Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Tight Analysis of a One-Shot Quantum Secret Sharing Scheme

Santanu Majhi, Debajyoti Bera

TL;DR

The paper rigorously analyzes the one-shot Grover-based quantum secret sharing scheme H03-QSS, proving that perfect one-round security is unattainable within this framework due to strong attack vectors like intercept-fake-resend. It introduces a formal information-theoretic characterization of recoverability and secrecy and shows original nonces either fail to detect certain attacks or fail to preserve secrecy. By proposing a fortified nonce set, the authors achieve recoverability with partial secrecy (per-party secrecy bound at 3/8) and some protection against intercept-fake-resend, while preserving IMP. The work highlights fundamental trade-offs in one-shot QSS and motivates exploring non-Grover-based approaches or decoy-state strategies to attain stronger security guarantees in quantum secret sharing.

Abstract

Quantum communication protocols can be designed to detect eavesdropping attacks, something that classical technologies are unable to do since classical information can be replicated in a non-destructive manner. Eavesdropping detection is, therefore, a standard feature in all the proposed quantum secret sharing (QSS) protocols. However, detection is often done by a statistical analysis of the outcome of multiple decoy rounds, and this causes a significant communication overhead. In our quest for a QSS protocol that works even in one round, we came across a one-shot secret-sharing framework proposed by Hsu (Phys. Rev. A 2003). The scheme was designed to work over public channels without requiring multiple rounds to detect eavesdropping but it lacked a thorough security analysis. In this work we present a complete characterisation of the correctness and security properties of this framework. Our characterisation allowed us to improve the original protocol to be more resistant towards eavesdropping. However, we prove a couple of impossibility results, including one that dictates that complete security against an eavesdropper is not possible in this framework. Thus, it is not possible to design a perfect QSS using this framework.

Tight Analysis of a One-Shot Quantum Secret Sharing Scheme

TL;DR

The paper rigorously analyzes the one-shot Grover-based quantum secret sharing scheme H03-QSS, proving that perfect one-round security is unattainable within this framework due to strong attack vectors like intercept-fake-resend. It introduces a formal information-theoretic characterization of recoverability and secrecy and shows original nonces either fail to detect certain attacks or fail to preserve secrecy. By proposing a fortified nonce set, the authors achieve recoverability with partial secrecy (per-party secrecy bound at 3/8) and some protection against intercept-fake-resend, while preserving IMP. The work highlights fundamental trade-offs in one-shot QSS and motivates exploring non-Grover-based approaches or decoy-state strategies to attain stronger security guarantees in quantum secret sharing.

Abstract

Quantum communication protocols can be designed to detect eavesdropping attacks, something that classical technologies are unable to do since classical information can be replicated in a non-destructive manner. Eavesdropping detection is, therefore, a standard feature in all the proposed quantum secret sharing (QSS) protocols. However, detection is often done by a statistical analysis of the outcome of multiple decoy rounds, and this causes a significant communication overhead. In our quest for a QSS protocol that works even in one round, we came across a one-shot secret-sharing framework proposed by Hsu (Phys. Rev. A 2003). The scheme was designed to work over public channels without requiring multiple rounds to detect eavesdropping but it lacked a thorough security analysis. In this work we present a complete characterisation of the correctness and security properties of this framework. Our characterisation allowed us to improve the original protocol to be more resistant towards eavesdropping. However, we prove a couple of impossibility results, including one that dictates that complete security against an eavesdropper is not possible in this framework. Thus, it is not possible to design a perfect QSS using this framework.

Paper Structure

This paper contains 25 sections, 19 theorems, 62 equations, 2 figures, 8 tables.

Table of Contents

  1. Introduction
  2. Overview of Results
  3. Related Work
  4. Background
  5. Grover-search Operator
  6. Grover-based H03-QSS by Hsu
  7. Attack against H03-QSS (hao2010eavesdropping)
  8. Mathematical Characterization
  9. Recoverability
  10. Secrecy
  11. Intercept-Measure-Resend Attack
  12. Intercept-fake-resend Attack
  13. A Limit on One-shot Security
  14. Security against Intercept-fake-resend Attack
  15. Secrecy Implies Intercept-fake-resend Attack
  16. ...and 10 more sections

Key Result

Lemma 1

An equivalent condition for Equation eqn:recoverability is that holds for all secret $\ket{s}$ and all nonce $\ket{\psi} \in J$.

Figures (2)

  • Figure 1: The first three stages of the protocol when Eve is acting honestly. The symbol $ indicates drawing from a uniform random distribution, and $\Longrightarrow$ indicates communication over a public channel.
  • Figure 2: Eavesdropping attack against H03-QSS. Observe that Eve has successfully generated $\ket{s}$ in Stage-II itself without Bob's involvement.

Theorems & Definitions (28)

  • Definition 1: Recoverability
  • Lemma 1
  • Definition 2: Secrecy
  • Lemma 2
  • Lemma 3
  • Lemma 4
  • Lemma 5
  • proof
  • Lemma 6
  • Lemma 7
  • ...and 18 more