Method for comparing secret sizes of multiple parties based on d-dimensional multi-particle entangled state
By employing a multi-party semi-quantum secret size comparison method based on d-dimensional multi-particle entangled states, and utilizing semi-honest quantum third parties and decoy particle technology, the problem of the number of participants and device dependence in existing semi-quantum secret comparison protocols is solved, achieving secure multi-party comparison and efficient communication.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- NANCHANG UNIV
- Filing Date
- 2023-03-09
- Publication Date
- 2026-06-26
AI Technical Summary
Existing semi-quantum secret comparison protocols can only accommodate two classical parties at a time, and they are highly dependent on quantum devices and have insufficient communication security, making them difficult to widely promote in practical applications.
A method for comparing the size of a multi-party semi-quantum secret based on d-dimensional multi-particle entangled states is adopted. With the assistance of a semi-honest quantum third party, multiple classical participants can obtain the size relationship of the secret. By using decoy particle technology and pre-shared keys, internal and external attacks can be resisted, thereby improving security and qubit efficiency.
This enables multiple classical participants to securely compare the size of secrets without revealing the secrets themselves, reducing reliance on quantum devices and improving communication security and qubit efficiency.
Smart Images

Figure CN116436598B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of quantum cryptography, specifically to a method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states. Background Technology
[0002] Multi-party secure computation is one of the most important branches of quantum cryptography. Multi-party secure computation refers to multiple participants holding secret values jointly computing a function and outputting the computation result without revealing their own secrets. Multi-party secure computation originated from Yao Qizhi's millionaire problem: how can two millionaires compare who is richer but do not want to reveal their respective wealth?[1] Subsequently, in order to solve this problem, researchers have developed many methods suitable for comparing the wealth of two millionaires. However, Lo et al. proved that it is impossible to secure two-party or multi-party computation without the participation of a third party.[2] Therefore, quantum multi-party secure computation protocols all introduce a third party (semi-honest or completely dishonest) to assist each participant in completing the quantum computation task. The semi-honest third party (TP) always executes the program honestly and meticulously. For example, he will never prepare unnecessary quantum states, nor will he collude with anyone to reveal the participants' secrets. However, he may be curious about the participants' secrets and try to deduce the participants' secrets from the information he has. With the development of quantum technology, quantum version of multi-party secure computation has emerged. The security of classical multi-party secure computation relies on complex mathematical algorithms, while the security of quantum multi-party secure computation is guaranteed by the physical properties of quantum itself [3]. As an important special case of quantum multi-party secure computation, quantum secret comparison has been widely used in many commercial fields, such as quantum anonymous voting [4], data sorting [5], quantum auctions [6], etc., and it also plays an important role in other types of multi-party secure computation protocols. Therefore, combining the unique physical properties of quantum, it is of great practical significance to study secure, efficient and simple quantum secret comparison protocols.
[0003] In 2009, Yang et al. designed the first quantum secret comparison protocol based on Bell states[7]. This protocol can compare whether the secrets of two parties are equal. Subsequently, in order to obtain the size relationship of the secrets, Jia et al. studied a new two-party quantum secret size comparison protocol using GHZ states as information carriers[8]. These early quantum secret comparison protocols only allowed two parties to participate. In 2013, based on GHZ states, Chang et al. proposed a multi-party quantum secret comparison protocol[9]. Based on d-dimensional ground states without entanglement, Liu et al. also designed a multi-party quantum secret comparison protocol
[10] . In these two multi-party secret comparison protocols, multiple participants can be accommodated to compare secrets at one time. However, both protocols can only compare whether the secrets of the participants are equal, and cannot compare the size relationship of the secrets. Fortunately, in 2014, Luo et al. designed a new multi-party quantum secret comparison protocol
[11] . A semi-honest third party uses d-dimensional entangled states as information carriers. After executing the protocol, each participant can obtain the size relationship of their secrets without revealing their secrets.
[0004] The aforementioned quantum secret comparison protocol requires all participants to possess quantum manipulation capabilities, including the ability to prepare quantum states, perform quantum measurements, store qubits, and execute quantum unitary operations. These quantum operations rely on quantum devices. As is well known, compared to mature classical communication manipulation devices, current quantum manipulation devices are expensive, functionally incomplete, and unstable. Furthermore, quantum communication is no longer confined to advanced laboratories but is gradually moving towards practical applications. Therefore, requiring all participants to possess expensive and sophisticated quantum manipulation devices is unrealistic. In the fully quantum model, the lack of quantum devices leads to the failure of quantum communication tasks. In the fully classical communication model, communication security is challenged. To reduce dependence on quantum devices while ensuring communication security, researchers are seeking a communication method that lies between fully classical and fully quantum communication. In 2007, Boyer et al. proposed a semi-quantum theoretical model [12,13]. In the semi-quantum theoretical model, the quantum side has quantum capabilities, while the classical side only needs to perform two operations: A. After receiving the particle, return the particle directly without performing any operations; B. Measure the particle using Z-based methods, record the measurement results, and prepare a new particle using Z-based methods to send to a third party. From the above definition, it can be seen that the classical side in the semi-quantum model does not need to match various advanced quantum operation devices, but only basic classical operation devices. Obviously, this semi-quantum model is more practical. Therefore, theoretical and experimental innovations have attracted a lot of attention from researchers. In 2016, using Bell states as quantum sources, Chou et al. designed the first semi-quantum secret comparison protocol
[14] . Executing this protocol can compare whether the secrets of two classical sides are equal, where the third party is the only person with quantum capabilities in this protocol. In 2018, Thapliyal et al. designed a new semi-quantum secret comparison protocol that can also compare whether the secrets of two classical sides are equal, using EPR photon pairs as information carriers
[15] . In 2021, based on d-dimensional Bell states, Zhou et al. proposed a new semi-quantum secret comparison protocol that can compare the size of secrets between two classical parties. However, existing semi-quantum secret comparison protocols can only accommodate two classical parties at a time
[16] . In the future, a semi-quantum secret comparison protocol that can accommodate multiple classical parties at a time will be more practical and universal. Therefore, based on multi-particle maximally entangled states, this invention proposes the first multi-party semi-quantum secret size comparison method. Compared with the recently proposed two-party semi-quantum secret comparison method, the efficiency of qubits in this method is improved. By using decoy particle technology and the method of sharing keys in advance, various internal and external attacks can be successfully resisted.
[0005] References
[0006] 1. Yao, A.C.: Protocols for secure computations. In: Proceedings of23rd IEEE Symposium on Foundations of Computer Science (SFCS’08); 03-05November Washington, DC, USA: IEEE. p. 160-4 (1982)
[0007] 2. Lo, H.K.: Insecurity of quantum secure computations. Phys Rev A56, 1154-62 (1997)
[0008] 3. Srikantaiah, J.G., DasGupta, A.: Quantum mechanical effects inbulk MOSFETs from a compact modeling perspective. IETE Tec. Rev. 29, 3-28(2012)
[0009] 4. Bonanome, M., et al: Toward protocols for quantum ensured privacyand secure voting. Phys. Rev. A 84, 022-331 (2011)
[0010] 5. Huang, S.L., Hwang, T., Gope, P.: Multi-party quantum privatecomparison with an almost-dishonest third party. Quan. Inf. Process. 14,4225-4235 (2015)
[0011] 6. Naseri, M.: Secure quantum sealed-bid auction. Optics Commun. 282,1939-1943 (2009)
[0012] 7. Yang, Y.G., Wen, Q.Y.: An efficient two-party quantum privatecomparison protocol with decoy photons and two-photon entanglement. J Phys A:Math Theor 42, 055305 (2009)
[0013] 8. Jia, H.Y., Wen, Q.Y., Song, T.T., Gao, F.: Quantum protocol formillionaire problem. Opt Commun 284, 545-9 (2011)
[0014] 9. Chang, Y.J., Tsai, C.W., Hwang, T.: Multi-user private comparisonprotocol using GHZ class states. Quan. Inf. Process. 12, 1077-88 (2013)
[0015] 10. Liu, W., Wang, Y.B. Wang, X.M.: Multi-party Quantum PrivateComparison Protocol Using d-Dimensional Basis States Without EntanglementSwapping. Int. J. Theor. Phys. 53, 1085-1091 (2014)
[0016] 11. Luo, Q.B., Yang, G.W., She, K., Niu, W.N., Wang, Y.Q.: Multi-party quantum private comparison protocol based on d-dimensional entangledstates. Quan. Inf. Process. 13, 2343-52 (2014)
[0017] 12. Boyer, M., Kenigsberg, D., Mor, T.: Quantum key distribution withclassical Bob. Phys. Rev. Lett. 99, 140501 (2007)
[0018] 13. Boyer, M., et al: Semi-quantum key distribution. Phys. Rev. A 79,032341 (2009)
[0019] 14. Chou, W.H., Hwang, T., Gu, J.: Semi-quantum private comparisonprotocol under an almost-dishonest third party. arXiv:1607.07961 (2016)
[0020] 15. Thapliyal, K., Sharma, R.D., Pathak, A.: Orthogonal-state-basedand semi-quantum protocols for quantum private comparison in noisyenvironment. Int. J. Quan. Inf. 16, 1850047 (2018)
[0021] 16. Zhou, N.R., et al: Semi-quantum private comparison protocol ofsize relation with d-dimensional Bell states. Quan. Inf. Process. 20, 1-15(2021)
[0022] 17. Zhou, N.R., Zhu, K.N., Zou, X.F.: Multi-Party Semi-Quantum KeyDistribution Protocol With Four-Particle Cluster States. Ann. Phys.(Berlin)531, 1800520 (2019)
[0023] 18. Hwang, W.Y.: Quantum Key Distribution with High Loss: TowardGlobal Secure Communication. Phys. Rev. Lett. 91, 057901 (2003)
[0024] 19. Lo, H.K., Ma, X., Chen, K.: Decoy state quantum key distribution.Phys Rev Lett 94, 230504 (2005)
[0025] 20. Wang, X.B.: Beating the photon-number-splitting attack inpractical quantum cryptography. Phys Rev Lett 94, 230503 (2005)
[0026] 21. Bennett, C.H., Brassard, G.: In: Proceedings of the InternationalConference on Computers, Systems and Signal Processing, December, Bangalore,India, pp. 175-179 (1984)
[0027] 22. Shor, P.W., Preskill, J.: Simple proof of security of the BB84quantum key distribution protocol. Phys. Rev. Lett. 85(2), 441-4 (2000)
[0028] 23. Deng, F.G., Li, X.H., Zhou, H.Y.: Efficient high-capacity quantumsecret sharing with two-photon entanglement. Phys. Lett. A 372(12), 1957-62(2008)
[0029] 24. Deng, F.G., Long, G.L., Liu, X.S.: Two-step quantum directcommunication protocol using the Einstein-Podolsky-Rosen pair block. Phys.Rev. A 68(4), 042317 (2003)
[0030] 25. Gisin, N., et al.: Quantum cryptography. Rev. Mod. Phys. 74, 145-195 (2002)
[0031] 26. Wang, B., Liu, S.Q., Gong, L.H.: Semi-quantum private comparisonprotocol of size relation with d-dimensional GHZ states. Chin. Phys. B 31,010302 (2022)
[0032] 27. Tsai, C.W., Lin, J., Yang, C.W.: Cryptanalysis and improvement insemi-quantum private comparison based on Bell states. Quantum Inf. Process.20, 1-14 (2022)
[0033] 28. Jiang, L.Z.: Semi-quantum private comparison based on Bellstates. Quantum Inf. Process. 19 1-21 (2020)
[0034] 29. Yan, L.L., et al.: Semi-quantum key agreement and privatecomparison protocols using Bell states Int. J. Quantum Inf. 58, 3852-3862(2019)
[0035] 30. Wang, B., Gong, LH, Liu, SQ: Multi-party quantum private size comparison protocol with d-dimensional Bell states. Front. Phys. 10, 981376(2022). Summary of the Invention
[0036] The purpose of this invention is to address the shortcomings of existing technologies by providing a method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states. With the assistance of a semi-honest quantum third party, multiple classical participants (who do not have quantum manipulation capabilities) can obtain the size relationship of their secrets. Compared with existing semi-quantum secret comparison methods, this method can compare the secrets of multiple classical participants at once, and has higher security and qubit efficiency.
[0037] To achieve the above objectives, the present invention adopts the following technical solution:
[0038] A method for comparing the magnitude of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states includes the following steps:
[0039] Step S1: First, prepare TP. indivual Maximum entanglement of particles In a d-dimensional Hilbert space, the maximum entangled state of N+1 particles can be represented as:
[0040] (1);
[0041] in Indicates modulus addition, ;
[0042] Then TP will put the above The first particles in each entangled state are labeled as particle sequences. This particle sequence has always been held by TP, and the second set of particles is marked as a particle sequence. The third group of particles were labeled as a sequence. And so on, until the last few particles are labeled as particle sequences. To ensure communication security, TP will mix and lure particles into a particle sequence according to certain rules. ( In ) make Forming a new particle sequence , Ultimately, it will be sent by TP to the participants. ;
[0043] Step S2, when the participants Received particle sequence Then, he will use the shared key For particles Perform the corresponding operations; if If the number is even, he will choose operation A; otherwise, he will choose operation B: measure the particle using the Z-basis and record the measurement result. And prepare a new state using the Z-basis and send it through the quantum reverse channel. Given TP, where:
[0044] (2);
[0045] Step S3: After receiving particles from all participants, TP will perform a security check, and after the security check is passed, proceed to step S4.
[0046] Step S4: After passing the security check, TP will obtain... String data , ,..., ,in, ;because It is a key shared between the TP and the participants, and the encryption rules are not kept secret from the TP, so the TP knows the secrets of each participant. The value of TP can be calculated based on this. :
[0047] (3);
[0048] Calculate Afterwards, TP will obtain New data , ,…, ,in, ;
[0049] Step S5: TP obtains the new data string , ,…, The same bits are taken out and compared. After comparing all the same bits, TP determines the size relationship of all secrets.
[0050] Specifically, in step S1, TP mixes and lures particles into a particle sequence according to certain rules. ( In ) make Forming a new particle sequence The specific rules are:
[0051] if If the number is even, TP will place a decoy particle; otherwise, TP will place an entangled particle. Specifically, the sequence of particles held by TP... No decoy particles need to be inserted.
[0052] The security check described in step S3 is as follows:
[0053] In step S1, TP has added the decoy particles to the particle sequence according to the shared key. Therefore, TP can grasp the position and measurement basis of each decoy particle. Based on the measurement results of the decoy particles, TP can determine whether the information has been eavesdropped on. If the eavesdropper launches an attack on the information channel, it will inevitably introduce errors. When the error rate is less than a certain threshold, TP will announce the execution of step S4; otherwise, it will terminate the communication.
[0054] In step S5, TP determines the size relationship of all secrets. The determination process is as follows:
[0055] First, TP will use Z-based measurement of particle sequences. Each particle in the sample was measured, and the results were recorded. According to the physical properties of entangled states, if a particle in a multi-particle entangled state is measured by a Z-basis, then the entangled state will collapse to... ;
[0056] Secondly, TP calculation ,
[0057] (4);
[0058] According to Sign ,
[0059] (5);
[0060] Finally, TP can be derived. , ,…, The size relationship, among which ,
[0061] (6);
[0062] The TP can be derived , ,…, The relationship between their magnitudes is derived as follows:
[0063] From equations (2) and (3), we can derive...
[0064] (7);
[0065] Based on equation (7), equation (4) can be further derived.
[0066] (8);
[0067] From equation (8), we can see that, Showing and The size relationship; according to equations (5) and (6), if Greater than and less than or equal to ,but , can be obtained Otherwise, it can be determined that .
[0068] The advantages of this invention compared to the prior art are as follows:
[0069] This invention is based on a method for comparing the size of semi-quantum secrets of multiple parties in d-dimensional multi-particle entangled states. With the assistance of a semi-honest quantum third party, multiple classical participants (who do not have quantum manipulation capabilities) can obtain the size relationship of their secrets. Compared with existing semi-quantum secret comparison methods, this method can compare the secrets of multiple classical participants at once, and has higher security and qubit efficiency. Attached Figure Description
[0070] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0071] Figure 1 This is a schematic diagram illustrating the execution process of the multi-directional semi-quantum secret size comparison method based on d-dimensional multi-particle entangled states of the present invention. Detailed Implementation
[0072] To make the objectives, technical solutions, and advantages of this invention clearer, the technical solutions of this invention will be clearly and completely described below in conjunction with specific embodiments. Obviously, the described embodiments are only some embodiments of this invention, not all embodiments. Based on the embodiments of this invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this invention.
[0073] like Figure 1 As shown, this invention provides a method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states, comprising the following steps:
[0074] Step S1: First, prepare TP. indivual Maximum entanglement of particles In a d-dimensional Hilbert space, the maximum entangled state of N+1 particles can be represented as:
[0075] (1);
[0076] in Indicates modulus addition, ;
[0077] Then TP will put the above The first particles in each entangled state are labeled as particle sequences. This particle sequence has always been held by TP, and the second set of particles is marked as a particle sequence. The third group of particles were labeled as a sequence. And so on, until the last few particles are labeled as particle sequences. To ensure communication security, TP will mix and lure particles into a particle sequence according to certain rules. ( In ) make Forming a new particle sequence , Ultimately, it will be sent by TP to the participants. ;
[0078] Step S2, when the participants Received particle sequence Then, he will use the shared key For particles Perform the corresponding operations; if If the number is even, he will choose operation A; otherwise, he will choose operation B: measure the particle using the Z-basis and record the measurement result. And prepare a new state using the Z-based approach and send it through a quantum reverse channel. Given TP, where:
[0079] (2);
[0080] Step S3: After receiving particles from all participants, TP will perform a security check, and after the security check is passed, proceed to step S4.
[0081] Step S4: After passing the security check, TP will obtain... String data , ,..., ,in, ;because It is a key shared between the TP and the participants, and the encryption rules are not kept secret from the TP, so the TP knows the secrets of each participant. The value of TP can be calculated based on this. :
[0082] (3);
[0083] Calculate Afterwards, TP will obtain New data , ,…, ,in, ;
[0084] Step S5: TP obtains the new data string , ,…, The same bits are taken out and compared. After comparing all the same bits, TP determines the size relationship of all secrets.
[0085] Specifically, in step S1, TP mixes and lures particles into a particle sequence according to certain rules. ( In ) make Forming a new particle sequence The specific rules are:
[0086] if If the number is even, TP will place a decoy particle; otherwise, TP will place an entangled particle. Specifically, the sequence of particles held by TP... No decoy particles need to be inserted.
[0087] The security check described in step S3 is as follows:
[0088] In step S1, TP has added the decoy particles to the particle sequence according to the shared key. Therefore, TP can grasp the position and measurement basis of each decoy particle. Based on the measurement results of the decoy particles, TP can determine whether the information has been eavesdropped on. If the eavesdropper launches an attack on the information channel, it will inevitably introduce errors. When the error rate is less than a certain threshold, TP will announce the execution of step S4; otherwise, it will terminate the communication.
[0089] In step S5, TP determines the size relationship of all secrets. The determination process is as follows:
[0090] First, TP will use Z-based measurement of particle sequences. Each particle in the sample was measured, and the results were recorded. According to the physical properties of entangled states, if a particle in a multi-particle entangled state is measured by a Z-basis, then the entangled state will collapse to... ;
[0091] Secondly, TP calculation ,
[0092] (4);
[0093] According to Sign ,
[0094] (5);
[0095] Finally, TP can be derived. , ,…, The size relationship, among which ,
[0096] (6);
[0097] The technical solution of the method of the present invention will be further described below with reference to specific embodiments. It mainly includes three aspects: correctness analysis, security analysis, and superiority analysis.
[0098] In this embodiment, TP and For example, a quantum third party (TP) prepares a quantum state, sends it through a forward quantum channel for security detection, receives it through a reverse quantum channel, and finally completes a secret comparison. Classical participants only need to perform either operation A or operation B.
[0099] 1. Correctness Analysis
[0100] 1.1 The correctness of the theory
[0101] From equations (2) and (3), we can derive...
[0102] (7);
[0103] Based on equation (7), equation (4) can be further derived.
[0104] (8);
[0105] From equation (8), we can see that, Showing and The size relationship; according to equations (5) and (6), if Greater than and less than or equal to ,but , can be obtained Otherwise, it can be determined that .
[0106] 1.2 Correctness in actual use
[0107] Assume there are three classic participants ( , , Their secrets are respectively , , These three classic participants share a key 04 beforehand. TP and Shared key It is 12234, and Shared key It is 01243, and Shared key It's 32104. They want to compare their sizes without revealing these secrets.
[0108] Step S1: TP randomly prepares two 9-dimensional 4-particle maximally entangled states. and And mark the first particles of these two entangled states as a particle sequence. The second set of particles is labeled as a particle sequence. The third group of particles is labeled as a particle sequence. The fourth particles are labeled as particle sequences. .
[0109] In addition, according to the shared key with the participants TP will insert decoy-state particles into the particle sequence. , , Finally, TP sends three sequences of particles, each containing a decoy particle, to the corresponding participant.
[0110] Step S2: After receiving the particle sequence, the participants complete the corresponding operations, as shown in Table 1 below.
[0111] Table 1. Operational behavior
[0112] ;
[0113] Set up a shared key If it is 12234, then Will be on particles Complete operation (2) on the particles Complete operation (1) on the particle Complete operation (1) on the particle Complete operation (2) on the particles Complete operation (1); if Measured values If it is 31, then the measurements of the other participants will definitely be 31. , , This is determined by the physical properties of entangled states. According to equation (2) and the keys held by the participants, they will complete the information encryption task and encrypt their respective data. , , Send it to TP via a quantum reverse channel.
[0114] Step S3: If eavesdropping is detected during security checks, TP will terminate the communication. Otherwise, the procedure proceeds to the next step.
[0115] Step S4: After TP receives the data sent by the three participants, it will calculate according to equation (3) to obtain... , , .
[0116] Step S5: TP will use Z-based measurement of particle sequence. The particles in the sample, the measured values obtained It must be 11 (the reason has been explained in step S2). Next, TP will compare the secret sizes of the three classic participants using the following equation.
[0117] (9);
[0118] Similarly, from equation (9), TP can be obtained. , , , Therefore, the comparison results can be derived from equations (5) and (6).
[0119] (10);
[0120] In summary, TP, without knowing the participants' secrets, compared the relative strengths of the three classic participant secrets using this method. , , The comparison proves that the results obtained by the method of the present invention are correct and effective.
[0121] The above process was repeated, and the correctness of the method of the present invention was verified through multiple sets of examples. The results are shown in Table 2 below. The comparison results in Table 2 can further illustrate the correctness of the method of the present invention.
[0122] Table 2. Comparison results of the size relationship of multiple groups of instances
[0123] ;
[0124] 2. Security Analysis
[0125] This embodiment will analyze the security of the method from both internal and external perspectives:
[0126] We assume that the quantum channel in this method is an ideal information channel, that is, there is no noise in the channel and all emitted particles can be received.
[0127] 2.1. External Attacks
[0128] Suppose there is an external attacker attempting to obtain secret-related information from the participants and the TP. If there is particle transmission in the information channel, the attackers will launch various common external attacks, such as intercept-measure-retransmission attacks, entanglement attacks, etc.
[0129] Scenario 1: Intercept-Measure-Resend Attack
[0130] In steps S1 and S2, the attacker intercepts the particle sequence by measuring and retransmitting. and They measure these quantum states and then send a new quantum state identical to the one before the measurement to the participants, attempting to disguise their eavesdropping behavior. Because... and Each particle contains decoy particles designed to prevent eavesdropping. If an attacker measures a particle, there is a 50% probability that the attacker will detect the decoy particle. Since the attacker does not know the measurement basis for each decoy particle, each measurement introduces a high probability of error. When the error rate exceeds a certain threshold, the communication will terminate.
[0131] The concept of decoy particle technology was first proposed by Hwang
[18] . Later, Lo and Wang proposed their own decoy state methods and gave rigorous proofs[19,20]. Decoy particle technology is considered an important eavesdropping and inspection method for the BB84 protocol
[21] and has been proven to ensure unconditional security of communication
[22] . This technology can successfully resist some well-known physical attacks such as intercept-retransmission attacks and measurement-retransmission attacks[23,24]. Therefore, attackers cannot obtain the secret information of participants in an intercept-measure-retransmission attack.
[0132] Scenario 2: Entanglement Attack
[0133] Assuming the entanglement attacker possesses extraordinary quantum capabilities, enabling them to perform quantum unitary operations and convert auxiliary entangled states... Attached to the intercepted particles.
[0134] Perform quantum unitary operations on the intercepted particles Afterwards, its state is:
[0135] (11);
[0136] (12);
[0137] in, It is a unitary transformation A definite pure auxiliary state. , , To avoid introducing errors, entanglement attackers had to set... ,in, .
[0138] Therefore, equations (11) and (12) can be written as:
[0139] (13);
[0140] (14);
[0141] Similarly, entanglement attackers can only set... ,in, , .
[0142] When the attacker performs a unitary operation on the d-dimensional multi-particle maximally entangled state and attaches an auxiliary entangled state, the entire system becomes:
[0143] (15);
[0144] From equations (13), (14), and (15), we can obtain
[0145] (16);
[0146] According to equation (16), the entanglement attacker cannot distinguish between them. and That is to say, an entangled attacker cannot obtain information related to the secret from the quantum channel by launching an entanglement attack.
[0147] 2.2. Internal attack
[0148] An inside attack is an attack that comes from the participants or a semi-honest third party, and therefore, inside attacks are usually more powerful
[25] .
[0149] Scenario 3: From dishonest participants attack
[0150] Assuming dishonest participants They want to obtain secret information about other participants from quantum channels or from information they already possess. If... In steps S1 and S2, launching an attack on the quantum channel will be considered an external attacker because... The positions and measurement bases of the decoy particles in other particle sequences are also unknown. Furthermore, The shared key between TP and other participants is unknown. ,therefore, They also cannot deduce the secrets of other participants from the information they already possess.
[0151] In conclusion, dishonest participants Attacks against this method are also ineffective against the method of this invention.
[0152] Scenario 4: Attack from a semi-honest third-party TP
[0153] In this embodiment, TP is the sender of the initial state and also the receiver of the encrypted information, which is obviously more powerful than any other attacker.
[0154] As described in the background information, TP strictly adheres to procedures, does not prepare unnecessary quantum states for the process, and does not collude with others to leak secret information. However, TP's curiosity about the participants' secrets may lead them to attempt to obtain information from what they already possess. The secret of each participant is deduced because TP does not know the key that was previously shared among the participants. Therefore, he could not deduce the secrets of each participant from the information he already possessed.
[0155] In conclusion, attacks from semi-honest third parties are also ineffective against this method.
[0156] 3. Advantages Analysis
[0157] To better illustrate the superiority of this method, we will compare it with other recently proposed methods from multiple aspects (see Table 3), including the following seven aspects: quantum signal source, requirements for participants' capabilities, types of comparisons, number of participants that can be accommodated, quantum efficiency, whether a shared key is required in advance, and whether a classical authentication channel is required.
[0158] Among them, quantum efficiency Defined as , This is the total number of bits that need to be compared in this communication. This is the sum of the number of quantum and classical bits consumed in this communication.
[0159] In reference
[26] , the authors proposed a new semi-quantum secret comparison method based on d-dimensional GHZ states. This method can compare the magnitudes of two classical secrets. To calculate the qubit efficiency, it is necessary to calculate the total number of bits required to complete one secret comparison using this method. First, TP needs to Particle preparation Two GHZ states (each particle carrying one bit of information); secondly, the two classical participants need a total of [number missing] GHz states. Each particle transmits information to TP. Therefore, we can obtain... This method can only accommodate two classical parties participating in secret comparison, such as the length of each party's secret being... Then, the total number of comparable qubits is In summary, the efficiency of a qubit can be calculated. yes In addition, the participants in this method need to share two sets of keys, which increases the difficulty of program execution.
[0160] In reference
[27] , the authors improved upon the two-party secret comparison method
[28] proposed by Jiang. Based on Bell states, this method can also compare whether the secrets of two classical parties are equal. To complete one secret comparison, the total number of bits consumed by this method is: First, TP needs to Particle preparation One Bell state; secondly, the two classical participants need a total of Each particle transmits information to TP. Therefore, This semi-quantum secret comparison method can only accommodate two classical parties; therefore, In summary, the efficiency of a qubit can be calculated. yes In addition, the TP must share a key with both participants.
[0161] In reference
[29] , based on Bell states, the authors proposed a new semi-quantum secret comparison method that can also compare whether the secrets of two parties are equal. To complete one secret comparison, the total number of bits consumed by this method is: First, TP needs to... Particle preparation Two Bell states; secondly, according to the literature, each participant needs to... Each particle sends a message to TP; additionally, participants need to Each classical bit announces the participants' actions and the order in which the particles return. Therefore, This method can only accommodate two classical sides at a time, therefore, In summary, the efficiency of a qubit can be calculated. yes Additionally, the two classical parties may share a key.
[0162] In reference
[30] , the authors proposed a new multi-party quantum secret comparison based on d-dimensional Bell states. With the help of a semi-honest third party, each quantum party can obtain the size relationship of their secrets. To complete one secret comparison, the total number of bits consumed by this method is: First, TP needs to Particle preparation A Bell state and First, a deceptive approach; second, each participant needs to... Each classic bit transmits information to the TP via the classic authentication channel. Therefore, This method is only suitable for participants with quantum capabilities, and it can accommodate [a certain number of participants] at a time. Fang participated, therefore, In summary, the efficiency of a qubit can be calculated. yes .
[0163] In this embodiment, a multi-party semi-quantum secret comparison method is proposed based on d-dimensional multi-particle maximally entangled states. With the help of a semi-honest third party, Each classic participant can obtain their secret size relationship. The total number of bits consumed by this method to complete one secret comparison is: First, TP needs... Particle preparation A multi-particle maximally entangled state, and requires Particle preparation Firstly, a deceptive approach; secondly, each classic prescription requires... Each particle transmits information to TP. Therefore, The method of this invention is not only suitable for classical methods lacking quantum capabilities, but it can also accommodate multiple quantum states in a single operation. Fang participated, therefore, In summary, the efficiency of a qubit can be calculated. yes Compared to the protocols mentioned above, the quantum bit effect in this embodiment is close to... =Equal to that in reference
[27] .
[0164] As can be seen from Table 3 below: the method of the present invention does not require the participants to have quantum capabilities, and can accommodate [a certain number of participants] at a time. While the methods in references [26,27,29] do not require quantum capabilities from the participating parties, they can only accommodate two classical parties at a time. Although the method in reference
[30] can compare the secrets of multiple participating parties at once, it is only suitable for quantum parties with quantum capabilities. Like references [26,30], the method of this invention can compare the magnitude of the secrets of each participating party, while references [27,29] can only compare whether the secrets are equal.
[0165] Table 3. Comparison with the most recently similar QPC methods
[0166] ;
[0167] In summary, the multi-party semi-quantum secret size comparison method based on d-dimensional multi-particle maximally entangled states proposed in this invention is more practical and universal than existing methods; more importantly, it can also guarantee relatively high qubit efficiency.
[0168] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims
1. A method for comparing the size of multi-directional semi-quantum secrets based on d-dimensional multi-particle entangled states, characterized in that, Includes the following steps: Step S1: Semi-honest third-party TP preparation indivual Maximum entanglement of particles Then put the above The first particles in each entangled state are labeled as particle sequences. This particle sequence has always been held by TP, and the second set of particles is marked as a particle sequence. The third group of particles were labeled as a sequence. And so on, until the last few particles are labeled as particle sequences. To ensure communication security, TP will mix and lure particles into a particle sequence according to certain rules. ( In ) make Forming a new particle sequence , Ultimately, it will be sent by TP to the participants. ; Step S2, when the participants Received particle sequence Then, he will use the shared key For particles Perform the corresponding operations; if If the number is even, he will choose operation A; otherwise, he will choose operation B: measure the particle using the Z-basis and record the measurement result. And prepare a new state using the Z-basis and send it through a quantum reverse channel. Give TP; Step S3: After receiving particles from all participants, TP will perform a security check, and after the security check is passed, proceed to step S4. Step S4: After passing the security check, TP will obtain... String data , ,..., ,in, ; because It is a key shared between the TP and the participants, and the encryption rules are not kept secret from the TP, so the TP knows each shared key. The value of TP can be calculated based on this. ; Calculate Afterwards, TP will obtain New data , ,…, ,in, ; Step S5: TP obtains the new data string , ,…, The same bits are taken out and compared. After comparing all the same bits, TP determines the size relationship of all secrets.
2. The method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states according to claim 1, characterized in that, TP preparation in step S1 indivual Maximum entanglement of particles In a d-dimensional Hilbert space, the maximum entangled state of N+1 particles can be represented as: (1); in Indicates modulus addition, .
3. The method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states according to claim 1, characterized in that, In step S1, TP will mix and lure particles into a particle sequence according to certain rules. ( In ) make Forming a new particle sequence ; The specific rules are: if If the number is even, TP will place a decoy particle; otherwise, TP will place an entangled particle. Specifically, the sequence of particles held by TP... No decoy particles need to be inserted.
4. The method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states according to claim 1, characterized in that, Step S2 describes preparing a new state using the Z-basis and sending it through the quantum reverse channel. Given TP, where: (2)。 5. The method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states according to claim 1, characterized in that, The security check described in step S3 is as follows: In step S1, TP has added the decoy particles to the particle sequence according to the shared key. Therefore, TP can grasp the position and measurement basis of each decoy particle. Based on the measurement results of the decoy particles, TP can determine whether the information has been eavesdropped on. If the eavesdropper launches an attack on the information channel, it will inevitably introduce errors. When the error rate is less than a certain threshold, TP will announce the execution of step S4; otherwise, it will terminate the communication.
6. The method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states according to claim 1, characterized in that, The TP mentioned in step S4 can be calculated , (3); in This represents a reduction in the modulus.
7. The method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states according to claim 1, characterized in that, In step S5, TP determines the size relationship of all secrets. The determination process is as follows: First, TP will use Z-based measurement of particle sequences. Each particle in the sample was measured, and the results were recorded. According to the physical properties of entangled states, if a particle in a multi-particle entangled state is measured by a Z-basis, then the entangled state will collapse to... ; Secondly, TP calculation , (4); According to Sign , (5); Finally, TP can be derived. , ,…, The size relationship, among which , (6)。 8. The method for comparing the size of multi-party semi-quantum secrets based on d-dimensional multi-particle entangled states according to claim 7, characterized in that, The TP can be derived , ,…, The relationship between their magnitudes is derived as follows: From equations (2) and (3), we can derive... (7); Based on equation (7), equation (4) can be further derived. (8); From equation (8), we can see that, Showing and The size relationship; according to equations (5) and (6), if Greater than and less than or equal to ,but , can be obtained Otherwise, it can be determined that .