantum physics.}
+digital circuits that underly all of modern computing. While at first this might seem like a step backwards into the era
+of early 1900s analog computing,
+% FIXME citation
+the capabilites of a future quantum computer promise to far outpace those of contemporary classical computers. Key to
+this improved processing capability is a property called \emph{Quantum Parallelism}. What this refers to is the fact
+that a quantum computer's internal state can simultaneously represent a multitude of states of a classical, digital
+computer, and the quantum computer can operate on all those states at once using a single quantum operation.
+
+Applying Quantum Parallelism to practical problems is far more complicated than, e.g., translating a digital circuit
+solving some equation to a quantum circuit, but for certain problems we already know \emph{quantum algorithms} that
+for large inputs solve these problems much faster than any classical computer ever could. Two of these algorithms, one
+by Shor % FIXME citation
+and one by Grover % FIXME citation
+are what caused most of the buzz around the field of quantum computing, because they spell trouble for a large part of
+modern cryptography.
+
+Besides the computational speed-up promised by Quantum Parallelism, there is one more interesting aspect of Quantum
+Computing where it radically deviates from classical computing. The reason modern cryptography exists is that when we
+transmit (or store!) classical information through some channel (or storage!) that we do not control, there is nothing
+we can do to prevent an attacker from reading this information. Even with cryptography we cannot prevent this, but
+cryptography gives us tools to very effectively make whatever information the attacker is able to read useless to them.
+
+A basic principle of Quantum Physics is the \emph{No-Cloning Theorem}, which states that it is impossible to create an
+identical, independent copy of an arbitrary, unknown quantum state. % FIXME citation
+An implication of this theorem is that when we encode classical information into quantum states in just the right way,
+we can make it so that an attacker atttempting to eavesdrop on our quantum information can only actually read this
+information by destroying it in the process. This property can be exploited to replace a number of classical asymmetric
+primitives in interactive settings, % FIXME citation, check if interactive only
+the most popular application of which is replacing an asymmetric Diffie-Hellman key exchange % FIXME citation
+with a quantum process called Quantum Key Distribution that yields much of the same properties.
+
+In the past decades, the field of cryptography has been fundamentally shaped by the development of Quantum Computing and
+Quantum Key Distribution. However, the popular conception that all of today's cryptography will be broken and that we
+have to start from scratch is not accurate. Quantum Computing poses an unique threat to modern cryptography, and Quantum
+Key Distribution is a promising new tool, but the practical implications of both are much more subtle than how they may
+be portrayed. In the remainder of this chapter, we will look into the practical implications of these quantum
+technologies, and we will come to two major conclusions: First, that while the underlying cryptographic primitives will
+change, apart from some minor engineering issues cryptography as a whole will remain largely the same. Second, that
+while Quantum Key Distribution is hailed as a revolution for network security, its practical advantages will remain far
+short of how it is usually conceptualized, and hardware security will assume a pivotal role in the practical security of
+Quantum Key Distribution systems that is a stark departure from its relative irrelevance in today's applied
+cryptography.
+
+Building on these conclusions, we will end this chapter with a study of a use case that illustrates a practical design
+for a secure network employing Quantum Key Distribution. Relying on both established classical and quantum primitives
+with known security properties we will elaborate how one can construct a large-scale network from those primitives
+that provides practical security to its users that goes beyond the (surprisingly limited) extents of quantum security
+proofs.
+
+\subsection{Computational Assumptions and Information\Hyphdash Theoretic Security}
+
+In the past paragraphs we have briefly mentioned that Quantum Computing provides a significant speed-up that can be
+applied to solve many cryptographic problems fast enough for it to become a problem, but we have not elaborated on what
+that means in practice. In this section, we will attempt to provide concrete numbers to quantify the threat that both
+Shor's and Grover's algorithm pose to modern cryptography.
+
+Shor's algorithm allows for the factorization of large numbers in polynomial time on a quantum
+computer, a problem whose hardness (or the hardness of variants of which) is the foundation for the vast majority of
+today's asymmetric cryptography.
+
+While Shor's algorithm attacks the foundations of most modern asymmetric cryptography, Grover's algorithm can be applied
+to hash functionss and symmetric cryptography. Fundamentally, Grover's algorithm is a search algorithm that allows a
+quantum computer to find one target entry out of an \emph{unstructured} list of $N$ source entries in
+$\mathcal{O}\left(\sqrt{N}\right)$ time instead of the $\mathcal{O}\left(N\right)$ time that a classical computer would
+require for an exhaustive search. Applied to cryptography, we model the key space of a symmetric cipher as the
+unstructured list that is input to the algorithm, and set it to search for the key that results in the successful
+decryption of a given ciphtertext.
+
+An important nuance applying these algorithms to cryptography is that while both provide significant speed-ups over
+classical computers, the speed-up of Shor's algorithm is exponential and effectively breaks most modern asymmetric
+cryptography as it erases the asymmetric nature of the underlying mathematical problem. That is, for an asymmetric
+cryptosystem susceptible to Shor's algorithm, there is no set of parameters that is large enough to be safe.
+
+In contrast to this, while Grover's algorithm radically speeds up the breaking of a symmetric cryptosystem, this
+speed-up is only quadratic. In practice this means that it halves the security level % FIXME definition, citation of sec. lvl
+of a given symmetric cipher. While this is bad news for applications that parameterize these symmetric primitives to a
+security level at the lower end of what is considered secure today, the advantage provided by Grover's algorithm can
+easily be compensated by doubling key size. Longer key sizes require more storage or bandwidth for the additional bits
+and result in slightly slower operation of the cipher, but this additional cost is easily manageable even without any
+improvement in today's hardware.
+
+\section{The Physics of Quantum Computing}
+
+\section{Quantum Key Distribution}
+
+\section{Quantum Networking}
+
+\section{Securing QKD Networks with Inertial HSMs}
+
+\section{Outlook}
+
+\newpage
+\printbibliography[heading=bibintoc]
+
+\appendix
+
+\end{document}