Lower bounds on the probability of deception in authentication with arbitration

The paper investigates a model for authentication in which not only an outsider, but also the transmitter or the receiver, may cheat. Lower bounds on the probability of success for different types of deception as well as on the parameters of secure authentication codes are derived. The latter bounds are shown to be tight by demonstrating codes in projective space that meet the bounds with equality

Combinatorial Bounds and Characterizations of Splitting Authentication Codes

We present several generalizations of results for splitting authentication codes by studying the aspect of multi-fold security. As the two primary results, we prove a combinatorial lower bound on the number of encoding rules and a combinatorial characterization of optimal splitting authentication codes that are multi-fold secure against spoofing attacks. The characterization is based on a new type of combinatorial designs, which we introduce and for which basic necessary conditions are given regarding their existence.Comment: 13 pages; to appear in "Cryptography and Communications

Information Theoretic Authentication and Secrecy Codes in the Splitting Model

In the splitting model, information theoretic authentication codes allow non-deterministic encoding, that is, several messages can be used to communicate a particular plaintext. Certain applications require that the aspect of secrecy should hold simultaneously. Ogata-Kurosawa-Stinson-Saido (2004) have constructed optimal splitting authentication codes achieving perfect secrecy for the special case when the number of keys equals the number of messages. In this paper, we establish a construction method for optimal splitting authentication codes with perfect secrecy in the more general case when the number of keys may differ from the number of messages. To the best knowledge, this is the first result of this type.Comment: 4 pages (double-column); to appear in Proc. 2012 International Zurich Seminar on Communications (IZS 2012, Zurich

Multiparty Quantum Signature Schemes

Digital signatures are widely used in electronic communications to secure important tasks such as financial transactions, software updates, and legal contracts. The signature schemes that are in use today are based on public-key cryptography and derive their security from computational assumptions. However, it is possible to construct unconditionally secure signature protocols. In particular, using quantum communication, it is possible to construct signature schemes with security based on fundamental principles of quantum mechanics. Several quantum signature protocols have been proposed, but none of them has been explicitly generalized to more than three participants, and their security goals have not been formally defined. Here, we first extend the security definitions of Swanson and Stinson (2011) so that they can apply also to the quantum case, and introduce a formal definition of transferability based on different verification levels. We then prove several properties that multiparty signature protocols with information-theoretic security -- quantum or classical -- must satisfy in order to achieve their security goals. We also express two existing quantum signature protocols with three parties in the security framework we have introduced. Finally, we generalize a quantum signature protocol given in Wallden-Dunjko-Kent-Andersson (2015) to the multiparty case, proving its security against forging, repudiation and non-transferability. Notably, this protocol can be implemented using any point-to-point quantum key distribution network and therefore is ready to be experimentally demonstrated.Comment: 22 pages, 4 figure

Unconditionally Secure Cryptography: Signature Schemes, User-Private Information Retrieval, and the Generalized Russian Cards Problem

We focus on three different types of multi-party cryptographic protocols. The first is in the area of unconditionally secure signature schemes, the goal of which is to provide users the ability to electronically sign documents without the reliance on computational assumptions needed in traditional digital signatures. The second is on cooperative protocols in which users help each other maintain privacy while querying a database, called user-private information retrieval protocols. The third is concerned with the generalized Russian cards problem, in which two card players wish to communicate their hands to each other via public announcements without the third player learning the card deal. The latter two problems have close ties to the field of combinatorial designs, and properly fit within the field of combinatorial cryptography. All of these problems have a common thread, in that they are grounded in the information-theoretically secure or unconditionally secure setting

Practical Quantum Communication

Current communication networks are based on classical physics and classical information-processing. However, for nearly a century, we have known that at its most fundamental level, the universe is governed by the laws of quantum mechanics. With quantum communication, new possibilities arise in our capabilities to transmit and process information which, in many cases, lead to advantages compared to what is classically possible. The entire scope of tasks for which quantum communication can offer improvements has not yet been fully explored, but several quantum protocols are known that can either perform tasks which are impossible with classical resources or can outperform classical protocols. These quantum protocols are well understood from a theoretical point of view, but many of them have never been demonstrated in practice. Thus, in the context of quantum communication, there is a significant gap between theory and experiment that must be removed in order to harness the advantages provided by quantum mechanics in a practical setting. In this thesis, we develop a series of tools for developing and testing practical quantum communication protocols. Our main technique is a theoretical reformulation of existing quantum communication protocols that converts them into a form in which they can be demonstrated with existing experimental techniques. More precisely, they can be implemented using only coherent states of light and linear optics circuits while still retaining the crucial properties of the original abstract protocols. We use this result to construct practical protocols for the Hidden Matching problem and quantum fingerprinting. In the case of quantum fingerprinting, we make a thorough analysis of the role played by experimental errors and show that our practical protocol can still be implemented in the presence of these imperfections. In fact, we report a proof of concept experimental demonstration of a quantum fingerprinting system that is capable of transmitting less information than the best known classical protocol for this problem. Our implementation is based on a modified version of a commercial quantum key distribution system using off-the-shelf optical components over telecom wavelengths, and is practical for messages as large as 100 Mbits, even in the presence of experimental imperfections. Similarly, in the context of cryptography, we propose a multiparty quantum signature protocol that can be implemented from any point-to-point quantum key distribution network, proving its security against forging, repudiation and non-transferability. Crucially, since quantum key distribution is already a practical technology, so is this protocol. However, unlike other tasks in quantum communication, there has not been significant theoretical work on establishing a security model for quantum signature schemes. Consequently, we also constructed a security framework for these schemes and proved several properties that these protocols must satisfy in order to achieve their security goals. Finally, in addition to proposing new practical protocols, we provide a reliable data analysis technique to verify an important property of many quantum communication protocols: the presence of entanglement. Our technique is based on entanglement witnesses and it does not require the specification of a prior distribution nor the assumption of independent measurements. The technique is suitable to be used with nonlinear entanglement witnesses, which we show can be constructed from any linear witness and evaluated from the same experimental data. We also develop numerical tools necessary to employ this approach in practice, rendering the procedure ready to be applied to current experiments. We demonstrate this by analyzing the data of a photonic experiment generating two-photon states whose entanglement is verified with the use of an accessible nonlinear witness