1. Field of the Invention
The present invention relates to a secret key distribution method and a secret key distribution system that combine quantum communication in which information is put on a quantum state of a photon, making it almost impossible to eavesdrop, with a classic relay that temporarily converts the information transmitted in quantum communication into classic information and then transmits the relayed information in quantum communication again.
2. Description of the Related Art
In quantum cryptography communication, a quantum state of a photon is used to carry information so as to distribute a secret key safely, making use of the fact that duplication of the quantum state is theoretically impossible. The property of making duplication impossible offers a security advantage, but on the other hand, it means that amplification is impossible even if the photon is attenuated in a communication path, such as an optical fiber. Since relaying cannot be effected by simple signal amplification, the distance available for quantum cryptography communication is limited to the distance that a generated photon would be transmitted without attenuation. It is known that the distance is about 100 km in conventional techniques in the case where a transmission rate of about 10 bps is to be ensured.
Under the circumstances, research has been made to realize quantum cryptography communication over a long distance by generating quantum systems having quantum correlation called an entanglement at a long-distance from each other (see L. M. Duan, et al., Nature, 414, 413, 2001; Jpn. Pat. Appln. KOKAI Publication No. 11-346211; and Jpn. Pat. Appln. KOKAI Publication No. 2000-339387). To secure almost perfect or unconditional security, such a method is effective.
On the other hand, when the security of the relay station is regarded as being secured sufficiently judging from a necessary security level, the following method would be practicable and useful: That is, quantum communication is used in communication paths between relay stations, which are spread spatially and whose security is difficult to ensure. In each of the relay stations, the information transmitted in quantum communication is converted once into classic information and then relayed. Then, the relay stations transmit the information through quantum communication again.
In this case, a method would be considered in which quantum cryptography communication is performed between the first transmitting station and a relay station, between relay stations, and between a relay station and the last receiving station so as to send content of communication in itself to be transmitted in the form of quantum information between respective sites one after another. However, this method always requires quantum communication whenever cryptography communication is desired. In contrast, if only a secret key, i.e., a common random number table, has been shared beforehand, the secret key is used when the content of communication to be sent are encrypted, enabling a secure cryptogram to be sent via a classic transmission path easy to use anywhere, which is often convenient. Since normal communication via a classic transmission path is performed in this method, it offers the advantage of being capable of sending the content of communication to be sent at a high transmission rate at any time. Therefore, the secret key distribution method becomes important.
When a secret key distribution method without an entanglement frequently tested at present is tried directly in quantum communication between relay stations in distributing a long-distance communication secret key by way of classic relay stations, the following problem arises: that is, the number of secret keys decreases at a rate of ½ or less each time relaying is performed, regardless of the relay distance, making the relaying meaningless. This problem is attributed to the following reasons. In a secret key distribution method tested at present, in order to ensure security, random bases unrelated to one another are used when the secret key sender puts the key on a quantum state and transmits the key and when the receiver receives the transmitted key by detecting the quantum state. After the transmission and reception are completed, the sender and the receiver exchange information about the used bases via a classic communication path and use only the key whose bases have happened to coincide with each other. In this method, even if information about the bases used by the sender and receiver has leaked out, since the photon has already passed through the quantum transmission path (e.g., an optical fiber), such a type of eavesdropping that extracting the photon from the quantum transmission path and detecting the photon using the base to obtain information about the secret key and then generating a photon in the same quantum state and making the photon return to the quantum transmission path, cannot be done. However, since the bits whose bases have not coincided with each other are discarded in exchange of security, the number of secret keys is decreased each time relaying is performed as described above.
A method would also be considered in which a secret key for long-distance communication in itself is transmitted as content of classic communication to be sent using quantum cryptography communication between a transmitting station and a relay station, between relay stations, and a relay station and a receiving station. In this method, operations of sharing a secret key for long-distance communication using a quantum communication path and a classic communication path between relay stations, for example, and sending the secret key safely are repeated in succession between relay stations. In this case, each quantum cryptography communication between relay stations requires a random number table on which the secret key to be shared for the quantum cryptography communication between the relay stations is based, in addition to the random number table for selection of the base, thus consuming a large number of random number. Therefore, the problem is that a high-quality and efficient random number-generating mechanism has to be built in. Further, since it is necessary to use secret keys repeatedly, it is difficult to increase the transmission rate, unless the number of bits discarded wastefully is reduced.
As described above, when a secret key for long-distance communication is to be distributed by repeating secure quantum communication between relay stations in the case where security in the relay stations would be secured, there arise a problem that the number of secret keys is exponentially decreased each time relaying is performed, or a large number of high-quality random numbers must be generated efficiently. However, a simple of solving these problems has not been known.