Polynomial Code based Quantum Authentication: Difference between revisions
No edit summary |
No edit summary |
||
Line 1: | Line 1: | ||
The paper [https://arxiv.org/pdf/quant-ph/0205128.pdf Authentication of Quantum Messages by Barnum et al.] provides a non-interactive scheme for the sender to encrypt as well as [[Authentication of Quantum Messages|authenticate quantum messages]]. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) | The paper [https://arxiv.org/pdf/quant-ph/0205128.pdf Authentication of Quantum Messages by Barnum et al.] provides a non-interactive scheme with classical keys for the sender to encrypt as well as [[Authentication of Quantum Messages|authenticate quantum messages]]. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) without having been tampered with or modified by the dishonest party (eavesdropper). | ||
'''Tags:''' [[:Category:Two Party Protocols|Two Party Protocol]][[Category:Two Party Protocols]], [[:Category:Quantum Functionality|Quantum Functionality]][[Category:Quantum Functionality]], [[:Category:Specific Task|Specific Task]][[Category:Specific Task]], [[:Category:Building Blocks|Building Block]][[Category:Building Blocks]] | '''Tags:''' [[:Category:Two Party Protocols|Two Party Protocol]][[Category:Two Party Protocols]], [[:Category:Quantum Functionality|Quantum Functionality]][[Category:Quantum Functionality]], [[:Category:Specific Task|Specific Task]][[Category:Specific Task]], [[:Category:Building Blocks|Building Block]][[Category:Building Blocks]] | ||
==Outline== | |||
The polynomial code consists of three steps: preprocessing, encryption and encoding, and decoding and decryption. Within the preprocessing, sender and receiver agree on a [[Stabilizer Purity Testing Code | stabilizer purity testing code]] and three private, random binary keys. Within the encryption and encoding step, the sender uses one of these keys to encrypt the original message. Consequently, a second key is used to choose a specific quantum error correction code out of the [[Stabilizer Purity Testing Code | stabilizer purity testing code]]. The chosen quantum error correction code is then used, together with the last key, to encode the encrypted quantum message. Within the last step, the decoding and decryption step, the respective keys are used by the receiver to decide whether to abort or not, and if not, to decode and decrypt the received quantum message. | |||
==Assumptions== | ==Assumptions== | ||
Line 14: | Line 17: | ||
*<math>n</math>: number of qubits used to encode the message with <math>\{Q_k\}</math> | *<math>n</math>: number of qubits used to encode the message with <math>\{Q_k\}</math> | ||
*<math>x</math>: random binary <math>2m</math>-bit key | *<math>x</math>: random binary <math>2m</math>-bit key | ||
*<math> | *<math>y</math>: random syndrome for a specific <math>Q_k</math> | ||
==Protocol Description== | ==Protocol Description== | ||
*''' | Add Input and Output for each subroutine | ||
*'''Input:''' <math>\rho</math> owned by <math>\mathcal{S}</math>; <math>k</math>, <math>x</math>, <math>y</math> shared among <math>\mathcal{S}</math> and <math>\mathcal{A}</math> | |||
*'''Output:''' Receiver: accepts or aborts <math>\rho^\prime</math> | |||
* | **'''''Encryption and encoding:''''' | ||
*'''''Encryption and encoding:''''' | |||
#<math>\mathcal{S}</math> q-encrypts the <math>m</math>-qubit original message <math>\rho</math> as <math>\tau</math> using the classical key <math>x</math> and a [[Quantum One-Time Pad | quantum one-time pad]]. This encryption is given by <math>\tau = \sigma_x^{\vec{t}_1}\sigma_z^{\vec{t}_2}\rho\sigma_z^{\vec{1}_1}\sigma_x^{\vec{t}_1}</math>, where <math>\vec{t}_1</math> and <math>\vec{t}_2</math> are <math>m</math>-bit vectors and given by the random binary key <math>x</math>. | #<math>\mathcal{S}</math> q-encrypts the <math>m</math>-qubit original message <math>\rho</math> as <math>\tau</math> using the classical key <math>x</math> and a [[Quantum One-Time Pad | quantum one-time pad]]. This encryption is given by <math>\tau = \sigma_x^{\vec{t}_1}\sigma_z^{\vec{t}_2}\rho\sigma_z^{\vec{1}_1}\sigma_x^{\vec{t}_1}</math>, where <math>\vec{t}_1</math> and <math>\vec{t}_2</math> are <math>m</math>-bit vectors and given by the random binary key <math>x</math>. | ||
#<math>\mathcal{S}</math> then encodes <math>\tau</math> according to <math>Q_k</math> with syndrome <math>y</math>, which results in the <math>n</math>-qubit state <math>\sigma</math>. This means <math>\mathcal{S}</math> encodes <math>\rho</math> in <math>n</math> qubits using <math>Q_k</math>, and then "applies" errors according to the random syndrome. | #<math>\mathcal{S}</math> then encodes <math>\tau</math> according to <math>Q_k</math> with syndrome <math>y</math>, which results in the <math>n</math>-qubit state <math>\sigma</math>. This means <math>\mathcal{S}</math> encodes <math>\rho</math> in <math>n</math> qubits using <math>Q_k</math>, and then "applies" errors according to the random syndrome. | ||
#<math>\mathcal{S}</math> sends <math>\sigma</math> to <math>\mathcal{A}</math>. | #<math>\mathcal{S}</math> sends <math>\sigma</math> to <math>\mathcal{A}</math>. | ||
*'''''Decoding and decryption:''''' | **'''''Decoding and decryption:''''' | ||
#<math>\mathcal{A}</math> receives the <math>n</math> qubits, whose state is denoted by <math>\sigma^\prime</math>. | #<math>\mathcal{A}</math> receives the <math>n</math> qubits, whose state is denoted by <math>\sigma^\prime</math>. | ||
#<math>\mathcal{A}</math> measures the syndrome <math>y^\prime</math> of the code <math>Q_k</math> on his <math>n</math> qubits in state <math>\sigma^\prime</math>. | #<math>\mathcal{A}</math> measures the syndrome <math>y^\prime</math> of the code <math>Q_k</math> on his <math>n</math> qubits in state <math>\sigma^\prime</math>. |
Revision as of 12:38, 22 December 2021
The paper Authentication of Quantum Messages by Barnum et al. provides a non-interactive scheme with classical keys for the sender to encrypt as well as authenticate quantum messages. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) without having been tampered with or modified by the dishonest party (eavesdropper).
Tags: Two Party Protocol, Quantum Functionality, Specific Task, Building Block
Outline
The polynomial code consists of three steps: preprocessing, encryption and encoding, and decoding and decryption. Within the preprocessing, sender and receiver agree on a stabilizer purity testing code and three private, random binary keys. Within the encryption and encoding step, the sender uses one of these keys to encrypt the original message. Consequently, a second key is used to choose a specific quantum error correction code out of the stabilizer purity testing code. The chosen quantum error correction code is then used, together with the last key, to encode the encrypted quantum message. Within the last step, the decoding and decryption step, the respective keys are used by the receiver to decide whether to abort or not, and if not, to decode and decrypt the received quantum message.
Assumptions
- The sender and the receiver share a private, classical random key drawn from a probability distribution
Notations
- : suppliant (sender)
- : authenticator (prover)
- : quantum message to be sent
- : number of qubits in the message
- : stabilizer purity testing code, each stabilizer code is identified by index
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle n} : number of qubits used to encode the message with
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle x} : random binary -bit key
- : random syndrome for a specific
Protocol Description
Add Input and Output for each subroutine
- Input: owned by ; , Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle x} , Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle y} shared among Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{S}} and Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{A}}
- Output: Receiver: accepts or aborts
- Encryption and encoding:
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{S}} q-encrypts the -qubit original message as using the classical key Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle x} and a quantum one-time pad. This encryption is given by , where and Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \vec{t}_2} are -bit vectors and given by the random binary key .
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{S}} then encodes according to with syndrome , which results in the Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle n} -qubit state Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \sigma} . This means Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{S}} encodes Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \rho} in qubits using , and then "applies" errors according to the random syndrome.
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{S}} sends to Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{A}} .
- Decoding and decryption:
- receives the Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle n} qubits, whose state is denoted by .
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{A}} measures the syndrome of the code on his qubits in state .
- compares the syndromes and and aborts the process if they are different.
- decodes his -qubit word according to obtaining .
- q-decrypts using the random binary strings obtaining .