Polynomial Code based Quantum Authentication
The paper Authentication of Quantum Messages by Barnum et al. provides a non-interactive scheme for the sender to encrypt as well as authenticate quantum messages. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) as it is and, has not been tampered with or modified by the dishonest party (eavesdropper).
Tags: Two Party Protocol, Quantum Functionality, Specific Task, Building Block
Assumptions
- The sender and the receiver share a private, classical random key drawn from a probability distribution
Notations
- : suppliant (sender)
- : authenticator (prover)
- : quantum message to be sent
- : number of qubits in the message
- : stabilizer purity testing code, each stabilizer code is identified by index
- : number of qubits used to encode the message with
- : random binary -bit key
- : security parameter
Properties
- For a -qubit message, the protocol requires qubits to encode the quantum message.
- The protocol requires a private key of size .
Protocol Description
- Preprocessing: and agree on some stabilizer purity testing code and some private and random binary strings .
- is used to choose a random stabilizer code
- is a -bit random key used for q-encryption
- is a random syndrome
- Encryption and encoding:
- q-encrypts the -qubit original message as using the classical key and a quantum one-time pad. This encryption is given by , where and are -bit vectors and given by the random binary key .
- then encodes according to with syndrome , which results in the -qubit state . This means encodes in qubits using , and then "applies" errors according to the random syndrome.
- sends to .
- Decoding and decryption:
- receives the qubits, whose state is denoted by .
- measures the syndrome of the code on his qubits in state .
- compares the syndromes and and aborts the process if they are different.
- decodes his -qubit word according to obtaining .
- q-decrypts using the random binary strings obtaining .
Further Information
References
contributed by Shraddha Singh and Isabel Nha Minh Le