Simulation detection based on single photon quantum key distribution protocol

With the continuous development of quantum communication in recent years, quantum key distribution (QKD) has also become a key technology in the field of quantum communication. Due to the limitation of physical resources and experimental conditions, the effectiveness of different communication protocols cannot be accurately analyzed. To solve this problem, a protocol simulation method is proposed, BB84 and B92 protocols are simulated and analyzed on a classic computer by this method. On the Eclipse IDE Developers platform, the simulation program of the quantum communication protocol was written using Java language, the simulation process under the ideal environment and the eavesdropping environment was analyzed with emphasis. The simulation results show that the key distribution efficiency of BB84 is about 50% without eavesdroppers, which is much higher than 25% of B92, and the key distribution efficiency under eavesdropping conditions is about 25% and 18%. The experimental results are consistent with theoretical expectations, verifying the correctness of the protocol simulation, and also proving the feasibility of using computers for quantum communication protocol simulation.


Introduction
Information security issues have become more and more complicated with the rapid development of computer technology. The security of classic key distribution protocols mainly depends on solving discrete logarithms and decomposing prime factors of large numbers and other NP problems, such as RSA and El-Gamal, which can be achieved by solving complex mathematical convolution problems. Specifically, the security of the RSA cryptosystem depends on the difficulty of decomposition of large numbers [1], while the security of the El-Gamal cryptosystem depends on the calculation of discrete logarithms in a finite field [2]. In 1994, Peter Shor published a quantum algorithm that can solve factorization and discrete logarithm problems [3][4].Shor's landmark paper means that if quantum computers appear, the key system under classical encryption algorithms will theoretically be no longer secure. However, with the rapid development of quantum computing and quantum cryptography, the proposed quantum key distribution protocol (QKD), which depends on quantum physical properties, pushes the security of key distribution to a new height.
There are two important aspects in cryptography, namely key distribution and data encryption. For the first aspect, many key agreements based on quantum properties have been proposed at this stage,

Analysis of coding scheme
The BB84 protocol uses the four polarization states of photons to encode. This protocol uses single photons with four polarization directions: horizontal H , vertical V , diagonal  , and anti-diagonal  to prepare qubits. The 4 photon polarization states form two sets of orthogonal basis, of which H and V polarization states are orthogonal to each other, forming an orthogonal normalized basis vector Z, which is represented by the symbol "  " in the simulation;  and  polarization states are orthogonal to each other, Form another orthogonal basis vector X, which is represented by the symbol " ".The polarization mode of the two orthogonal bases is shown in Figure 2.  The encoding rules of BB84 protocol quantum state information into classical information are shown in Table 1.  The B92 protocol is a simplification of BB84, which is based on a single-photon quantum key distribution protocol. The main difference from BB84 is that B92 only uses two non-orthogonal polarization states (level H and diagonal  ) for binary encoding. The coding scheme is shown in Table 2:

Simulation process design
According to the execution process of the Alice and Bob protocol, the simulation process distributes the initial key through the following steps: (1) Preparation and distribution of qubits. Alice uses the "random bit generator" and "random sequence generator" in the "quantum preparation" module to generate a set of qubits   (2) Bob uses a "random sequence generator" to randomly generate a set of measurement base sequence        to the public measurement base, discards the remaining bit information, and sends the bit information corresponding to part of the public measurement base to Alice to detect whether the listener Eve exists. Since B92 is a two-state protocol during the simulation process, step (3) can be omitted from the protocol process. Bob only needs to find the effective photon with the vertical or 135 polarization in the measured photon polarization sequence, retain its bit information, and discard the bit information corresponding to the horizontal and 45 photons.

Protocol simulation structure design
The quantum key distribution protocol is a type of security protocol that uses the quantum state of microscopic particles as the carrier to send encryption keys based on the physical characteristics of quantum. This paper mainly uses computer simulation to realize the single-photon quantum key distribution protocol. The simulation structure design mainly includes three aspects: the establishment of the simulation simulation channel, the distribution of the initial key, and the negotiation and detection of the valid key.

Simulation channel construction
First, it is necessary to establish an analog communication channel between the sender (Alice) and the receiver (Bob). The two parties are based on the TCP protocol under Java Socket programming. In the simulation process, two communication channels are mainly established. The quantum channel is used for key distribution and the classical channel is used for key negotiation. The Socket server communication model based on TCP protocol is built as shown in Figure 3:

Simulation program structure design
The single-photon quantum key distribution protocol simulation is realized through the Java integrated environment on the Eclipse platform. The main simulation realizes the distribution process of quantum keys with and without eavesdropping. In the simulation process, the length of the initial key can be arbitrarily adjusted according to the input. A variety of random algorithms are considered in the simulation, which mainly completes the random generation of bits, measurement bases and photon polarization states. The simulation algorithm implementation process of the quantum key distribution protocol is shown in Figure 4.

Protocol simulation implementation
On the basis of the division and cooperation of various simulation modules, the verification of BB84 and B92 protocols is realized. After the communication is established, Alice can arbitrarily input a positive integer N, where N represents the initial key length generated. The "random sequence generator" will randomly create a sequence of N qubits and generate bases or photons of the corresponding length for Alice to use. Bob also uses N to create its own measurement base sequence, and then performs protocol measurement, verification, and detection operations. Taking BB84 as an example, the simulations without eavesdropping are as shown in Figure 5：

Simulation detection and result analysis
Commonly used eavesdropping detection methods mainly include qubit error rate (QBER) [12] and qubit transmission time (QBTT) [13]. They completed the detection of eavesdroppers from two aspects: bit error rate and transmission delay. This article adopts QBER method to realize the detection of eavesdroppers. QBER is calculated by calculating the bit error rate of the final key obtained after the quantum transmission is completed and after the verification and detection stage. The qubit error rate is defined as: Since sequence generation and key verification are done randomly during the simulation process, the last valid bit will float up and down in an interval. In order to avoid misjudging this process as an eavesdropping, the key error rate threshold 0 5%   is introduced according to the practicality of quantum key distribution during the analysis of the results [14]. If the error rate of the quantum key is , it is determined that there is eavesdropping in the communication and the communication is abandoned; otherwise, it is considered that the QBER fluctuates in the normal range, and the bit information in the remaining positions will be retained as the initial key.

Experimental configuration
The experiment equipment in this article is a personal computer, the core processor is Intel(R) Core(TM)i7-9750H CPU @ 2.50GHz, RAM 16GB, graphics processor is NVIDIA GeForce RTX 2060, Windows 10 operating system, development environment is Eclipse IDE for Java and DSL Developers-2020-06

Analysis of protocol simulation results
The simulation test is carried out in two modes with and without eavesdropping. Use N=(64, 128, 256, 512, 2048, 4096) to test respectively. In order to minimize the impact of the random function on the test results, each N value is simulated three times under the same conditions, and the results of the three simulations are calculated and averaged as the effective bits in the final key distribution process. In order to ensure the correct and secure key for subsequent information encryption, error correction and key enhancement are made for the bit information passing the security detection. The symbols and their meanings used in the simulation data analysis process are shown in Table 3: The simulation test data of BB84 and B92 under different conditions are as follows: Table 4 and Table 5: floating range is less than the bit error rate threshold 0 5%   . The security detection is passed, and the simulation results are the same as the theoretical expected value of the protocol .When the eavesdropper Eve exists, the bit error rate fluctuates around 75%, which is close to the protocol theoretical value. , the simulation data is valid, and the simulation result is the same as the theoretical expected value of the protocol. When the eavesdropper Eve exists, the bit error rate converges to 82%, and the floating range is much greater than the 0  theoretical bit error rate threshold.

Results comparative analysis
According to the simulation test data of BB84 and B92, the two protocols are compared vertically, and the efficiency of the two key distribution protocols and the relationship between the initial key length and the final effective key are compared more intuitively. The test data comparison chart is as shown in Figure 6 and Figure 7: It can be seen from the quantization curve in Figure 7 that the effective key length is proportional to the initial key length N. Under the condition of the same initial key length and no eavesdropping, the effective key of B92 is much smaller than the BB84 protocol. It can be seen from the convergence curve of Fig. 8 that the bit error rate curves of BB84/B92 all start to converge around 256 initial key lengths. The bit error rates of BB84 and B92 converge to 50% and 75% respectively without eavesdropping, so the key transmission efficiency is 50% and 25% respectively, and the fluctuation is less than threshold 0 5%   . In the presence of eavesdropping, the error rates of BB84 and B92 converge to 75% and 82%, respectively, and the error rate fluctuations are significantly greater than  . Under the same conditions, the key transmission efficiency of BB84 is twice that of B92. Therefore, from the perspective of effective key transmission efficiency, the BB84 protocol is better than the B92 protocol.

Conclusion and future works
This paper designs a method of simulating single-photon key distribution on a classic computer. It implements the protocol using two different modes, with/without attack influences, based on a holistic simulation (experimental and real simulator).
Through the simulation data, it is concluded that the key distribution efficiency of the BB84 protocol is twice that of the B92 without eavesdropping, and the relationship curve of Alice/Bob with/without eavesdropper Eve interference in the communication process is given. According to the basic consistency between the quantified curve and theoretical analysis, the correctness of the simulation algorithm design and the effectiveness of simulation are verified. How to design a Domain Specified Language (DSL) through the existing simulation process to describe the quantum key distribution protocol will be the focus of the next step.