Pedigrees for quantum cryptography
First Claim
Patent Images
1. A method, comprising:
- communicating a sequence of symbols using quantum cryptographic mechanisms between two nodes to derive a block of encryption key material;
constructing a pedigree that includes details related to a manner in which the block of encryption key material was produced using the quantum cryptographic mechanisms and a time when the block of encryption key material was produced using the quantum cryptographic mechanisms, the details including;
information identifying a first time at which a public exchange of the communicated sequence of symbols was initiated, and information identifying a second time at which the public exchange of the communicated sequence of symbols was completed, andat least one of;
identification information associated with at least one endpoint that produced or received the block of encryption key material, ora unique identifier associated with the sequence of symbols communicated using the quantum cryptographic mechanisms;
storing the constructed pedigree; and
using the stored pedigree to investigate a quantum cryptographic key distribution security violation,where using the stored pedigree to investigate the quantum cryptographic key distribution security violation includes;
retrieving the stored pedigree based on an indication of the quantum cryptographic key distribution security violation; and
using the retrieved pedigree to identify, based on the indication of the quantum cryptographic key distribution security violation, one or more blocks of encryption key material that have been compromised.
6 Assignments
0 Petitions
Accused Products
Abstract
A system stores pedigrees that include details of how and when each of multiple blocks of encryption key material were distributed between two endpoints using quantum cryptographic techniques. The system receives an indication of a possible quantum cryptographic security violation and accesses the stored pedigrees to identify one or more of the multiple blocks of encryption key material that may have been compromised.
101 Citations
23 Claims
-
1. A method, comprising:
-
communicating a sequence of symbols using quantum cryptographic mechanisms between two nodes to derive a block of encryption key material; constructing a pedigree that includes details related to a manner in which the block of encryption key material was produced using the quantum cryptographic mechanisms and a time when the block of encryption key material was produced using the quantum cryptographic mechanisms, the details including; information identifying a first time at which a public exchange of the communicated sequence of symbols was initiated, and information identifying a second time at which the public exchange of the communicated sequence of symbols was completed, and at least one of; identification information associated with at least one endpoint that produced or received the block of encryption key material, or a unique identifier associated with the sequence of symbols communicated using the quantum cryptographic mechanisms; storing the constructed pedigree; and using the stored pedigree to investigate a quantum cryptographic key distribution security violation, where using the stored pedigree to investigate the quantum cryptographic key distribution security violation includes; retrieving the stored pedigree based on an indication of the quantum cryptographic key distribution security violation; and using the retrieved pedigree to identify, based on the indication of the quantum cryptographic key distribution security violation, one or more blocks of encryption key material that have been compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system, comprising:
-
a quantum cryptographic transmitter to transmit a sequence of symbols using quantum cryptographic mechanisms to a node; a network interface to publicly exchange the transmitted sequence of symbols with the node to derive a plurality of blocks of encryption key material from the transmitted sequence of symbols; and a processing unit to; construct a quantum cryptography key pedigree that includes details related to a manner in which the plurality of blocks of encryption key material was produced using the quantum cryptographic mechanisms and a time when the plurality of blocks of encryption key material was produced using the quantum cryptographic mechanisms, where the constructed quantum cryptography key pedigree includes at least one of; information identifying a first time at which the public exchange of the transmitted sequence of symbols was initiated, and information identifying a second time at which the public exchange of the transmitted sequence of symbols was completed, and at least one of; identification information associated with at least one endpoint that produced or received one or more of the plurality of blocks of encryption key material, or information uniquely identifying the transmitted sequence of symbols, store the constructed quantum cryptography key pedigree, and use the stored quantum cryptography key pedigree to identify at least one of the plurality of blocks of encryption key material that has been compromised, where, when using the constructed quantum cryptography key pedigree to identify the at least one of the plurality of blocks of encryption key material that has been compromised, the processing unit is to; retrieve the stored quantum cryptography key pedigree based on an indication of a security violation, and use the retrieved quantum cryptography key pedigree to identify, based on the indication of the security violation, the at least one of the plurality of blocks of encryption key material that has been compromised. - View Dependent Claims (9)
-
-
10. A method, comprising:
-
communicating symbols using quantum cryptographic mechanisms between a first endpoint and a second endpoint; publicly exchanging the symbols between the first endpoint and the second endpoint to obtain a block of encryption key material; identifying parameters associated with at least one of the symbols communicated using the quantum cryptographic mechanisms or the public exchange of the symbols, where the identified parameters, associated with at least one of the symbols communicated using the quantum cryptographic mechanisms or the public exchange, comprise; information identifying a first time when the public exchange of the symbols was initiated and information identifying a second time when the public exchange of the symbols was completed, and at least one of; a mean photon number when an underlying optical system, used for symbol communication using the quantum cryptographic mechanisms, comprises an attenuated laser, or information identifying times when quantum key distribution protocols, that were used to obtain the block of encryption key material, operated; storing the identified parameters as a pedigree for the block of encryption key material; retrieving the stored pedigree based on an indication of a quantum cryptographic key distribution security violation; and using the retrieved pedigree to identify, based on the indication of the security violation, one or more blocks of encryption key material that have been compromised. - View Dependent Claims (11, 12, 13)
-
-
14. A system, comprising:
-
a quantum cryptographic receiver to receive symbols transmitted from a node using quantum cryptographic mechanisms; a network interface to publicly exchange the received symbols with the node to obtain a block of encryption key material; and a processing unit to; identify parameters associated with at least one of the transmission of the symbols or the public exchange of the received symbols, the identified parameters including; information identifying a period of time during which the received symbols were publicly exchanged, and at least one of; identification information of one or more quantum key distribution protocols used to obtain the block of encryption key material, or identification information that uniquely identifies the block of encryption key material, store the identified parameters as a pedigree for the block of encryption key material, retrieve the stored pedigree based on an indication of at least one security violation associated with one or more blocks of encryption key material, and use the retrieved pedigree to identify, based on the indication of the at least one security violation, the one or more blocks of encryption key material that have been compromised.
-
-
15. A method, comprising:
-
storing pedigrees that include details related to a manner in which at least one of a plurality of blocks of encryption key material was distributed between two endpoints using quantum cryptographic techniques and a time when the at least one of the plurality of blocks of encryption key material was distributed between the two endpoints using the quantum cryptographic techniques; receiving an indication of a quantum cryptographic security violation, the received indication of the quantum cryptographic security violation including; identification information of a producing quantum key distribution endpoint associated with the received indication of the quantum cryptographic security violation, and at least one of; a first period of time during which a quantum key distribution, associated with the quantum cryptographic security violation, occurred, the first period of time including a first starting time and a first ending time, or a second period of time during which a public exchange of symbols, associated with the quantum cryptographic security violation, occurred, the second period of time including a second starting time and a second ending time; accessing, in response to receiving the indication of the quantum cryptographic security violation, the stored pedigrees to identify, based on the received indication of the quantum cryptographic security violation, a first pedigree, of the stored pedigrees, associated with one or more of the plurality of blocks of encryption key material that have been compromised; identifying, based on the identification information of the producing quantum key distribution endpoint, a second pedigree of the stored pedigrees; retrieving identification information of another quantum key distribution endpoint, associated with the producing quantum key distribution endpoint, from the identified second pedigree; and using the identified first pedigree and the identification information of the other quantum key distribution endpoint to ascertain at least one of an extent or a nature of the quantum cryptographic key security violation. - View Dependent Claims (16)
-
-
17. The method of 15, where accessing the stored pedigrees comprises:
using the stored pedigrees to identify encryption material that has been compromised by an eavesdropper.
-
18. A method, comprising:
-
storing pedigrees that include details related to a manner in which at least one of a plurality of blocks of encryption key material were produced using quantum cryptographic techniques and a time when the at least one of the plurality of blocks of encryption key material were produced using the quantum cryptographic techniques; receiving an indication of a quantum cryptographic key distribution security violation, where the received indication of quantum cryptographic key distribution security violation includes one or more parameters, the one or more parameters including; identification information of a producing quantum key distribution endpoint associated with the received indication of the quantum cryptographic key distribution security violation, and a period of time during which a quantum key distribution, associated with the received indication of a quantum cryptographic key distribution security violation, occurred; identifying at least one of the stored pedigrees based on the one or more parameters; identifying one or more of the stored pedigrees based on the identification information of the producing quantum key distribution endpoint; retrieving, from the identified one or more of the stored pedigrees, identification information of one or more other quantum key distribution endpoints that are associated with the producing quantum key distribution endpoint and using the identified at least one of the stored pedigrees and the identification information of the one or more other quantum key distribution endpoints to ascertain at least one of an extent or a nature of the quantum cryptographic key distribution security violation. - View Dependent Claims (19)
-
-
20. A system, comprising:
-
a database to store pedigrees that include details related to a manner in which one or more of a plurality of blocks of encryption key material were produced using quantum cryptographic techniques and a time when the one or more of the plurality of blocks of encryption key material were produced using the quantum cryptographic techniques, where the details include at least one of; an amount of privacy amplification used for obtaining the one or more of the plurality of blocks of encryption key material, whether an underlying optical system used for symbol communication using the quantum cryptographic mechanisms is based on an attenuated laser pulse, a true single photon source, or pairs of entangled photons, or a mean photon number when an underlying optical system, used for symbol communication using quantum cryptographic mechanisms, comprises an attenuated laser; and a processing unit to; receive an indication of a quantum cryptographic security violation, the received indication of the quantum cryptographic security violation including information identifying a producing quantum key distribution endpoint associated with the received indication of the quantum cryptographic security violation, access the stored pedigrees to identify, based on the quantum cryptographic security violation, a first pedigree, of the stored pedigrees;
corresponding to one or more encryption keys that have been compromised,identify, based on the information identifying the producing quantum key distribution endpoint, a second pedigree of the stored pedigrees; retrieve, from the identified second pedigree, information identifying another quantum key distribution endpoint that is associated with the producing quantum key distribution endpoint; and use the identified first pedigree and the information identifying the other quantum key distribution endpoint to investigate the quantum cryptographic security violation.
-
-
21. A non-transitory computer-readable recording medium that stores instructions executable by a processing unit, the computer-readable recording medium comprising:
-
instructions for transmitting symbols using quantum cryptographic mechanisms via a quantum channel to a node; instructions for exchanging the transmitted symbols with the node, via a public channel, to derive a block of encryption key material; instructions for constructing a pedigree that includes details related to a manner in which the block of encryption key material was produced using quantum cryptographic techniques and a time when the block of encryption key material was produced using the quantum cryptographic techniques, where the details, related to the manner in which the block of encryption key material was produced and the time when the block of encryption key material was produced, include; information identifying a first time at which the exchanging the transmitted symbols was initiated, and information identifying a second time at which the exchanging the transmitted symbols was completed, and at least one; information identifying times at which quantum key distribution mechanisms that derived the block of encryption key material operated, or identification information associated with the block of encryption key material; instructions for retrieving the constructed pedigree based on an indication of a quantum cryptographic key distribution security violation; and instructions for using the retrieved pedigree, when investigating the quantum cryptographic key distribution security violation, to identify one or more blocks of encryption key material that have been compromised. - View Dependent Claims (22)
-
-
23. A system, comprising:
-
means for storing pedigrees that include details related to a manner in which at least one of a plurality of blocks of encryption key material were produced using quantum cryptographic techniques and a time when the at least one of the plurality of blocks of encryption key material were produced using the quantum cryptographic techniques, where the details include; starting and ending times at which the plurality of blocks of encryption key material was obtained; means for receiving an indication of a quantum cryptographic key distribution security violation, where the received indication of the quantum cryptographic key distribution security violation includes; information identifying a producing quantum key distribution endpoint associated with the received indication of the quantum cryptographic key distribution security violation, and a period of time during which a quantum key distribution, associated with the received indication of a the quantum cryptographic key distribution security violation, occurred; means for identifying, based on the received indication of the quantum cryptographic key distribution security violation, a first pedigree of the stored pedigrees; means for identifying, based on the information identifying the producing quantum key distribution endpoint, a second pedigree of the stored pedigrees; means for retrieving, from the identified second pedigree, information identifying another quantum key distribution endpoint that is associated with the producing quantum key distribution endpoint; and means for using the first pedigree and the information identifying the other quantum key distribution endpoint to ascertain at least one of an extent or a nature of the quantum cryptographic key distribution security violation.
-
Specification