Optimal attacks on qubit-based Quantum Key Recycling

Leermakers, Daan; Škorić, Boris

doi:10.1007/s11128-018-1819-8

Cited by 2 publications

(11 citation statements)

References 23 publications

(85 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…, where h is the binary entropy function. Both these results are more favourable than what one would expect based on the min-entropy analysis in [9] and straightforward generalisations of [1] to the noisy case.…”

Section: Contributions and Outlinementioning

confidence: 71%

“…In 2017 Fehr and Salvail [1] introduced a qubit-based QKR scheme (similar to [5]) that does not need a quantum computer, and they were able to prove its security in the regime of extremely low noise.Škorić and de Vries [2] proposed a variant with 8-state encoding, which drastically reduces the need for privacy amplification and tolerates higher noise levels, but the security was not proven. Attacks on the qubit-based QKR schemes of [1,2] were studied in [9], but that did not yield a security proof.…”

Section: Quantum Key Recyclingmentioning

confidence: 99%

“…For 6-state and 4-state (BB84) encoding there is a severe leakage of the qubit payload if Eve intercepts the whole cipherstate. From [2] and [9] it would seem that this leakage necessarily implies low QKR rate. However, in our protocol the leak is masked by the secret key that is used for privacy amplification.…”

Section: Contributions and Outlinementioning

confidence: 99%

“…Attacks on QKR were studied in some detail in [9]. They formulated an EPR version of qubit-based QKR protocol.…”

Section: Eve's Ancilla Statementioning

confidence: 99%

“…(In the noiseless case we have y =x because of the anti-correlation in the singlet state.) One of the results of [9] is an expression for Eve's mixed ancilla state when v, x, y are fixed,…”

Section: Eve's Ancilla Statementioning

confidence: 99%

See 4 more Smart Citations

Security proof for quantum key recycling with noise

Leermakers¹,

Škorić²

2019

qIC

Self Cite

View full text Add to dashboard Cite

Quantum Key Recycling aims to re-use the keys employed in quantum encryption and quantum authentication schemes. QKR protocols can achieve better round complexity than Quantum Key Distribution. We consider a QKR protocol that works with qubits, as opposed to high-dimensional qudits. A security proof was given by Fehr and Salvail in the case where there is practically no noise. A high-rate scheme for the noisy case was proposed by \v{S}kori\'{c} and de Vries, based on eight-state encoding. However, a security proof was not given. In this paper we introduce a protocol modification and provide a security proof. The modified protocol has high rate not only for 8-state encoding, but also 6-state and BB84 encoding. Our proof is based on a bound on the trace distance between the real quantum state of the system and a state in which the keys are completely secure. It turns out that the rate is higher than suggested by previous results. Asymptotically the rate equals the rate of Quantum Key Distribution with one-way postprocessing.

show abstract

Section: Contributions and Outlinementioning

confidence: 71%

Section: Quantum Key Recyclingmentioning

confidence: 99%

Section: Contributions and Outlinementioning

confidence: 99%

“…Attacks on QKR were studied in some detail in [9]. They formulated an EPR version of qubit-based QKR protocol.…”

Section: Eve's Ancilla Statementioning

confidence: 99%

“…(In the noiseless case we have y =x because of the anti-correlation in the singlet state.) One of the results of [9] is an expression for Eve's mixed ancilla state when v, x, y are fixed,…”

Section: Eve's Ancilla Statementioning

confidence: 99%

See 3 more Smart Citations

Security proof for quantum key recycling with noise

Leermakers¹,

Škorić²

2019

qIC

Self Cite

View full text Add to dashboard Cite

show abstract

Quantum Alice and Silent Bob: Qubit-based Quantum Key Recycling with almost no classical communication

Leermakers¹,

Škorić²

2020

Preprint

Self Cite

View full text Add to dashboard Cite

We answer an open question about Quantum Key Recycling (QKR): Is it possible to put the message entirely in the qubits without increasing the number of qubits? We show that this is indeed possible. We introduce a prepare-and-measure QKR protocol where the communication from Alice to Bob consists entirely of qubits. As usual, Bob responds with an authenticated one-bit accept/reject classical message. 1 Compared to Quantum Key Distribution (QKD), QKR has reduced round complexity. Compared to previous qubit-wise QKR protocols, our scheme has far less classical communication. We provide a security proof in the universal composability framework and find that the communication rate is asymptotically the same as for QKD with one-way postprocessing. Introduction 1.Quantum Key RecyclingQKR achieves information-theoretically secure communication in such a way that no key material is used up as long as the quantum channel is undisturbed. Compared to QKD followed by classical one-time-pad message encryption, QKR's main advantage is reduced round complexity: QKR needs only one message from Alice to Bob, and one authenticated bit from Bob to Alice. QKD needs at least two messages from Alice to Bob. Furthermore, a minor advantage is that QKR does not discard any qubits, whereas QKD does. A prepare-and-measure QKR scheme based on qubits was proposed already in 1982 [1]. Then QKR received little attention for a long time. A security proof 2 for qubit-based 3 QKR was given only in 2017 by Fehr and Salvail [4]. In [5] it was shown (for a scheme similar to [4]) that the communication rate in case of a noisy quantum channel is asymptotically the same as for QKD with one-way postprocessing. Related work; putting the message in the quantum statesDifferent from the classical setting, in the quantum cryptographic setting authentication implies encryption [6]. Portmann [7] showed that quantum authentication is possible with re-use of all the encryption keys, but states as an open problem to find a prepare-and-measure QKR scheme for classical messages. All currently existing qubit-wise prepare-and-measure QKR schemes encode random bits rather than the message into the quantum state, and then extract a classical One-Time Pad (OTP) from these random bits. Alice sends a classical ciphertext (the message xor'ed with the OTP) along with the quantum states. In 2003 Gottesman [8] proposed a scheme called 'Unclonable Encryption' which encodes a message directly into qubit states. Although some of the keys in his schemes can be re-used, still n key bits are discarded when sending an n-bit message. The high-dimensional QKR of Damgård, Pedersen

show abstract

Optimal attacks on qubit-based Quantum Key Recycling

Cited by 2 publications

References 23 publications

Security proof for quantum key recycling with noise

Security proof for quantum key recycling with noise

Quantum Alice and Silent Bob: Qubit-based Quantum Key Recycling with almost no classical communication

Contact Info

Product

Resources

About