**2.1. Y-00 started from two directions (phase modulation and intensity modulation)**

As described above, research of Y-00 was started by H.P.Yuen and other people at the Northwestern University in the United States. Also research and development on implementation are being made at NuCrypt Limited Liability Company (member company of Northwestern University) [9-11]. In this research, phase modulation on coherent light is used as base and encryption is performed by using phase fluctuation (quantum fluctuation) of light. The phase modulation angle of the light becomes multiple value densely. And logic "1" and logic "0" (binary) are distinguished in the 180 degree opposite phase combination. Only one combination is selected from multiple binary combinations (called bases) for each bit from the key information in synchronization with the receiver. The multi-value phase information on the same circumference is closely arranged like overlapping by quantum fluctuation. Eavesdroppers who have no key information must accurately detect phase information. Normal receivers can predict a set of selected base values by using the common key information and therefore can distinguish information. Several-thousands of phase angle values to be used for modulation are set and Non-Linear Feedback Shift Register (NLFSR) and Advanced Encryption Standard (AES) are used for sorting the base to enhance the safety. They use phase modulation for the Y-00 base to apply it to optical space transmission and achieve highly secure communication between aircraft and the ground. In Japan, O.Hirota of Tamagawa University (in Japan) who had made research together with H.P.Yuen started research of Y-00 on the basis of the widely spread intensity modulation of light [12]. Implementation is made by Hitachi Information & Communication Engineering , Ltd. and its application to existing optical fiber networks is considered [13-18].

#### **2.2. Safety of Y-00**

Figure1 shows the idea of theoretical safety of Y-00. Theoretical research on ultimate safety of Y-00 is in progress. But if implementation and practicality are considered by present technologies, safety is restricted. However, this restriction can ensure nearly ultimate safety though it is limited by providing essential conditions (astronomical amount of time) for decryption by eavesdroppers through a quantum physical phenomenon. The quantum physical phenomenon means quantum noise (quantum fluctuation) which is an absolute phenomenon that cannot be removed theoretically. Because this phenomenon is completely random, it does not correlate with measured data and the phenomenon cannot be copied. If this phenomenon can diffuse the effect over the signal area, completely decipher is impossible. But differentiation in receiving conditions between normal receiver and eavesdropper is difficult. This will generate trade-off between receiving sensitivity of normal receivers and safety. Therefore ultimate safety cannot be pursued with technical conditions aimed at practical use. Eavesdroppers still cannot avoid physical phenomena of these conditions and acquire correct data. Therefore, direct decryption (cipher text only attack) is impossible. Furthermore, eavesdroppers will attempt to seek for data correlation

to get the initial key from acquired sample data like fast correlation attack that makes exhaustive search. In the exhaustive search, phenomena cannot be copied correctly due to effects of physical phenomena. It is disabling parallel processing [19]. Therefore, eavesdropper must be stacked in serial to find correlation of data. In addition, the sample data volume required for decryption is an order of 1E20~1E30 bytes or more by implementing the safety enhancing measures described later. That memory capacity to store the sample data are 1E20~1E30 bytes or more and the sample data acquisition time is several tens of millions to several hundred millions of years (at 10Gbps transmission) even if effects of physical phenomena cannot be diffused over the signal area as described above. This is limited and that is considered to be indecipherable safety. Because it does not depend on computer's performance unlike the present cryptography that pursues mathematical complexity.

**Figure 1.** Image of the safety of Y-00
