1. Field of the Invention
The present invention relates to systems for distributing a key using a transmission channel employing electrons, electromagnetic waves, or photons as a transmission medium. More particularly, the present invention relates to a system and method for distributing a key which function to amplify a transmission signal to realize the distribution of a key over a long distance while maintaining the relation between the signal and noise to satisfy predetermined criteria for security measures against eavesdropping activities.
2. Description of Prior Art
As conventional techniques, described below are the open key cryptography, quantum cryptography, YK protocol. As an encryption scheme that has widely come into widespread use today, the open key cryptography is available. As is well known, the open key cryptography assures security from the viewpoint of the amount of calculations based on the fact that currently available computers are incapable of factoring a large number into its prime components in real time. However, in 1994, P. W. Shor discovered a quantum calculation algorism for factoring numbers into their prime components, thereby leading to an increase in insecure feeling about the open key cryptography as well as in expectation on quantum cryptography. The quantum cryptography assures security in accordance with the quantum mechanical principle, and several transmission protocols have been suggested until now (refer to C. H. Bennet and G. Brassard, “Proceedings of IEEE International Conference on Computers, System and Signal Processing”, Bangolore, India (IEEE New York, 1984), pp175) However, in order to assure absolute security by means of quantum cryptography, it is necessary to control a single photon, which is extremely difficult to realize using current techniques. In addition, conventional amplifiers cannot be used in principle for communications even using very weak light instead of a single photon and therefore only an experimental key distribution has been successfully carried out over about several tens of kilometers until now. This has been a major stumbling block in the course of putting the quantum cryptography into practical use.
In contrast to this, H. P. Yuen and A. M. Kim from Nothwestern University suggested an encryption scheme (YK protocol) for generally realizing the same function using classical noise as that of the quantum cryptography. (Refer to H. P. Yuen and A. M. Kim, “Classical noise-based cryptography similar to two-state quantum cryptography”, Physics Letter A. 241, pp135-138 (1998)). Now, the YK protocol is explained below.
FIG. 1 is a block diagram illustrating the configuration of a system based on YK protocol. The system includes a transmission-side key generator portion 206 for performing processing on the distribution of a key such as generating a “0” and “1” bit train in accordance with the protocol of encrypted code transmission. The system also includes a modulator 204 for performing modulation in accordance with the bit train delivered from the transmission-side key generator portion 206 and an optical transmitter 202 for transmitting the modulated signal as an optical signal. The system further includes an optical transmission channel 201 for transmitting the optical signal and an optical receiver 203 for receiving the optical signal transmitted from the optical transmitter 202 over the optical transmission channel 201 and then converting the signal into an electric signal to output the resulting signal. The system still further includes a channel 210 and a threshold value processing portion 205 for performing threshold value processing on the electric signal delivered from the optical receiver 203. The system further includes a receiver-side key generator portion 207 for communicating with the transmission-side key generator portion 206 over the channel 210 in accordance with the output from the threshold value processing portion 205 to perform processing for the distribution of encrypted codes, and key storage portions 208, 209 for storing shared encrypted codes.
This key distribution system is characterized in that the threshold value processing portion 205 performs the following special threshold value processing. FIG. 2 is an explanatory view of the threshold value processing, illustrating the probability distribution of signals corresponding to “0” in graph 0 and that of signals corresponding to “1” in graph 1. According to a general threshold value determination, a threshold value is specified at position “a”. The value of a signal is determined to be “1” if the value is less than the threshold value and “0” if the value is greater than the threshold value. In contrast to this, according to the YK protocol, a threshold value is placed at positions “b” and “c”. The value of a signal is determined to be “1” if the value is less than the threshold value b, “0” if the value is greater than the threshold value c, and “undeterminable” otherwise. The YK protocol employs weak light for transmission to be intentionally vulnerable to the effects of noise, thereby increasing an overlap between the graph 0 and graph 1. This makes it difficult for an eavesdropper to intercept the key due to an increased probability of an erroneous determination even when the threshold value processing is performed with the threshold value being placed at “a” so that the eavesdropper can have the optimum eavesdropping method. In addition, suppose that the eavesdropper has placed the threshold value at the positions “b” and “c”. In this case, since the noise of the receiver of the eavesdropper is independent of the noise of the optical receiver 203 of the authorized user, there is a discrepancy in the position of a determinable bit between the two parties. It is thus also difficult to intercept the encrypted code.
This makes it possible to realize a highly secure system against the eavesdropping of encrypted codes. Now, the procedure for distributing a key is explained below with reference to FIG. 3. FIG. 3 is a flow diagram illustrating the procedure for distributing a key by the Yuen scheme. First, the transmission-side key generator portion 206 generates random numbers to produce a “0” and “1” bit train, and then transmits the information using the modulator 204, the optical transmitter 202, and the optical transmission channel 201 (401). The signal received by the optical receiver 203 is subjected to the aforementioned threshold value processing in the threshold value processing portion 205, and then the resulting signal is passed to the receiver-side key generator portion 207 (402). The receiver-side key generator portion 207 transmits the position of the resulting undeterminable bit to the transmission-side key generator portion 206 over the channel 210 (403). The transmission-side key generator portion 206 and the receiver-side key generator portion 207 discard the undeterminable bit to store the remaining bits as the shared key in each of the key storage portions 208, 209 (404 and 405). The transmission-side key generator portion 206 and the receiver-side key generator portion 207 communicate and agree with each other to confirm the value of a bit placed at a randomly specified position in the bit train stored, respectively, and then check if those values agree with each other. When this processing is repeated several times to yield the ratio of disagreement greater than a predetermined value R, which is indicative of the presence of an eavesdropper, the key stored in the key storage portion is discarded.
Unlike the quantum cryptography using the quantum mechanical property of light, the Yuen scheme employs classical noise, and thus it is pointed out that there is a possibility of using an amplifier. (Refer to H. P. Yuen and A. M. Kim, “Classical noise-based cryptography similar to two-state quantum cryptography”, Physics Letter A. 241, pp135-138 (1998)). This is one of the substantial advantages of the YK protocol over the quantum cryptography.
However, in the aforementioned technical literature, it is pointed out only in principle that there is a possibility of providing a repeater (by optical amplification) for a coherent optical transmission, but no specific implementing method is described in the literature. Furthermore, for the coherent optical transmission, polarized waves are unstable in the optical fiber and therefore it is difficult to use the coherent optical transmission under the condition of such a low S/N ratio.