The Full Wiki

Kish cypher: Wikis


Note: Many of our articles have direct quotes from sources you can cite, within the Wikipedia article! This article doesn't yet, but we're working on it! See more info or our list of citable articles.

Encyclopedia

From Wikipedia, the free encyclopedia

The Kish cypher[1], is a technique for maintaining secure communications using classical physics in contrast to quantum cryptography, due to L. B. Kish. The Kish cypher is a hardware-based technique and should not be confused with a software approach called the Kish-Sethuraman (KS) cypher. [2][3]

Contents

The Kish cypher scheme

The communication channel is a standard wire, and conceptually the sender can transmit a message by simply switching between two different resistor values at one end of the wire. At the other end, the receiver can also reciprocate by switching in and out resistors. No signals are sent along the line. The receiver simply uses a spectrum analyser to passively measure the Johnson noise of the line. From the noise, the total resistance of the line can be calculated. The receiver knows his/her own resistor value, so can then deduce the sender's resistor. In this way messages can be simply encoded in terms of binary states dependent on two resistor values. The system is thought to be secure because although an eavesdropper can measure the total resistance, he/she has no knowledge of the individual values of the receiver and sender.

The use of resistors is an idealization for visualization of the scheme, however, in practice, one would use artificially generated noise with higher amplitude possessing Johnson-like properties. This removes the restriction of operation within thermal equilibrium. It also has the added advantage that noise can be ramped down to zero before switching and can be ramped up back to the nominal value after switching, in order to prevent practical problems involving unwanted transients.

To protect the Kish cypher against invasive attacks, including man-in-the-middle attacks, the sender and receiver continuously monitor the current and voltage amplitudes[4] and broadcast them via independent public channels. In this way they have full knowledge of the eavesdropper's information.[5]

Debate

There have been a number of objections to this scheme as follows:

  • An eavesdropper may potentially crack the Kish cypher by evaluating a resistor value at one end of the wire, in the time window where the resistor at the other end is being switched out. The response to this claim is that this attack is completely avoidable by the simple trick of doing the switching when both the voltage and the current are zero in the line. In the hardware demonstration of the cypher, the voltage (and current) was ramped down to zero before the switching took place in order to create this situation in an easy way [6]. A simpler method to eliminate this problem utilizes the fact that accurate noise measurement is slow, as it requires an averaging process. The resistors are switched faster than the noise measurement time. Thus security is maintained, as the Kish cypher is elegantly based on classical time-amplitude measurement uncertainty, in the same way that quantum uncertainty is at the heart of secure quantum cryptography. Whilst the time it takes to perform a noise measurement gives the Kish scheme its security, the downside is the resulting slow operation.
  • The Kish cypher is very slow. The reply to this objection is that quantum cryptography is also very slow.[7] Quantum cryptographers therefore only claim their technique is to be used for secure key distribution to make classical encryption more secure. Similarly the Kish cypher can be used for secure key distribution and not the whole message.
  • The use of the Johnson noise formula to evaluate the resistor values requires thermal equilibrium. In the Kish cypher method this is far from the case. For example, it cannot be guaranteed that the receiver and sender are at the same temperature. This objection is addressed by using artificial noise sources with Johnson-like characteristics rather than actual resistor values.[8]

Attacking physical realizations of the Kish scheme

Hacking attacks against the actual circuit realization of the Kish scheme, utilizing non-ideal features, such as inaccuracies and stray resistive elements, can be exploited to extract a fraction of the transmitted key bits. In 2005, Bergou proposed a method of finding such a weakness in the Kish scheme by utilizing the wire resistance.[9] Then in 2006, Scheuer and Yariv analyzed Bergou's attack in detail.[10] Later, in 2006, a defense against the Bergou-Yariv-Scheuer attack was mounted[11] and then experimentally confirmed in 2007,[6] where Mingesz et al. showed that it was possible to build a hardware realization communicating over two thousand kilometers with 99.98% fidelity and a maximum of a 0.19% leak to an eavesdropper. It also turns out that the sender can exactly calculate which of the bits have been detected by the eavesdropper and this is possible as the Kish scheme is classical rather than quantum—this was mathematically analyzed by Kish and Horvath in 2009.[5]

See also

Notes

  1. ^ Noise keeps spooks out of the loop - tech - 23 May 2007 - New Scientist Tech
  2. ^ L. B. Kish and S. Sethuraman, "Non-breakable data encryption with classical information," Fluctuation and Noise Letters, 4:C1–C5, (2004).[1]
  3. ^ A. Klappenecker, "Remark on a 'non-breakable data encryption' scheme by Kish and Sethuraman," Fluctuation and Noise Letters, 4:C25, (2004).[2]
  4. ^ L. B. Kish, "Protection against the man-in-the-middle-attack for the Kirchhoff-loop-Johnson(-like)-noise cipher and expansion by voltage-based security," Fluctuation and Noise Letters, 6:L57-L63, (2006), http://arxiv.org/abs/physics/0512177
  5. ^ a b L. B. Kish and T. Horvath, "Notes on recent approaches concerning the Kirchhoff-Law-Johnson-Noise-based secure key exchange," Physics Letters A (2009) http://arxiv.org/pdf/0903.2071
  6. ^ a b R. Mingesz, Z. Gingl, L. B. Kish, "Johnson(-like)-noise-Kirchhoff-loop based secure classical communicator characteristics, for ranges of two to two thousand kilometers, via model-line," Physics Letters A, 372(7):978-984, (2008).
  7. ^ G. A. Barbosa, E. Corndorf, P. Kumar, and H. P. Yuen, Phys. Rev. Lett., 90(22), art. no. 227901 (2003).
  8. ^ L. B. Kish, "Totally secure classical communication utilizing Johnson (-like) noise and Kirchhoff's law," Physics Letters A, 352(3):178-182, (2006).
  9. ^ A. Cho, "Cryptography - Simple noise may stymie spies without quantum weirdness," Science 309(5744):2148-2148, (2005)
  10. ^ J. Scheuer and A. Yariv, "A classical key-distribution system based on Johnson (like) noise - How secure?" Physics Letters A, 359(6):737-740, (2006).
  11. ^ L. B. Kish, "Response to Scheuer–Yariv: 'A classical key-distribution system based on Johnson (like) noise—how secure?' Physics Letters A, 359:741–744, (2006).

External links


The Kish cypher[1] is a technique purported to maintain secure communications using classical physics due to L. B. Kish. The Kish cypher is a hardware-based technique and should not be confused with a software approach called the Kish-Sethuraman (KS) cypher. [2][3]

Contents

The Kish cypher scheme

The communication channel is a standard wire, and conceptually the sender can transmit a message by simply switching between two different resistor values at one end of the wire. At the other end, the receiver can also reciprocate by switching in and out resistors. No signals are sent along the line. The receiver simply uses a spectrum analyser to passively measure the Johnson noise of the line. From the noise, the total resistance of the line can be calculated. The receiver knows his/her own resistor value, so can then deduce the sender's resistor. In this way messages can be simply encoded in terms of binary states dependent on two resistor values. The system is thought to be secure because although an eavesdropper can measure the total resistance, he/she has no knowledge of the individual values of the receiver and sender.

The use of resistors is an idealization for visualization of the scheme, however, in practice, one would use artificially generated noise with higher amplitude possessing Johnson-like properties. This removes the restriction of operation within thermal equilibrium. It also has the added advantage that noise can be ramped down to zero before switching and can be ramped up back to the nominal value after switching, in order to prevent practical problems involving unwanted transients.

To protect the Kish cypher against invasive attacks, including man-in-the-middle attacks, the sender and receiver continuously monitor the current and voltage amplitudes[4] and broadcast them via independent public channels. In this way they have full knowledge of the eavesdropper's information.[5]

Debate

There have been a number of objections to this scheme as follows:

  • An eavesdropper may potentially crack the Kish cypher by evaluating a resistor value at one end of the wire, in the time window where the resistor at the other end is being switched out. The response to this claim is that this attack is completely avoidable by the simple trick of doing the switching when both the voltage and the current are zero in the line. In the hardware demonstration of the cypher, the voltage (and current) was ramped down to zero before the switching took place in order to create this situation in an easy way [6]. A simpler method to eliminate this problem utilizes the fact that accurate noise measurement is slow, as it requires an averaging process. The resistors are switched faster than the noise measurement time. Thus security is maintained, as the Kish cypher is elegantly based on classical time-amplitude measurement uncertainty, in the same way that quantum uncertainty is at the heart of secure quantum cryptography. Whilst the time it takes to perform a noise measurement gives the Kish scheme its security, the downside is the resulting slow operation.
  • The Kish cypher is very slow. The reply to this objection is that quantum cryptography is also very slow.[7] Quantum cryptographers therefore only claim their technique is to be used for secure key distribution to make classical encryption more secure. Similarly the Kish cypher can be used for secure key distribution and not the whole message.
  • The use of the Johnson noise formula to evaluate the resistor values requires thermal equilibrium. In the Kish cypher method this is far from the case. For example, it cannot be guaranteed that the receiver and sender are at the same temperature. This objection is addressed by using artificial noise sources with Johnson-like characteristics rather than actual resistor values.[8]

Attacking physical realizations of the Kish scheme

While the mathematical concept is unconditionally secure, hacking attacks against the actual physical realization of the Kish scheme, utilizing non-ideal features, such as inaccuracies and stray resistive elements, can be exploited to extract a fraction of the transmitted key bits. In 2005, Bergou proposed a method of finding such a weakness in the Kish scheme by utilizing the wire resistance.[9] Then in 2006, Scheuer and Yariv analyzed Bergou's attack in detail.[10] In 2010, Kish and Scheuer critically revisited the old Scheuer and Yariv results and showed that the original calculations of the Bergou-Scheuer-Yariv-attack were incorrect; moreover the new calculations indicate that the actual effect is about 1000 times weaker. [11] Back in 2006, a defense against the Bergou-Yariv-Scheuer attack was mounted[12] and then experimentally confirmed in 2007,[6] where Mingesz et al. showed that it was possible to build a hardware realization communicating over two thousand kilometers with 99.98% fidelity and a maximum of a 0.19% leak to an eavesdropper. It also turns out that the sender can exactly calculate which of the bits have been detected by the eavesdropper and this is possible as the Kish scheme is classical rather than quantum—this was mathematically analyzed by Kish and Horvath in 2009.[5]

See also

Notes

  1. ^ Noise keeps spooks out of the loop - tech - 23 May 2007 - New Scientist Tech
  2. ^ L. B. Kish and S. Sethuraman, "Non-breakable data encryption with classical information," Fluctuation and Noise Letters, 4:C1–C5, (2004).[1]
  3. ^ A. Klappenecker, "Remark on a 'non-breakable data encryption' scheme by Kish and Sethuraman," Fluctuation and Noise Letters, 4:C25, (2004).[2]
  4. ^ L. B. Kish, "Protection against the man-in-the-middle-attack for the Kirchhoff-loop-Johnson(-like)-noise cipher and expansion by voltage-based security," Fluctuation and Noise Letters, 6:L57-L63, (2006), http://arxiv.org/abs/physics/0512177
  5. ^ a b L. B. Kish and T. Horvath, "Notes on recent approaches concerning the Kirchhoff-Law-Johnson-Noise-based secure key exchange," Physics Letters A (2009) http://arxiv.org/pdf/0903.2071
  6. ^ a b R. Mingesz, Z. Gingl, L. B. Kish, "Johnson(-like)-noise-Kirchhoff-loop based secure classical communicator characteristics, for ranges of two to two thousand kilometers, via model-line," Physics Letters A, 372(7):978-984, (2008).
  7. ^ G. A. Barbosa, E. Corndorf, P. Kumar, and H. P. Yuen, Phys. Rev. Lett., 90(22), art. no. 227901 (2003).
  8. ^ L. B. Kish, "Totally secure classical communication utilizing Johnson (-like) noise and Kirchhoff's law," Physics Letters A, 352(3):178-182, (2006).
  9. ^ A. Cho, "Cryptography - Simple noise may stymie spies without quantum weirdness," Science 309(5744):2148-2148, (2005)
  10. ^ J. Scheuer and A. Yariv, "A classical key-distribution system based on Johnson (like) noise - How secure?" Physics Letters A, 359(6):737-740, (2006).
  11. ^ L.B. Kish and J. Scheuer, "Noise in the wire: the correct results for the Johnson (-like) noise based secure communicator," Physics Letters A, 374 : 2140-2142, (2010).
  12. ^ L. B. Kish, "Response to Scheuer–Yariv: 'A classical key-distribution system based on Johnson (like) noise—how secure?' " Physics Letters A, 359:741–744, (2006).

External links








Got something to say? Make a comment.
Your name
Your email address
Message