730 research outputs found
How to reuse a one-time pad and other notes on authentication, encryption and protection of quantum information
Quantum information is a valuable resource which can be encrypted in order to
protect it. We consider the size of the one-time pad that is needed to protect
quantum information in a number of cases. The situation is dramatically
different from the classical case: we prove that one can recycle the one-time
pad without compromising security. The protocol for recycling relies on
detecting whether eavesdropping has occurred, and further relies on the fact
that information contained in the encrypted quantum state cannot be fully
accessed. We prove the security of recycling rates when authentication of
quantum states is accepted, and when it is rejected. We note that recycling
schemes respect a general law of cryptography which we prove relating the size
of private keys, sent qubits, and encrypted messages. We discuss applications
for encryption of quantum information in light of the resources needed for
teleportation. Potential uses include the protection of resources such as
entanglement and the memory of quantum computers. We also introduce another
application: encrypted secret sharing and find that one can even reuse the
private key that is used to encrypt a classical message. In a number of cases,
one finds that the amount of private key needed for authentication or
protection is smaller than in the general case.Comment: 13 pages, improved rate of recycling proved in the case of rejection
of authenticatio
The quantum one-time pad in the presence of an eavesdropper
A classical one-time pad allows two parties to send private messages over a
public classical channel -- an eavesdropper who intercepts the communication
learns nothing about the message. A quantum one-time pad is a shared quantum
state which allows two parties to send private messages or private quantum
states over a public quantum channel. If the eavesdropper intercepts the
quantum communication she learns nothing about the message. In the classical
case, a one-time pad can be created using shared and partially private
correlations. Here we consider the quantum case in the presence of an
eavesdropper, and find the single letter formula for the rate at which the two
parties can send messages using a quantum one-time pad
Distributed Relay Protocol for Probabilistic Information-Theoretic Security in a Randomly-Compromised Network
We introduce a simple, practical approach with probabilistic
information-theoretic security to mitigate one of quantum key distribution's
major limitations: the short maximum transmission distance (~200 km) possible
with present day technology. Our scheme uses classical secret sharing
techniques to allow secure transmission over long distances through a network
containing randomly-distributed compromised nodes. The protocol provides
arbitrarily high confidence in the security of the protocol, with modest
scaling of resource costs with improvement of the security parameter. Although
some types of failure are undetectable, users can take preemptive measures to
make the probability of such failures arbitrarily small.Comment: 12 pages, 2 figures; added proof of verification sub-protocol, minor
correction
Quantum non-malleability and authentication
In encryption, non-malleability is a highly desirable property: it ensures
that adversaries cannot manipulate the plaintext by acting on the ciphertext.
Ambainis, Bouda and Winter gave a definition of non-malleability for the
encryption of quantum data. In this work, we show that this definition is too
weak, as it allows adversaries to "inject" plaintexts of their choice into the
ciphertext. We give a new definition of quantum non-malleability which resolves
this problem. Our definition is expressed in terms of entropic quantities,
considers stronger adversaries, and does not assume secrecy. Rather, we prove
that quantum non-malleability implies secrecy; this is in stark contrast to the
classical setting, where the two properties are completely independent. For
unitary schemes, our notion of non-malleability is equivalent to encryption
with a two-design (and hence also to the definition of Ambainis et al.). Our
techniques also yield new results regarding the closely-related task of quantum
authentication. We show that "total authentication" (a notion recently proposed
by Garg, Yuen and Zhandry) can be satisfied with two-designs, a significant
improvement over the eight-design construction of Garg et al. We also show
that, under a mild adaptation of the rejection procedure, both total
authentication and our notion of non-malleability yield quantum authentication
as defined by Dupuis, Nielsen and Salvail.Comment: 20+13 pages, one figure. v2: published version plus extra material.
v3: references added and update
- …