# Quantum Authentication with Key Recycling

@article{Portmann2017QuantumAW, title={Quantum Authentication with Key Recycling}, author={Christopher Portmann}, journal={ArXiv}, year={2017}, volume={abs/1610.03422} }

We show that a family of quantum authentication protocols introduced in [Barnum et al., FOCS 2002] can be used to construct a secure quantum channel and additionally recycle all of the secret key if the message is successfully authenticated, and recycle part of the key if tampering is detected. [] Key Method We also prove that the number of recycled key bits is optimal for this family of protocols, i.e., there exists an adversarial strategy to obtain all non-recycled bits. Previous works recycled less key…

## 35 Citations

### Quantum ciphertext authentication and key recycling with the trap code

- Computer ScienceTQC
- 2018

This work investigates quantum authentication schemes constructed from quantum error-correcting codes and gives an explicit code that is strong purity testing but, contrary to other known strong-purity-testing codes, allows for natural computation on ciphertexts.

### On the Everlasting Security of Password-Authenticated Quantum Key Exchange

- Computer Science, MathematicsArXiv
- 2019

This paper investigates the possibility of implementing this authenticated classical channel by the means of human-memorable passwords and presents a construction of a quantum PAKE scheme based on QKD, and proves its everlasting security in this simulation-based model.

### Quantum Authentication and Encryption with Key Recycling

- Computer ScienceIACR Cryptol. ePrint Arch.
- 2017

We propose an information-theoretically secure encryption scheme for classical messages with quantum ciphertexts that offers detection of eavesdropping attacks, and re-usability of the key in case no…

### Comment on “A novel quantum deniable authentication protocol without entanglement”

- Computer ScienceQuantum Inf. Process.
- 2018

There is a bug in the key update phase, which can lead to the failure of updating the shared key, and an improved simple method is proposed to mitigate the security weakness.

### On the Security of Password-Authenticated Quantum Key Exchange

- Computer Science, Mathematics
- 2019

This paper investigates the achievability of unconditionally secure password-authenticated quantum key exchange (quantum PAKE), where the authentication is implemented by the means of human-memorable passwords, and presents a construction for quantum PAKE that provably achieves everlasting security in the simulation-based model.

### The Universal Composable Security of Quantum Message Authentication with Key Recyling

- Computer Science
- 2016

The main result is a proof that QA+KG is universal composably (UC) secure in the Ben-Or-Mayers model, and defines UC-secure entanglement, and proves the UC-security of theEntanglement generating protocol given in quant-ph/0205128.

### Quantum Key Recycling with optimal key recycling rate based on a noise level

- Computer ScienceArXiv
- 2020

This study proposes a new QKR protocol which recycles the used keys according to the noise level and optimizes the key recycling rate of the pre-shared keys, and eliminates the need for classical authentication channels by delaying recycling some of the keys.

### Composable and Finite Computational Security of Quantum Message Transmission

- Computer Science, MathematicsIACR Cryptol. ePrint Arch.
- 2019

It is shown how to define finite, composable, computational security for secure quantum message transmission, and the new definitions do not involve any games or oracles, they are directly operational.

### New Security Notions and Feasibility Results for Authentication of Quantum Data

- Computer ScienceCRYPTO
- 2017

We give a new class of security definitions for authentication in the quantum setting. These definitions capture and strengthen existing definitions of security against quantum adversaries for both…

### Quantum Authentication and Encryption with Key Recycling - Or: How to Re-use a One-Time Pad Even if P=NP - Safely & Feasibly

- Computer Science, MathematicsEUROCRYPT
- 2017

We propose an information-theoretically secure encryption scheme for classical messages with quantum ciphertexts that offers detection of eavesdropping attacks, and re-usability of the key in case no…

## References

SHOWING 1-10 OF 50 REFERENCES

### A Quantum Cipher with Near Optimal Key-Recycling

- Computer ScienceCRYPTO
- 2005

This work proposes an unconditionally secure scheme for encrypting classical messages under a shared key, where attempts to eavesdrop the ciphertext can be detected, and shows this is essentially optimal.

### Quantum Authentication and Encryption with Key Recycling

- Computer ScienceIACR Cryptol. ePrint Arch.
- 2017

We propose an information-theoretically secure encryption scheme for classical messages with quantum ciphertexts that offers detection of eavesdropping attacks, and re-usability of the key in case no…

### How to re-use a one-time pad safely and almost optimally even if P = NP

- Computer ScienceNatural Computing
- 2014

This work proposes an unconditionally secure scheme for encrypting classical messages under a shared key, where attempts to eavesdrop the ciphertext can be detected, and shows this is essentially optimal.

### The Universal Composable Security of Quantum Message Authentication with Key Recyling

- Computer Science
- 2016

The main result is a proof that QA+KG is universal composably (UC) secure in the Ben-Or-Mayers model, and defines UC-secure entanglement, and proves the UC-security of theEntanglement generating protocol given in quant-ph/0205128.

### New Security Notions and Feasibility Results for Authentication of Quantum Data

- Computer ScienceCRYPTO
- 2017

We give a new class of security definitions for authentication in the quantum setting. These definitions capture and strengthen existing definitions of security against quantum adversaries for both…

### Key Recycling in Authentication

- Computer Science, MathematicsIEEE Transactions on Information Theory
- 2014

It is shown that if the players have a mild form of synchronization, namely that the receiver knows when a message should be received, the key can be recycled for any arbitrary task, not only new rounds of authentication.

### Authentication of quantum messages

- Computer ScienceThe 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings.
- 2002

A non-interactive scheme that enables A to both encrypt and authenticate an m qubit message by encoding it into m+s qubits, where the error probability decreases exponentially in the security parameter s, and a lower bound of 2m key bits for authenticating m qubits is given, which makes the protocol asymptotically optimal.

### How to reuse a one-time pad and other notes on authentication encryption and protection of quantum information

- Computer ScienceArXiv
- 2003

It is proved that one can recycle the one-time pad without compromising security, and the security of recycling rates when authentication of quantum states is accepted, and when it is rejected.

### Uncloneable encryption

- Computer ScienceQuantum Inf. Comput.
- 2003

Uncloneable encryption can be used in a non-interactive setting, where QKD is not available, allowing Alice and Bob to convert a temporary computational assumption into a permanently secure message.

### Simple proof of security of the BB84 quantum key distribution protocol

- Computer SciencePhysical review letters
- 2000

We prove that the 1984 protocol of Bennett and Brassard (BB84) for quantum key distribution is secure. We first give a key distribution protocol based on entanglement purification, which can be…