The security level of classical cryptography is based on computational complexities such as discrete algorithm, factoring, and other difficult considerations. However, the rapid improvement in computing capabilities offered by cloud computing, quantum computing, etc. has enabled the potential for the deciphering of classical cryptography methodology. Accordingly, due to this change in circumstances, classical cryptography is facing significant challenges in the modern age; the unique security level afforded by quantum cryptography has brought this form of cryptography to the forefront of attention, thereby establishing its relevance.
As a cross product of quantum mechanics and cryptography, the security of quantum cryptography is guaranteed by the doctrine of quantum mechanics, which is based on quantum principles that exist regardless of an attacker's computing capability and storage capacity. The basic principles of quantum mechanics include the following: the uncertainty principle of unknown quantum states, the principle of measurement collapse, non-cloning principle, etc. According to these principles, any operation that attempts to intercept or measure quantum keys will result in a change in the quantum states. As a result of such changes in the quantum states, an eavesdropper or hacker would only be able to obtain insignificant information. Additionally, a legitimate receiver of the information could discover from changes in quantum states that the quantum passwords have been intercepted or compromised.
Based on the characteristics of quantum passwords, a quantum key distribution protocol such as BB84 has been proposed. The communicating parties using these protocols would share a set of secure keys for encrypting and decrypting information. Quantum key distribution processes typically include the following steps: 1) Initially, an original key negotiation phase takes place. Here, a sender would first load certain key information into the quantum states via a modulation process and then send the loaded information to a receiving party or receiver through a quantum channel. From there, the receiver would measure the received quantum states in a random manner; 2) Next, there is a key-screening stage in which two communicating parties would screen the original keys by comparing the measurement base vector of each measurement through classical communication channels; 3) At the third step, the parties would determine whether it is necessary to discard the present key distribution process for another by estimating and analyzing the bit error rate in the transmission process; 4) During a data negotiation phase, parties through a classical channel are able to correct part of the remaining keys (i.e., error correction) and obtain a shared initial key; 5) Finally, there is a privacy amplification phase (i.e., privacy enhancement or secrecy enhancement phase), in which the parties first use privacy amplification algorithms to minimize the amount of information that could possibly be obtained by an eavesdropper and then confirm that the communicating parties end up obtaining a set of shared quantum keys that are unconditionally secure (i.e., shared keys).
Additionally, hash functions are used to implement the above privacy amplification phase. To elaborate, in the privacy amplification phase, the same hash function libraries, which are preset in the quantum devices of the communicating parties, are coupled with description characters of the hash function (i.e., the parameter associated with the implementation of hash functions) that are selected by a negotiation of the communicating parties through classical channels. After reaching an agreement between the communicating parties, initial keys obtained in the data negotiation phase are then input to generate the final shared keys by using the same hash function as that in the privacy amplification phase.
Although quantum cryptography has advantages by virtue of its principles, defects present in the light source device or channels can make it possible for an eavesdropper to hack the quantum channel transmission process and obtain part of the key information—as well as any subsequent data being processed—through the hacking process. For example, due to a lack of ideal single photon source(s), there is a loss in the channel, subsequently resulting in limited detector efficiency, etc. This occurs because weak coherent light sources are often used instead of ideal single photon sources. Accordingly, the existence of multi-photon pulses in the weak coherent light source makes it possible for an eavesdropper to carry out beam-splitting attacks (i.e., PNS attack). To counter such beam-splitting attacks, a decoy-state quantum key distribution scheme is used, in which the sender introduces a single photo decoy-state that pulses with different randomly-generated intensities. However, an eavesdropper may still be able to distinguish the information state from the decoy state by carrying out statistical studies of the fluctuation of the light intensity. As a result, even this type of system may be vulnerable and an eavesdropper may still obtain some quantum key information.
Under these circumstances, the privacy amplification phase aimed at reducing the amount of information the eavesdropper can get becomes more important. However, because the parameter negotiation process has already been completed in classical channels, there is not only an increased risk of eavesdropping, but also other eavesdropping actions in classical channels which may not be detected by the communicating parties. Thus, it is clear that noticeable security risks exist which must be addressed.