Experimental Implementation of A Quantum Zero-Knowledge Proof for User Authentication

TL;DR

The paper addresses secure user authentication in quantum networks without revealing the secret by introducing an interactive quantum zero-knowledge proof (QZKP) that relies on a pre-shared secret $s$, a two-step key-derivation mechanism to generate $h_1$ and $h_2$, and QBER-based verification. Implemented on discrete-variable BB84 decoy-state quantum channels, the QZKP is demonstrated in back-to-back and metropolitan-distance links, achieving a low QBER for honest participants ($\approx 2.9\%$) and a significantly higher QBER when a dishonest prover is involved ($\approx 26.6\%$), exceeding the BB84 threshold of $11\%$. The work provides a security analysis showing completeness, soundness, and zero-knowledge, with explicit expressions for QBER and a threshold $T_v$ guiding authentication decisions. Practically, this approach offers a quantum-safe authentication layer that can be deployed within existing QKD infrastructure, enabling privacy-preserving identity verification over distances up to around $60\ \text{km}$ with minimal post-processing. The demonstrated robustness against malicious behavior and distance scalability underscores the potential for integrating QZKP-based authentication into quantum-secure networks.

Abstract

A new interactive quantum zero-knowledge protocol for identity authentication implementable in currently available quantum cryptographic devices is proposed and demonstrated. The protocol design involves a verifier and a prover knowing a pre-shared secret, and the acceptance or rejection of the proof is determined by the quantum bit error rate. It has been implemented in modified Quantum Key Distribution devices executing two fundamental cases. In the first case, all players are honest, while in the second case, one of the users is a malicious player. We demonstrate an increase of the quantum bit error rate around 25% in the latter case compared to the case of honesty. The protocol has also been validated for distances from a back-to-back setup to more than 60 km between verifier and prover. The security and robustness of the protocol has been analysed, demonstrating its completeness, soundness and zero-knowledge properties.

Figures (6)

• Figure 1: Flowchart of the quantum zero-knowledge proof between Alice and Bob. Steps 1 and 2 correspond to the pre-processing stage where the information needed for the execution of the proof is prepared. Steps 3 to 5 correspond to the quantum stage, where the quantum states are prepared, sent and measured. In Steps 6 to 8 the verification of the proof is carried out by the estimation of the quantum bit error rate (QBER). If both are honest $s=s'$, otherwise $s\neq s'$. KDF means Key Derivation Function; $\Delta_{a,b}$ are raw measurements; $\delta_{a,b}$ are the results of the post-processing of $\Delta_{a,b}$; ENC means the encryption of $\delta_{a,b}$ with $h'_2$; and $T_v$ is the verification threshold.
• Figure 2: Schematics of the pair of discrete-variable quantum cryptographic devices.
• Figure 3: Amount of time needed for the generation of $1$ bit in the honest case. The time needed shows a logarithmic behaviour when increasing the losses. The black dot corresponds to the back-to-back (B2B) configuration.
• Figure 4: Experimental results of the QBER in a back-to-back setup. Blue stars: all players are honest, Red stars: dishonest prover. The black line refers to the standard security threshold value of $11\%$ for the BB84 protocol BB84_Security.
• Figure 5: Measured QBER performance together with the associated standard deviations versus additional link losses in case of honest parties. The green dashed line refers to the standard security threshold value of $11\%$ for the BB84 protocol BB84_Security.