Anonymous Transmission: Difference between revisions

Anonymous Transmission (edit)

Revision as of 15:16, 18 April 2019

37 bytes added , 18 April 2019

→‎Properties

Shraddha

Write, autoreview, editor, reviewer

3,125

edits

@@ Line 16: / Line 16: @@
 ==Properties==
 Security of a anonymous transmission protocol is defined in terms of the guessing probability, i.e., the maximum probability that adversaries guess the identity of the sender <math>S</math> or receiver <math>R</math> given all the classical and quantum information they have available at the end of the protocol.
-'''Guessing probability'''
+*'''Guessing probability''' Let <math>\mathcal{A}</math> be a subset of adversaries among <math>N</math> nodes. Let <math>C</math> be the register that contains all classical and quantum side information accessible to the adversaries. Then, the probability of adversaries guessing the sender is given by
-Let <math>\mathcal{A}</math> be a subset of adversaries among $N$ nodes. Let $C$ be the register that contains all classical and quantum side information accessible to the adversaries. Then, the probability of adversaries guessing the sender is given by
+<math> P_{\text{guess}}[S|C, S\notin \mathcal{A}] = \max_{\{M^i\}} \sum_{i \in [N]} P[S=i|S\notin \mathcal{A}] \text{Tr}[M^i \cdot \rho_{C|S=i} ],</math></br>
-<math> P_{\tn{guess}}[S|C, S\notin \mathcal{A}] = \max_{\{M^i\}} \sum_{i \in [N]} P[S=i|S\notin \mathcal{A}] \Tr[M^i \cdot \rho_{C|S=i} ],</math></br>
+where the maximization is taken over the set of POVMs <math>{\{M^i\}}</math> for the adversaries and <math>\rho_{C|S=i}</math> is the state of the adversaries at the end of the protocol, given that node <math>i</math> is the sender
-where the maximization is taken over the set of POVMs <math>{\{M^i\}}</math> for the adversaries and $\rho_{C|S=i}$ is the state of the adversaries at the end of the protocol, given that node <math>i</math> is the sender
+*'''Sender-security''' We say that an anonymous transmission protocol is ''sender-secure'' if, given that the sender is honest, the probability of the adversary guessing the sender is </br>
-*'''Sender-security''' We say that an anonymous transmission protocol is \textit{sender-secure} if, given that the sender is honest, the probability of the adversary guessing the sender is </br>
+<math>P_{\text{guess}}[S|C,S\notin \mathcal{A}] \leq \max_{i\in[N]} P[S=i|S\notin \mathcal{A}].</math></br>
-<math>P_{\tn{guess}}[S|C,S\notin \mathcal{A}] \leq \max_{i\in[N]} P[S=i|S\notin \mathcal{A}].</math></br>
+*'''Receiver-security''' We say that an anonymous transmission protocol is ''receiver-secure'' if, given that the receiver is honest, the probability of the adversary guessing the receiver is:</br>
-*'''Receiver-security''' We say that an anonymous transmission protocol is \textit{receiver-secure} if, given that the receiver is honest, the probability of the adversary guessing the receiver is:</br>
+<math>P_{\text{guess}}[R|C,R\notin \mathcal{A}] \leq \max_{i\in[N]} P[R=i|R\notin \mathcal{A}]</math>
-<math>P_{\tn{guess}}[R|C,R\notin \mathcal{A}] \leq \max_{i\in[N]} P[R=i|R\notin \mathcal{A}]</math>
 ==Further Information==
 The security definition presented here, are proven to be sufficient to guarantee universal composability for standard QKD in (2). For device-independent quantum key distribution, attacks presented in (1) show that security can be compromised if the same devices are used to implement another instance of the protocol.

Anonymous Transmission: Difference between revisions

Anonymous Transmission (edit)

Revision as of 15:16, 18 April 2019

Navigation menu

Search