Three Party Authentication Using Quantum Key Distribution Computer Science Essay

Published:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

This project presents Quantum Key Distribution Protocols (QKDP's) to safeguard security in large networks, by using DES algorithm for encryption and decryption of .txt file. In this project the sender and the receiver should register themselves into the separate databases maintained for them and then whenever each user either on the sender or the receiver side makes a login request, an individual secret key is created. The Trusted Center considered being the three party authenticates both the sender and the receiver, the secret key is generated by the Trusted Center.

The Trusted Center issues a quantum key to both the sender and the receiver after the verification of the secret key. The generation of the quantum key involves the selection of 8-bit random key using the appropriate function available in .Net. By using RSA algorithm session key is generated. The session key is converted into binary from which the last two binary digits are chosen through which the quantum key is created. Once the quantum key matches on both the sender and the receiver side, the data can be encrypted and the intermediate encrypted form is viewable. Similarly after decryption the encrypt_decrypt file is also available. Thus a secure transmission of data takes place between the sender and the receiver using Trusted Center.

CHAPTER 1

INTRODUCTION

In quantum cryptography, Quantum Key Distribution Protocols (QKDPs) employ quantum mechanisms to distribute session keys and public discussions to check for eavesdroppers and verify the correctness of a session key. However, public discussions require additional communication rounds between a sender and receiver and cost precious qubits. By contrast, classical cryptography provides convenient techniques that enable efficient key verification and user authentication.

Key Distribution Protocols are used to facilitate sharing secret session keys between users on communication networks. By using these shared session keys, secure communication is possible on insecure public networks. However, various security problems exist in poorly designed key distribution protocols; for example, a malicious attacker may derive the session key from the key distribution process. A legitimate participant cannot ensure that the received session key is correct or fresh and a legitimate participant cannot confirm the identity of the other participant. Designing secure key distribution protocols in communication security is a top priority.

1.1. OVERVIEW OF THE PROJECT

Quantum key distribution protocol (QKDP's) which works on network security by the use of key agreement. Secrete Key which is used by each user in the network. Each user has unique Secrete and which will be shared by each user to Trusted Center. In Trusted Center we have generate a Key for network Security with the Help of Algorithms and Quantum Mechanics. Through that we have to prove how secure the data has been transmitted over network to receiver.

1.2 DESCRIPTION OF THE PROJECT

Quantum Key Distribution (QKD) is a method of securely distributing cryptographic key material for subsequent cryptographic use. In particular, it is the sharing of random classical bit strings using quantum states. Its use of a set of non-orthogonal quantum states then requires this key material to be considered quantum information. The quantum encoding of cryptographic keys for distribution is valuable because the no-cloning theorem and the superposition principle governing quantum states confer a uniquely powerful form of information security during transmission of key bits. For maximal security, it can be followed by one-time pad message encryption, which is the only cryptographic method that has been proven to be unbreakable once a random key has been securely shared.

Quantum key distribution-the creation of secret keys from quantum mechanical correlations-is an example of how physical methods can be used to solve problems in classical information theory.

Quantum Cryptography, or Quantum Key Distribution (QKD), uses quantum mechanics to guarantee secure communication. It enables two parties to produce a shared random bit string known only to them, which can be used as a key to encrypt and decrypt messages.

An important and unique property of quantum cryptography is the ability of the two communicating users to detect the presence of any third party trying to gain knowledge of the key. This result from a fundamental part of quantum mechanics: the process of measuring a quantum system in general disturbs the system. A third party trying to eavesdrop on the key must in some way measure it, thus introducing detectable anomalies. By using quantum superposition or quantum entanglement and transmitting information in quantum states, a communication system can be implemented which detects eavesdropping. If the level of eavesdropping is below a certain threshold a key can be produced which is guaranteed as secure (i.e. the eavesdropper has no information about), otherwise no secure key is possible and communication is aborted.

The security of quantum cryptography relies on the foundations of quantum mechanics, in contrast to traditional public key cryptography which relies on the computational difficulty of certain mathematical functions, and cannot provide any indication of eavesdropping or guarantee of key security.

Quantum cryptography is only used to produce and distribute a key, not to transmit any message data. This key can then be used with any chosen encryption algorithm to encrypt (and decrypt) a message, which can then be transmitted over a standard communication channel. The algorithm most commonly associated with QKD is the one-time pad, as it is provably unbreakable when used with a secret, random key.

LIERATURE

REVIEW

CHAPTER 2

LITERATURE REVIEW

In this chapter, information's about the existing system, proposed system and feasibility study about the project are discussed.

2.1 EXISTING SYSTEM

In classical Cryptography Challenge-Response Authentication Mechanism (CRAM) was used. In Challenge-Response Authentication Mechanism is the two-level (basic authentication and digest authentication) scheme for authenticating network users that is used as part of the Web's Hypertext Transfer Protocol (HTTP).

2.1.1 Basic Authentication Scheme

The "basic" authentication scheme is based on the model that the client must authenticate itself with a user-ID and a password for each realm. The realm value should be considered an opaque string which can only be compared for equality with other realms on that server. The server will service the request only if it can validate the user-ID and password for the protection space of the Request-URI. There are no optional authentication parameters.

2.1.2 Disadvantages of Basic Scheme

Web Browser or other client Program provides credentials in the form of username and Password. Although the scheme is easily implemented, it relies on the assumption that the connection between the client and server computers is secure and can be trusted. The credentials are passed as plaintext and could be intercepted easily. The scheme also provides no protection for the information passed back from the server.

2.1.3 Digest Authentication Scheme

HTTP Digest access authentication is one of the agreed methods a web page can use to negotiate credentials with a web user (using the HTTP protocol). Digest authentication is intended to obsolete unencrypted use of the Basic access authentication, allowing user identity to be established securely without having to send a password in plaintext over the network. Digest authentication is basically an application of cryptographic hashing with usage of nonce values to prevent cryptanalysis.

2.1.4 Disadvantages of Digest Scheme

Digest access authentication is intended as a security trade-off; it is intended to replace unencrypted HTTP Basic access authentication which is extremely weak. However it is not intended to replace strong authentication protocols, such as Public key or Kerberos (protocol) authentication. Security wise, there are few drawbacks with Digest access authentication.

Much of the security options are optional. If quality-of-protection (qop) is not specified by server, the client will operate in a security reduced legacy mode. Digest access authentication is vulnerable to Man-in-the-middle attack; a Man-in-the-middle attack (MitM) attacker could tell clients to use Basic access authentication or legacy Digest access authentication mode. Internet Explorer does not comply with the digest access authentication standard.

2.1.5 Timestamps

A timestamp is a sequence of characters, denoting the date and/or time at which a certain event occurred. This data is usually presented in a consistent format, allowing for easy comparison of two different records and tracking progress over time; the practice of recording timestamps in a consistent manner along with the actual data is called time stamping.

Internet Control Message Protocol (ICMP) is a maintenance protocol that allows routers and host computers to swap basic control information when data is sent from one computer to another. It is generally considered a part of the IP layer. It allows the computers on a network to share error and status information. An ICMP message, which is encapsulated within an IP datagram, is very useful to troubleshoot the network connectivity and can be routed throughout the Internet.

In Timestamp Ping Operation the source workstation sends an ICMP Get Timestamp message and waits for an ICMP Send Timestamp response.

2.1.6 Disadvantages of the Timestamp

Although the ICMP timestamp ping uses little network traffic, the timestamp message is not usually found in normal network conversations. The function itself is esoteric, and although it can provide a time synchronization function for a workstation, most environments rely on Network Time Protocol (NTP) to provide clock synchronization.

The ICMP timestamp ping relies on ICMP, which is often prevented from traversing firewalls or packet filters. This ping is probably not the best choice for scanning through firewalls.

2.2 PROPOSED SYSTEM

In the proposed QKDPs, the TC and a participant synchronize their polarization bases according to a preshared secret key. During the session key distribution, the preshared secret key together with a random string are used to produce another key encryption key to encipher the session key. A recipient will not receive the same polarization qubits even if an identical session key is retransmitted.

2.2.1 Methodology Used

Quantum cryptography, or quantum key distribution (QKD), uses quantum mechanics to guarantee secure communication. It enables two parties to produce a shared random bit string known only to them, which can be used as a key to encrypt and decrypt messages.

An important and unique property of quantum cryptography is the ability of the two communicating users to detect the presence of any third party trying to gain knowledge of the key. These results from a fundamental part of quantum mechanics: the process of measuring a quantum system in general disturbs the system. A third party trying to eavesdrop on the key must in some way measure it, thus introducing detectable anomalies. By using quantum superposition or quantum entanglement and transmitting information in quantum states, a communication system can be implemented which detects eavesdropping. If the level of eavesdropping is below a certain threshold a key can be produced which is guaranteed as secure (i.e. the eavesdropper has no information about), otherwise no secure key is possible and communication is aborted.

The security of quantum cryptography relies on the foundations of quantum mechanics, in contrast to traditional public key cryptography which relies on the computational difficulty of certain mathematical functions, and cannot provide any indication of eavesdropping or guarantee of key security.

Quantum cryptography is only used to produce and distribute a key, not to transmit any message data. This key can then be used with any chosen encryption algorithm to encrypt (and decrypt) a message, which can then be transmitted over a standard communication channel. The algorithm most commonly associated with QKD is the one-time pad, as it is provably unbreakable when used with a secret, random key.

2.3 FEASIBILITY STUDY

It is wise to think about the feasibility of any problem we take on. Feasibility is the study of impact, what happens in the organization by the development of a system. The impact can be either positive or negative. When the positive dominates the negative, then the system is considered feasible. Here the feasibility study can be performed in three ways such as technical feasibility, economic feasibility and operational feasibility.

2.3.1 Technical Feasibility

We can strongly say that it is technically feasible, since there will not be much difficulty in getting required resources for the development and maintaining the system as well. All resources needed for the development of the software as well as the maintenance of the same is available. Here we are utilizing the resources, which are already available.

2.3.2 Economic Feasibility

Development of this application is highly economically feasible. We need not spend much money for the accomplishment of the project since the resources needed for the development of the system is already available. The only thing to be done is making an environment for the development with an effective supervision. If we are doing so, we can attain the maximum usability of the corresponding resources. Therefore the system is economically feasible.

2.3.3 Operational Feasibility

The proposed system is beneficial if and only if they can be turned into a system that will meet the operating requirements. The best feasibility asks if the system will work when it is developed and installed. The purpose of the operational feasibility study is to determine whether the new system will be used if it is developed and implemented. The proposed system will be used frequently since it satisfies all the communication needs, hence operational feasibility is assured.

Writing Services

Essay Writing
Service

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing
Service

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision
Service

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.