اشترك بالحزمة الذهبية واحصل على وصول غير محدود شمرا أكاديميا
تسجيل مستخدم جديدThe Universal Composable Security of Quantum Message Authentication with Key Recyling
123
0
0.0
(
0
)
اسأل ChatGPT حول البحث
ﻻ يوجد ملخص باللغة العربية
Barnum, Crepeau, Gottesman, Tapp, and Smith (quant-ph/0205128) proposed methods for authentication of quantum messages. The first method is an interactive protocol (TQA) based on teleportation. The second method is a noninteractive protocol (QA) in which the sender first encrypts the message using a protocol QEnc and then encodes the quantum ciphertext with an error correcting code chosen secretly from a set (a purity test code (PTC)). Encryption was shown to be necessary for authentication. We augment the protocol QA with an extra step which recycles the entire encryption key provided QA accepts the message. We analyze the resulting integrated protocol for quantum authentication and key generation, which we call QA+KG. Our main result is a proof that QA+KG is universal composably (UC) secure in the Ben-Or-Mayers model (quant-ph/0409062). More specifically, this implies the UC-security of (a) QA, (b) recycling of the encryption key in QA, and (c) key-recycling of the encryption scheme QEnc by appending PTC. For an m-qubit message, encryption requires 2m bits of key; but PTC can be performed using only O(log m) + O(log e) bits of key for probability of failure e. Thus, we reduce the key required for both QA and QEnc, from linear to logarithmic net consumption, at the expense of one bit of back communication which can happen any time after the conclusion of QA and before reusing the key. UC-security of QA also extends security to settings not obvious from quant-ph/0205128. Our security proof structure is inspired by and similar to that of quant-ph/0205128, reducing the security of QA to that of TQA. In the process, we define UC-secure entanglement, and prove the UC-security of the entanglement generating protocol given in quant-ph/0205128, which could be of independent interest.
قيم البحث
اقرأ أيضاً
We present methods to strictly calculate the finite-key effects in quantum key distribution (QKD) with error rejection through two-way classical communication (TWCC) for the sending-or-not-sending twin-field protocol. Unlike the normal QKD without TW
CC, here the probability of tagging or untagging for each two-bit random group is not independent. We rigorously solve this problem by imagining a virtual set of bits where every bit is independent and identical. We show the relationship between the outcome starting from this imagined set containing independent and identical bits and the outcome starting with the real set of non-independent bits. With explicit formulas, we show that simply applying Chernoff bound in the calculation gives correct key rate, but the failure probability changes a little bit.
Formulating and designing unforgeable authentication of classical messages in the presence of quantum adversaries has been a challenge, as the familiar classical notions of unforgeability do not directly translate into meaningful notions in the quant
um setting. A particular difficulty is how to fairly capture the notion of predicting an unqueried value when the adversary can query in quantum superposition. In this work, we uncover serious shortcomings in existing approaches, and propose a new definition. We then support its viability by a number of constructions and characterizations. Specifically, we demonstrate a function which is secure according to the existing definition by Boneh and Zhandry, but is clearly vulnerable to a quantum forgery attack, whereby a query supported only on inputs that start with 0 divulges the value of the function on an input that starts with 1. We then propose a new definition, which we call blind-unforgeability (or BU.) This notion matches intuitive unpredictability in all examples studied thus far. It defines a function to be predictable if there exists an adversary which can use partially blinded oracle access to predict values in the blinded region. Our definition (BU) coincides with standard unpredictability (EUF-CMA) in the classical-query setting. We show that quantum-secure pseudorandom functions are BU-secure MACs. In addition, we show that BU satisfies a composition property (Hash-and-MAC) using Bernoulli-preserving hash functions, a new notion which may be of independent interest. Finally, we show that BU is amenable to security reductions by giving a precise bound on the extent to which quantum algorithms can deviate from their usual behavior due to the blinding in the BU security experiment.
Utilizing the advantage of quantum entanglement swapping, a multi-party quantum key agreement protocol with authentication is proposed. In this protocol, a semi-trusted third party is introduced, who prepares Bell states, and sends one particle to mu
ltiple participants respectively. After that the participants can share a Greenberger-Horne-Zeilinger state by entanglement swapping. Finally, these participants measure the particles in their hands and obtain an agreement key. Here, classical hash function and Hadamard operation are utilized to authenticate the identity of participants. The correlations of GHZ states ensure the security of the proposed protocol. To illustrated it detailly, the security of this protocol against common attacks is analyzed, which shows that the proposed protocol is secure in theory.
Quantum key distribution (QKD) provides information theoretically secures key exchange requiring authentication of the classic data processing channel via pre-sharing of symmetric private keys. In previous studies, the lattice-based post-quantum digi
tal signature algorithm Aigis-Sig, combined with public-key infrastructure (PKI) was used to achieve high-efficiency quantum security authentication of QKD, and its advantages in simplifying the MAN network structure and new user entry were demonstrated. This experiment further integrates the PQC algorithm into the commercial QKD system, the Jinan field metropolitan QKD network comprised of 14 user nodes and 5 optical switching nodes. The feasibility, effectiveness and stability of the post-quantum cryptography (PQC) algorithm and advantages of replacing trusted relays with optical switching brought by PQC authentication large-scale metropolitan area QKD network were verified. QKD with PQC authentication has potential in quantum-secure communications, specifically in metropolitan QKD networks.
Quantum key distribution (QKD) enables unconditionally secure communication between distinct parties using a quantum channel and an authentic public channel. Reducing the portion of quantum-generated secret keys, that is consumed during the authentic
ation procedure, is of significant importance for improving the performance of QKD systems. In the present work, we develop a lightweight authentication protocol for QKD based on a `ping-pong scheme of authenticity check for QKD. An important feature of this scheme is that the only one authentication tag is generated and transmitted during each of the QKD post-processing rounds. For the tag generation purpose, we design an unconditionally secure procedure based on the concept of key recycling. The procedure is based on the combination of almost universal$_2$ polynomial hashing, XOR universal$_2$ Toeplitz hashing, and one-time pad (OTP) encryption. We demonstrate how to minimize both the length of the recycled key and the size of the authentication key, that is required for OTP encryption. As a result, in real case scenarios, the portion of quantum-generated secret keys that is consumed for the authentication purposes is below 1%. Finally, we provide a security analysis of the full quantum key growing process in the framework of universally composable security.
سجل دخول لتتمكن من نشر تعليقات
التعليقات
جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
