06-07-2012, 03:17 PM
Provably Secure Three-Party Authenticated Quantum Key Distribution Protocols
Key distribution protocols are used for sharing secret session keys between users on communication networks. These shared session keys are used for secure communication on insecure public networks. Various security problems exist in poorly designed key distribution protocols. A legitimate participant cannot ensure that received session key is correct and cannot confirm the identity of other participant. Designing secure key distribution protocols in communication security is a top priority.
In some key distribution protocols, two users obtain a shared session key through a trusted center (TC). Since three parties are involved in session key negotiations, these protocols are called three-party key distribution protocols. In contrast, in two-party protocols only sender and receiver are involved in session key negotiations.
In classical cryptography, three-party key distribution protocols use challenge-response mechanisms or timestamps to prevent replay attacks. However, challenge-response mechanisms require at least two communication rounds between TC and participants and timestamp approach needs assumption of clock synchronization. Classical cryptography cannot detect passive attacks.
In quantum cryptography, quantum key distribution protocols (QKDPs) use quantum mechanisms to distribute session keys and public discussions to check for eavesdropping and verify the correctness of a session key. Quantum cryptography easily resists replay and passive attacks, whereas classical cryptography enables efficient key verification and user authentication. By integrating advantages of both classical and quantum cryptography, we present two QKDPs with the following contributions:
(a) Man-in-the-middle attacks can be prevented, eavesdropping can be detected and replay attacks can be avoided easily.
(b) user authentication and session key verification can be done in one step without public discussions between sender and receiver.
© the secret key preshared by a TC and a user can be repeatedly used
(d) the proposed schemes are first provably secure QKDPs under the random oracle model.
The proposed QKDPs require the fewest communication rounds among existing QKDPs. In the proposed 3AQKDP (Three-Party Authenticated Quantum Key Distribution Protocol) there is implicit user authentication, which ensures that confidentiality is only possible for legitimate users and mutual authentication is achieved only after secure communication using the session key start. We assume that every participant shares a secret key with the TC in advance. The modified protocol 3QKDPMA (Three-Party Authenticated Quantum Key Distribution Protocol with Mutual Authentication) can achieve eplicit user authentication. The proposed 3QKDPMA can be divided into two phases—setup phase and key distribution phase. In the setup phase, users preshare secret keys with the TC. The key distribution phase describes how users could share the session key with the assistance of TC and achieve the explicit user authentication.
The implementation requires the following resources: