Analysis of Y00 Protocol under Quantum Generalization of a Fast Correlation Attack: Toward Information-Theoretic Security

Abstract: In our previous work, it was demonstrated that the attacker could not pin-down the correct keys to start the Y00 protocol with a probability of one under the assistance of unlimitedly long known-plaintext attacks and optimal quantum measurements on the attacker's quantum memory. However, there were several assumptions that the Y00 system utilized linear-feedback shift registers as pseudo-random-number generators, and a fast correlation attack was disabled by irregular mapping on the Y00 systems. This study generalizes such an attack to remove the assumptions of the previous work. The framework of the security analyses of this study reiterates two well-known results from the past: (1) Y00 systems would be cryptanalyzed when the system is not designed well; (2) the system is possibly information-theoretically secure when the system is designed well, although the attacker's confidence in the correct key increases over time but the success probability of key recovery does not reach unity in finite time; (3) the breach time of the shared keys is increasingly threatened with time. Hence, a key-refreshment procedure for the Y00 protocol is provided herein. Such security analyses are important not only in key refreshment but also in initial key agreement situations.