Editing Authentication of Quantum Messages
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 13: | Line 13: | ||
*[[Clifford Code for Quantum Authentication]] | *[[Clifford Code for Quantum Authentication]] | ||
*[[Trap Code for Quantum Authentication]] | *[[Trap Code for Quantum Authentication]] | ||
'''Interactive Protocols:''' | '''Interactive Protocols:''' | ||
*[[Naive approach using Quantum Teleportation]] | *[[Naive approach using Quantum Teleportation]] | ||
Line 20: | Line 18: | ||
==Properties== | ==Properties== | ||
*Any scheme, which authenticates quantum messages must also encrypt them [[Authentication of Quantum Messages#References|(1)]]. This is inherently different to the classical scenario, where encryption and authentication are two independent procedures. | *Any scheme, which authenticates quantum messages must also encrypt them [[Authentication of Quantum Messages#References|(1)]]. This is inherently different to the classical scenario, where encryption and authentication are two independent procedures. | ||
*'''Definition: Quantum Authentication Scheme (QAS)''' <br/>A quantum authentication scheme (QAS) consists of a suppliant <math>\mathcal{S}</math>, an authenticator <math>\mathcal{A}</math> and a set of classical private keys <math>K</math>. <math>\mathcal{S}</math> and <math>\mathcal{A}</math> are each polynomial time quantum algorithms. The following is fullfilled: | *'''Definition: Quantum Authentication Scheme (QAS)''' <br/>A quantum authentication scheme (QAS) consists of a suppliant <math>\mathcal{S}</math>, an authenticator <math>\mathcal{A}</math> and a set of classical private keys <math>K</math>. <math>\mathcal{S}</math> and <math>\mathcal{A}</math> are each polynomial time quantum algorithms. The following is fullfilled: | ||
# <math>\mathcal{S}</math> takes as input a <math>m</math>-qubit message system <math>M</math> and a key <math>k\in K</math> and outputs a transmitted system <math>T</math> of <math>m + t</math> qubits. | # <math>\mathcal{S}</math> takes as input a <math>m</math>-qubit message system <math>M</math> and a key <math>k\in K</math> and outputs a transmitted system <math>T</math> of <math>m + t</math> qubits. | ||
# <math>\mathcal{A}</math> takes as input the (possibly altered) transmitted system <math>T^\prime</math> and a classical key <math>k\in K</math> and outputs two systems: a <math>m</math>-qubit message state <math>M</math>, and a single qubit <math>V</math> which indicates acceptance or rejection. The classical basis states of <math>V</math> are called <math>|\mathrm{ACC}\rangle, |\mathrm{REJ}\rangle</math> by convention. </br>For any fixed key <math>k</math>, we denote the corresponding super-operators by <math>S_k</math> and <math>A_k</math>. | # <math>\mathcal{A}</math> takes as input the (possibly altered) transmitted system <math>T^\prime</math> and a classical key <math>k\in K</math> and outputs two systems: a <math>m</math>-qubit message state <math>M</math>, and a single qubit <math>V</math> which indicates acceptance or rejection. The classical basis states of <math>V</math> are called <math>|\mathrm{ACC}\rangle, |\mathrm{REJ}\rangle</math> by convention. </br>For any fixed key <math>k</math>, we denote the corresponding super-operators by <math>S_k</math> and <math>A_k</math>. | ||
*'''Definition: Security of a QAS''' <br/>For non-interactive protocols, a QAS is secure with error <math>\epsilon</math> if it is complete for all states <math>|\psi\rangle</math> and has a soundness error <math>\epsilon</math> for all states <math>|\psi\rangle</math>. These two conditions are met if: | *'''Definition: Security of a QAS''' <br/>For non-interactive protocols, a QAS is secure with error <math>\epsilon</math> if it is complete for all states <math>|\psi\rangle</math> and has a soundness error <math>\epsilon</math> for all states <math>|\psi\rangle</math>. These two conditions are met if: | ||
#''Completeness:'' A QAS is complete for a specific quantum state <math>|\psi\rangle</math> if <math>\forall k\in K: A_k(S_k(|\psi\rangle \langle\psi|)=|\psi\rangle \langle\psi| \otimes |\mathrm{ACC}\rangle \langle \mathrm{ACC}|.</math> <br/>This means if no adversary has acted on the encoded quantum message <math>|\psi\rangle</math>, the quantum information received by <math>\mathcal{A}</math> is the same initially sent by <math>\mathcal{S}</math> and the single qubit <math>V</math> is in state <math>|\mathrm{ACC}\rangle \langle \mathrm{ACC}|</math>. To this end, we assume that the channel between <math>\mathcal{S}</math> and <math>\mathcal{A}</math> is noiseless if no adversary intervention appeared. | #''Completeness:'' A QAS is complete for a specific quantum state <math>|\psi\rangle</math> if <math>\forall k\in K: A_k(S_k(|\psi\rangle \langle\psi|)=|\psi\rangle \langle\psi| \otimes |\mathrm{ACC}\rangle \langle \mathrm{ACC}|.</math> <br/>This means if no adversary has acted on the encoded quantum message <math>|\psi\rangle</math>, the quantum information received by <math>\mathcal{A}</math> is the same initially sent by <math>\mathcal{S}</math> and the single qubit <math>V</math> is in state <math>|\mathrm{ACC}\rangle \langle \mathrm{ACC}|</math>. To this end, we assume that the channel between <math>\mathcal{S}</math> and <math>\mathcal{A}</math> is noiseless if no adversary intervention appeared. | ||
Line 30: | Line 26: | ||
==Further Information== | ==Further Information== | ||
#[https://arxiv.org/pdf/quant-ph/0205128.pdf| Barnum et al. (2002).] First protocol on authentication of quantum messages. It is also used later for verification of quantum computation in [[Interactive Proofs for Quantum Computation]]. Protocol file for this article is given as the [[Polynomial Code based Quantum Authentication]] | #[https://arxiv.org/pdf/quant-ph/0205128.pdf| Barnum et al. (2002).] First protocol on authentication of quantum messages. It is also used later for verification of quantum computation in [[Interactive Proofs for Quantum Computation]]. Protocol file for this article is given as the [[Polynomial Code based Quantum Authentication]] | ||
<div style='text-align: right;'>''contributed by Shraddha Singh and Isabel Nha Minh Le''</div> | |||
<div style='text-align: right;'>'' | |||