Experimental Quantum-enhanced Cryptographic Remote Control

The Internet of Things (IoT), as a cutting-edge integrated cross-technology, promises to informationize people’s daily lives, while being threatened by continuous challenges of eavesdropping and tampering. The emerging quantum cryptography, harnessing the random nature of quantum mechanics, may also enable unconditionally secure control network, beyond the applications in secure communications. Here, we present a quantum-enhanced cryptographic remote control scheme that combines quantum randomness and one-time pad algorithm for delivering commands remotely. We experimentally demonstrate this on an unmanned aircraft vehicle (UAV) control system. We precharge quantum random numbers (QRN) into controller and controlee before launching UAV, instead of distributing QRN like standard quantum communication during flight. We statistically verify the randomness of both quantum keys and the converted ciphertexts to check the security capability. All commands in the air are found to be completely chaotic after encryption, and only matched keys on UAV can decipher those commands precisely. In addition, the controlee does not response to the commands that are not or incorrectly encrypted, showing the immunity against interference and decoy. Our work adds true randomness and quantum enhancement into the realm of secure control algorithm in a straightforward and practical fashion, providing a promoted solution for the security of artificial intelligence and IoT.

With the rapid development of artificial intelligence and IoT, greater demands are being placed on the security by growing hacking incidents.To implement cryptographic remote control, two general types of key-based algorithms, public-key and symmetric, are being widely investigated.Public-key algorithms use two different keys for encryption and decryption, and are often based on computational complexity; while they are imperfect in the real world for being slow, and vulnerable to chosenplaintext attacks [1].Conventional symmetric algorithms require that communication parties share matched and secret keys in advance; while the security of such algorithms rely on the shared keys.One-time pad [2], as a powerful symmetric algorithm, has been proved by Claude Shannon to be impossible to crack [3], as long as crucial problems of generating and sharing real random sequences are settled.
Randomness is a fundamental resource with significant applications in cryptography and numerical simulation.Real random sequences, however, are hard to generate mathematically [4], but have to rely on unpredictable physical processes [5][6][7][8][9].Although different mechanics, such as chaotic effects [10,11], thermal noise [12], biometric parameters [13] and free-running oscillators [14] are employed in the generation of physical random number, they are faced with some problems like hard to detect failure [15].The inherent uncertainty of quantum mechanics makes quantum systems an excellent stochastic source, with the fact that a single photon incident on * Electronic address: xianmin.jin@sjtu.edu.cn a 50:50 beam splitter be transmitted or reflected is intrinsically random.More importantly, the randomness is precisely balanced and immune to environmental perturbations.
Sharing randomness is another crucial problem to be settled for realizing symmetric algorithms.One bestknown scheme is quantum key distribution (QKD), which is quite mature so far for applications, with enormous progresses [16][17][18][19] and is even ready for constructing secure networks [20][21][22][23][24]. Nevertheless, many situations of IoT control are not compatible with QKD schemes.For example, sensor networks require low cost, low power and miniature devices, which is hard to be met by QKD systems [25], especially for large-scale and distributed sensor networks.
Interestingly, in many situations, real-time sharing of randomness is not really necessary in practice.For instance, UAVs or satellites are essentially well identified before being launched, and are well isolated with other parties during their missions.For all these situations, we could precharge quantum keys into controllers and controlees, and implement cryptographic remote control with quantum enhancement in a straightforward and practical way.In this work, we present this quantumenhanced cryptographic remote control scheme that combines quantum randomness and one-time pad algorithm for delivering commands remotely, and experimentally demonstrate this on a UAV control system.
The cryptographic system is composed of three subsystems: key management unit, controller unit and controlee unit, as is shown in Figure 1(a).The randomness derived from quantum nature of single photons is charged into IoT devices through secure key storage (SKS) chips FIG.1: Quantum-enhanced cryptographic remote control.(a) A schematic diagram of quantum-enhanced cryptographic remote control system and the potential applications.The quantum random number generator utilized here is the "Quantis USB" of ID Quantique company.Scenarios applicable to our direct-charging scheme: remote control of UAV, highspeed rail scheduling, vessel movement, airport dispatch and smart grid control.(b) A specific example that combines QRN keys and one-time pad algorithm for delivering commands remotely to perform one-time pad encryption and decryption.The connection of flexible small-scale SKS chips to QRN generator is realized by a home-built key management unit.SKS chips are planted into controllers and controlees before they are detached.Commands are encrypted by onetime pad algorithm with a certain section of keys, which can only be decrypted correctly by the controlee with corresponding keys.On the controller side, with QRN keys, a bitwise exclusive OR is performed on commands before sent; and conversely, with identical keys, commands can be deciphered and executed on the controlee side, as is shown in Figure 1(b).
The data transmission diagram of our UAV control system is illustrated in Figure 2(a).Encryption keys are generated by Quantis, which is a reliable QRN generator, employing a quantum process as the source of randomness, and producing random sequences at a bit rate of 4 Mb/s.To be specific, a photon incident on a semitransparent mirror will be reflected with half the probability, leading to a "0"; or transmitted with half the probability, leading to an "1".A microcontroller is dedicated for charging or updating quantum keys into SKS chips.
The successful execution of one-time pad algorithm depends on the synchronization of keys.Unfortunately, it happens that commands get lost or error, leading to key mismatch between controllers and controlees.Any minor key mismatch may cause control system failure.To solve this problem, we assign unique address information to each command, so that each command with quantum keys is independent and well labeled.Once error happens, the corresponding command will be discarded directly together with its encryption and decryption keys to maintain the synchronization.Such address information doesn't have to be encrypted, because they include  no information about commands.The randomness of quantum keys is a crucial parameter that determines system security.Quantum random number based on the uncertainty principle of quantum mechanics provides the honest-to-goodness randomness in the world, with the properties of unpredictable and unreproducible [1].We use NIST suites to perform sta-tistical tests [26], and the final results are shown in Figure 2(b).The results are P -valuess of all 15 tests: indicating how a sequence is identical to purely random number, ideally P -values equals to one.The results of NIST tests prove an excellent statistical randomness of our quantum keys.
Furthermore, according to one-time pad algorithm, where ciphertexts are the XOR values of quantum keys and plaintexts, the randomness of quantum keys determines that of ciphertexts.We intercept a section of commands in the air sent by the controller, and test them with three characteristics of random binary sequences proposed by Gobomb: balance property, runs property and auto-correlation property [27].The good properties of balance, runs (see Table I), and auto-correlation (see Figure3) indicate that our ciphertexts are statistically random.Meanwhile, since the quantum keys are unpredictable and unrepeatable, the ciphertexts intercepted here are expected and experimentally observed to be truly random, which is impossible to be deciphered without matched quantum keys.
Experimental commands between the remote control and the aircraft are shown in Figure 4. We intercept five pieces of different functional commands, with and without one-time pad encryption for comparison.For plaintexts, we can see that five repeating commands share exactly identical values; while for ciphertexts, five repeating commands are bought into chaos, and there is no correlation between any two commands or even any two bytes, which guarantees the security as have been proved statistically in Table I and Figure 3, according to three postulates proposed by Golomb [27].
Since the security of the commands depends on the one-time pad, the communication capacity in this cryptographic control scheme is mainly limited by the number of pre-charged QRNs.To extend the key updating period, on one hand, the capacity of secure key storage device should be large enough, while it might take more bytes in the commands for storing keys' address infor-mation.On the other hand, the encryption commands can be optimized according to different structures, and some trivial information in a certain command could be ignored to save keys, as well as to increase decryption speed.
In summary, we have proposed and experimentally demonstrated a quantum-enhanced cryptographic remote control scheme that combines quantum randomness and one-time pad algorithm for delivering commands remotely.The quantum-enhanced cryptographic scheme are expected to be generalized to bidirectional systems: controlees can be securely controlled and also be able to send encrypted recorded flight data back to controllers, such as position, direction and speed.Besides, the pointto-point solution can be extended to point-to-multipoint or distributed networks.More importantly, such scheme can be combined with fixed QKD channels [23,[28][29][30] for long-distance quantum keys charging, providing a flexible solution for control security of artificial intelligence and IoT in large scale.

FIG. 2 :FIG. 3 :
FIG. 2: Signal flow diagram and NIST tests of quantum randomness.(a) Signal flow diagram of the quantum-enhanced cryptographic control system.(b) NIST statistical randomness tests performance of quantum keys.The experimental results are obtained from 1,638,400 bits samples with a significance level of α = 0.01.In the histogram, the value of each test that exceed the red dashed line turns out a successful pass.

FIG. 4 :
FIG. 4: Experimental results of intercepted commands (a) Intercepted five pieces of typical commands with (blue lines) and without (red lines) one-time pad encryption for comparison.(b) Details of each functional command.The last four bytes of ciphertexts represent the assigned address information of quantum keys.One command is combined with 32 bytes, and each byte represents for an integer whose values range from 0 to 255, stored with eight binaries.See Supplementary Materials for details.

TABLE I :
Balance and runs properties.P -values for uniformity check, and proportions for examination of the sequences that pass a certain statistical test (Success Rate).20 pieces of commands are tested.