Polynomial Code based Quantum Authentication: Difference between revisions

Revision as of 19:24, 8 December 2021

The paper Authentication of Quantum Messages by Barnum et al. provides a non-interactive scheme for the sender to encrypt as well as authenticate quantum messages. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) as it is and, has not been tampered with or modified by the dishonest party (eavesdropper).

Tags: Two Party Protocol, Quantum Functionality, Specific Task, Building Block

Assumptions

The sender and the receiver share a private, classical random key drawn from a probability distribution

Notations

${\mathcal {S}}$ : suppliant (sender)
${\mathcal {A}}$ : authenticator (prover)
$\rho$ : quantum message to be sent
$m$ : number of qubits in the message $\rho$
$\{Q_{k}\}$ : stabilizer purity testing code, each stabilizer code is identified by index $k$
$n$ : number of qubits used to encode the message with $\{Q_{k}\}$
$x$ : random binary $2m$ -bit key
$s$ : security parameter

Properties

For a $m$ -qubit message, the protocol requires $m+s$ qubits to encode the quantum message.
The protocol requires a private key of size $2m+O(s)$ .

Protocol Description

Preprocessing: ${\mathcal {S}}$ ${\mathcal {S}}$ and ${\mathcal {A}}$ ${\mathcal {A}}$ agree on some stabilizer purity testing code $\{Q_{k}\}$ $\{Q_{k}\}$ and some private and random binary strings $k,x,y$ $k,x,y$ .
- Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle k} is used to choose a random stabilizer code Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle Q_k}
- $x$ is a Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle 2m} -bit random key used for q-encryption
- $y$ is a random syndrome
Encryption and encoding:

${\mathcal {S}}$ q-encrypts the $m$ -qubit original message $\rho$ as $\tau$ using the classical key $x$ and a quantum one-time pad. This encryption is given by $\tau =\sigma _{x}^{{\vec {t}}_{1}}\sigma _{z}^{{\vec {t}}_{2}}\rho \sigma _{z}^{{\vec {1}}_{1}}\sigma _{x}^{{\vec {t}}_{1}}$ , where ${\vec {t}}_{1}$ and Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \vec{t}_2} are $m$ -bit vectors and given by the random binary key $x$ .
${\mathcal {S}}$ then encodes $\tau$ according to $Q_{k}$ with syndrome $y$ , which results in the $n$ -qubit state $\sigma$ . This means Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{S}} encodes $\rho$ in $n$ qubits using $Q_{k}$ , and then "applies" errors according to the random syndrome.
${\mathcal {S}}$ sends $\sigma$ to ${\mathcal {A}}$ .

Decoding and decryption:

Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \mathcal{A}} receives the $n$ qubits, whose state is denoted by $\sigma ^{\prime }$ .
${\mathcal {A}}$ measures the syndrome $y^{\prime }$ of the code $Q_{k}$ on his $n$ qubits in state $\sigma ^{\prime }$ .
${\mathcal {A}}$ compares the syndromes $y$ and $y^{\prime }$ and aborts the process if they are different.
${\mathcal {A}}$ decodes his $n$ -qubit word according to $Q_{k}$ obtaining $\tau ^{\prime }$ .
${\mathcal {A}}$ q-decrypts $\tau ^{\prime }$ using the random binary strings $x$ obtaining $\rho ^{\prime }$ .

Further Information

References

Barnum et al. (2002).

contributed by Shraddha Singh and Isabel Nha Minh Le

@@ Line 1: / Line 1: @@
-The [https://arxiv.org/pdf/quant-ph/0205128.pdf example protocol] provides a non-interactive scheme for the sender to encrypt as well as [[Authentication of Quantum Messages|authenticate quantum messages]]. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) as it is and, has not been tampered with or modified by the dishonest party (eavesdropper).
+The paper [https://arxiv.org/pdf/quant-ph/0205128.pdf Authentication of Quantum Messages by Barnum et al.] provides a non-interactive scheme for the sender to encrypt as well as [[Authentication of Quantum Messages|authenticate quantum messages]]. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) as it is and, has not been tampered with or modified by the dishonest party (eavesdropper).
 '''Tags:''' [[:Category:Two Party Protocols|Two Party Protocol]][[Category:Two Party Protocols]], [[:Category:Quantum Functionality|Quantum Functionality]][[Category:Quantum Functionality]], [[:Category:Specific Task|Specific Task]][[Category:Specific Task]], [[:Category:Building Blocks|Building Block]][[Category:Building Blocks]]
 ==Assumptions==
-*The sender and the receiver share a private (known to only the two of them), classical random key drawn from a probability distribution.
+*The sender and the receiver share a private, classical random key drawn from a probability distribution
-==Outline==
 ==Notations==
+*<math>\mathcal{S}</math>: suppliant (sender)
+*<math>\mathcal{A}</math>: authenticator (prover)
+*<math>\rho</math>: quantum message to be sent
+*<math>m</math>: number of qubits in the message <math>\rho</math>
+*<math>\{Q_k\}</math>: [[Stabilizer Purity Testing Code | stabilizer purity testing code]], each stabilizer code is identified by index <math>k</math>
+*<math>n</math>: number of qubits used to encode the message with <math>\{Q_k\}</math>
+*<math>x</math>: random binary <math>2m</math>-bit key
 *<math>s</math>: security parameter
-*<math>m</math>: number of qubits in the message.
 ==Properties==
-*For an <math>m</math> qubit message, the protocol requires <math>m+s</math> qubits encoded state, and a private key of <math>2m+O(s)</math>.
+*For a <math>m</math>-qubit message, the protocol requires <math>m+s</math> qubits to encode the quantum message.
+*The protocol requires a private key of size <math>2m+O(s)</math>.
 ==Protocol Description==
+*'''''Preprocessing:''''' <math>\mathcal{S}</math> and <math>\mathcal{A}</math> agree on some [[Stabilizer Purity Testing Code | stabilizer purity testing code]] <math>\{Q_k\}</math> and some private and random binary strings <math>k, x, y</math>.
+**<math>k</math> is used to choose a random stabilizer code <math>Q_k</math>
+**<math>x</math> is a <math>2m</math>-bit random key used for q-encryption
+**<math>y</math> is a random syndrome
+*'''''Encryption and encoding:'''''
+#<math>\mathcal{S}</math> q-encrypts the <math>m</math>-qubit original message <math>\rho</math> as <math>\tau</math> using the classical key <math>x</math> and a [[Quantum One-Time Pad | quantum one-time pad]]. This encryption is given by <math>\tau = \sigma_x^{\vec{t}_1}\sigma_z^{\vec{t}_2}\rho\sigma_z^{\vec{1}_1}\sigma_x^{\vec{t}_1}</math>, where <math>\vec{t}_1</math> and <math>\vec{t}_2</math> are <math>m</math>-bit vectors and given by the random binary key <math>x</math>.
+#<math>\mathcal{S}</math> then encodes <math>\tau</math> according to <math>Q_k</math> with syndrome <math>y</math>, which results in the <math>n</math>-qubit state <math>\sigma</math>. This means <math>\mathcal{S}</math> encodes <math>\rho</math> in <math>n</math> qubits using <math>Q_k</math>, and then "applies" errors according to the random syndrome.
+#<math>\mathcal{S}</math> sends <math>\sigma</math> to <math>\mathcal{A}</math>.
+*'''''Decoding and decryption:'''''
+#<math>\mathcal{A}</math> receives the <math>n</math> qubits, whose state is denoted by <math>\sigma^\prime</math>.
+#<math>\mathcal{A}</math> measures the syndrome <math>y^\prime</math> of the code <math>Q_k</math> on his <math>n</math> qubits in state <math>\sigma^\prime</math>.
+#<math>\mathcal{A}</math> compares the syndromes <math>y</math> and <math>y^\prime</math> and aborts the process if they are different.
+#<math>\mathcal{A}</math> decodes his <math>n</math>-qubit word according to <math>Q_k</math> obtaining <math>\tau^\prime</math>.
+#<math>\mathcal{A}</math> q-decrypts <math>\tau^\prime</math> using the random binary strings <math>x</math> obtaining <math>\rho^\prime</math>.
 ==Further Information==
 ==References==
-<div style='text-align: right;'>''contributed by Shraddha Singh''</div>
+#[https://arxiv.org/pdf/quant-ph/0205128.pdf| Barnum et al. (2002).]
+<div style='text-align: right;'>''contributed by Shraddha Singh and Isabel Nha Minh Le''</div>

Polynomial Code based Quantum Authentication: Difference between revisions

Revision as of 19:24, 8 December 2021

Contents

Assumptions

Notations

Properties

Protocol Description

Further Information

References

Navigation menu

Polynomial Code based Quantum Authentication: Difference between revisions

Revision as of 19:24, 8 December 2021

Assumptions

Notations

Properties

Protocol Description

Further Information

References

Navigation menu

Search