Technical Papers


A Deterministic Polynomial Public Key Algorithm over a Prime Galois Field GF(p)
By: R. Kuang
January 2022

DOI: 10.1109/ACCC54619.2021.00020.

Abstract: The ancient Vieta’s formulas reveal the relationships between coefficients of an nth-degree polynomial and its roots. It is surprisingly found that there exists a hidden secret for a potential public key exchange: decoupling the product of all roots or constant term from summations of root products or coefficients of a polynomial to establish a keypair. The proposed deterministic polynomial public key algorithm or DPPK … Read More is built on the fact that a polynomial cannot be factorized without its constant term. DPPK allows the keypair generator to combine a base polynomial, eliminable during the decryption, with two solvable polynomials and creates two entangled polynomials. Two coefficient vectors of the entangled polynomials form a public key, and their constant terms, together with the two solvable polynomials, form the private key. By only publishing coefficients of polynomials without their constant terms, we greatly restrict polynomial factoring techniques for the private key extraction. We demonstrate that the time complexity, in terms of field operations, of the private key extraction from the known public key is a super-exponential difficulty O(p2) for classical attacks and an exponential difficulty O(p) for quantum attacks, respectively, in comparison with the low sub-exponential complexity for the PQC algorithms. The best-known deterministic complexity of the polynomial factoring problem for the secret key extraction from intercepted ciphertexts is O(npl/2) for classical attacks and O(pl/2) for quantum attacks, respectively, at the same complexity level as Grover’s search algorithm. Performance comparisons with the PQC finalists for keypair generations, encryptions, and decryptions are presented.

Show Less

Indistinguishability and Non-deterministic Encryption of the Quantum Safe Multivariate Polynomial Public Key Cryptographic System

By: R. Kuang and M. Barbeau
October 2021

DOI: 10.1109/CCECE53047.2021.9569200.

Multivariate Polynomial Public Key (MPPK) is a cryptographic system, over a prime Galois field. A key pair is generated using a multiplier multivariate polynomial and two multiplicand univariate solvable polynomials. They yield two product multivariate polynomials. The first variable is used for carrying the message or secret and others are used as noise sources. … Read More The public key consists of all the coefficients of the product multivariate polynomials, except the two constant coefficients, in terms with coefficients attached to the message variable, and a noise function or a polynomial of only noise variables generated from the constant term of the multiplier multivariate polynomial by multiplying a private random variable R. The private key is made of both univariate solvable multiplicand polynomials and the private R. Encryption takes a secret message and random numbers for noises, adding noise that is automatically cancelled by decryption. Decryption is achieved evaluating a solvable equation. We review security analysis that can be employed to crack MPPK secrets and private keys. Finally, we discuss indistinguishability and non-deterministic encryption, key properties of MPPK.

Show Less

Performance Analysis of the Quantum Safe Multivariate Polynomial Public Key Algorithm

By: R. Kuang and M. Barbeau
November 2021

DOI: 10.1109/QCE52317.2021.00052.

The Multivariate Polynomial Public Key (MPPK) algorithm, over a prime Galois field, takes a multiplier multivariate polynomial and two multiplicand univariate solvable polynomials to create two product multivariate polynomials. One of variables is for secret message and all others are for noises. The public key consists of all coefficients of the product multivariate polynomials, … Read More except the two constant terms for the message variable. The private key is made of both multiplicands. Encryption takes a list of  random numbers, over the prime Galois field. The first number is the secret to exchange. The other random numbers generate noise automatically cancelled by decryption. The secret is easily extracted from the evaluation of a solvable equation. The level of security provided by MPPK is adaptable. The algorithm can be used in several different ways. In this paper, we review the performance achieved by MPPK for several combinations of polynomial configurations and Galois field sizes. For every combination, we calculated key generation time, encryption time and decryption time. We also compare the effectiveness of MPPK with the performance of all four NIST PQC finalists. For MPPK, the data has been collected from the execution of an implementation in Java. In comparison to the NIST PQC finalists, MPPK key generation, encryption and decryption performance is excellent.

Show Less


Shannon Perfect Secrecy in a Discrete Hilbert Space

By: R. Kuang and N. Bettenburg
November 2020

DOI: 10.1109/QCE49297.2020.00039.

The One-time-pad (OTP) was mathematically proven to be perfectly secure by Shannon in 1949. We propose to extend the classical OTP from an n-bit finite field to the entire symmetric group over the finite field. Within this context the symmetric group can be represented by a discrete Hilbert sphere (DHS) over an n-bit computational basis. Unlike the continuous Hilbert space … Read More defined over a complex field in quantum computing, a DHS is defined over the finite field GF(2). Within this DHS, the entire symmetric group can be completely described by the complete set of n-bit binary permutation matrices. Encoding of a plaintext can be done by randomly selecting a permutation matrix from the symmetric group to multiply with the computational basis vector associated with the state corresponding to the data to be encoded. Then, the resulting vector is converted to an output state as the ciphertext. The decoding is the same procedure but with the transpose of the pre-shared permutation matrix. We demonstrate that under this extension, the 1-to-1 mapping in the classical OTP is equally likely decoupled in Discrete Hilbert Space. The uncertainty relationship between permutation matrices protects the selected pad, consisting of M permutation matrices (also called Quantum permutation pad, or QPP). QPP not only maintains the perfect secrecy feature of the classical formulation but is also reusable without invalidating the perfect secrecy property. The extended Shannon perfect secrecy is then stated such that the ciphertext C gives absolutely no information about the plaintext P and the pad.

Show Less

Quantum secure lightweight cryptography with quantum permutation pad

By: R. Kuang, D. Lou, A. He, and A. Conlon
August 2021

DOI: 10.25046/aj060445.

Quantum logic gates represent certain quantum operations to perform quantum computations. Of those quantum gates, there is a category of classical behavior gates called quantum permutation gates. As a quantum algorithm, quantum permutation pad or QPP consists of multiple quantum permutation gates to be implemented both in a quantum … Read Morecomputing system as a quantum circuit operating on n-qubits’ states for transformations and in a classical computing system represented by a pad of n-bit permutation matrices. Since first time proposed in 2020, QPP has been recently applied to create a quantum safe lightweight block cipher by replacing SubBytes and AddRoundKey with QPP in AES called AES-QPP. In AES-QPP, QPP consists of 16 selected 8-bit permutation matrices based on the shared classical key materials. For quantum safe, the key length can be any size from 256 bits to 4 KB. That means, this QPP holds up to 4 KB of Shannon information entropy. Its code size is less than 2 KB with 4 KB of RAM memory. In this paper, we propose to apply QPP for a streaming cipher and carry out its encryption performance and the randomness analysis of this streaming cipher. The proposed QPP streaming cipher demonstrates not only good randomness in its ciphertexts but also huge performance improvement: 13x faster than AES-256, with an overall runtime space (6.8 KB).

Show Less

Quantum Safe Lightweight Cryptography with Quantum Permutation Pad

By: R. Kuang, D. Lou, A. He, and A. Conlon
June 2021

DOI: 10.1109/ICCCS52626.2021.9449247.

Quantum permutation pad or QPP was first proposed by Kuang and Bettenburg in 2020 [15]. QPP is a generic quantum algorithm consisting of multiple n-qubits quantum permutation gates. As a quantum algorithm, QPP can be implemented both in a quantum computing system as a quantum circuit operating on n-qubits’ state for transformation and in a classical … Read Morecomputing system represented by a pad of n-bit permutation matrices. QPP has two unique characteristics: huge Shannon information entropy and non-commutativity between permutation matrices or the generalized uncertainty principal. Permutation transformation is bijective mapping between input information space and output ciphertext space. That means, QPP has the property of Shannon perfect secrecy with reusability due to the uncertainty relationship. QPP is the generalization of One-Time-Pad or OTP over Hilbert space and OTP is the simplification of QPP over a Galois field. Based on those, this paper explores a variant of AES for a quantum safe lightweight cryptography by incorporating AES ShiftRows and MixColumns with QPP or called AES-QPP. AES-QPP unifies the SubBytes and AddRoundKey with the same QPP of 16 8-bit permutation matrices, essentially SubBytes to be a special 8-bit permutation matrix and AddRoundKey to be 16 8-bit permutation matrices selected from XOR operations. By randomly selecting 16 permutation matrices with a secret key material, AES-QPP could hold a total equivalent 26,944 bits of Shannon entropy. It not only improves the security against differential and linear attacks but also largely reduces the number of rounds to 5 rounds. AES-QPP could be a good candidate for quantum safe lightweight cryptography.

Show Less


Generating Just-in-Time Shared Keys (JIT-SK) for TLS 1.3 Zero RoundTrip Time (0-RTT)
By: E. AbdAllah, R. Kuang, and C. Huang
December 2021

DOI: 10.18178/ijmlc.2022.12.3.1086.

The main goal of Transport Layer Security (TLS) protocol is to provide a secure communication channel between communicating pairs. A new version of the protocol, TLS 1.3, is introduced to improve security and performance for customers. One of the major advantages of TLS 1.3 over earlier versions is that it introduces Zero RoundTrip Time (0-RTT) feature, that saves a round trip at connection setup stage. 0-RTT data … Read Moresecurity properties are weaker than other kinds of TLS data because the data is not forward secret and it is vulnerable to replay attacks. Existing solutions such as single-use tickets, client hello recording, and freshness checks provide inefficient solutions for 0-RTT problems. In this paper, we propose an efficient technique to utilize 0-RTT feature with forward secrecy and prevent replay attacks. Our technique uses a synchronized pseudorandom number generator (PRNG) that depends on initial shared secret between communicating pairs. The initial secret can be shared using TLS 1.3 three basic key exchange modes. In our technique, the PRNG also uses session shared information such as session ID to dynamically provide Just-in-Time Shared Keys (JIT-SK) for 0-RTT. Client and server sides change the keys in each session and hence securely and efficiently use the 0-RTT. We implement a proof of concept for our technique using our private PRNG, named Quantum Entropy Expansion and Propagation (QEEP), and WolfSSL implementation for TLS 1.3 and show the differences using our solution.

Show Less

Pseudo Quantum Random Number Generator with Quantum Permutation Pad

By: R. Kuang, D. Lou, A. He, C. McKenzie and M. Redding
June 2021

DOI: 10.1109/QCE52317.2021.00053.

Cryptographic random number generation is critical for any quantum-safe encryption. Based on the natural uncertainty of some quantum processes, a variety of quantum random number generators, or QRNGs, have been created with physical quantum processes. These typically generate random numbers with good unpredictable randomness. Of course, physical … Read MoreQRNGs are costic and require physical integrations with computing systems. This paper proposes a pseudo quantum random number generator with a quantum algorithm called a quantum permutation pad, or QPP, leveraging the high entropy of quantum permutation space for its bijective transformation. Unlike Boolean algebra, where the size of information space is 2n for an n-bit system, an n-bit quantum permutation space consists of 2n! quantum permutation matrices, representing all quantum permutation gates over an n-bit computational basis. This permutation space holds an equivalent Shannon information entropy of log2(2n!). A QPP can be used to create a pseudo-QRNG or pQRNG capable of integration with any classical computing system, or directly with any application, for good-quality deterministic random number generation. Using a QPP pad with 64 8-bit permuation matrices, a pQRNG holds 107,776 bits of entropy for pseudo-random number generation, compared with 4,096 bits of entropy in Linux /dev/random. It can be used as a deterministic PRNG or as an entropy booster for other PRNGs. It can also be used as a whitening algorithm for any hardware random number generator, including QRNGs, without discarding physical bias bits.

Show Less


Quantum Public Key Distribution using Randomized Glauber States

By: R. Kuang and N. Bettenburg
November 2020

DOI: 10.1109/QCE49297.2020.00032.

State-of-the-art Quantum Key Distribution (QKD) is based on the uncertainty principle of qubits on quantum measurements and is theoretically proven to be unconditionally secure. Over the past three decades, QKD has been explored with single photons as the information carrier. More recently, attention has shifted towards using weak coherent laser pulses … Read Moreas the information carrier. In this paper, we propose a novel quantum key distribution mechanism over a pure optical channel using randomized Glauber states. The proposed mechanism closely resembles a quantum mechanical implementation of the public key envelope idea. The core idea can be described in five steps as follows: 1. A user (Bob) generates a Glauber state as a quantum public key envelope (QPKE) by randomly modulating a secret phase φr, known only to Bob, and transmits it over an optical channel to the other user (Alice). 2. Alice modulates a key phase φk into the QPKE based on a random key and selected modulation scheme and returns it to Bob. 3. For the returning QPKE, Bob derandomizes it with his private key or the phase -φr and then 4. passes it to a coherent receiver to measure the key phase φk. 5. For better security, differential phase-shift keying (DPSK) technique with a reference list is applied to extract keys. For the proposed solution, we explore physical countermeasures to provide path authentication and to avoid man-in-the-middle attacks. Other attack vectors can also be effectively mitigated by leveraging the QPKE, the uncertainty principle and the DPSK modulation technique.

Show Less

Security Performance of Public Key Distribution in Coherent Optical Communications Links

By: M. Khalil, A. Chan, K. A. Shahriar, L. R. Chen, D. V. Plant and R. Kuang
July 2021

DOI: 10.1109/ICCCI51764.2021.9486822.

Theoretical uncertainties associated with the measurement of quantum bits have made Quantum Key Distribution (QKD) an attractive research topic for secure communication systems. Recent research in this area has focused on using weak coherent laser pulses as the carrier … Read Moreinstead of the traditional approach of using single photon carriers. This opens the possibility to implement QKD infrastructure that is compatible with the existing optical fiber communication network. In this work, we report a theoretical study of a new approach that utilizes the Quantum Public Key Envelope (QPKE) based on the randomized Glauber states in a classical coherent optical communication system to obtain a secure communication. We verify the efficacy of the system using numerical simulation. We also study the possible approaches for an eavesdropper to test the degree of security enhancement of the proposed system at bitrate of 56 Gb/s. Two eavesdropping techniques are proposed for security analysis. A set of security parameters are used to simulate the variety of eavesdropping schemes.

Show Less

Security Analysis of a Next Generation TF-QKD for Secure Public Key Distribution with Coherent Detection over Classical Optical Fiber Networks
By: A. Chan, M. Khalil, K. A. Shahriar, L. Chen, D. Plant, R. Kuang
December 2021
DOI: 10.1109/ICCC54389.2021.9674320.
Abstract: Twin-field quantum key distribution (TF-QKD) has recently attracted attention for its ability to overcome the fundamental limits of secret key rate for point-to-point connectivity without quantum repeaters in QKD. Coherent-based TF-QKD or CTF-QKD, … Read Morewhich utilizes coherent states for both transmissions and detections, has allowed systems to be designed for existing optical fiber communication networks allowing for improved performance compared to conventional QKD. Here, we report a theoretical study of CTF-QKD security from an eavesdropper. Compared to conventional QKD and TF-QKD systems, CTF-QKD system is not limited to using only single photon sources/detectors allowing this system to have comparable performance and range as current optical fiber networks. Using commercially available simulation software, we verify the efficacy by studying three different preventative measures for different modulation formats to prevent an eavesdropper from obtaining any secret key information. Results show that parameters can be limited to prevent an eavesdropper from obtaining any information. The simulation also demonstrates that the photon number-phase uncertainty principle for coherent states starts to play major role of security at 128-QAM modulation. Additional security measures are also described to detect the presence of an eavesdropper and improve the system integrity.

Show Less

Marco Pagani

Marco Pagani began his long and successful career as a senior executive in Ottawa’s high-tech sector in 1985, with Nortel Networks (then Bell-Northern Research). He rose across two decades to become president of several Nortel Business Units, managing more than 2,000 employees and over $1 billion in revenue. Having gone on to advise numerous organizations, as well as guide a range of companies through complex, critically necessary turnarounds, he is particularly respected for placing a strong emphasis on ethics and corporate governance in building the culture of the corporate and not-for-profit organizations he leads and supports.

Talk To Us

Patricio Mariaca

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vestibulum quis mauris justo. Vestibulum vel nulla vel tortor dignissim auctor. Donec porta semper lacus, id mollis metus pretium at. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Nam malesuada ullamcorper metus, eget facilisis tortor posuere sed.

Eric Chan

Eric Chan a.k.a. EEPMON is a Crypto / Digital Artist with 15 years in the industry – and Quantropi’s Creative Emissary. His hybrid fractal/digital creations have been seen in fashion, comics to museums and has exhibited worldwide. EEPMON’s collaborations include Canada Goose, MARVEL, Snoopy, Microsoft Xbox, Canada Science & Technology Museum and was a TEDx performing artist. In 2018 he represented Canada on its first Creative Industries Trade Mission led by Canada’s Minister of Heritage and serves on the Canadian Museums Association‘s Board of Directors. At the same time, he is currently completing his Master of Information Technology – Digital Media at Carleton University. 

Christopher McKenzie

With his extensive experience in software development and strong analytical skills, Chris can handle the entire end-to-end software development life cycle. Prior to Quantropi, he served as Director of Product Development at Sphyrna Security, Inc., where he managed the delivery of security compliance automation and data diode appliance products, and as Commercial Software Development Manager at Cord3, Inc., where he managed the development of an advanced data access policy management product. Chris graduated from Computer Science at Algonquin College and the Ottawa School of Arts in 1998. Read less

Dafu Lou

Dafu is Quantropi’s Director of engineering. Prior to Quantropi, he served as a technical leader at Irdeto, a world-leading provider of digital platform security software, where he was responsible for white-box cryptography, cloaked CA secure core, and iOS/android application protection services, among others. Prior to Irdeto, Dafu served as a senior software engineer at SecureNex Systems, where he led the implementation of an SSL-VPN solution and ECC-based secure data storage & PKI. He earned his Ph.D. in electrical engineering from the University of Ottawa in 2009. Dafu is also a part-time professor, teaching VLSI, Cryptography and other subjects at uOttawa.

Pauline Arnold

As James Nguyen’s EA, Pauline Arnold brings more than 40 years of experience in complementary customer service and administrative roles. Prior to Quantropi, she served 20 years as Branch Manager and an assistant in investments, and over 20 years at Metropolitan Life Canada in various aspects of the insurance sector – assisting clients, management and colleagues to complete tasks, solve problems, address questions and achieve goals. She also worked part-time for Royal Lepage Performance for 5+ years as a receptionist & admin, and for 5 years was chair of the TKFG’s charity golf tournament.

Bond Vo

Bond Vo is the Business Analyst of Quantropi. Along with Quantropi, Bond has been dynamic in accordance with a fast and evolving startup environment and is responsible in a wide range of areas including market research, funding, and more involved in the controller roles to oversee day to day accounting operation as well as build financing models and budget to achieve company’s ultimate goals/objectives. Bond has applied best practices consistently and successfully supports equity, debt, and non-dilutive funding for Quantropi since joint the team. He earned a Bachelor of Commerce concentrated in Finance from Carleton University. Outside of his professional career, Bond also participated in volunteer for the Vietnamese Immigration Student Association (VISA) to help and support students as well as newcomers in Canada.

Tina Wang

Tina develops websites and participates in a range of different projects, using new frameworks for front-end UI, along with Vuejs, Angula, Beego, Ruby on Rails, and Electron. She developed Quantropi’s desktop CipherSpace application by integrating Electron, Webassembly and Go, to ensure a good user experience, as well as perfect operating system compatibility. She is also part of the dynamic and efficient QKD-NODE project team. Tina is always looking for new ways to increase her knowledge, improve her technological proficiency and enhance her strong execution and implementation skills. Prior to Quantropi, Tina served as a full-stack web developer at Sunny Future, where she maintained a WordPress home site and managed the release of new content for the company.

Nick Kuang

As VP Corporate Services, Nick plans, directs and coordinates a wide range of activities aimed at achieving Quantropi’s vision of the Quantum Internet. He has a keen interest in transformative technologies and the possibilities they offer for bettering our everyday lives. A pharmacist by training, Nick nurtures teams with a focus on integrity and collaborative effort, coupled with strong attention to detail. With prior experience in a successful biotech start-up developing point-of-care test kits, he enjoys the fast pace and challenge of the start-up environment.

Alex He

Alex is a product-oriented project manager who bridges the gaps between the company’s engineering and commercial teams. He has over ten years of experience in the analysis, design and development of enterprise-class applications, with a particular focus on creating optimal user experiences (UX). Ever passionate about cybersecurity solutions that can deliver solid security without unreasonably sacrificing customer convenience, Alex is the lead inventor of a registered patent on user interface security. He is committed to helping ensure that the Agile software engineering team at Quantropi delivers consistently high-quality, high crypto-agility cybersecurity solutions for next-generation communications.

Michael Redding

Before joining Quantropi, Mike was Managing Director and co-founder of Accenture Ventures, where he grew a global portfolio of strategic partnerships and 38 equity investments in emerging technology startups.

During his nearly 30 years with Accenture, he incubated and launched technology innovations for enterprises across multiple geographies and industries. Ever-passionate about bold ideas with game-changing results, he speaks frequently on the impact of emerging technology on large organizations.

With a bachelor’s degree in Electrical Engineering and Computer Science from Princeton, and a Master’s in Biomedical Engineering from Northwestern, Mike is a former member of the Board of Directors for the Accenture Foundation and Board Observer for startups Maana and Splice Machine.

Raj Narula, P.Eng.

A seasoned technology executive, business builder and angel investor, Raj has held operational and advisory roles in Recognia (Trading Central), Belair Networks (Ericsson), March Networks (Infinova), Sandvine (Procera), Neurolanguage (ADEC), Bridgewater Systems (Amdocs), Vayyoo (Cafex), TenXc (CCI), 1Mobility (Qualys) and others. Having divided his time among North America, EMEA and Asia-Pac for over 20 years, Raj speaks several languages. He grew up in Asia, Europe, South America and Canada, and holds a B.Eng degree in Mechanical Engineering from the University of Ottawa. He is also a co-founder and Charter Member of the Ottawa chapter of TiE (the Indus Entrepreneur).

Ken Dobell

Ken leads marketing strategy at Quantropi. In high demand as a consultant with 25 years’ experience in performance media and an award- winning creative background, he has completed successful transformations, (re)branding and product development mandates with KPMG, Keurig, Fidelity, Eddyfi, Coveo, and more, and provides digital advice to the CMA. Previously, Ken pivoted an offline advertising brokerage to a leading-edge, data-driven performance agency as President of DAC Digital, held a progression of international leadership roles with, pioneered a range of multi-channel initiatives as VP Marketing with a global franchisor, and introduced a mobile-first programmatic media offering to Canada within WPP.

Dr. Randy Kuang

Randy holds a doctorate in quantum physics. His research findings have been published in top international journals and named “Kuang’s semi-classical formalism” by NASA in 2012. With a career spanning IT, including with Nortel as senior network researcher & developer, he co-founded inBay Technologies in 2009, serving as CTO of the cybersecurity platform. As the first recipient of a patent for two-level authentication (2011), Randy is a prolific inventor, with 30+ U.S. patents in broad technology fields, such as WiMAX, optical networks, multi-factor identity authentication, transaction authorization, as well as concepts, technologies and industrial applications for quantum key distribution.

James Nguyen

Prior to leading Quantropi, James was Chief Investment Officer & VP Asia Operations for a group of private and public real estate, mining, energy storage, graphene technologies and manufacturing interests, where, in his responsibilities for strategy, banking and global expansions, he secured large-scale investments and partnerships for commercializing graphene applications across multiple industries. A graduate of Carleton in Economics, he previously achieved success managing a mid-market portfolio (professional services, public sector, Asian markets) at RBC for over a decade. James has been on the HKCBA board, held advisory positions with technology start-ups and gives back as volunteer, fundraiser and mentor.