HTML5 Webook

16/84

bers in cable when the cable is bent. ese facts strongly suggest the necessity of cryptography technology that has the so-called “forward secrecy” to ensure condentiality in the future.In order to cope with these clear and present dangers, quantum key distribution (Quantum Key Distribution: QK) is the method to share an encryption key with distant two places, which will theoretically not allow any informa-tion to be leaked to any other third party (eavesdropper) by any method. is method, called the BB84 protocol, was proposed by Bennett (C. H. Bennett) and Brassard (G. Brassard) in 1984 [3]. It had not so much attracted attention for about ten years since the proposal. However, as quantum calculation algorithms that eciently solve prime decomposition problems or discrete logarithm problems were discovered in 1994 [2], and new threats against key exchange systems or cryptography systems that are used on the internet emerged, the BB84 protocol sud-denly came into the spotlight.e security of QKD does not depend on dicult mathematical problems but is based on universal physical laws of quantum mechanics. In the method of QKD, infor-mation expressed by a random number sequence of 1s and 0s is coded to signals of which quantum mechanical property is properly controlled for transmission. A safe random number sequence that is free from the anxiety of eavesdropping can be shared by excluding bit data that may have the possibility of being eavesdropped from shared random numbers, by using the no-cloning theorem where the quantum state cannot be copied (copying is impossible) without error and the characteristic that measurement in the transmission route (so-called “eavesdropping”) always leaves traces in such signal condition (uncertainty principle). Actually, “the amount of leak of information to eavesdrop-pers can be reduced by appropriate signal processing (key distillation processing) even if QKD communication is eavesdropped with any technology that is permissible by physical law.” is can be proved by the information the-ory method. It is said that QKD represents “uncondition-ally secure” distribution of the key, which implies that there is no assumption of the ability of eavesdroppers. Encrypted communication that no computer of any ability nor future technology can decrypt will be realized by sending crypto-graphic keys thus shared by proportionate preparation with the data size of the plaintext bit to be transmitted, by generating a cryptogram from the plaintext bit data and XOR, and not using the same cryptographic key more than once (so-called “Vernam’s one-time pad” (OTP)).Many organizations have performed research and de-velopment on this until today. Many protocols other than the BB84 protocol have been invented one aer another [4][5], and security proof and theory analysis methods have been developed and performance of instruments have improved. Several venture companies started in Europe and the USA since the latter half of 2000 succeeded in commercialization of QKD devices [6]-[8]. In 2005, a project (e DARPA Quantum Network) supported by the US Defense Advanced Research Projects Agency constructed an urban-area QKD network in Boston in 2005. e key generating rate of a ring network connecting 3 points was about 1,000 (1 k bits per second:1 kbps for about 10 km optical ber [9]. In 2008, a research project in Europe, SECOQC (Secure Communication based on Quantum Cryptography), con-structed an urban-area QKD network that connects 6 points in Vienna. ey succeeded in demonstrating and verifying interconnection of QKD devices of several methods. e typical key generation rate was 1 kbps for about 30 km of embedded optical ber. Encrypted communication of voice was veried [10]. Since the success of SECOQC, the Europe Telecommunication Standardize Institute started to stan-dardize QKD [11].In Japan, an industry-academia-government collabora-tion project promoted by the Ministry of Internal Aairs and Communications and NICT started in 2001, by which the key generation rate of QKD device improved 100 times. In 2010, the industry-academia-government team con-structed a test bed “Tokyo QKD Network,” a key exchange network consisting of 6 nodes in the Tokyo area, and succeeded for the rst time in the world the condential transmission of video [12].From FY2011 to FY2015, NICT researched and devel-oped test operation of a QKD system and safety evaluation technology under the project of “research and development of secure photonic network technology” (No. 157) funded for the 5 years [13]. Also, a new application that uses a cryptography key supplied by a QKD network has been developed and an application interface for various com-munication devices such as network switches [14] [15], smartphones [16] and drones [17] [18] has been developed. A network solution that has various interfaces other than a key distribution function and a key management function is called a QKD platform and it is already being test-oper-ated on the Tokyo QKD Network. It enables exchanging cryptography keys that cannot be eavesdropped or de-crypted by a computer of any ability or any future technol-ogy between various information communication terminals, 3 Quantum Key Distribution Network12　　　Journal of the National Institute of Information and Communications Technology Vol. 64 No. 1 (2017)