基于逻辑单粒子的多方量子密钥协商协议

集体噪声对量子密码协议的影响不可忽视,然而可抵抗集体噪声的多方量子密钥协商（MQKA）协议还很少。为了抵抗集体噪声的影响,分别针对可抗集体退相位噪声的逻辑单粒子和可抗集体旋转噪声的逻辑单粒子提出了两组逻辑酉算符,使得将其作用在逻辑单粒子上后,其中两个酉算符不改变测量基,而另外两个会改变测量基。基于此性质提出一个MQKA协议。首先,每个参与者传输逻辑单粒子给下一位;然后,该逻辑单粒子经过其他所有参与者的加密重新回到这个参与者,形成一个“环形”;最后,通过测量来获取共享密钥。安全性分析证明,该协议能够抵抗截取重发攻击、纠缠测量攻击以及参与者攻击;效率分析表明,该协议具有较高的量子比特效率。     

免疫集体噪声的量子密钥协商协议

针对目前免疫集体噪声的量子密钥协商协议的量子比特效率偏低问题,基于逻辑Bell态提出了两个新的量子密钥协商协议,它们分别免疫集体退相位噪声和集体旋转噪声。两个协议利用幺正变换和延迟测量技术,确保了协议双方能公平地建立一个共享密钥。安全性分析证明了这两个协议能抵抗参与者攻击和相关外部攻击。与已有免疫集体噪声的量子密钥协商协议比较,发现新协议有较高的量子比特效率。     

A novel quantum scheme for secure two-party distance computation

Secure multiparty computational geometry is an essential field of secure multiparty computation, which computes a computation geometric problem without revealing any private information of each party. Secure two-party distance computation is a primitive of secure multiparty computational geometry, which computes the distance between two points without revealing each point’s location information (i.e., coordinate). Secure two-party distance computation has potential applications with high secure requirements in military, business, engineering and so on. In this paper, we present a quantum solution to secure two-party distance computation by subtly using quantum private query. Compared to the classical related protocols, our quantum protocol can ensure higher security and better privacy protection because of the physical principle of quantum mechanics.     

可证明安全的基于身份的认证密钥协商协议

提出了一种具有私钥产生中心(private key generator,PKG)前向安全性的基于身份的认证密钥协商协议,协议中给出了一种利用用户双方的长期私钥和临时私钥联合计算共享密钥的方法.在标准模型下证明了协议的安全性,并且分析得出,即使攻击者能够同时获得双方的临时私钥或同时获得双方的长期私钥,共享密钥仍然是安全的.性能分析表明,该协议较好地平衡了计算复杂度和安全性这两个协议评价指标.     

Improvements on “multiparty quantum key agreement with single particles”

Recently, Liu et al. (Quantum Inf Process 12: 1797–1805, 2013) proposed a secure multiparty quantum key agreement (MQKA) protocol with single particles. Their protocol allows N parties to negotiate a secret session key in such away that (1) outside eavesdroppers cannot gain the session key without introducing any errors; (2) the session key cannot be determined by any non-trivial subset of the participants. However, the particle efficiency of their protocol is only $\frac{1}{(k+1)N(N-1)}$ . In this paper, we show that the efficiency of the MQKA protocol can be improved to $\frac{1}{N(k+1)}$ by introducing two additional unitary operations. Since, in some scenarios, the secret keys are confidential, neither party is willing to divulge any of the contents to the other. Therefore, in our protocol, no participant can learn anything more than its prescribed output, i.e., the secret keys of the participants can be kept secret during the protocol instead of being exposed to others, thus, the privacy of the protocol is also improved. Furthermore, we explicitly show the scheme is secure.     

Two-party quantum key agreement protocols under collective noise channel

Recently, quantum communication has become a very popular research field. The quantum key agreement (QKA) plays an important role in the field of quantum communication, based on its unconditional security in terms of theory. Among all kinds of QKA protocols, QKA protocols resisting collective noise are widely being studied. In this paper, we propose improved two-party QKA protocols resisting collective noise and present a feasible plan for information reconciliation. Our protocols’ qubit efficiency has achieved 26.67%, which is the best among all the two-party QKA protocols against collective noise, thus showing that our protocol can improve the transmission efficiency of quantum key agreement.     

Cryptanalysis of a multiparty quantum key agreement protocol based on commutative encryption

Recently, Sun et al. (Quantum Inf Process 15(5):2101–2111, 2016) proposed an efficient multiparty quantum key agreement protocol based on commutative encryption. The aim of this protocol is to negotiate a secret shared key among multiple parties with high qubit efficiency as well as security against inside and outside attackers. The shared key is the exclusive-OR of all participants’ secret keys. This is achieved by applying the rotation operation on encrypted photons. For retrieving the final secret key, only measurement on single states is needed. Sun et al. claimed that assuming no mutual trust between participants, the scheme is secure against participant’s attack. In this paper, we show that this is not true. In particular, we demonstrate how a malicious participant in Sun et al.’s protocol can introduce “a” final fake key to target parties of his choice. We further propose an improvement to guard against this attack.     

Collusive attacks to “circle-type” multi-party quantum key agreement protocols

We find that existing multi-party quantum key agreement (MQKA) protocols designed for fairness of the key are, in fact, unfair. Our analysis shows that these protocols are sensitive to collusive attacks; that is, dishonest participants can collaborate in predetermining the key without being detected. In fact, the transmission structures of the quantum particles in those unfair MQKA protocols, three of which have already been analyzed, have much in common. We call these unfair MQKA protocols circle-type MQKA protocols. Likewise, the transmission structures of the quantum particles in MQKA protocols that can resist collusive attacks are also similar. We call such protocols complete-graph-type MQKA protocols. A MQKA protocol also exists that can resist the above attacks but is still not fair, and we call it the tree-type MQKA protocol. We first point out a common, easily missed loophole that severely compromises the fairness of present circle-type MQKA protocols. Then we show that two dishonest participants at special positions can totally predetermine the key generated by circle-type MQKA protocols. We anticipate that our observations will contribute to secure and fair MQKA protocols, especially circle-type protocols.     

Two-party quantum key agreement against collective noise

In this paper, two two-party quantum key agreement protocols are proposed with logical \(\chi \)-states and logical Bell states. These two protocols can be immune to the collective-dephasing noise and the collective-rotation noise, respectively. They make full use of the measurement correlation property of multi-particle entangled states and the delayed measurement technique. This ensures that two participants can exchange the secret keys of each other and fairly establishes a shared key. There is no information leakage problem when establishing a shared key. The use of the delayed measurement technique and the decoy state technology makes the two protocols resist against both participant and outsider attacks. Furthermore, the two protocols are congenitally free from the Trojan horse attacks and have high qubit efficiency.     

Quantum key agreement protocols with single photon in both polarization and spatial-mode degrees of freedom

In this paper, we propose a three-party and a multi-party quantum key agreement protocols with single photons in both polarization and spatial-mode degrees of freedom. Based on the defined collective unitary operations, the participants can agree on a secure shared key through encoding their sub-secret keys on the particles. Moreover, the security of our protocols is discussed comprehensively. It is showed that the presented protocols can defend both the outside attacks and participant attacks. The efficiency analysis also shows that our two protocols can achieve high qubit efficiency. Besides, our protocols are feasible since the preparation and the measurement of single-photon state in both polarization and spatial-mode degrees of freedom are available with current quantum techniques.     

Improving the security of quantum key agreement protocols with single photon in both polarization and spatial-mode degrees of freedom

Recently, Wang and Ma (Quantum Inf Process 16(5):130, 2017) proposed two interesting quantum key agreement protocols with a single photon in both polarization and spatial-mode degrees of freedom. They claimed that the privacy of participants’ secret keys in the multiparty case is protected against dishonest participants. However, in this paper, we prove that two dishonest participants can deduce the secret key of an honest one using a fake sequence of single photons, without being detected. Also, we propose an additional security detection process to avoid the security loophole in their protocol.     

一种无证书认证密钥协商协议的分析与改进*

研究无证书公钥密码系统中两方认证密钥协商协议问题。对Liu xu的无证书两方认证密钥协商协议进行安全性分析,指出该方案不具有强安全性。该方案不能抵抗密钥泄露伪装攻击和临时私钥泄露攻击。分析了方案不安全的原因,在此基础上提出一个改进的方案来修正Liu xu的方案。因此,设计看似安全的无证书两方认证密钥协商协议并不困难,但要给出协议的安全性证明并不容易。     

KONHEIM'S CRYPTOGRAPHY–A PRIMER: A BOOK REVIEW

In this paper, we present an approach to compute master keys for an M ³ public-key cryptoscfaeme. At first, the existence conditions of master keys are derived. Then an algorithm to compute master keys is given. Further, the security of our master key cryptosystem is also guaranteed, no matter what relations or key values are exposed.     

Efficient multiparty quantum key agreement protocol based on commutative encryption

A secure multiparty quantum key agreement protocol using single-qubit states is proposed. The agreement key is computed by performing exclusive-OR operation on all the participants’ secret keys. Based on the commutative property of the commutative encryption, the exclusive-OR operation can be performed on the plaintext in the encrypted state without decrypting it. Thus, it not only protects the final shared key, but also reduces the complexity of the computation. The efficiency of the proposed protocol, compared with previous multiparty QKA protocols, is also improved. In the presented protocol, entanglement states, joint measurement and even the unitary operations are not needed, and only rotation operations and single-state measurement are required, which are easier to be realized with current technology.     

标准模型下可证明安全的入侵容忍公钥加密方案

在传统的公钥加密方案中,一旦解密密钥泄漏,系统的安全性将完全丧失.特别是随着越来越多的加密系统被应用到移动的、安全性低的设备中,密钥泄漏显得难以避免.入侵容忍公钥加密的提出就是为了减小密钥泄漏对加密系统的危害,具有比前向安全加密、密钥隔离加密更强的安全性.在这种体制下,整个生命周期被分割成离散的时间阶段,公钥固定不变,密钥信息分享在解密者和基地中,前者独立完成解密操作,而后者则在每个时间周期中提供一个更新信息来帮助演化解密密钥.此外,每个时间段内有多次密钥刷新的操作,可以刷新解密者的密钥和基密钥.当解密者和基地被入侵时,只要不是同时被入侵,安全性就可以得到保证.即使入侵者同时入侵解密者和基地,也不会影响以前时间段密文的安全性.提出了一个入侵容忍公钥加密方案,所有费用参数关于总共时间段数的复杂性均不超过对数的平方.证明了该方案是标准模型下安全的.这是一个不需要随机预言的可证明安全的入侵容忍公钥加密方案.     

Simulatable certificateless two-party authenticated key agreement protocol

Key agreement (KA) allows two or more users to negotiate a secret session key among them over an open network. Authenticated key agreement (AKA) is a KA protocol enhanced to prevent active attacks. AKA can be achieved using a public-key infrastructure (PKI) or identity-based cryptography. However, the former suffers from a heavy certificate management burden while the latter is subject to the so-called key escrow problem. Recently, certificateless cryptography was introduced to mitigate these limitations. In this paper, we first propose a security model for AKA protocols using certificateless cryptography. Following this model, we then propose a simulatable certificateless two-party AKA protocol. Security is proven under the standard computational Diffie-Hellman (CDH) and bilinear Diffie-Hellman (BDH) assumptions. Our protocol is efficient and practical, because it requires only one pairing operation and five multiplications by each party.     

一种新的双方认证密钥协商协议的安全性分析

2010年,Mohammad等人提出了一种新的双方认证密钥协商协议(MOHAMMAD Z, CHEN Y, HSU C, et al. Cryptanalysis and enhancement of two-pass authenticated key agreement with key confirmation protocols. IETE Technical Review, 2010,27(3):252-65)。新协议以较高的运算效率实现了参与者双方的身份认证和密钥协商。对该协议的单轮版本进行了安全性分析,通过模拟协议中某些信息丢失后协议双方的通信过程,发现如果协议中的一些秘密信息丢失,敌手可以发起信息泄露伪装攻击、密钥泄露伪装攻击和一般定义下的伪装攻击,也无法抵抗中间人攻击。这些攻击都可以使得敌手冒充合法参与者发起或回应会话。     

一种有效的基于身份的两方密钥交换协议

基于身份的密钥交换协议通过协议参与者的身份信息来建立会话密钥。文章基于计算离散对数困难问题,提出一种基于身份的两方密钥交换协议,并对协议的效率和安全性进行了分析。分析表明,所提出的协议具有较好的运行效率,能满足两方密钥交换协议的安全属性要求。     

New forward-secure public-key encryption without random oracles

Forward-secure public-key cryptography is an important technique for protecting private keys. It provides the benefits of frequent updating private keys without changing public keys. The most attractive property of forward security is that even if an attacker obtains the private key for the current time period, she still cannot compromise the private keys for the past time. In this paper, we newly present a forward-secure public-key encryption scheme without random oracles and prove it to be chosen-ciphertext secure in the standard model. In the proposed scheme, the ciphertext size and the decryption time have no correlation with the number of time periods and other performance indices have at most poly logarithmic complexities in terms of the number of time periods. As far as we know, it is the first forward-secure public-key encryption scheme that achieves direct chosen-ciphertext security in the standard model.     

高效安全的无证书密钥协商方案*

在网络信息安全领域,服务器与客户机之间的密钥协商显得非常必要。无证书公钥密码是为了克服基于身份密码的密钥托管性质提出来的,它结合了传统公钥证书密码体系和基于身份的公钥体系的优点。应用椭圆曲线的配对运算,提出了一个两方的无证书密钥协商协议,其中每一方只需计算一个配对,并证明了它在ECK模型下的安全性。与其他无证书密钥协商协议相比,安全性和效率都更好。