Add todo command
This commit is contained in:
jaseg
parent
e9de75411f
commit
dcf54bd0f5
2 changed files with 26 additions and 22 deletions
BIN
chapter-qkd/chapter.pdf
Normal file
BIN
chapter-qkd/chapter.pdf
Normal file
Binary file not shown.
|
|
@ -1,7 +1,7 @@
|
|||
\documentclass[12pt,a4paper,notitlepage]{report}
|
||||
\usepackage[ngerman, english]{babel}
|
||||
\usepackage[utf8]{inputenc}
|
||||
\usepackage[a4paper, top=2cm, bottom=3.5cm, left=3cm, right=4cm]{geometry}
|
||||
\usepackage[a4paper, top=2cm, bottom=3.5cm, left=3.5cm, right=5cm]{geometry}
|
||||
% Matti remarkable tablet special size
|
||||
%\usepackage[paperwidth=15cm, paperheight=244mm, top=1cm, bottom=1cm, left=5mm, right=5mm]{geometry}
|
||||
\usepackage[T1]{fontenc}
|
||||
|
|
@ -75,6 +75,9 @@
|
|||
|
||||
\newcommand{\degree}{\ensuremath{^\circ}}
|
||||
\newcolumntype{P}[1]{>{\centering\arraybackslash}p{#1}}
|
||||
\setlength{\marginparwidth}{3cm}
|
||||
\definecolor{todoboxcolor}{RGB}{251 224 252}
|
||||
\newcommand{\todo}[1]{\marginpar{\setlength{\fboxsep}{4mm}\colorbox{todoboxcolor}{\parbox{\marginparwidth}{\raggedright\textsf{\small\textbf{To do}\\\footnotesize#1}}}}}
|
||||
|
||||
\begin{document}
|
||||
\dominitoc
|
||||
|
|
@ -170,12 +173,12 @@ is, for an asymmetric cryptosystem susceptible to Shor's algorithm, there is no
|
|||
to be safe.
|
||||
|
||||
In contrast to this, while Grover's algorithm radically speeds up the breaking of a symmetric cryptosystem, this
|
||||
speed-up is only quadratic. In practice this means that it halves the security level % FIXME definition, citation of sec. lvl
|
||||
of a given symmetric cipher. While this is bad news for applications that parameterize these symmetric primitives to a
|
||||
security level at the lower end of what is considered secure today, the advantage provided by Grover's algorithm can
|
||||
easily be compensated by doubling key size. Longer key sizes require more storage or bandwidth for the additional bits
|
||||
and result in slightly slower operation of the cipher, but this additional cost is easily manageable even without any
|
||||
improvement in today's hardware.
|
||||
speed-up is only quadratic. In practice this means that it halves the security level \todo{definition, citation of
|
||||
security level} of a given symmetric cipher. While this is bad news for applications that parameterize these symmetric
|
||||
primitives to a security level at the lower end of what is considered secure today, the advantage provided by Grover's
|
||||
algorithm can easily be compensated by doubling key size. Longer key sizes require more storage or bandwidth for the
|
||||
additional bits and result in slightly slower operation of the cipher, but this additional cost is easily manageable
|
||||
even without any improvement in today's hardware.
|
||||
|
||||
\section{The Practical Security Implications of Quantum Computing}
|
||||
\label{qc-practical-implications}
|
||||
|
|
@ -215,7 +218,7 @@ much larger key and/or ciphertext size and worse performance compared to state-o
|
|||
exchange or signature algorithms, pairing it with a classically secure alternative incurs only a negligible overhead in
|
||||
key storage, network communication and computation costs.
|
||||
|
||||
% FIXME TODO research some more policies.
|
||||
\todo{research some more policies.}
|
||||
|
||||
\section{The Physics of Quantum Computing}
|
||||
|
||||
|
|
@ -257,7 +260,8 @@ implementations for their qubits that include photons and squeezed light, but ex
|
|||
various aspects of currents in superconducters into phonons\cite{berriosHighFidelityQuantum2012}.
|
||||
|
||||
\subsection{Practical Challenges}
|
||||
% FIXME I don't like this paragraph.
|
||||
\todo{I don't like this paragraph.}
|
||||
>>>>>>> b6e2696 (Add todo command)
|
||||
The central challenge in general quantum computers is extending the lifetime of the quantum state encoding a qubit.
|
||||
Quantum states are extremely sensitive to disturbances, and despite the best efforts to shield their quantum states
|
||||
against external influence, their lifetime is still inconveniently short compared to the timescales required for quantum
|
||||
|
|
@ -269,8 +273,9 @@ endpoints of the QKD protocol.
|
|||
While QKD systems are easy to build and operationally robust compared to general quantum computers, at their core they
|
||||
still exchange information through quantum states that physically need to transit the distance from one endpoint to the
|
||||
other. For classical computer networks, bridging distances of several hundred kilometers is no big challenge. Using
|
||||
appropriate high-power transceivers, a single optical link can already bridge upwards of 100km. % FIXME cite
|
||||
Longer ranges can easily be achieved by either logically chaining multiple links, or by using optical amplifiers.
|
||||
appropriate high-power transceivers, a single optical link can already bridge upwards of 100km. \todo{Citation on
|
||||
distance} Longer ranges can easily be achieved by either logically chaining multiple links, or by using optical
|
||||
amplifiers.
|
||||
|
||||
In contrast, the quantum states at the core of QKD systems must necessarily be ``weak''. A single quantum state on the
|
||||
wire on average must consist of approximately a single photon. If the system's quantum states consisted of more than one
|
||||
|
|
@ -306,10 +311,10 @@ Decoherence is less relevant for the distance limitation, and mostly limits whic
|
|||
utilized in the first place. Due to decoherence, QKD systems usually use Single-Mode (SM) fiber over Multi-Mode (MM)
|
||||
fiber, and makes it more difficult to utilize Wavelength Division Multiplexing (xWDM) to send multiple either quantum or
|
||||
classical optical signals through a single fiber.
|
||||
% FIXME go more into the details on xWDM, elaborate on decoherence mechanisms, especially crosstalk in the context of
|
||||
% xWDM.
|
||||
\todo{go more into the details on xWDM, elaborate on decoherence mechanisms, especially crosstalk in the context of
|
||||
xWDM.}
|
||||
|
||||
% FIXME CV-QKD
|
||||
\todo{CV-QKD}
|
||||
|
||||
\subsection{Relaying}
|
||||
% FIXME (one?) term of the art seems to be "repeater"
|
||||
|
|
@ -319,7 +324,7 @@ QKD link. What remains as ways to extend the range of a QKD link are \emph{relay
|
|||
terminated at the relay, and another is started, with the relay proxying information between the two. We can separate
|
||||
relay implementations into two broad categories.
|
||||
|
||||
% FIXME mention that one MDI-QKD range doubling hack
|
||||
\todo{mention that one MDI-QKD range doubling hack}
|
||||
\begin{description}
|
||||
\item[Classical relays] encompass the trivial implementation of a relay, where the QKD link is formed by simply
|
||||
stitching two QKD links together by connecting one link's receiver to the other link's transmitter. The key
|
||||
|
|
@ -367,8 +372,8 @@ revolves around managing the levels of these key stores to avoid depletion.
|
|||
As we discussed above, when it comes down to practical, end-to-end security properties, Quantum Key Distribution
|
||||
removes trust in the hardness of particular mathematical problems (good!), but increases trust in the physical
|
||||
integrity of the transceivers of the QKD link (bad!). In scenarios where the communicating parties are all located
|
||||
within physical proximity, in QKD meaning within at most a few hundred kilometers from each other depending on secret
|
||||
key rate requirements, this added trust is of no consequence because the communcating parties' hardware must be trusted
|
||||
within physical proximity--in QKD, meaning within at most a few hundred kilometers from each other depending on secret
|
||||
key rate requirements--this added trust is of no consequence because the communcating parties' hardware must be trusted
|
||||
in either QKD-assisted or purely classical setups. However, this trust requirement becomes a burden as soon as at least
|
||||
one party is too far away (or higher secret key rates are required), as now physically trusted relays become necessary.
|
||||
|
||||
|
|
@ -376,15 +381,14 @@ Extrapolating to practical deployments, we can make two predictions. First, as Q
|
|||
actual data transfer still happens through normal off-the-shelf telecommunications components in QKD networks, there is
|
||||
no reason for a practical QKD setup to \emph{not} also use classical cryptography as an additional layer for defense in
|
||||
depth,
|
||||
% FIXME citation on defense in depth, and on this hybrid scenario
|
||||
\todo{citation on defense in depth, and on this hybrid scenario}
|
||||
meaning the QKD setup will at worst degrade to the same security a purely classical system would provide, never less.
|
||||
|
||||
The second prediction we can make is that any practical QKD network will have to use trusted relays to bridge large
|
||||
distances. While in certain specialized applications such as the proposed financial QKD network in Switzerland
|
||||
% FIXME citation
|
||||
smaller, isolated networks are conceivable, in every telecommunication system from the telegraph through the telephone
|
||||
system and up to the internet it has been shown conclusively that there is a real demand for a unified, global
|
||||
interconnected network. % FIXME citation on historic networks
|
||||
\todo{citation on swiss deployment} smaller, isolated networks are conceivable, in every telecommunication system from
|
||||
the telegraph through the telephone system and up to the internet it has been shown conclusively that there is a real
|
||||
demand for a unified, global interconnected network. \todo{citation on historic networks}
|
||||
|
||||
In this section, we will outline a solution that provides practical, end-to-end security in large-scale QKD networks by
|
||||
delegating the hardware trust issue of QKD relays to Inertial Hardware Security Modules. The primary design challenges
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue