# Posts Tagged ‘Cryptosystem

### Limitations of Modern Cryptosystems

Before exploring quantum key distribution, it is important to understand the state of modern cryptography and how quantum cryptography may address current digital cryptography limitations. Since public key cryptography involves complex calculations that are relatively slow, they are employed to exchange keys rather than for the encryption of voluminous amounts of date. For example, widely deployed solutions, such as the RSA and the Diffie-Hellman key negotiation schemes, are typically used to distribute symmetric keys among remote parties. However, because asymmetric encryption is significantly slower than symmetric encryption, a hybrid approach is preferred by many institutions to take advantage of the speed of a shared key system and the security of a public key system for the initial exchange of the symmetric key. Thus, this approach exploits the speed and performance of a symmetric key system while leveraging the scalability of a public key infrastructure.

However, public key cryptosystems such as RSA and Diffie-Hellman are not based on concrete mathematical proofs. Rather, these algorithms are considered to be reasonably secure based on years of public scrutiny over the fundamental process of factoring large integers into their primes, which is said to be “intractable”. In other words, by the time the encryption algorithm could be defeated, the information being protected would have already lost all of its value. Thus, the power of these algorithms is based on the fact that there is no known mathematical operation for quickly factoring very large numbers given today’s computer processing power.

Secondly, there is uncertainty whether a theorem may be developed in the future or perhaps already available that can factor large numbers into their primes in a timely manner. At present, there is no existing proof stating that it is impossible to develop such a factoring theorem. As a result, public key systems are thus vulnerable to the uncertainty regarding the future creation of such a theorem, which would have a significant affect on the algorithm being mathematical intractable. This uncertainty provides potential risk to areas of national security and intellectual property which require perfect security.

In sum, modern cryptography is vulnerable to both technological progress of computing power and evolution in mathematics to quickly reverse one way functions such as that of factoring large integers. If a factoring theorem were publicized or computing became powerful enough to defeat public cryptography, then business, governments, militaries and other affected institutions would have to spend significant resources to research the risk of damage and potentially deploy a new and costly cryptography system quickly.

### Quantum cryptography

The concept of quantum cryptography(QC), which utilizes a quantum channel and classical TMs (Turing Machine) (as well as a classical channel) and some protocols such as oblivious transfer based on this concept have also been presented. QC is one of the solutions to the above-mentioned problem when a QTM (Quantum Turing Machine) is realized in the future: that is, QC will be used for key-distribution in place of public-key encryption if a QTM is realized. The major difference between QC and QPKC is that QC employs a quantum channel (and classical channel)while QPKC (Quantum Public Key Cryptosystem) employs only a classical channel. The security assumption for a QC scheme is quantum mechanics (believed by most physicists), while that fora QPKC scheme is a computational assumption (e.g., existence of a one-way function) in the QTM model.

Although several experimental QC systems have been already realized in the current technologies, recently reported security flaws of these systems are due to their realistic restrictions of quantum channels such as channel losses, realistic detection process, modifications of the qubits through channels, and fixed dark count error over long distance channels. In addition, it is likely that much more complicated communication networks will be utilized in the future, and it seems technically very hard and much costly to realize a quantum channel from end to end through such complicated networks even in the future.

Accordingly, the QPKC approach seems much more promising, since in many applications encryption and key-distribution should be realized by end-to-end communication through (classical) complicated communication networks. QC provides no solution to the problem of digital signatures when a QTM is realized: that is, QC cannot be used in digital signatures. Hence, our QPKC approach may be the only possible solution to the problem of digital signatures when a QTM is realized.