201O International Conference on Networking and Information Technology

Quantum Key Distribution in WLAN 802.11 Networks

Anand Sharma
CSE Deptt. MITS,Lakshmangarh Sikar (Rajasthan) INDIA anandlee@yahoo.co.in

Vibha Ojha
CSE Deptt. IITM,Gwalior MP,INDIA vibha.ojha@gmail.com

Prof. S.K. Lenka

CSE Deptt. MITS,Lakshmangarh Sikar (Rajasthan) INDIA lenka.sarojkumar@gmail.com

Abstract-Recent misuse of wireless internet by terrorists has

increased the need for security in the same. With ever growing technology both cryptographers, who encrypt messages, and cryptanalysts, who break those codes, have equal opportunities and facilities. Quantum Cryptography seems to be a promising solution providing absolute security in such communications. Its works by identitying the threats and combats them by using basic laws of Quantum Physics. Since the first proposition on quantum key distribution protocol appeared in 1984, research on quantum cryptography has been growing rapidly. Experiments of quantum key distribution have been realized for optical and free-space environments [I, 2, 3, and 4] In fiber networks, some products have been commercialized to provide a turnkey service for widely used encryption algorithms [5]. In section 2 and 3 we analyze the authentication and key management in 802.11 networks and in section 4 we are giving the introduction of Quantum Cryptography with QKD and in section 5 we are integrating quantum technique for the distribution of encryption keys in 802.11 wireless networks.
.

Keywords: Quantum cryptography, QKD, 801.11 Networks, Pair wise keys.

I.

INTRODUTION

rooms, halls in hotels or in airports). This building oriented environment facilitates the deployment of a quantum key distribution network with a high density of quantum apparatus if necessary. Fourth,from an application point of view,WLAN 802.11 is usually used to provide access to the Internet through an access point installed by an organization or by a wireless ISP (Internet Service Provider). This kind of application is critical from security aspect because users can realize commercial or banking transactions via the Internet. In comparison with another kind of network such as Bluetooth which is mainly used only to replace the wired links between personal devices (e.g. mouse, PDA, desktop), the WLAN 802.11 is an environment for an enhancement of security provided by quantum cryptography.For the application of quantum cryptography in WLAN 802.11 networks, many research topics need to be investigated such as the problem of line-of-sight path between the quantum transmitter and the quantum receiver, the choice of quantum source, the integration of the quantum key distribution protocol into existing 802.11 security-related protocols. In this paper, we are interested in the aspect of network protocol design for the use of quantum key distribution in currently specified 802.11i [8] security mechanisms. II. AUTHENTICATION IN 802.11 Authentication is the first thing to do when a mobile terminal wants to join a network. In order to rectify the flaw of the WEP (Wired Equivalent Privacy) [10] based authentication mechanism specified in the 802.11 standard, 802.11i defines the 802.1X authentication [8] based on EAP (Extensible Authentication Protocol) [11] EAP is a flexible protocol allowing the running of different authentication methods between the mobile terminal and the authentication server. Depending on the EAP method used, we can have a strong or weak, simple or mutual authentication. For instance, the EAP-TLS method [12] allows a mutual authentication while the EAP MD5CHALLENGE method [13] only provides the authentication of mobile terminal. III.
KEY

There are a large variety of kinds of mobile wireless network such as GSM (Global System for Mobile communications), GPRS (General Packet Radio Service, WLAN (Wireless Local Area Network) 802.11, Bluetooth, etc. Each type of wireless network has its own characteristics concerning the mobility level of the users, the environment where it could be deployed,the size of the coverage area,etc. Our first tentative is towards WLAN 802.11 [7] networks because of the four following reasons. First, the mobility speed of mobile users in WLAN 802.11 is relatively slower in comparison with cellular networks. This characteristic promises a solution to the "line of sight" problem between quantum transmitters and receivers. Second, WLAN 802.11 terminals (e.g. laptop) usually have more computational capacity and more energy for the autonomy than cellular network's terminals (e.g. cell phones). This characteristic may allow a sufficient amount of control and protocol related tasks in the quantum key distribution process. Third, WLAN 802.11 is mainly used in office and campus environments (e.g. offices, class rooms, meeting

MANAGEMENT IN 802.11

802.11i uses many keys at different levels, constituting a key hierarchy. In this paper, we only present the Pairwise

978-1-4244-7578-0/$26.00 2010 IEEE

402

2010 International Conference on Networking and Information Technology

Key Hierarchy containing the keys related to the encryption of unicast traffic.

EAPOL-Key

EAPOL-Key

Temporal Key

KCK

KEK

(TK)

a preshared key, only step (3) is needed. The authentication and the key establishment are strongly tied together. In step (1) the PMK is derived during the authentication between the Supplicant and the Authentication server. In step (2), the Authentication server supplies the Authenticator with the PMK. In step (3), the PTK and thus the remainder keys of the key hierarchy are derived during the 4-way handshake. The process in which the mobile terminal and the access point authenticate each other and build the key hierarchy from the PMK is called the 4-way handshake [8]. After the 4-way handshake, the Temporal Key (TK) is used by the encryption algorithm to provide confidentiality of user data. IV.QUANTUM KEY DISTRIBUTION
A. Quantum cryptography

Figure 1: Pairwise Key Hierarchy

Fig. 1 depicts this key hierarchy. At the top level, we have the master key called Pairwise Master Key (PMK) which is used to derive the other keys. There are two ways to establish the PMK, one based on the presahred key, and one based on the authentication server. In the first method, a preshared key which is used as the PMK is directly installed in the access point and in the mobile device by some means outside the 802.lli standard. In the server-based method, the PMK is derived from the AAA (Authentication, Authorization and Accounting) key by the mobile device and the authentication server during an EAPbased authentication process. A copy of this key will be sent by the authentication server to the access point in order to be used for the derivation of the other keys in the key hierarchy. Upon having the PMK, the access point starts the 4- way handshake with the mobile terminal to derive the PTK. This PTK is then split into three final temperal keys: EAPOL-Key Key Confirmation Key (KCK), EAPOL-Key Key Encryption Key (KEK), and Temporal Key (TK). The KCK is used to calculate the MIC (Message Integrity Code) of the EAPOL-Key message during the 4-way handshake. The KEK is used to encrypt the Group Temporal Key (GTK), the key related to the encryption of the multicast traffic, when the access point distributes the GTK to mobile terminals. The TK is used to encrypt unicast user data traffic.
Authentication Server

Quantum cryptography aims at exploiting the laws of quantum physics in order to carry out a cryptographic task. As the use of quantum physics at cryptographic ends is limited, for the moment, mainly to the distribution of secret keys, we very often call the quantum distribution of key under the generic term of quantum cryptography. The quantum key distribution rests on a common function of the whole protocols, namely the combined use of a traditional channel and a quantum channel. The quantum nature of the data carrier ensures Alice and Bob that the information conveyed on the quantum channel could be spied only by taking measurements,and thus by introducing disturbances. This sensitivity of the quantum channel to espionage is based on various points: It is impossible to duplicate an arbitrary quantum state,like that was shown by W Zurek and W K Wootters in 1982 [11]. The second point is that the encoding of the quantum bits can be made sensitive to espionage since information is coded on at least two non orthogonal states. Indeed, any measurement of a quantum object carried out in a base other than that of which it is state will have an effect on the measured object. For that the sender and receiver could obtain a real secret key, it is thus necessary to resort to some protocols, known as reconciliation and amplification of confidentiality protocols. The corresponding mathematical algorithms result from the traditional information theory and their application requires the use of a traditional channel of communication which can be listened freely by the spy. The quantum key distribution (QKD) is said "unconditionally secure" i.e independent of the computation power of a spy and more generally of the technology of which he has or the strategies which he adopts.
B. Quantum Key Distribution Protocol

(l)Simple or mutual authentication + PMK establishment (2) Give PMK (3) Mutual Authentication + PTK establishment
Figure 2. Summary of authentication and key distribution in 802.11i

Fig 2 summarizes the authentication and key management process in 802.11i. If the PMK is derived from

Up to now, there are several protocols being proposed since the birth of the first one BB84. BB84 was introduced by Bennet and Brassard in 1984, thus it was named BB84 [12]. In 1994, this protocol was proved to be secure against eavesdropping by Dominic Mayers, Eli Biham, Michael Ben-Or. BB84 is a nondeterministic protocol, which means that it is useful for distribution of a random sequence only. BB84 is a four-state protocol. Other protocols are used

403

2010 International Conference on Networking and Information Technology

especially the B92 (a two-state protocol), the three-state protocol and the six-state protocol. Based on the BB84 protocol, multiple techniques have been developed enabling quantum cryptography. We will in particular mention four techniques:

Autocompensating

weak

laser

pulse

systems

[22]: This technique has been extensively studied and is used in commercially available products. Its particularity is that it is invariant to the polarization rotation of the photon induced by the use of fiber optic. Entangled photons [23]: Two photons are generated which state is conjointly defined. One is sent to Alice, the other to Bob. Each person then measures the photons' polarization. Continuous Variable [24]: In this technique the information is not based on the photons' polarization but coded on the phase or amplitude of the light pulses. Free Space [25]: This technique describes the quantum transmission through free space, e.g. in the earth atmosphere or the space without any physical support. V. QKD IN 802.1li

verification) of the messages exchanged in the BB84 protocol. If everything goes well, both the Supplicant and the Authenticator can authenticate each other and establish the secret key Q-PTK. The Q-PTK is then used to derive the KEK and the TK. Both the Authenticator and the Supplicant have constructed the key hierarchy with all the four temporal keys ready for the encryption.

VI. EXPERIMENTAL IMPLEMENTAnON Owing to the indefatigable efforts of researchers all over the world to make this technique more realizable, many milestones have been recorded so far which have confirmed that this technology is here to stay. The longest distance covered so far by Quantum Key Distribution using optic fibers has been 148.7 km by Los AlamoslNIST using the BB84 protocol, while the target for realizing QKD over 144 kms using entangled photons scheme and later with BB84 has also been achieved. DARPA (Defense Advanced Research Projects Agency) has been using Quantum Cryptography network since 2004, which is being built by BBN Technologies, Harvard University,Boston University and QinetiQ. Three companies namely Quantique, MagiQ Technologies and SmartQuantum can be called the pioneers in producing Quantum Cryptography devices on a commercial scale. VII. CONCLUSION In this paper, we propose a scheme for using quantum key distribution in 802.11 networks. A modified version of the key distribution, the Quantum Key Distribution, is defined to use BB84 protocol for the distribution of the cryptographic keys used by 802.1li. The QKD is our first step to use quantum cryptography in mobile wireless networks. When the research on the application of quantum cryptography in mobile wireless networks is still very premature,we hope that the work presented in this paper can contribute to the evolution of this research field. The system we have proposed aims at increasing the complexity and uncertainty on the part of the eavesdropper. At the same time we have made sure that this system enforces the underlying principle behind Quantum Cryptography and doesn't add to the implementation costs and complexity for the authorized parties. REFERENCES
[I)
N. Namekata, S. Mori, and S. Inoue, "Quantum local key

In order to use Quantum key distribution in 802.11i, we modifY the 4-way handshake to integrate the BB84 protocol and call it the Quantum handshake. As the purpose of this paper does not concern the authentication aspect, the derivation and the use of the KCK will remain unchanged. The BB84 protocol will be used to establish the KEK and the TK.

Pairwise Master Key Q- Pairwise Transient Key

EAPOL-Key

EAPOL-Key

KCK

KEK

Temporal Key

Figure 3. Pairwise Key Hierarchy construction for QKD

As described in Figure 3, the BB84 protocol results in a Q-PTK of 256 bits or 384 bits which then splits into a KEK of 128 bits and a TK of 128 bits (for AES) or 256 bits (for TKIP). The ANonce and Snonce exchanged in the first two messages only used to construct the KCK which helps the Authenticator and the Supplicant to authenticate each other and to provide the integrity (via the MIC calculation and

distribution over an installed multimode optical fiber area network", Optical Express, 2005. [2]

D. Stucki, N. Gisin, O. Guinnard, G. Ribordy, and H.Zbinden, "Quantum key distribution over 67

km with a

plug

and

play

system," New Journal of Physics, Vol. 4, 2002, pp. 41.1-41.8.

404

2010 International Conference on Networking and Information Technology

[3]

H. Kosaka, A. Tomita, Y. Nambu, T. Kimura, and K.Nakamura, "Single-photon interference experiment over 100 km for quantum cryptography system using a balanced gatedmode photon detector", Electronics Letters, Vol. 39, 2003, pp. 1199-1200.

[26]

N.H.Kamarul,Z.Ahmed,H,Zinnudin protocol on UDP S02.11i" journal

"Implementation

of

BBS4 applied

of theoretical and

information technaology, volume 9, Nol,2009, pp.77-S1.

[4]

C. Kurtsiefer, P. Zardaa, M. Halder, P.M. Gorman, P.R. Tapster, J.G. Rarity and H. Weinfurter. "Long distance free space quantum cryptography", 2003.

[5] [6]

http://www.idquantique.com M. Aspelmeyer, T. Jennewein, and A. Zeilinger, quantum communication with satellites", IEEE Quantum Journal entangled of "Longdistance photons Topics using in

Selected LAN

Electronics, Vol. 9, Issue

6, November 2003. medium

[7]

ANSIIlEEE Standard S02.11, Part II: Wireless Edition, Reaffirmed June 2003.

access control (MAC) and physical layer (PHY) Specifications, 1999 [S] IEEE Standard S02.11i, Part II: Wireless LAN medium access control (MAC) and Physical Layer (PHY) specifications (MAC) quantum Amendment 6: Medium Enhancements, July 2004. [9] [10] Access Control Security

K. G. Paterson, F. Piper, and R. Schack, "Why cryptography?" Quantum physics,

quant-phl0406147, June2004.

J. Edney, and W..A. Arbaugh, Real S02.11 Security - WiFi protected access and S02.11i, Addison-Wesley, 2004. not be

[II] W.K. Wootters, and W.H. Zurek, "A single quantum can cloned", Nature, VoL 299, 19S2, pp. S02-S03. [12]

c. Bennet, and G. Brassard, G. "Quantum cryptography: public key

distribution and coin tossing", IEEE International Conference Computers, Systems, and Signal processing, IEEE Press, alamitos, 19S4. on Los

[13] [14]

R. Rivest, "The MD5 message-digest algorithm",RFC 1321, April 1992. IEEE Standard S02.IX, Port-based network December 2004. access control,

[15] C. Rigney, S. Willens, A. Rubens, and W. authentication dial in user Service 2000. [16] B. Schneier, Applied Cryptography, John Wiley [17] X.Huang, S.Wijesekera and D. Sharma QKD in S02.11 Networks",

Simpson, "Remote

(RADIUS)", RFC 2S65, June

& Son, 1996.

"Implementation of conferenceon and Trusted

International

Network Security, Wireless communications Computing volume 2, 2009, pp.125-12S Publication ISO-I, Secure hash standard (SHS), April

[IS] U.S. DoCINIST, Federal Information Processing Standards (FIPS) 1995. Verlag, [19] G. Brassard, and L. Salvail, "Secret-key reconciliation by public discussion", Proceedings of Eurocypt'93, Springer1994, pp. 410-423 [20] Djellab, R. , "New scheme of integrating quantum key distribution in S02.lli", International Conference on Multimedia Computingand Systems, 2009, pp. 46-50. [21] H.K. Lo, and H.F. Chau, "Unconditional security of [22] D.S. Bethune and WP. Risk, "Auto quantum key distribution over arbitrarily long distances", Science, VoL 2S3, 1999. compensating 4,2002, quantum cryptography", New Journal of Physics, VoL pp. 42.1-42.15. [23] Artur Ekert, "Quantum Cryptography based on Bell's Theorem", PhysicalReviewLetters, 1991. [24] F. Grosshans, G. Van Assche, J. Wenger, R. Brouri, N.J. Cerf, and P. Grangier, "Quantun key distribution using gaussian-modulated coherent states", Nature.com, 2003. [25] R. Hughes, J. Nordholt, D. Derkacs, and C. Peterson, "Practical free space quantum key distribution over IOkm in daylight and at night", New Journal of Physics, Vol. 4, 2002, pp. 43.1-43.14.

405