Authentication of quantum messages.
- Daniel
- Adam
Authentication is a well-studied area of classical cryptography: a sender A and a receiver B sharing a classical private key want to exchange a classical message with the guarantee that the message has not been modified or replaced by a dishonest party with control of the communication line. In this paper we study the authentication of messages composed of quantum states. We give a formal definition of authentication in the quantum setting. Assuming A and B have access to an insecure quantum channel and share a private, classical random key, we provide a non-interactive scheme that both enables A to encrypt and authenticate (with unconditional security) an m qubit message by encoding it into m + s qubits, where the probability decreases exponentially in the security parameter s. The scheme requires a private key of size 2m + O(s). To achieve this, we give a highly efficient protocol for testing the purity of shared EPR pairs. It has long been known that learning information about a general quantum state will necessarily disturb it. We refine this result to show that such a disturbance can be done with few side effects, allowing it to circumvent cryptographic protections. Consequently, any scheme to authenticate quantum messages must also encrypt them. In contrast, no such constraint exists classically: authentication and encryption are independent tasks, and one can authenticate a message while leaving it publicly readable. This reasoning has two important consequences: On one hand, it allows us to give a lower bound of 2m key bits for authenticating m qubits, which makes our protocol asymptotically optimal. On the other hand, we use it to show that digitally signing quantum states is impossible, even with only computational security.
- Research Organization:
- Los Alamos National Laboratory (LANL), Los Alamos, NM (United States)
- Sponsoring Organization:
- USDOE
- OSTI ID:
- 975875
- Report Number(s):
- LA-UR-01-6419; TRN: US201018%%961
- Resource Relation:
- Conference: Submitted to: 34th Symposium on the Theory of Computing (STOC2002) Montreal, Candada May 19-21, 2002
- Country of Publication:
- United States
- Language:
- English
Similar Records
Authentication Protocol using Quantum Superposition States
Can you sign a quantum state?