AGHUniversityofScienceandTechnology FacultyofElectricalEngineering,Automatics,ComputerScienceandElectronics Ph.D. Thesis Marcin Niemiec Design, Construction and Verification of a High-Level Security Protocol Allowing to Apply the Quantum Cryptography in Communication Networks Supervisor: Prof. dr hab. inz˙. Andrzej R. Pach AGH University of Science and Technology FacultyofElectricalEngineering,Automatics,ComputerScienceandElectronics DepartmentofTelecommunications Al. Mickiewicza 30, 30-059 Kraków, Poland tel. +48 12 617 39 37 fax. +48 12 634 23 72 www.agh.edu.pl www.eaiie.agh.edu.pl www.kt.agh.edu.pl   Reviewers: drhab. inż. JerzyKonorski1 prof. drhab. inż. AndrzejDziech2 1 GdanskUniversityofTechnology 2 AGHUniversityofScienceandTechnology ISBN978-83-88309-08-3 Copyright(cid:13)c MarcinNiemiec, 2011 Allrightsreserved CoverandlayoutdesignbyRafałStankiewicz PrintedinPoland byDrukarnia Cyfrowa EIKON PLUS, ul. Wybickiego 46, Kraków To my wife and children Acknowledgements Many people have helped me in my work on this dissertation. I would like to thank all of them, however there are a few people I want to thank especially. First of all, I would like to thank my supervisor Professor Andrzej Pach for his understanding, advice, and constant encouragement. I would like to thank also Professor Andrzej Dziech for his contribution in the development of my research. I wish to thank Piotr Chołda for his valuable comments and fruitful discus- sions. I would like to thank Robert Wójcik who helped me to solve my problems with statistical analysis and improved my English grammar. I am also indebted to Jerzy Domżał for his support with LATEX and motivation. I also feel obliged to all my colleagues at AGH University of Science and Technology for their help and friendliness. Especially, I wish to thank Janek Derkacz for our joint work in many projects. I would also like to thank Marcin Święty and Łukasz Romański for our joint work on the quantum cryptography simulator. My work on this dissertation would not have been possible without the sup- port, patience, and love of my Family. I would like to thank my wife Kasia, my daughters, and my parents. They deserve my deepest appreciation. Thank You, Adonai. Abstract Thedissertationfocusesonanewhigh-levelsecurityprotocolandauniquequan- titative approach to security in Quantum Cryptography (QC). The proposed high-level protocol allows end users to control low-level parameters of the Quan- tum Key Distribution (QKD) system. This solution leads to implementing QC in practical networks. The definition of crucial end-user requirements is presented in this thesis. The requirements related to security are introduced and assessed by potential end-users. Also,themostimportantlow-levelparametersofatypicalQCsystem are defined. These parameters directly influence data security. The new idea of entropy of security in QC is proposed, and the unique mea- sure of security is defined. Applying this quantitative approach to security, it is possible to manage security as well as personalize services based on QC. Two differentsecuritylevelsaredefined: thebasicsecuritylevel,andtheadvancedse- curity level. This differentiation of security allows end users to choose a security level appropriate to their specific requirements and needs. The high-level security protocol, proposed in this dissertation, is verified by simulation experiments. Additionally, two use cases for different security levels are proposed and assessed by potential end-users. Streszczenie Niniejsza rozprawa jest poświęcona nowemu, wysokopoziomowemu protokołowi bezpieczeństwa oraz proponuje unikalne ilościowe podejście do bezpieczeństwa w kryptografii kwantowej. Opisany protokół pozwala na bezpośrednie sterowanie niskopoziomowymi parametrami systemu kwantowej dystrybucji kluczy. Przed- stawione rozwiązanie zwiększa szanse na implementację kryptografii kwantowej w sieciach telekomunikacyjnych. W rozprawie zdefiniowano zarówno kluczowe wymagania użytkowników koń- cowych jak i niskopoziomowe parametry typowego systemu kwantowej dystry- bucji kluczy, które wpływają na bezpieczeństwo całego systemu. Zdefiniowane zostały dwa nowe pojęcia: entropia bezpieczeństwa i miara bez- pieczeństwa. Takie ilościowe podejście do bezpieczeństwa pozwala na zróżnicow- anie poziomu ochrony danych dla różnych usług. W rozprawie zaproponowano dwa różne poziomy bezpieczeństwa: podstawowy i rozszerzony. Dzięki takiemu zróżnicowaniu, użytkownicy końcowi są w stanie wybrać odpowiedni poziom ochrony w zależności od swoich potrzeb i wymagań. Działanie nowego protokołu zostało zweryfikowane za pomocą badań symu- lacyjnych. Dodatkowo zaproponowano dwa przykładowe scenariusze dla różnych poziomów bezpieczeństwa. Oba zostały wysoko ocenione przez potencjalnych użytkowników kryptografii kwantowej. x Streszczenie