Polynomial Code based Quantum Authentication

The example protocol provides a non-interactive scheme for the sender to encrypt as well as authenticate quantum messages. It was the first protocol designed to achieve the task of authentication for quantum states, i.e. it gives the guarantee that the message sent by a party (suppliant) over a communication line is received by a party on the other end (authenticator) as it is and, has not been tampered with or modified by the dishonest party (eavesdropper).

Tags: Two Party Protocol, Quantum Functionality, Specific Task, Building Block

Assumptions

• The sender and the receiver share a private (known to only the two of them), classical random key drawn from a probability distribution.

Outline

1. Preprocessing: A and B agree on some stabilizer purity testing code (${\displaystyle Q_{k}}$) and some private and random

binary strings ${\displaystyle k}$, ${\displaystyle x}$, and ${\displaystyle y}$.

1. A q-encrypts ρ as τ using key x. A encodes τ according to Qk for the code Qk with syndrome y to produce

σ. A sends the result to B.

1. B receives the n qubits. Denote the received state by σ B measures the syndrome y′ of the code Qk on his qubits. B compares y to y′, and aborts if any error is detected. B decodes his n-qubit word according to

Qk, obtaining τ′. B q-decrypts τ′ using x and obtains ρ′.

Purity Testing Code:

Notations

• ${\displaystyle s}$: security parameter
• ${\displaystyle m}$: number of qubits in the message.

Properties

• For an ${\displaystyle m}$ qubit message, the protocol requires ${\displaystyle m+s}$ qubits encoded state, and a private key of ${\displaystyle 2m+O(s)}$.

Pseudo Code

Further Information

References