Abstract
We propose a high-efficiency three-party quantum key agreement protocol, by utilizing two-photon polarization-entangled Bell states and a few single-photon polarization states as the information carriers, and we use the quantum dense coding method to improve its efficiency. In this protocol, each participant performs one of four unitary operations to encode their sub-secret key on the passing photons which contain two parts, the first quantum qubits of Bell states and a small number of single-photon states. At the end of this protocol, based on very little information announced by other, all participants involved can deduce the same final shared key simultaneously. We analyze the security and the efficiency of this protocol, showing that it has a high efficiency and can resist both outside attacks and inside attacks. As a consequence, our protocol is a secure and efficient three-party quantum key agreement protocol.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Avoid common mistakes on your manuscript.
1 Introduction
Quantum communication provides an unconditionally secure way for the transmission of information, by exploiting the principles in quantum mechanics. In recent decades, this field gains much attention of researchers all over the world. There are many important branches of quantum communication for different tasks, such as quantum key distribution (QKD) [1,2,3], quantum secure direct communication (QSDC) [4,5,6,7,8,9,10,11,12], quantum secret sharing (QSS) [13], and so on. QKD supplies a secure way for two remote legitimate parties to create a private key [1,2,3]. The parties in QKD can detect the eavesdropper, say Eve, if she monitors their quantum channel, by picking up a subset of their outcomes obtained with two nonorthogonal measuring bases to check eavesdropping. They can then discard the outcomes when they find Eve. Far different from QKD, QSDC gives an absolutely secure approach for two parties to transmit their secret message directly, without producing the private key in advance. The first QSDC scheme was proposed by Long and Liu [4] and it exploits the properties of Bell states and uses a block transmission technique in 2002. Subsequently, Deng, Long, and Liu [5] clarified the standard criterion for QSDC explicitly in 2003, and they proposed an important two-step QSDC protocol by using the Einstein-Podolsky-Rosen photon pair blocks . Recently, these two-step QSDC protocols [4, 5] were experimentally implemented by two groups [6, 7]. In 2004, Deng and Long [8] introduced the first QSDC protocol based on a sequence of single photons, called quantum one-time pad scheme which has been recently experimentally demonstrated by Hu et al. [9] in a noisy environment with frequency coding. In 2017, Wu et al. [10] proposed a high-capacity QSDC protocol with two-photon six-qubit hyperentangled states. QSS is used to share a secret key among some agents of a boss [13], in which the agents can reconstruct the secret if and only if they collaborate. QSS has a higher requirement than QKD because a potentially dishonest agent may injure the benefit of the boss. The inside attacks will increase largely the difficulty of the design of QSS schemes in practical applications.
Quantum key agreement (QKA)[14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36] is another interesting multiparty quantum communication. It is an extension of classical key agreement [37], by utilizing the principles of quantum mechanics, i.e., quantum no-cloning theorem, Heisenberg uncertainty principle, and the principle of quantum state superposition. Ways of generating the shared keys are different in QKA and QKD protocols. In a QKA protocol, a classical final shared key is derived by two (or more) parties as a function of information contributed by each of them [14], it is generated by all the participants together. But in a QKD protocol, a shared key is decided by one participant and distributed to others. A secure QKA protocol needs to satisfy four properties [15]: correctness, security, fairness, and privacy property. The correctness property requires that each participant should receive the correct secret key. The security property requires that outside eavesdroppers cannot obtain the shared key without being detected. The fairness property indicates that non-trivial subsets of the involved participants can determine the final shared key. And the privacy property requires that the sub-secret key of each participant should not be learned by any other [15]. Those properties make the QKA protocols more suitable for open insecure channels, and make it have the extensive application prospect in open network [16]. Also, they increase the difficulty of designing a secure QKA protocol. In 2004, Zhou et al. [17] proposed a QKA protocol which contains two users and utilizes the quantum teleportation technique. In 2010, Chong et al. [18] proposed a QKA protocol based on the BB84 protocol, utilizing a delayed measurement technique. Nevertheless, only two users are involved in the above protocols [17, 18]. In 2013, Shi et al. [19] presented a multi-party QKA (MQKA) protocol by using the entanglement swapping technique. In the same year, Liu et al. [20] pointed out that Shi et al.’s protocol is not a fair QKA protocol and then put forward another MQKA protocol with single particles. In 2014, a MQKA protocol using Bell state and Bell measurement was proposed by Shukla et al. [21]. In 2016, two MQKA protocol were proposed by Sun et al. with cluster state [22] and six-qubit states [23] respectively. In the same year, Liu et al. [14] calculated the previous MQKA protocols into three categories: the complete-graph-type MQKA protocols [16, 20], the circle-type MQKA protocols [15, 19, 21,22,23,24], and the tree-type MQKA protocol [25]. A circle-type protocol has a higher qubit efficiency than the complete-graph-type one. But in Ref. [25], they described an instructional mode of the attacks to the circle-type MQKA protocols, and claimed that those previous MQKA protocol cannot resist the collusive participant attacks (or called inside attacks). In 2016, Huang et al. [26] proposed a QKA protocol in travelling-mode utilizing single photons and rotation operations. In 2017, Cai et al. [27] presented another MQKA protocol with rotation operations. Subsequently, Cao et al. [28] proposed a MQKA protocol based on quantum search algorithm. Recently, Huang et al. [29] put forward a MQKA protocol with collective detection and rotation operations. Up to now, many other different QKA protocols have been proposed [30,31,32,33,34,35,36].
In this paper, we propose a secure and efficient three-party QKA protocol with Bell states, following partially the idea in previous studies [15, 24]. In our protocol, the idea of quantum dense coding is used [38]. Four unitary operations are used as encoding operations, which are performed by each participant on passing photons. The passing photons contains two parts, the first quantum qubits of Bell states and the single-photon states. Our protocol can prevent dishonest participants learning any useful information about other’s sub-secret key. It can successfully resist both outside attacks and inside attacks. At the end of this protocol, all participants involved can deduce the final shared key simultaneously with very little information about the positions of those single photons announced by others. Moreover, by using the dense coding method, this protocol also prosesses a high efficiency.
2 High-Efficiency Three-Party QKA Protocol
In this QKA protocol, three participants, say Alice, Bob, and Charlie, cooperate to establish a final shared key. The two-photon polarization-entangled Bell states and some single-photon polarization states will be used in our protocol. Four Bell states can be expressed as:
where \( \left|0\right.rangle \) and \( \left|1\right.rangle \) respectively present the horizontal and vertical polarization states of the single photon. They form a complete orthogonal basis, called Z basis. \( \left|+\right.rangle=\frac{1}{\sqrt{2}}\left(\left|0\right.rangle+\left|1\right.rangle\right) \) and \( \left|-\right.rangle=\frac{1}{\sqrt{2}}\left(\left|0\right.rangle-\left|1\right.rangle\right) \) form another complete orthogonal basis, called X basis. We code the two-photon Bell state \( \left|{\phi}^{+}\right.rangle \) as ‘00’, \( \left|{\phi}^{-}\right.rangle \) as ‘01’, \( \left|{\psi}^{+}\right.rangle \) as ‘10’, \( \left|{\psi}^{-}\right.rangle \) as ‘11’. Furthermore, we code the single-photon state \( \left|0\right.rangle \) as ‘0’, \( \left|1\right.rangle \) as ‘1’.
In our protocol, according to the idea of quantum dense coding [38], we use four unitary operations U00 = I, U01 = σz, U10 = σx and U11 = iσy as the encoding operations. Here σz, σx, σy are the Pauli matrices. If we choose to perform one of those local unitary operations on the first quantum bit of the two-photon system in the state \( \left|{\phi}^{\pm}\right.rangle \) or \( \left|{\psi}^{\pm}\right.rangle \), the transformation of those Bell states can be summarized in Table 1. For single-photon states \( \left|0\right.rangle \) and \( \left|1\right.rangle \), their transformation by the those operations can be shown in Table 2.
We assume that the classic channel is authenticated in our protocol, and we utilize the block transmission technique, which was first proposed by Long et al. [4], to ensure the security of transmission. Three participants Alice, Bob and Charlie want to establish a final shared key K. Alice, Bob and Charlie first generate some random bit strings KA, KB and KC as their secret bit strings (or called their sub-secret keys), which can be expressed as:
Here ai,bi,ci ∈{00,01,10,11},i = 1,2,…n. So the length of the each bit string is 2n.
The illustration of our three-party QKA protocol are shown in Fig. 1. They can be described in detail as follows.
- (Step 1) :
-
Alice (Bob, Charlie) prepares m two-photon systems SA (SB, SC) in the maximally entangled state \( \left|{\phi}^{+}\right.rangle \) and divides these particles into two ordered sequences, denoted as SA1 and SA2 (SB1 and SB2, SC1 and SC2), respectively. Note that, these particles in SA1 (SB1, SC1) are the first qubits of the systems in \( \left|{\phi}^{+}\right.rangle \), and these particles in SA2 (SB2, SC2) are the second qubits of the systems in \( \left|{\phi}^{+}\right.rangle \). Alice (Bob, Charlie) prepares kn single photons, which are randomly in the state \( \left\{\left|0\right.rangle,\left|1\right.rangle,\left|+\right.rangle,\left|-\right.rangle\right\} \), as the decoy photons. Then, he (she) inserts randomly those decoy photons into the sequence SA1 (SB1, SC1) and sends the sequence to Bob (Charlie, Alice) through the quantum channel.
- (Step 2) :
-
After confirming that Bob (Charlie, Alice) has received the sequence, Alice (Bob, Charlie) announces the positions of the decoy photons and the corresponding basis (Z basis or X basis) for the measurement on each decoy photon. Bob (Charlie, Alice) picks out and measures the decoy photons according to the announcement of Alice (Bob, Charlie). They compare the measurement results with the initial states of the decoy photons. If the error rate exceed the threshold, they abort the protocol; otherwise, they continue their quantum communication to the next step.
Certainly, Bob (Charlie, Alice) should exploit the complex eavesdropping-checking process [39, 40] to prevent an eavesdropper, say Eve, to eavesdrop the quantum communication with Trojan horse attack in this step. As shown in Ref. [40], he should let each photon received pass through a filter with which only the wavelengths close to the operating one can be let in, which is used to filter out Eve’s invisible photons and avoid the invisible photon eavesdropping scheme with which Eve utilizes the fact that the single-photon detector is only sensitive to the photons with a special wavelength. Moreover, Bob (Charlie, Alice) should use a photon number splitter (PNS: 50/50), which is used to divide each signal into two pieces for some of the decoy photons, to defeat the delay-photon Trojan horse attack [40].
- (Step 3) :
-
Bob (Charlie, Alice) randomly inserts l single photons in the state \( \left|0\right.rangle \) into SA1 (SB1, SC1) to form a new sequence \( {S}_{A1}^1 \) (\( {S}_{B1}^1 \), \( {S}_{C1}^1 \)). Note that, m + l = n, n is the half length of the secret bit strings, and l accounts for a very small percentage of n. The purpose of inserting single photons here is to resist the possible attacks from dishonest participants. Then, he (she) performs the unitary operation \( {U}_{b_i} \) (\( {U}_{c_i} \), \( {U}_{a_i} \)) on each photon in \( {S}_{A1}^1 \) (\( {S}_{B1}^1 \), \( {S}_{C1}^1 \)) according to his (her) secret bit string KB (KC, KA). For instance, if bi (ci, ai)= 00, Bob (Alice, Charlie) chooses U00 to perform on the i th photon of \( {S}_{A1}^1 \) (\( {S}_{B1}^1 \), \( {S}_{C1}^1 \)). After the local operations, we denote the new sequence as \( {S}_{A1}^2 \) (\( {S}_{B1}^2 \), \( {S}_{C1}^2 \)). Bob (Charlie, Alice) prepares kn decoy photons which are randomly in the state \( \left\{\left|0\right.rangle,\left|1\right.rangle,\left|+\right.rangle,\left|-\right.rangle\right\} \), and inserts them into the sequence \( {S}_{A1}^2 \) (\( {S}_{B1}^2 \), \( {S}_{C1}^2 \)). Then, Bob (Charlie, Alice) sends the sequence to Charlie (Alice, Bob).
- (Step 4) :
-
After confirming that Charlie (Alice, Bob) has received the sequence, they perform the second eavesdropping check. The checking method is same as that in Step 2. If the error rate exceeds the threshold, they abort the protocol; otherwise, they continue the quantum communication to the next step. Also, Charlie (Alice, Bob) should exploit the complex eavesdropping-checking process [39, 40] to prevent Eve to eavesdrop the quantum communication with Trojan horse attack.
- (Step 5) :
-
After picking out the decoy photons, Charlie (Alice, Bob) performs the unitary operation on each photon in \( {S}_{A1}^2 \) (\( {S}_{B1}^2 \), \( {S}_{C1}^2 \)) according to his (her) secret bit string KC (KA, KB) and form a new sequence \( {S}_{A1}^3 \) (\( {S}_{B1}^3 \), \( {S}_{C1}^3 \)). The encoding method is same as that in Step 3. Then, Charlie (Alice, Bob) prepares kn decoy photons and inserts them into \( {S}_{A1}^3 \) (\( {S}_{B1}^3 \), \( {S}_{C1}^3 \)). After that, Charlie (Alice, Bob) sends it back to Alice (Bob, Charlie).
- (Step 6) :
-
After confirming that Alice (Bob, Charlie) has received the sequence, Alice, Bob and Charlie publicly announce the positions of the single-photon states that he (she) has inserted in Step 3 through the authenticated classic channel. In order to ensure the correctness of this protocol, Alice, Bob and Charlie randomly select a set of positions to check whether each participant has received the correct secret key at the end of this protocol. After that, they perform the third eavesdropping check. The checking method is same as that in Step 4. If the error rate exceeds the threshold, they abort the protocol; otherwise, they continue the quantum communication to the next step.
- (Step 7) :
-
After picking out the decoy photons, the remaining photons form the sequence \( {S}_{A1}^3 \) (\( {S}_{B1}^3 \), \( {S}_{C1}^3 \)). Now, Alice (Bob, Charlie) has the sequences \( {S}_{A1}^3 \) and SA2 (\( {S}_{B1}^3 \) and SB2, \( {S}_{C1}^3 \) and SC2). Note that the length of the sequence SA2 (SB2, SC2) is m, and the length of the sequence \( {S}_{A1}^3 \) (\( {S}_{B1}^3 \), \( {S}_{C1}^3 \)) is n. Then they come to the decoding stage. For these positions where the single-photon states have been inserted, Alice (Bob, Charlie) measures the photons from sequence \( {S}_{A1}^3 \) (\( {S}_{B1}^3 \), \( {S}_{C1}^3 \)) in Z basis, and records the bit string of the outcomes as Ma (Mb, Mc). For the other positions, Alice (Bob, Charlie) performs Bell measurement on the corresponding photon pairs from \( {S}_{A1}^3 \) and SA2 (\( {S}_{B1}^3 \) and SB2, \( {S}_{C1}^3 \) and SC2), and records the bit string of the Bell state measurement results as MA (MB, MC). Then, Alice (Bob, Charlie) computes \( {K_A}^{\prime }={M}_A\parallel {M}_a \) (\( {K_B}^{\prime }={M}_B\parallel {M}_b \), \( {K_C}^{\prime }={M}_C\parallel {M}_c \)), where ∥ presents connecting two strings. After that, Alice (Bob, Charlie) picks out the same positions, as the single-photon state in \( {S}_{A1}^3 \) (\( {S}_{B1}^3 \), \( {S}_{C1}^3 \)), from the bit string KA (KB, KC). He (She) keeps the first bits of the two bits and moves them to the end of bit sequence. After that, he (she) would get a new bit string \( {K_A}^{\ast } \) (\( {K_B}^{\ast } \), \( {K_C}^{\ast } \)). Thus, the length of \( {K_A}^{\ast } \) (\( {K_B}^{\ast } \), \( {K_C}^{\ast } \)) is same as \( {K_A}^{\prime } \) (\( {K_B}^{\prime } \), \( {K_C}^{\prime } \)). And it is easy to verify that \( {K_A}^{\ast}\oplus {K_A}^{\prime }={K_B}^{\ast}\oplus {K_B}^{\prime }={K_C}^{\ast}\oplus {K_C}^{\prime } \) according to Tables 1 and 2. Here ⊕ denotes the addition module 2.
Finally, for each participant, he (she) can get the same final shared key \( K={K_A}^{\ast}\oplus {K_A}^{\prime }={K_B}^{\ast}\oplus {K_B}^{\prime }={K_C}^{\ast}\oplus {K_C}^{\prime } \). Then, they check whether the final shared key from those positions chosen in Step 6 is consistent. If not, they they abort the protocol.
3 Security Analysis
In this section, we analyze the security of our protocol. For QKA protocol, we not only need to consider the attacks from outside eavesdroppers, but also need to consider the inside attacks being done by dishonest participants. Hence, the security analysis of QKA protocols is more complex than that in QKD protocols.
3.1 Outside Attack
Suppose there is an eavesdropper Eve (not the legitimate participants) who wants to steal the final shared key without being detected by the legitimate participants. To achieve this goal, she must obtain participants’ sub-secret key through some means. Eve mainly has these attack means: intercept-resend attack, measurement-resend attack, entangle-measure attack and Trojan horse attack. Therefore, if we want to demonstrate the security of our protocol against the outside attacks, we must prove that our protocol can resist all those four attack means. Without loss of generality, we take the situation that the sequence is generated by Alice, and sends to Bob and Charlie orderly for example to describe the security of our QKA protocol.
First, let us consider the intercept-resend attack. Eve intercepts the photons at the end of Step 1, Step 3 or Step 5, and replaces them with her own photons to get the sub-secret key of Bob or Charlie. But she cannot pass the eavesdropping check. Eve couldn’t know the information of the decoy photons which are randomly in the state \( \left\{\left|0\right.rangle,\left|1\right.rangle,\left|+\right.rangle,\left|-\right.rangle\right\} \). Therefore, the probability that she will be detected is \( \left(1-{\left(\frac{1}{2}\right)}^{kn}\right) \). If kn is large enough, Eve will be detected with the probability approaching to 100%.
Second, let us consider the measurement-resending attack. Eve intercepts the photons and measures them at the end of Step 1, Step 3 or Step 5, and then resends them to Bob or Charlie. However, Eve can’t distinguish between the target photons and decoy photons before the eavesdropping check process. So She just randomly chooses the measurement bases. As a result, Eve introduces many errors in the eavesdropping stage and exposes herself. The probability that she exposes herself is \( \left(1-{\left(\frac{3}{4}\right)}^{kn}\right) \) which will approach to 100% when kn is large enough.
Now, let us come to the entangle-measuring attack. Eve intercepts the photons at the end of Step 1, Step 3 or Step 5, and employs a unitary operation on the ancillary photons \( \left|E\right.rangle \) and the photons she captured.
Suppose the unitary operation is UE, one can have the relations for the eavesdropping as follows:
Here \( \left|{E}_{00}\right.rangle \), \( \left|{E}_{01}\right.rangle \), \( \left|{E}_{10}\right.rangle \) and \( \left|{E}_{11}\right.rangle \) are pure states determined by UE. In this protocol, we use the decoy photons randomly in the state \( \left\{\left|0\right.rangle,\left|1\right.rangle,\left|+\right.rangle,\left|-\right.rangle\right\} \) to prevent eavesdropping. At the end of Step 1, Step 3 or Step 5, if Eve use the entangle-measure attack, the states \( \left|+\right.rangle \), \( \left|-\right.rangle \) will have the relations:
If Eve wants to introduce no error in the eavesdropping check in Step 2, Step 4 or Step 6, it must satisfy \( \left|{E}_{01}\right.rangle=\left|{E}_{10}\right.rangle=0 \) and \( \left|{E}_{00}\right.rangle=\left|{E}_{11}\right.rangle \). If not, the probability of Eve being detected is \( \left(1-{\left(\frac{1}{2}\right)}^{kn}\right) \).
And if Eve uses the entangle-measure attack to entangle the ancillary photons with the first qubits of \( \left|{\phi}^{+}\right.rangle \), and then one will have the relations:
Hence, if Eve wants to introduce no error (not be detected by the legitimate participants), we will have \( {U}_E:\left|{\phi}^{+}\right.rangle\left|E\right.rangle\to \left|{\phi}^{+}\right.rangle\left|{E}_{00}\right.rangle \). Her ancillary photons and the encoded photons are in product states. She cannot get any useful information from measuring the ancillary photons. And we will come to the same conclusion when Eve entangles the ancillary photons with other Bell states or single-photon states. Thus we can say that Eve cannot obtain the sub-secret keys without being detected if she takes the entangle-measure attack.
Finally, our protocol may suffer from the Trojan attack, which take use of the invisible photons. The legitimate participants can use the wavelength quantum filters and PNSs to resist this attack [39, 40].
In conclusion, outside eavesdroppers can not obtain the shared key without being detected. According to the definitions in Ref. [15], our protocol can reach the security property of the QKA protocol.
3.2 Inside Attack
The inside attack can also be seen as a violation of the privacy and fairness property [15]. The inside attack is that one or more dishonest participants want to predetermine the final shared key without being detected. There are two cases, having only one dishonest participant, or having two dishonest participants. If this protocol is immune to two participants attack, it is surely immune to one participant attack. So we only need to consider the second situation. Suppose that Alice and Charlie are two dishonest participants, they want to conclude to determine the final shared key. In our protocol, the transmission route forms a circle. Choosing another two dishonest participants finally returns to the same situation.
Alice and Charlie must first get the sub-secret key of Bob KB before the Step 6. Then they can choose a different unitary operations to preform on the photons and then send back to Bob, or they tell Bob a fake information about the positions of single photons to predetermine the final shared key. In this protocol, the only chance they can get KB before Step 6 is measuring photons in the \( {S}_{A1}^2 \) which have been performed unitary operations by Bob and the photons in SA2 which has been preserved in their hands in the Step 5. But they do not know the positions of single photons which are randomly inserted by Bob, they cannot distinguish which two photons from sequence SA2 and \( {S}_{A1}^2 \) form an EPR pair. They cannot get any useful information of KB to predetermine the final shared key. Thus, all participants involved can equally influence the final shared key. This protocol satisfies the fairness property. And we can see in this protocol, the sub-secret keys of each participant are kept secret during the protocol. Even two dishonest participants cannot get any useful information of the honest participant. Hence this protocol can reach the privacy property. Besides, in Step 6, each participant randomly selects a set of positions to check whether they can conclude the correct secret key at the end of the protocol, ensuring the correctness property of this protocol.
In reality, outside eavesdroppers or inside dishonest participants may hide their attack under the channel noises. The quantum bit error rate introduced by channel noise is about 2%–8.9% [27, 41,42,43,44,45]. But in our protocol, the error rate introduced by outside or inside attack is at least 25%. That is, our protocol will be immune to both the outside and inside attacks. And it can reach the correctness, security, fairness, and privacy property which a secure QKA protocol need to satisfy.
4 Discussion and Summary
Now, we analyze the efficiency of our protocol, and show that the proposed protocol is efficient. According to the definition proposed by Cabello [46], the efficiency of the quantum protocol is:
Here, c denotes the number of the secret bits (here in QKA protocol, c denotes the length of the classical final shared key), q refers to the number of qubits transmitted in the quantum channel, and b is the number of classical bits exchanged for decoding the message. In our protocol, comparing with n, l and kn are small quantities. So the efficiency of our protocol \( \eta \approx \frac{2}{3} \). Comparing with previous QKA protocols under this definition of protocol efficiency, i.e. protocols with single photons [15, 20, 27, 29], protocols with Bell states [21, 24, 30], our protocol possess a higher efficiency in the three-party cases. This is because of dense-coding method which enables one qubit to carry two bits of information being used in the protocol. It should make sense that we use the method of inserting some single photons rather than using control strings and performing rotation operations [26, 27, 29] to prevent the inside attacks. With one encoding operation being performed, participant in those protocols can only encode one bit information on one photon while he can encode two bits in our protocol. In order to decode the message, participants in Ref. [26, 27, 29] need to exchange their control strings which are as long as the final shared key. While in our protocol, they only need to exchange very little information about the positions of those single photons. Thus, our protocol is easier to be implemented with less operations performed and less classical bits exchanged under this three-party condition.
According to the classification standard described in Ref. [14], our protocol is a circle-type QKA protocol. And our protocol is not sensitive to collusive attacks (or called inside attacks) according to the above security analysis. Two-photon entangled states and single-photon states are used as the information carriers in our protocol, they can be prepared and controlled [47,48,49,50,51] even at a great distance. And photon states are also of great use in other fields, such as quantum computation [52,53,54,55] and quantum simulation [56, 57]. We utilize the Bell measurement to deduce the final secret key. Four polarization-entangled Bell states can be completely distinguished by the complete Bell state analysis method [58]. Hence, our protocol is feasible under the current technologies and it can be implemented in realistic devices. Certainly, in a practical application of this QKA protocol with a noisy environment, some useful methods should be exploited to depress the influence of noise, such as decoherence-free subspace [59,60,61,62], self-error-rejecting transmission [63,64,65,66], error correction with ancillary qubits [67], entanglement purification [68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83], and entanglement concentration [84,85,86,87,88,89,90,91,92].
In summary, we have proposed a three-party quantum key agreement protocol with Bell states and quantum dense-coding method. We have analyzed the security of our protocol, showing that it is immune to both outside and inside attacks. And it can achieve the the correctness, security, fairness, and privacy property at the same time. Further more, compared with other protocols under this three-party condition, it is also a high-efficiency protocol.
References
Bennett, C.H., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: Proceedings of the IEEE International Conference on Computers, Systems and Signal Processing, Bangalore, India, pp. 175–179. IEEE, New York (1984)
Ekert, A.K.: Quantum cryptography based on Bell’s theorem. Phys. Rev. Lett. 67, 661–663 (1991)
Bennett, C.H., Brassard, G., Mermin, N.D.: Quantum cryptography without Bell’s theorem. Phys. Rev. Lett. 68, 557 (1992)
Long, G.L., Liu, X.S.: Theoretically efficient high-capacity quantum-key-distribution scheme. Phys. Rev. A 65, 032302 (2002)
Deng, F.G., Long, G.L., Liu, X.S.: Two-step quantum direct communication protocol using the Einstein-Podolsky-Rosen pair block. Phys. Rev. A 68, 042317 (2003)
Zhang, W., Ding, D.S., Sheng, Y.B., Zhou, L., Shi, B.S., Guo, G.C.: Quantum secure direct communication with quantum memory. Phys. Rev. Lett. 118, 220501 (2017)
Zhu, F., Zhang, W., Sheng, Y.B., Huang, Y.D.: Experimental long-distance quantum secure direct communication. Sci. Bull. 62, 1519–1524 (2017)
Deng, F.G., Long, G.L.: Secure direct communication with a quantum one-time pad. Phys. Rev. A 69, 052319 (2004)
Hu, J.Y., Yu, B., Jing, M.Y., Xiao, L.T., Jia, S.T., Qin, G.Q., Long, G.L.: Experimental quantum secure direct communication with single photons. Light: Sci. Appl. 5, e16144 (2016)
Wu, F.Z., Yang, G.J., Wang, H.B., Xiong, J., Alzahrani, F., Hobiny, A., Deng, F.G.: High-capacity quantum secure direct communication with two-photon six-qubit hyperentangled states. Sci. China-Phys. Mech. Astron. 60, 120313 (2017)
Chen, S.S., Zhou, L., Zhong, W., Sheng, Y.B.: Three-step three-party quantum secure direct communication. Sci. China-Phys. Mech. Astron. 61, 090312 (2018)
Niu, P.H., Zhou, Z.R., Lin, Z.S., Sheng, Y.B., Yin, L.G., Long, G.L.: Measurement-device-independent quantum communication without encryption. Sci. Bull. 63, 1345 (2018)
Hillery, M., Buz̆ek, V., Berthiaume, A.: Quantum secret sharing. Phys. Rev. A 59, 1829–1834 (1999)
Liu, B., Xiao, D., Jia, H.Y., Liu, R.Z.: Collusive attacks to “circle-type” multi-party quantum key agreement protocols. Quantum Inf. Process. 15, 2113–2124 (2016)
Sun, Z.W., Zhang, C., Wang, B.H., Li, Q., Long, D.Y.: Improvements on “Multiparty quantum key agreement with single particles”. Quantum Inf. Process. 12, 3411–3420 (2013)
Huang, W., Wen, Q.Y., Liu, B., Gao, F., Sun, Y.: Quantum key agreement with EPR pairs and single-particle measurements. Quantum Inf. Process. 13, 649–663 (2014)
Zhou, N., Zeng, G., Xiong, J.: Quantum key agreement protocol. Electron. Lett. 40, 1149–1150 (2004)
Chong, S.K., Hwang, T.: Quantum key agreement protocol based on BB84. Opt. Commun. 283, 1192–1195 (2010)
Shi, R.H., Zhong, H.: Multi-party quantum key agreement with bell states and bell measurements. Quantum Inf. Process. 12, 921–932 (2013)
Liu, B., Gao, F., Huang, W., Wen, Q.Y.: Multiparty quantum key agreement with single particles. Quantum Inf. Process. 12, 1797–1805 (2013)
Shukla, C., Alam, N., Pathak, A.: Protocols of quantum key agreement solely using Bell states and Bell measurement. Quantum Inf. Process. 13, 2391–2405 (2014)
Sun, Z.W., Yu, J.P., Wang, P.: Efficient multi-party quantum key agreement by cluster states. Quantum Inf. Process. 15, 373–384 (2016)
Sun, Z.W., Zhang, C., Wang, P., Yu, J.P., Zhang, Y., Long, D.Y.: Multi-party quantum key agreement by an entangled six-qubit state. Int. J. Theor. Phys. 55, 1920–1929 (2016)
Yin, X.R., Ma, W.P., Liu, W.Y.: Three-party quantum key agreement with two-photon entanglement. Int. J. Theor. Phys. 52, 3915–3921 (2013)
Xu, G.B., Wen, Q.Y., Gao, F., Qin, S.J.: Novel multiparty quantum key agreement protocol with GHZ states. Quantum Inf. Process. 13, 2587–2594 (2014)
Huang, W., Su, Q., Xu, B.J.: Improved multiparty quantum key agreement in travelling mode. Sci. China-Phys. Mech. Astron. 59, 120311 (2016)
Cai, B.B., Guo, G.D., Lin, S.: Multi-party quantum key agreement without entanglement. Int. J. Theor. Phys. 56, 1039 (2017)
Cao, H., Ma, W.P.: Multiparty quantum key agreement based on quantum search algorithm. Sci. Rep. 7, 45046 (2017)
Huang, W., Su, Q., He, Y.H., Fan, F., Xu, B.J.: Efficient multiparty quantum key agreement with collective detection. Sci. Rep. 7, 15264 (2017)
Chong, S.K., Tsai, C.W., Hwang, T.: Improvement on “Quantum key agreement protocol with maximally entangled state”. Int. J. Theor. Phys. 50, 1793–1802 (2011)
Huang, W., Wen, Q.Y., Liu, B., Su, Q., Gao, F.: Cryptanalysis of a multi-party quantum key agreement protocol with single particles. Quantum Inf. Process. 13, 1651–1657 (2014)
Huang, W., Su, Q., Wu, X., Li, Y.B., Sun, Y.: Quantum key agreement against collective decoherence. Int. J. Theor. Phys. 53, 2891–2901 (2014)
Shen, D.S., Ma, W.P., Wang, L.L.: Two-party quantum key agreement with four-qubit cluster states. Quantum Inf. Process. 13, 2313–2324 (2014)
He, Y.F., Ma, W.P.: Quantum key agreement protocols with four-qubit cluster states. Quantum Inf. Process. 14, 3483–3498 (2015)
Zhu, Z.C., Hu, A.Q., Fu, A.M.: Participant attack on three-party quantum key agreement with two-photon entanglement. Int. J. Theor. Phys. 55, 55–61 (2016)
He, Y.F., Ma, W.P.: Two-party quantum key agreement based on four-particle GHZ states. Int. J. Theor. Phys. 14, 1650007 (2016)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644 (1976)
Bennett, C.H., Wiesner, S.J.: Communication via one- and two-particle operators on Einstein-Podolsky-Rosen states. Phys. Rev. Lett. 69, 2881 (1992)
Deng, F.G., Li, X.H., Zhou, H.Y., Zhang, Z.: Improving the security of multiparty quantum secret sharing against Trojan horse attack. Phys. Rev. A 72, 044302 (2005)
Li, X.H., Deng, F.G., Zhou, H.Y.: Improving the security of secure direct communication based on the secret transmitting order of particles. Phys. Rev. A 74, 054302 (2006)
Jennewein, T., Simon, C., Weihs, G., Weinfurter, H., Zeilinger, A.: Quantum cryptography with entangled photons. Phys. Rev. Lett. 84, 4729–4732 (2000)
Stucki, D., Gisin, N., Guinnard, O., Ribordy, G., Zbinden, H.: Quantum key distribution over 67 km with a plug and play system. New J. Phys. 4, 41 (2002)
Hughes, R.J., Nordholt, J.E., Derkacs, D., Peterson, C.G.: Practical free-space quantum key distribution over 10 km in daylight and at night. New. J. Phys. 4, 43 (2002)
Beveratos, A., Brouri, R., Gacoin, T., Villing, A., Poizat, J.P., Grangier, P.: Single photon quantum cryptography. Phys. Rev. Lett. 89, 187901 (2002)
Gobby, C., Yuan, Z.L., Shields, A.J.: Quantum key distribution over 122 km of standard telecom fiber. Appl. Phys. Lett. 84, 3762–3764 (2004)
Cabello, A.: Quantum key distribution in the Holevo limit. Phys. Rev. Lett. 85, 5635 (2000)
Yu, R.F., Lin, Y.J., Zhou, P.: Joint remote preparation of arbitrary two- and three-photon state with linear-optical elements. Quantum Inf. Process. 15, 4785 (2016)
Lin, J.Y., He, J.G., Gao, Y.C., Li, X.M., Zhou, P.: Controlled remote implementation of an arbitrary single-qubit operation with partially entangled quantum channel. Int. J. Theor. Phys. 56, 1085 (2017)
Zhou, P., Jiao, X.F., Lv, S.X.: Parallel remote state preparation of arbitrary single-qubit states via linear- optical elements by using hyperentangled Bell states as the quantum channel. Quantum Inf. Process. 17, 298 (2018)
Lv, S.X., Zhao, Z.W., Zhou, P.: Joint remote control of an arbitrary single-qubit state by using a multiparticle entangled state as the quantum channel. Quantum Inf. Process. 17, 8 (2018)
Lv, S.X., Zhao, Z.W., Zhou, P.: Multiparty-controlled joint remote preparation of an arbitrary m-qudit state with d-dimensional Greenberger- Horne- Zeilinger states. Int. J. Theor. Phys. 57, 148 (2018)
Shor, P.W.: In: Proceedings of the 35th Symposium on the Foundations of Computer Science, vol. 124. IEEE, New York (1994)
Sheng, Y.B., Zhou, L.: Blind quantum computation with a noise channel. Phys. Rev. A 98, 052343 (2018)
Song, X.K., Ai, Q., Qiu, J., Deng, F.G.: Physically feasible three-level transitionless quantum driving with multiple Schrodinger dynamics. Phys. Rev. A 93, 052324 (2016)
Sheng, Y.B., Zhou, L.: Distributed secure quantum machine learning. Sci. Bull. 62, 1025 (2017)
Buluta, I., Nori, F.: Quantum simulators. Science 326, 108–111 (2009)
Wang, B.X., Tao, M.J., Ai, Q.: Efficient quantum simulation of photosynthetic light harvesting. npj. Quantum Inf. 4, 52 (2018)
Kim, Y.H., Kulik, S.P., Shih, Y.: Quantum teleportation of a polarization state with a complete bell state measurement. Phys. Rev. Lett. 86, 1370–1373 (2001)
Walton, Z.D., Abouraddy, A.F., Sergienko, A.V., Saleh, B.E.A., Teich, M.C.: Decoherence-free subspaces in quantum key distribution. Phys. Rev. Lett. 91, 087901 (2003)
Li, X.H., Deng, F.G., Zhou, H.Y.: Efficient quantum key distribution over a collective noise channel. Phys. Rev. A 78, 022321 (2008)
Deng, F.G., Li, X.H., Li, T.: Quantum error rejection and fault tolerant quantum communication. Acta Phys. Sin. 67, 130301 (2018)
Song, X.K., Zhang, H., Ai, Q., Qiu, J., Deng, F.G.: Shortcuts to adiabatic holonomic quantum computation in decoherence-free subspace with transitionless quantum driving algorithm. New J. Phys. 18, 023001 (2016)
Kalamidas, D.: Single-photon quantum error rejection and correction with linear optics. Phys. Lett. A 343, 331–335 (2005)
Li, X.H., Deng, F.G., Zhou, H.Y.: Faithful qubit transmission against collective noise without ancillary qubits. Appl. Phys. Lett. 91, 144101 (2007)
Li, T., Wang, G.Y., Deng, F.G., Long, G.L.: Deterministic error correction for nonlocal spatial-polarization hyperentanglement. Sci. Rep. 6, 20677 (2016)
Jiang, Y.X., Guo, P.L., Gao, C.Y., Wang, H.B., Alzahrani, F., Hobiny, A., Deng, F.G.: Self-error-rejecting photonic qubit transmission in polarization-spatial modes with linear optical elements. Sci. China-Phys. Mech. Astron. 60, 120312 (2017)
Yamamoto, T., Shimamura, J., Ödemir, S.K., Koashi, M., Imoto, N.: Faithful qubit distribution assisted by one additional qubit against collective noise. Phys. Rev. Lett. 95, 040503 (2005)
Bennett, C.H., Brassard, G., Popescu, S., Schumacher, B., Smolin, J.A., Wootters, W.K.: Purification of noisy entanglement and faithful teleportation via noisy channels. Phys. Rev. Lett. 76, 722 (1996)
Pan, J.W., Simon, C., Brukner, C., Zeilinger, A.: Entanglement purification for quantum communication. Nature 410, 1067–1070 (2001)
Sheng, Y.B., Deng, F.G., Zhou, H.Y.: Efficient polarization-entanglement purification based on parametric down-conversion sources with cross-Kerr nonlinearity. Phys. Rev. A 77, 042308 (2008)
Sheng, Y.B., Deng, F.G.: Deterministic entanglement purification and complete nonlocal Bell-state analysis with hyperentanglement. Phys. Rev. A 81, 032307 (2010)
Sheng, Y.B., Deng, F.G.: One-step deterministic polarization entanglement purification using spatial entanglement. Phys. Rev. A 82, 044305 (2010)
Li, X.H.: Deterministic polarization-entanglement purification using spatial entanglement. Phys. Rev. A 82, 044304 (2010)
Deng, F.G.: One-step error correction for multipartite polarization entanglement. Phys. Rev. A 83, 062316 (2011)
Sheng, Y.B., Zhou, L., Long, G.L.: Hybrid entanglement purification for quantum repeaters. Phys. Rev. A 88, 022302 (2013)
Sheng, Y.B., Zhou, L.: Deterministic polarization entanglement purification using time-bin entanglement. Laser Phys. Lett. 11, 085203 (2014)
Ren, B.C., Du, F.F., Deng, F.G.: Two-step hyperentanglement purification with the quantum-state-joining method. Phys. Rev. A 90, 052309 (2014)
Wang, G.Y., Liu, Q., Deng, F.G.: Hyperentanglement purification for two-photon six-qubit quantum systems. Phys. Rev. A 94, 032319 (2016)
Zhou, L., Sheng, Y.B.: Purification of logic-qubit entanglement. Sci. Rep. 6, 28813 (2016)
Zhou, L., Sheng, Y.B.: Polarization entanglement purification for concatenated Greenberger-Horne-Zeilinger state. Ann. Phys. 10, 385 (2017)
Deng, F.G., Ren, B.C., Li, X.H.: Quantum hyperentanglement and its applications in quantum information processing. Sci. Bull. 62, 46 (2017)
Liu, Z.C., Hong, J.S., Guo, J.J., Li, T., Ai, Q., Alsaedi, A., Hayat, T., Deng, F.G.: Entanglement purification of nonlocal quantum-dot-confined electrons assisted by double-sided optical microcavities. Ann. Phys. (Berlin) 530, 1800029 (2018)
Wang, G.Y., Li, T., Ai, Q., Alsaedi, A., Hayat, T., Deng, F.G.: Faithful entanglement purification for high-capacity quantum communication with two-photon four-qubit systems. Phys. Rev. Appl. 10, 054058 (2018)
Bennett, C.H., Bernstein, H.J., Popescu, S., Schumacher, B.: Concentrating partial entanglement by local operations. Phys. Rev. A 53, 2046 (1996)
Sheng, Y.B., Deng, F.G., Zhou, H.Y.: Nonlocal entanglement concentration scheme for partially entangled multipartite systems with nonlinear optics. Phys. Rev. A 77, 062325 (2008)
Sheng, Y.B., Zhou, L., Zhao, S.M., Zheng, B.Y.: Efficient single-photon-assisted entanglement concentration for partially entangled photon pairs. Phys. Rev. A 85, 012307 (2012)
Deng, F.G.: Optimal nonlocal multipartite entanglement concentration based on projection measurements. Phys. Rev. A 85, 022311 (2012)
Sheng, Y.B., Zhou, L., Zhao, S.M.: Efficient two-step entanglement concentration for arbitrary W states. Phys. Rev. A 85, 042302 (2012)
Ren, B.C., Du, F.F., Deng, F.G.: Hyperentanglement concentration for two-photon four-qubit systems with linear optics. Phys. Rev. A 88, 012302 (2013)
Ren, B.C., Long, G.L.: General hyperentanglement concentration for photon systems assisted by quantum dot spins inside optical microcavities. Opt. Express 22, 6547–6561 (2014)
Li, X.H., Ghose, S.: Hyperentanglement concentration for time-bin and polarization hyperentangled photons. Phys. Rev. A 91, 062302 (2015)
Liu, J., Zhou, L., Zhong, W., Sheng, Y.B.: Logic Bell state concentration with parity check measurement. Front. Phys. 14, 21601 (2019)
Acknowledgments
This work is supported by the National Natural Science Foundation of China under Grant No. 11674033, No. 11474026, and No. 11505007.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
He, WT., Wang, J., Zhang, TT. et al. High-Efficiency Three-Party Quantum Key Agreement Protocol with Quantum Dense Coding and Bell States. Int J Theor Phys 58, 2834–2846 (2019). https://doi.org/10.1007/s10773-019-04167-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10773-019-04167-8