Editing
Uncloneable Encryption
Jump to navigation
Jump to search
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
This [https://arxiv.org/pdf/quant-ph/0210062.pdf example protocol] achieves the task of [[Unclonable Encryption]] in which the sender sends classical message encoded using quantum states to the receiver. An eavesdropper can neither decrypt the message without the key nor can he copy the encrypted message for later decoding without getting caught. ==Assumptions== * Classical authenticated channels are available between sender and receiver. ==Outline== The protocol requires a pre-shared set of four keys that are partially consumed in the protocol and that can be regenerated by using the protocol itself. ===Encoding phase:=== The message is divided into parts (registers). A polynomial of degree equal to the number of parts is defined with the value of the registers as its coefficients. The constant term is chosen such that the first key value is a root of the polynomial. The string formed by coefficients of the polynomial is then XORed with the second key value. This classical pre-processing step is reminiscent to Shamir Secret Sharing scheme. Both codes are then used in conjunction with the obtained string to pick a string to encode the pre-processed string such that the first one offers error protection against noise in the channel and the second one for privacy amplification. The obtained classical string is then encoded in the computational or Hadamard basis according to the corresponding bit in the fourth key value and sent to the receiver. ===Decoding phase:=== Upon receiving the qubits, they are measured in the computational or Hadamard basis according to the corresponding bit in the fourth key value. Calculate the parity checks of the first classical code. If they are not equal to the third shared key value, there are errors in the state, which can be corrected using the standard decoding map. Evaluate the parity checks of <math>C_2/C_1^{\perp}</math>, producing another string. The string obtained is XORed with the second key value and used as coefficients of a polynomial. The polynomial is then evaluated at the first key value and if it gives zero, the message is accepted. It is rejected otherwise. ==Notation== * <math>n</math>: Bit length of the message. * <math>r</math>: Number of registers of size <math>s</math> the message is divided into. * <math>s</math>: Bit length of each register the message is divided into. * <math>k</math>: Random key of length <math>s</math>. * <math>m_k</math>: Value of the <math>k^{th}</math> register for <math>k \in \{0,1,..,r\}</math> * <math>e</math>: Random key of length <math>n+s</math>. * <math>c_1</math>: Random key for selecting the coset from <math>C_1</math>. * <math>C_1</math>: Classical linear code for correcting bit flip errors. * <math>C_2</math>: Classical linear code for performing privacy amplification. * <math>y</math>: XORed product of <math>e</math> and <math>m_k</math>s. * <math>z</math>: Random string from the coset <math>y</math> selected from <math>C_1/C_2^{\perp}</math>. * <math>N</math>: Bit length of <math>z</math>. * <math>b</math>: Random key of length <math>N</math>. ==Requirements== '''Network stage''': Prepare and measure. * A classical linear code for correcting bit-flip errors. * A classical linear code for performing privacy amplification. * Basic state preparation and measurement devices. * A classical and a quantum channel between the sender and the receiver. ==Properties== * It uses up more than twice as much key as a classical one-time pad but the key can be partially reused upon successful transmission. The scheme can also be used to regenerate the keys itself. * The protocol can be used for QKD with some slight modifications. ==Protocol Description== Pre-shared key <math>(k, e, c_1, b)</math> is established. ===Encoding:=== # Divide the <math>n</math>-bit message into <math>r</math> groups of <math>s</math> bits. # Define a polynomial <math>f</math> of degree <math>r</math> whose first <math>r</math> coefficients are the registers <math>m_0, m_1,\ldots, m_{r-1}</math> of the <math>n</math>-bit message. # The constant term, <math>m_r</math>, is chosen such that <math>f(k) = 0</math>. # XOR the string <math>(m_0, \ldots , m_r)</math> with <math>e</math>, producing a new classical string <math>y</math> of length <math>n+s</math> bits. # Consider the particular coset of the classical error-correcting code <math>C_1</math> given by the syndrome <math>c_1</math>. # Pick the string <math>z</math> at random so that its coset of <math>C_1/C_2^{\perp}</math> in the coset <math>c_1</math> of <math>C_1</math> corresponds to <math>y</math> # Transmit <math>N</math> qubits after operations based on b such that: ## When the <math>i^{th}</math> bit of <math>b</math> is <math>0</math>, transmit the <math>i^{th}</math> bit of <math>z</math> in the computational basis. ## When the <math>i^{th}</math> bit of <math>b</math> is <math>1</math>, transmit the <math>i^{th}</math> bit of <math>z</math> in the Hadamard basis. ===Decoding:=== # Upon receiving the <math>N</math> qubits, measure in the computational basis if the <math>i^{th}</math> bit of <math>b</math> is <math>0</math>, else in the Hadamard basis the <math>i^{th}</math> bit of <math>b</math> is <math>1</math>, to get <math>z</math>. # Calculate the parity checks of the classical code <math>C_1^{\perp}</math>. If they are not equal to the string <math>c_1</math>, there are errors in the state, which can be corrected using the standard decoding map. # Evaluate the parity checks of <math>C_2/C_1^{\perp}</math>, producing a <math>n + s</math>-bit string <math>y</math>. # XOR <math>y</math> with <math>e</math>, producing a new string <math>(m_0, \ldots , m_r)</math>. # Consider the <math>(m_0, \ldots, m_r)</math> as the coefficients of a polynomial <math>f</math>. Accept only if <math>f(k) = 0</math>. <div style='text-align: right;'>''*contributed by Natansh Mathur''</div>
Summary:
Please note that all contributions to Quantum Protocol Zoo may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see
Quantum Protocol Zoo:Copyrights
for details).
Do not submit copyrighted work without permission!
To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:
Cancel
Editing help
(opens in new window)
Navigation menu
Personal tools
Not logged in
Talk
Contributions
Log in
Namespaces
Page
Discussion
English
Views
Read
Edit
View history
More
Search
Navigation
Main page
News
Protocol Library
Certification Library
Nodal Subroutines
Codes Repository
Knowledge Graphs
Submissions
Categories
Supplementary Information
Recent Changes
Contact us
Help
Tools
What links here
Related changes
Special pages
Page information