TY - JOUR

T1 - Semiquantum key distribution

AU - Boyer, Michel

AU - Gelles, Ran

AU - Kenigsberg, Dan

AU - Mor, Tal

PY - 2009/3/3

Y1 - 2009/3/3

N2 - Secure key distribution between two remote parties is impossible when both are classical, unless some unproven (and arguably unrealistic) computation-complexity assumptions are made, such as the difficulty of factorizing large numbers. On the other hand, a secure key distribution is possible when both parties are quantum. What is possible when only one party (Alice) is quantum, yet the other (Bob) has only classical capabilities? Recently, a semiquantum key distribution protocol was presented, in which one of the parties (Bob) is classical, and yet, the protocol is proven to be completely robust against an eavesdropping attempt. Here we extend that result much further. We present two protocols with this constraint and prove their complete robustness against attacks: we prove that any attempt of an adversary to obtain information (and even a tiny amount of information) necessarily induces some errors that the legitimate parties could notice. One protocol presented here is identical to the one referred to above; however, its robustness is proven here in a much more general scenario. The other protocol is very different as it is based on randomization.

AB - Secure key distribution between two remote parties is impossible when both are classical, unless some unproven (and arguably unrealistic) computation-complexity assumptions are made, such as the difficulty of factorizing large numbers. On the other hand, a secure key distribution is possible when both parties are quantum. What is possible when only one party (Alice) is quantum, yet the other (Bob) has only classical capabilities? Recently, a semiquantum key distribution protocol was presented, in which one of the parties (Bob) is classical, and yet, the protocol is proven to be completely robust against an eavesdropping attempt. Here we extend that result much further. We present two protocols with this constraint and prove their complete robustness against attacks: we prove that any attempt of an adversary to obtain information (and even a tiny amount of information) necessarily induces some errors that the legitimate parties could notice. One protocol presented here is identical to the one referred to above; however, its robustness is proven here in a much more general scenario. The other protocol is very different as it is based on randomization.

UR - http://www.scopus.com/inward/record.url?scp=64149108846&partnerID=8YFLogxK

U2 - 10.1103/PhysRevA.79.032341

DO - 10.1103/PhysRevA.79.032341

M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???

AN - SCOPUS:64149108846

SN - 1050-2947

VL - 79

JO - Physical Review A - Atomic, Molecular, and Optical Physics

JF - Physical Review A - Atomic, Molecular, and Optical Physics

IS - 3

M1 - 032341

ER -