Editing Anonymous Conference Key Agreement using GHZ states

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 2: Line 2:


<!-- Intro: brief description of the protocol -->
<!-- Intro: brief description of the protocol -->
This [https://arxiv.org/abs/2007.07995 example protocol] achieves the functionality of quantum conference key agreement. This protocol allows multiple parties in a quantum network to establish a shared secret key anonymously.
This [https://arxiv.org/abs/2007.07995 example protocol] achieves the functionality of quantum conference key agreement anonymously. This protocol allows multiple parties in a quantum network to establish a shared secret key anonymously.


<!--Tags: related pages or category -->
<!--Tags: related pages or category -->
'''Tags:''' [[:Category: Multi Party Protocols|Multi Party Protocols]], [[:Category: Quantum Enhanced Classical Functionality|Quantum Enhanced Classical Functionality]], [[:Category: Specific Task|Specific Task]]


==Requirements==
==Assumptions==
<!-- It describes the setting in which the protocol will be successful. -->
<!-- It describes the setting in which the protocol will be successful. -->
We require the following resources for this protocol:
 
# A source of n-party GHZ states
# Private randomness sources
# A randomness source that is not associated with any party
# A classical broadcasting channel
# Pairwise private communication channels


==Outline==
==Outline==
Line 26: Line 20:
==Notation==
==Notation==
<!--  Connects the non-mathematical outline with further sections. -->
<!--  Connects the non-mathematical outline with further sections. -->
*<math>n</math>: Total number of nodes in the network
*<math>m</math>: Number of receiving nodes
*<math>L</math>: Number of GHZ states used
*<math>D</math>: Security parameter; expected number of GHZ states used to establish one bit of key


*<math>k</math>-partite GHZ state: <math>\frac{1}{\sqrt{2}}(|0\rangle^{\otimes k} + |1\rangle^{\otimes k})</math>
<!-- ==Knowledge Graph== -->
<!-- ==Knowledge Graph== -->
<!-- Add this part if the protocol is already in the graph -->
<!-- Add this part if the protocol is already in the graph -->
Line 58: Line 44:


===Protocol 2: Notification===
===Protocol 2: Notification===
''Input: '' Sender's choice of <math>m</math> receivers
''Goal: '' The <math>m</math> receivers get notified
''Requirements: '' Private pairwise classical communication channels and randomness sources
For agent <math>i = 1,...,n</math>:
# All agents <math>j \in \{1,...,n\}</math> do the following:
#* '''When agent <math>j</math> is the sender''': If <math>i</math> is not a receiver, the sender chooses <math>n</math> random bits <math>\{r_{j,k}^i\}_{k = 1}^n</math> such that <math>\bigoplus_{k=1}^n r_{j,k}^i = 0</math>. Otherwise, if <math>i</math> is a receiver, the sender chooses <math>n</math> random bits such that <math>\bigoplus_{k=1}^n r_{j,k}^i = 1</math>. The sender sends bit <math>r_{j,k}^i</math> to agent <math>k</math>
#* '''When agent <math>j</math> is not the sender''':  The agent chooses <math>n</math> random bits <math>\{r_{j,k}^i\}_{k = 1}^n</math> such that <math>\bigoplus_{k=1}^n r_{j,k}^i = 0</math> and sends bit <math>r_{j,k}^i</math> to agent <math>k</math>
# All agents <math>k \in \{1,...,n\}</math> receive <math>\{r_{j,k}^i\}_{j = 1}^n</math>, and compute <math>z_k^i = \bigoplus_{j=1}^n r_{j,k}^i</math> and send it to agent <math>i</math>
# Agent <math>i</math> takes the received <math>\{z_k^i\}_{k=1}^n</math> to compute <math>z^i = \bigoplus_{k=1}^nz_k^i</math>. If <math>z^i = 1</math>, they are thereby notified to be a designated receiver.
===Protocol 3: Anonymous Multiparty Entanglement===
===Protocol 3: Anonymous Multiparty Entanglement===
''Input: '' <math>n</math>-partite GHZ state <math>\frac{1}{\sqrt{2}}(|0\rangle^{\otimes n} + |1\rangle^{\otimes n})</math>
''Output: '' <math>(m+1)</math>-partite GHZ state <math>\frac{1}{\sqrt{2}}(|0\rangle^{\otimes (m+1)} + |1\rangle^{\otimes (m+1)})</math> shared between the sender and receivers
''Requirements: '' A broadcast channel; private randomness sources
# Sender and receivers draw a random bit each. Everyone else measures their qubits in the X-basis, yielding a measurement outcome bit <math>x_i</math>
# All parties broadcast their bits in a random order, or if possible, simultaneously.
# The sender applies a Z gate to their qubit if the parity of the non-participating parties' bits is odd.


===Protocol 4: Verification===
===Protocol 4: Verification===
''Input: '' A verifier V; a shared state between <math>k</math> parties
''Goal: '' Verification or rejection of the shared state as the GHZ<math>_k</math> state by V
''Requirements: '' Private randomness sources; a classical broadcasting channel
# Everyone but V draws a random bit <math>b_i</math> and measures in the X or Y basis if their bit equals 0 or 1 respectively, obtaining a measurement outcome <math>m_i</math>. V chooses both bits at random
# Everyone (including V) broadcasts <math>(b_i,m_i)</math>
# V resets her bit such that <math>\sum_ib_i = 0 (</math>mod <math>2)</math>. She measures in the X or Y basis if her bit equals 0 or 1 respectively, thereby also resetting her <math>m_i = m_v</math>
# V accepts the state if and only if <math>\sum_im_i = \frac{1}{2}\sum_ib_i (</math>mod <math>2)</math>


==Properties==
==Properties==
<!-- important information on the protocol: parameters (threshold values), security claim, success probability... -->
<!-- important information on the protocol: parameters (threshold values), security claim, success probability... -->
* Protocol 1 has an asymptotic key rate of <math>\frac{L}{D}</math>
 
* This protocol satisfies the following notions of anonymity:
==Further Information==
** '''Sender Anonymity''': A protocol allows a sender to remain anonymous sending a message to <math>m</math> receivers, if an adversary who corrupts <math>t \leq n-2 </math> players, cannot guess the identity of the sender with probability higher than <math> \frac{1}{n-t}</math>
<!-- theoretical and experimental papers including requirements, security proof (important), which protocol does it implement, benchmark values... -->
** '''Receiver Anonymity''': A protocol allows a receiver to remain anonymous receiving a message, if an adversary who corrupts <math>t \leq n-2 </math> players, cannot guess the identity of the receiver with probability higher than <math> \frac{1}{n-t}</math>
* Error correction and privacy amplification must be carried out anonymously and are not considered in the analysis of this protocol.


==References==
==References==
* The protocols and their security analysis, along with an experimental implementation for <math>n = 4</math> can be found in [https://arxiv.org/abs/2007.07995 Hahn et al.(2020)]
<div style='text-align: right;'>''*contributed by Chirag Wadhwa''</div>
Please note that all contributions to Quantum Protocol Zoo may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see Quantum Protocol Zoo:Copyrights for details). Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following CAPTCHA:

Cancel Editing help (opens in new window)
Retrieved from "https://wiki.veriqloud.fr/index.php?title=Anonymous_Conference_Key_Agreement_using_GHZ_states"