Cryptanalysis of a multiparty quantum key agreement protocol based on commutative encryption

Recently, Sun et al. (Quantum Inf Process 15(5):2101–2111, 2016) proposed an efficient multiparty quantum key agreement protocol based on commutative encryption. The aim of this protocol is to negotiate a secret shared key among multiple parties with high qubit efficiency as well as security against inside and outside attackers. The shared key is the exclusive-OR of all participants’ secret keys. This is achieved by applying the rotation operation on encrypted photons. For retrieving the final secret key, only measurement on single states is needed. Sun et al. claimed that assuming no mutual trust between participants, the scheme is secure against participant’s attack. In this paper, we show that this is not true. In particular, we demonstrate how a malicious participant in Sun et al.’s protocol can introduce “a” final fake key to target parties of his choice. We further propose an improvement to guard against this attack.     

Multiparty quantum key agreement protocol based on locally indistinguishable orthogonal product states

Based on locally indistinguishable orthogonal product states, we propose a novel multiparty quantum key agreement (QKA) protocol. In this protocol, the private key information of each party is encoded as some orthogonal product states that cannot be perfectly distinguished by local operations and classical communications. To ensure the security of the protocol with small amount of decoy particles, the different particles of each product state are transmitted separately. This protocol not only can make each participant fairly negotiate a shared key, but also can avoid information leakage in the maximum extent. We give a detailed security proof of this protocol. From comparison result with the existing QKA protocols, we can know that the new protocol is more efficient.     

基于Cluster态的可验证多方量子密钥协商方案

基于四量子比特Cluster态,提出一种可验证多方量子密钥协商方案.方案允许每次由两个参与者利用自己的子密钥分别在每个四量子比特Cluster态的两个粒子上执行X运算,并对转换后的Cluster态执行延迟测量,这保证了每个参与者对协商密钥的贡献相等.提出的方案使用相互无偏基粒子作为诱饵粒子,并且利用对称二元多项式的一对函数值对这些诱饵粒子执行酉运算,不仅可以进行窃听检验,而且还能进行参与者之间的身份验证.本方案适用于任意大于2的参与者人数.安全性分析表明,提出的方案能够抵抗外部攻击及参与者攻击.与现有的多方密钥协商方案相比,该方案不仅在诱饵粒子的使用上有优势,同时具有较高的量子比特效率.     

Multi-party quantum key agreement with five-qubit brown states

In this paper, we propose a multi-party quantum key agreement protocol with five-qubit brown states and single-qubit measurements. Our multi-party protocol ensures each participant to contribute equally to the agreement key. Each party performs three single-qubit unitary operations on three qubits of each brown state. Finally, by measuring brown states and decoding the measurement results, all participants can negotiate a shared secret key without classical bits exchange between them. With the analysis of security, our protocol demonstrates that it can resist against both outsider and participant attacks. Compared with other schemes, it also possesses a higher information efficiency. In terms of physical operation, it requires single-qubit measurements only which weakens the hardware requirements of participant and has a better operating flexibility.     

Key agreement in dynamic peer groups

As a result of the increased popularity of group-oriented applications and protocols, group communication occurs in many different settings: from network multicasting to application layer tele- and videoconferencing. Regardless of the application environment, security services are necessary to provide communication privacy and integrity. This paper considers the problem of key agreement in dynamic peer groups. (Key agreement, especially in a group setting, is the stepping stone for all other security services.) Dynamic peer groups require not only initial key agreement (IKA) but also auxiliary key agreement (AKA) operations, such as member addition, member deletion, and group fusion. We discuss all group key agreement operations and present a concrete protocol suite, CLIQUES, which offers complete key agreement services. CLIQUES is based on multiparty extensions of the well-known Diffie-Hellman key exchange method. The protocols are efficient and provably secure against passive adversaries     

Novel multiparty quantum key agreement protocol with GHZ states

In many circumstances, a shared key is needed to realize secure communication. Based on quantum mechanics principles, quantum key agreement (QKA) is a good method to establish a shared key by every party’s fair participation. In this paper, we propose a novel three-party QKA protocol, which is designed by using Greenberger–Horne–Zeilinger (GHZ) states. To realize the protocol, the distributor of the GHZ states needs only one quantum communication with the other two parties, respectively, and everyone performs single-particle measurements simply. Then, we extend the three-party QKA protocol to arbitrary multiparty situation. At last, we discuss the security and fairness of the multiparty protocol. It shows that the new scheme is secure and fair to every participant.     

基于广播机制的多方量子远程制备协议

量子态远程制备(RSP)是量子信息过程的一个重要分支。为了解决一个发送者向多个接收者同时制备相同量子态的问题,提出了基于广播机制的1对2三方量子态远程制备协议,并将其拓展到1对N多方量子态远程制备中。该协议使用GHZ态作为量子信道,通过构造两组特殊测量基,发送方进行两次多粒子投影测量,接收方根据测量结果进行幺正操作,最终实现1个发送者向多个接收者同时制备相同的粒子态。经分析,协议的这种广播制备模式可以适用于任意多个接收者的情形。     

Multiparty Quantum Key Agreement With Strong Fairness Property

Multiparty Key Agreement (MKA) is the backbone for secure multiparty communication. Although numerous efficient MKA-cryptosystems are available in the classical field, their security relies on the assumption that some computational issues are infeasible. To overcome this dependency, a new area, quantum cryptography, evolves to support key agreement among two or more participants securely. In this paper, first, we present a two-part quantum key agreement with Strong Fairness Property (SFP) and extends it to a Multiparty Quantum Key Agreement (MQKA) protocol. In the first round of proposed MQKA, a participant will act as a group controller (GC) and establishes two-party groups with each of the residual participants and agreed on a quantum two-party-style shared key per each of the two-party. In the second round, the GC computes public keys for each of the respective parties by combining these two-party keys using XOR-operation, excluding that party’s two-party key. Next, the GC sends separate public keys to the individual participants. After receiving the respective public-key, each of the respective participants computes the multiparty key by joining their public-key with their two-party key using XOR. Finally, GC computes the multiparty key, as the GC knows all the two-party keys, it combines them with XOR and acts as a usual group participant. The proposed protocol has compared with other renowned MQKA protocols in terms of four standards parameters, namely transmission number (TN), qubit measurement number (QM), qubit for channel checking (QCC), and the qubit efficiency (QE) and acceptable results achieved. The security of the proposed MQKA relies on the absolute security of a two-part quantum key agreement with Strong Fairness Property (SFP). Moreover, it is secure against both internal and external attacks.     

A dynamic multiparty quantum direct secret sharing based on generalized GHZ states

This paper proposes a new dynamic multiparty quantum direct secret sharing (DQDSS) using mutually unbiased measurements based on generalized GHZ states. Without any unitary operations, an agent can obtain a shadow of the secret by simply performing a measurement on single photons. In the proposed scheme, multiple agents can be added or deleted and the shared secret need not be changed. Our DQDSS scheme has several advantages. The dealer is not required to retain any photons and can further share a predetermined key instead of a random key to the agents. Agents can update their shadows periodically, and the dealer does not need to be online. Furthermore, the proposed scheme can resist not only the existing attacks, but also cheating attacks from dishonest agents. Hence, compared to some famous DQSS schemes, the proposed scheme is more efficient and more practical. Finally, we establish a mathematical model about the efficiency and security of the scheme and perform simulation analyses with different parameters using MATLAB.     

Three-party remote state preparation schemes based on entanglement

By exploiting the entanglement correlation in quantum mechanics, two three-party remote state preparation (RSP) schemes are proposed. One is three-party remote preparation of a single-particle quantum state, and the other is three-party remote preparation of a two-particle entangled state. In the proposed schemes, the sender Alice knows the quantum states to be prepared, while the receivers Bob and Charlie do not know the quantum states; Alice performs measurement and unitary operations on her own particles with two three-particle GHZ states as the quantum channel. According to Alice’s measurement results, Bob and Charlie measure their own particles on the corresponding quantum measurement bases and perform unitary operations on the corresponding particles to reconstruct the quantum states, respectively. Compared with multiparty joint remote preparation and two-party RSP of a quantum state, the proposed schemes realize quantum multicast communication successfully, which enables Bob and Charlie to obtain the prepared quantum states simultaneously in the case of just knowing Alice’s measurement results, while Bob and Charlie do not know each other’s prepared quantum states. It is shown that only three classical bits are required for the two proposed RSP schemes when Bob and Alice introduce an auxiliary particle, respectively, and the proposed schemes are secure after the quantum channel authentication.     

基于GHZ态的无酉操作多方量子秘密共享方案

为了简化多方量子秘密共享协议,利用Greenberger-Horne-Zeilinger（GHZ）态和互补基特性,提出了一种简单高效的多方量子秘密共享方案。该方案无需进行任何酉操作,发送方和多个接收方之间只需一次量子通信,并使用互补基进行测量即可完成信道安全检测和秘密共享。除去少量用于检测量子信道安全的粒子,其余每个GHZ态粒子共享一个比特的经典信息。安全性分析表明该方案是安全可靠的。     

无证书隐式认证改进的Kerberos单点登录协议

针对Kerberos单点登录协议存在的口令攻击、重放攻击、密钥需要托管和效率不高等问题,引入一种无对数运算的无证书隐式认证与密钥协商协议对其进行了改进。在随机预言机模型下证明了新协议的强安全性,分析了改进后Kerberos单点登录协议的优势。引入的密钥协商协议仅需3次点乘运算和2次哈希运算,计算开销较低。采用隐式认证方式,避免了原Kerberos中第三方对信息的无举证窃听,有效克服了中间人攻击。     

Improvements on “multiparty quantum key agreement with single particles”

Recently, Liu et al. (Quantum Inf Process 12: 1797–1805, 2013) proposed a secure multiparty quantum key agreement (MQKA) protocol with single particles. Their protocol allows N parties to negotiate a secret session key in such away that (1) outside eavesdroppers cannot gain the session key without introducing any errors; (2) the session key cannot be determined by any non-trivial subset of the participants. However, the particle efficiency of their protocol is only $\frac{1}{(k+1)N(N-1)}$ . In this paper, we show that the efficiency of the MQKA protocol can be improved to $\frac{1}{N(k+1)}$ by introducing two additional unitary operations. Since, in some scenarios, the secret keys are confidential, neither party is willing to divulge any of the contents to the other. Therefore, in our protocol, no participant can learn anything more than its prescribed output, i.e., the secret keys of the participants can be kept secret during the protocol instead of being exposed to others, thus, the privacy of the protocol is also improved. Furthermore, we explicitly show the scheme is secure.     

Multiparty quantum key agreement with single particles

Two conditions must be satisfied in a secure quantum key agreement (QKA) protocol: (1) outside eavesdroppers cannot gain the generated key without introducing any error; (2) the generated key cannot be determined by any non-trivial subset of the participants. That is, a secure QKA protocol can not only prevent the outside attackers from stealing the key, but also resist the attack from inside participants, i.e. some dishonest participants determine the key alone by illegal means. How to resist participant attack is an aporia in the design of QKA protocols, especially the multi-party ones. In this paper we present the first secure multiparty QKA protocol against both outside and participant attacks. Further more, we have proved its security in detail.     

面向智能家居的轻量型互认证协议

针对现有智能家居远程控制互认证协议不能兼顾效率与安全性的现状,提出一个面向智能家居的轻量型互认证协议,实现用户、网关与测控节点间的相互认证及密钥协商.协议基于USBkey和用户口令,采用挑战/应答机制,仅利用伪随机数及异或与哈希运算;在认证与协商阶段,通过单向哈希当前会话密钥获得可变共享密钥参与下一次认证,实现认证协议的一次一密,这种方法有助于提高协议的安全性及运行效率.最后,对比分析结果表明:本文协议有更高的安全性,且通过降低网关和节点的计算量、通信量及能源消耗,避免无线传感网的时间戳机制,实现了轻量型目标.     

可认证的无证书密钥协商协议

无证书公钥密码体制能有效地克服基于身份密码体制中密钥托管的限制,结合基于身份密码体制和可认证密钥协商的优点,提出了一个新的可认证无证书密钥协商协议。经过分析,该协议不仅满足一般密钥协商的安全特性,而且与已有的密钥协商相比,具有更少的对数运算。     

基于测量设备无关的可认证身份量子投票方案

为解决量子通信过程中的身份认证及协议的可实现性问题, 提出一种基于测量设备无关的带身份认证服务器的量子安全直接通信协议, 并依据该协议提出一种量子投票方案. 所提方案利用测量设备无关的量子密钥分配, 完备的量子加密, 以及经典的一次一密等技术, 不仅理论上确保方案的无条件安全性, 而在实际上也避免外部攻击者对测量设备漏洞的攻击. 此外, 所提方案使用BB84态的弱相干脉冲作为量子资源, 仅实施单粒子操作, 以及识别Bell态的测量. 因此, 基于现有技术, 所提方案具有良好的可实现性. 同时所提方案扩展了身份认证功能, 引入比特承诺, 使得监票人可以验证投票信息的完整性和正确性. 仿真结果和分析表明, 所提方案是正确的并具有理论上无条件的安全性, 即信息理论安全. 相较于现有的量子投票方案, 所提方案具有更好的可行性.     

Commutative Re-encryption Techniques: Significance and Analysis

ABSTRACT

Commutative re-encryption techniques are important tools for different applications where the encryption and decryption operations are performed in arbitrary order. These techniques also enable one to transfer information securely in a network without any knowledge of public keys of other parties. The process of message transmission vastly depends on the performance of underlying commutative technique used for cryptographic operations. The aim of this paper is to inquest some recently invented commutative re-encryption techniques at every step of their operation and expose the technique with better performance. The content of the paper is broadly divided into three parts—describing the importance of the commutative re-encryption techniques, presenting some latest techniques along with proposing a modification for making their operations faster, and analyzing every operational step of both the naive and proposed techniques. The modification is proposed only for experimentally proved slow techniques to faster their operation and a comparison is made at the end to show the effectiveness of the modification in making the operations faster.     

云环境下集合隐私计算

多方保密计算是网络空间安全与隐私保护的关键技术,基于同态加密算法的多方保密计算协议是解决云计算安全的一个重要工具.集合隐私计算是多方保密计算的一个基本问题,具有广泛的应用.现有的集合隐私计算方案多是基于两方的情况,基于多方的方案较少,效率较低,且这些方案都不能扩展到云计算平台.本文首先设计了一种新的编码方案,根据新的编码方案和同态加密算法在云计算环境下构造了一个具有普遍适用性且抗合谋的保密计算集合并集问题解决方案.该方案中的同态加密算法既可以是加法同态又可以是乘法同态的加密算法.本文进一步利用哥德尔编码和ElGamal公钥加密算法构造了一种适用于云计算的高效集合并集计算方案.这些方案还可以对多个集合中的所有数据进行保密排序,并证明这些方案在半诚实模型下是安全的.本文中的方案经过简单改造,也可以保密地计算多个集合的交集.     

Quantum simultaneous secret distribution with dense coding by using cluster states

A new communication mode, quantum simultaneous secret distribution (QSSD) is put forward, where one sender distributes different classical secret message to multiparty receivers simultaneously. Based on the properties of the one-dimensional four-qubit cluster states, a three-party QSSD protocol is proposed, and then it is extended to the case that there are many receivers. Owing to the idea of quantum dense coding, each receiver can receive two bits of classical message by the sender only using a cluster state. In order to check security of quantum channels, a strategy which can prevent common attacks efficiently is put forward. QSSD is distinct from quantum secret sharing (QSS) and quantum broadcast communication (QBC), but it can be easily converted into QSS and QBC. QSSD is also different from the multiple-QKD communication mode where the sender shares a private key with each receiver at first, while in QSSD the sender doesn’t; in addition, only one round of one-to-many communication is performed in QSSD, while in multiple-QKD communication mode many rounds of one-to-one communication are performed.