Quantum Conference Key Agreement: Difference between revisions

Jump to navigation Jump to search

Quantum Conference Key Agreement (edit)

Revision as of 20:08, 19 January 2022

631 bytes added ,  19 January 2022
Added Protocols section
(Created functionality page for CKA)
 
(Added Protocols section)
 
Line 13: Line 13:
An ideal CKA protocol, with <math>N</math> users, Alice, Bob<math>_1</math>, Bob<math>_2</math>, ..., Bob<math>_{N-1}</math> should have the following properties:
An ideal CKA protocol, with <math>N</math> users, Alice, Bob<math>_1</math>, Bob<math>_2</math>, ..., Bob<math>_{N-1}</math> should have the following properties:


* '''Correctness:''' A CKA protocol is <math>\epsilon_{corr}</math>-correct if:
* '''Correctness:''' A CKA protocol is said to be ''correct'' if all parties receive the same key at the end of the protocol with high probability.
*: <math>p(K_A = K_{B_1} =  ... = K_{B_{N-1}}) \geq 1 - \epsilon_{corr}</math>
: Formally, a CKA protocol is <math>\epsilon_{corr}</math>-correct if:  
:: <math>p(K_A = K_{B_1} =  ... = K_{B_{N-1}}) \geq 1 - \epsilon_{corr}</math>
: where <math>K_A, K_{B_i}</math> are the final keys held by Alice and Bob<math>_i</math>, and <math>p(K_A = K_{B_1} =  ... = K_{B_{N-1}})</math> is the probability that all final keys are identical.
: where <math>K_A, K_{B_i}</math> are the final keys held by Alice and Bob<math>_i</math>, and <math>p(K_A = K_{B_1} =  ... = K_{B_{N-1}})</math> is the probability that all final keys are identical.
* '''Secrecy:''' A CKA protocol is <math>\epsilon_{sec}</math>-secret if, for <math>\Omega</math> being the event that the protocol does not abort,
* '''Secrecy:''' A CKA protocol is said to be ''secret'' if an eavesdropper Eve cannot differentiate between the key established and a random bitstring.
*: <math>p(\Omega)\frac{1}{2}||\rho_{K_AE|\Omega} - \tau_{K_A}\otimes\rho_{E|\Omega}|| \leq \epsilon_{sec}</math>,
: Formally, a CKA protocol is <math>\epsilon_{sec}</math>-secret if, for <math>\Omega</math> being the event that the protocol does not abort,
:: <math>p(\Omega)\frac{1}{2}||\rho_{K_AE|\Omega} - \tau_{K_A}\otimes\rho_{E|\Omega}|| \leq \epsilon_{sec}</math>,
: where <math>p(\Omega)</math> is the probability of the event <math>\Omega</math>, <math>\rho_{K_AE|\Omega}</math> is the state shared by Alice and Eve at the end of the protocol given the event <math>\Omega</math>, <math>\tau_{K_A} = \frac{1}{|S|}\sum_{s_i \in S} |s_i\rangle \langle s_i|</math> is the maximally mixed state over all possible values that the key <math>K_A</math> can assume, and <math>S = \{0,1\}^{\times l}</math> where <math>l</math> is the length of the key <math>K_A</math>.
: where <math>p(\Omega)</math> is the probability of the event <math>\Omega</math>, <math>\rho_{K_AE|\Omega}</math> is the state shared by Alice and Eve at the end of the protocol given the event <math>\Omega</math>, <math>\tau_{K_A} = \frac{1}{|S|}\sum_{s_i \in S} |s_i\rangle \langle s_i|</math> is the maximally mixed state over all possible values that the key <math>K_A</math> can assume, and <math>S = \{0,1\}^{\times l}</math> where <math>l</math> is the length of the key <math>K_A</math>.
* '''Completeness:''' A quantum CKA protocol is <math>\epsilon_c</math>-complete if there exists an honest implementation of the protocols, such that the probability of not aborting is greater than <math>1-\epsilon_c</math>.
* '''Completeness:''' A quantum CKA protocol is <math>\epsilon_c</math>-complete if there exists an honest implementation of the protocols, such that the probability of not aborting is greater than <math>1-\epsilon_c</math>.
Line 27: Line 29:
* '''Privacy amplification:''' Alice randomly picks a hash function, chosen among a two-universal family of hash functions, and communicates it to the Bobs. Every party applies the hash function to turn her/his partially secure string of <math>n_{raw}</math> bits into a secure key of <math> l < n_{raw}</math> bits.
* '''Privacy amplification:''' Alice randomly picks a hash function, chosen among a two-universal family of hash functions, and communicates it to the Bobs. Every party applies the hash function to turn her/his partially secure string of <math>n_{raw}</math> bits into a secure key of <math> l < n_{raw}</math> bits.


==Protocols==
* [[Prepare-and-measure Conference Key Agreement]]
* [[Anonymous Conference Key Agreement using GHZ states]]
* [[W-State based Conference Key Agreement]]
* [[Continuous Variable Conference Key Agreement]]
* [[Device Independent Conference Key Agreement]]
<!--==Further Information== -->
<!--==Further Information== -->
<!-- Any issue that could not be addressed or find a place in the above sections or any review paper discussing a feature of various types of protocols related to the functionality. -->
<!-- Any issue that could not be addressed or find a place in the above sections or any review paper discussing a feature of various types of protocols related to the functionality. -->
==References==
==References==
* [https://arxiv.org/abs/2003.10186 Murta et al.(2020)] discusses the properties of the functionality and provides various example protocols
* [https://arxiv.org/abs/2003.10186 Murta et al.(2020)] discusses the properties of the functionality and provides various example protocols
<div style='text-align: right;'>''*contributed by Chirag Wadhwa''</div>
Chirag
Write
33

edits

Retrieved from "https://wiki.veriqloud.fr/index.php?title=Special:MobileDiff/4434"

Navigation menu