Quantum Non-malleability and Authentication
In encryption, non-malleability is a highly desirable property: it ensures that adversaries cannot manipulate the plaintext by acting on the ciphertext. In , Ambainis et al. gave a definition of non-malleability for the encryption of quantum data. In this work, we show that this definition is too weak, as it allows adversaries to “inject” plaintexts of their choice into the ciphertext. We give a new definition of quantum non-malleability which resolves this problem. Our definition is expressed in terms of entropic quantities, considers stronger adversaries, and does not assume secrecy. Rather, we prove that quantum non-malleability implies secrecy; this is in stark contrast to the classical setting, where the two properties are completely independent. For unitary schemes, our notion of non-malleability is equivalent to encryption with a two-design (and hence also to the definition of ).
Our techniques also yield new results regarding the closely-related task of quantum authentication. We show that “total authentication” (a notion recently proposed by Garg et al. ) can be satisfied with two-designs, a significant improvement over the eight-design construction of . We also show that, under a mild adaptation of the rejection procedure, both total authentication and our notion of non-malleability yield quantum authentication as defined by Dupuis et al. .
The authors would like to thank Anne Broadbent, Alexander Müller-Hermes, Frédéric Dupuis and Christopher Portmann for helpful discussions. G.A. and C.M. acknowledge financial support from the European Research Council (ERC Grant Agreement 337603), the Danish Council for Independent Research (Sapere Aude) and VILLUM FONDEN via the QMATH Centre of Excellence (Grant 10059).
- 2.Aharonov, D., Ben-Or, M., Eban, E.: Interactive proofs for quantum computations. In: Innovations in Computer Science - ICS 2010, Proceedings, Tsinghua University, Beijing, China, 5–7 January 2010, pp. 453–469 (2010)Google Scholar
- 3.Alagic, G., Majenz, C.: Quantum non-malleability and authentication. CoRR, abs/1610.04214 (2016). http://arxiv.org/abs/1610.04214
- 5.Ambainis, A., Mosca, M., Tapp, A., De Wolf, R.: Private quantum channels. In: Proceedings of the FOCS 2000, pp. 547–553 (2000)Google Scholar
- 7.Barnum, H., Crépeau, C., Gottesman, D., Smith, A., Tapp, A.: Authentication of quantum messages. In: The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002, Proceedings, pp. 449–458. IEEE (2002)Google Scholar
- 9.Berta, M., Brandao, F.G.S.L., Majenz, C., Wilde, M.M.: Deconstruction and conditional erasure of quantum correlations. arXiv preprint arXiv:1609.06994 (2016)
- 10.Brandao, F.G.S.L., Harrow, A.W., Horodecki, M.: Local random quantum circuits are approximate polynomial-designs. arXiv preprint arXiv:1208.0692 (2012)
- 11.Broadbent, A., Wainewright, E.: Efficient simulation for quantum message authentication. arXiv preprint arXiv:1607.03075 (2016)
- 18.Garg, S., Yuen, H., Zhandry, M.: New security notions and feasibility results for authentication of quantum data. arXiv preprint arXiv:1607.07759 (2016)
- 21.Lieb, E.H., Ruskai, M.B.: A fundamental property of quantum-mechanical entropy. Phy. Rev. Lett. 30(10), 434 (1973a)Google Scholar
- 22.Lieb, E.H., Ruskai, M.B.: Proof of the strong subadditivity of quantum-mechanical entropy. J. Math. Phy. 14(12), 1938–1941 (1973b)Google Scholar
- 23.Low, R.A.: Pseudo-randomness and learning in quantum computation. arXiv preprint arXiv:1006.5227 (2010)
- 24.Majenz, C., Berta, M., Dupuis, F., Renner, R., Christandl, M.: Catalytic decoupling of quantum information. arXiv preprint arXiv:1605.00514 (2016)
- 26.Portmann, C.: Quantum authentication with key recycling. ArXiv e-prints, October 2016Google Scholar