Quantum Ciphertext Authentication and Key Recycling with the Trap Code Yfke Dulek Qusoft, Centrum voor Wiskunde en Informatica, Amsterdam, the Netherlands
[email protected] Florian Speelman1 QMATH, Department of Mathematical Sciences, University of Copenhagen, Denmark
[email protected] Abstract We investigate quantum authentication schemes constructed from quantum error-correcting codes. We show that if the code has a property called purity testing, then the resulting authentication scheme guarantees the integrity of ciphertexts, not just plaintexts. On top of that, if the code is strong purity testing, the authentication scheme also allows the encryption key to be recycled, partially even if the authentication rejects. Such a strong notion of authentication is useful in a setting where multiple ciphertexts can be present simultaneously, such as in interactive or delegated quantum computation. With these settings in mind, we give an explicit code (based on the trap code) that is strong purity testing but, contrary to other known strong-purity-testing codes, allows for natural computation on ciphertexts. 2012 ACM Subject Classification Theory of computation → Cryptographic protocols, Theory of computation → Error-correcting codes, Security and privacy → Information-theoretic techniques, Security and privacy → Symmetric cryptography and hash functions, Theory of computation → Quantum information theory Keywords and phrases quantum authentication, ciphertext authentication, trap code, purity- testing codes, quantum computing on encrypted data Digital Object Identifier 10.4230/LIPIcs.TQC.2018.1 Related Version https://arxiv.org/abs/1804.02237 (full version) Acknowledgements We thank Gorjan Alagic, Christian Majenz, and Christian Schaffner for valuable discussions and useful input at various stages of this research. Aditionally, we thank Christian Schaffner for his comments on an earlier version of this manuscript.