Abstract
Recently, Wang and Ma (Quantum Inf Process 16(5):130, 2017) proposed two interesting quantum key agreement protocols with a single photon in both polarization and spatial-mode degrees of freedom. They claimed that the privacy of participants’ secret keys in the multiparty case is protected against dishonest participants. However, in this paper, we prove that two dishonest participants can deduce the secret key of an honest one using a fake sequence of single photons, without being detected. Also, we propose an additional security detection process to avoid the security loophole in their protocol.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.Avoid common mistakes on your manuscript.
1 Introduction
The rapid development and growing adoption of quantum cryptographic techniques have provided unconditional security for most of the conventional security issues. In 1984, Bennett and Brassard [1] published pioneering work in quantum cryptography. Since then, many quantum cryptographic schemes have been proposed, including quantum teleportation [2,3,4,5,6,7], quantum secure direct communication [8,9,10,11], quantum secret sharing [12,13,14,15,16,17], quantum private comparison [18,19,20,21], quantum anonymous voting [22], quantum anonymous ranking [23], quantum private query [24,25,26,27], and others. Compared to quantum key distribution (QKD) [1] in which one party generates a secret key, quantum key agreement (QKA) allows two or more parties to share equal roles in creating a secret key through public channels where any non-trivial subset of parties cannot deduce the generated key. In 2004, Zhou et al. [28] introduced the first QKA protocol by exploiting maximally entangled states and quantum teleportation. Unfortunately, Tsai and Hwang [29] found that their protocol is not fair, and the shared key can be determined by one party alone.
Subsequently, many two-party QKA protocols have been proposed [30,31,32]. Later, Shi and Zhong [33] suggested the first multiparty QKA protocol using entanglement swapping. Their multiparty protocol utilizes a Bell state as the quantum resource and the Bell measurement as the primary operation. Since then, many multiparty QKA protocols based on Shi and Zhong’s [33] work have been presented [34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49]. Recently, Wang and Ma [50] presented two QKA protocols with single photons in both the polarization and the spatial-mode degrees of freedom. The first protocol enables three parties to generate a secret key using public channels, while the second protocol extends the three-party QKA case to the multiparty case. Their scheme improved the capacity of the transmitted information and introduced high-efficiency performance. Moreover, Wang and Ma claimed that their protocol could achieve privacy. However, we show that in the multiparty QKA case of Wang–Ma protocol, two dishonest parties may collude to eavesdrop on the private key of an honest party using a fake sequence of single photons. Moreover, this manuscript suggests a simple solution to address this defect and proposes a modified version of the Wang–Ma multiparty QKA protocol.
The rest of this paper is as follows. A review of the Wang–Ma multiparty QKA protocol is introduced in Sect. 2. Section 3 analyses the security of the Wang–Ma protocol. Section 4 introduces an improvement to Wang–Ma multiparty QKA protocol. Finally, Sect. 5 concludes this work.
2 Review of the Wang–Ma multiparty QKA protocol
Here, a brief review of Wang–Ma multiparty QKA protocol is presented (Fig. 1). In their protocol, a single-photon state \( \left| \phi \right\rangle = \left| \phi \right\rangle_{P} \otimes \left| \phi \right\rangle_{S} \) in both polarization and spatial-mode degrees of freedom was used, where \( \left| \phi \right\rangle_{P} \) denotes the single-photon states in the polarization degree of freedom and \( \left| \phi \right\rangle_{S} \) denotes the single-photon states in the spatial-mode degree of freedom. In addition, two measuring bases are chosen in the polarization degree of freedom (i.e. \( Z_{P} = \{ \left| H \right\rangle ,\left| V \right\rangle \} \,\,{\text{and }}\,{\text{X}}_{P} = \{ \left| S \right\rangle_{P} ,\left| A \right\rangle_{P} \} \)) and two measuring bases are chosen in the spatial-mode degree of freedom (i.e. \( Z_{S} = \{ \left| {b_{1} } \right\rangle ,\left| {b_{2} } \right\rangle \} \, \) and \( {\text{X}}_{S} = \{ \left| s \right\rangle_{S} ,\left| a \right\rangle_{S} \} \)).\( \left| H \right\rangle \) and \( \left| V \right\rangle \) are the horizontal polarization and vertical polarization of particles, respectively. \( \left| {b_{1} } \right\rangle \) and \( \left| {b_{2} } \right\rangle \) represent the upper spatial mode and the lower spatial mode of particles, respectively, where
Two unitary operations are also used in each degree of freedom as follows:
Based on the above unitary operations we have
In the multiparty case of Wang–Ma protocol, \( M \) parties (e.g. \( P_{1} ,P_{2} , \ldots ,P_{M} \)) want to agree on a shared secure key. The steps of their protocol can be summarized as follows:
-
(1)
Initialization stage Each party \( P_{i} \) (\( i \in \{ 1,2, \ldots ,M\} \)) prepares \( 2N \) classical bits string (\( K_{i} \)) as a sub-secret key, where \( K_{i} = \{ (r_{i1} ,s_{i1} )(r_{i2} ,s_{i2} )\, \ldots \,(r_{iN} ,s_{iN} )\} \).
-
(2)
Preparation stage Each party \( P_{i} \) generates a sequence (\( S_{i} \)) of ordered \( N \) single photons in both polarization and spatial-mode degrees of freedom. Each photon \( S_{i} \) is in the state \( \left| \phi \right\rangle = \left| \phi \right\rangle_{P} \otimes \left| \phi \right\rangle_{S} \). \( P_{i} \) also generates \( kN_{i} \) decoy single photons and inserts them into \( S_{i} \) producing a new sequence \( S_{i}^{i} \). Then \( P_{i} \) sends \( S_{i}^{i} \) to \( P_{i + 1} \).
-
(3)
Security detection stage \( P_{i + 1} \) uses the quantum filter and the photon number splitter device for avoiding a Trojan horse attack. Upon receiving \( S_{i}^{i} \), \( P_{i} \) informs \( P_{i + 1} \) the positions and the corresponding measuring bases of all decoy particles. Hence, \( P_{i} \) and \( P_{i + 1} \) can check the security of the transmission. If the transmission is not secure, they terminate the protocol. Otherwise, \( P_{i} \) and \( P_{i + 1} \) continue to the encoding stage.
-
(4)
Encoding stage \( P_{i + 1} \) discards the decoy photons then he applies collective unitary operations to the remaining \( N \) photons according to \( K_{i + 1} \). That is, if the \( i{\text{th}} \) bit values of \( P_{i + 1} \)’s sub-secret key are \( (r_{(i + 1,i)} ,s_{(i + 1,i)} ) = 00\,(11) \), he will apply \( I_{P} \oplus I_{S} (U_{P} \oplus U_{S} ) \) to the \( i{\text{th}} \) photon. But, if the bit values are \( (r_{(i + 1,i)} ,s_{(i + 1,i)} ) = 01\,(10) \), he will apply \( I_{P} \oplus U_{S} (U_{P} \oplus I_{S} ) \) to the \( i{\text{th}} \) photon.
-
(5)
Additional operation stage The party \( P_{i + 1} \) randomly selects the \( j{\text{th}} \) photon and randomly applies another extra collective unitary operation to it. Then,\( P_{i + 1} \) prepares \( kN_{i + 1} \) decoy single photons and inserts them into \( S_{i} \) producing a new sequence \( S_{i}^{i + 1} \). Then \( P_{i + 1} \) sends \( S_{i}^{i + 1} \) to \( P_{i + 2} \).
-
(6)
Particles exchange stage The parties \( P_{i + 2} , \ldots ,P_{i - 1} \) execute steps (3), (4), and (5) in turn. That is, one by one, they check the security of transmission. If so, they encode their keys with \( S_{i} \) and apply another extra collective unitary operation to some selected single photons. Afterwards, they insert decoy particles randomly into the sequence \( S_{i} \) and send it to the next party.
-
(7)
Key extraction stage Upon confirming that every party (\( P_{1} , \cdots ,P_{i} , \cdots ,P_{M} \)) has executed the steps \( (1) - (6) \), the parties \( P_{M} , \cdots ,P_{i - 1} , \cdots ,P_{M - 1} \) send the sequences \( S_{0}^{M} , \cdots ,S_{i}^{i - 1} , \cdots ,S_{M}^{M - 1} \) to \( P_{1} , \cdots ,P_{i} , \cdots ,P_{M} \). They then check the security of the quantum channels as described in step (3). If the error rate is less than a preset threshold, every party publicly announces the information of extra collective unitary operations. \( P_{i} \) then applies same extra unitary operations to the corresponding single photons. Since \( P_{i} \) knows the initial states of all single photons in \( S_{i} \), he can recover \( K_{i}^{'} \) by measuring \( S_{i} \). Hence, \( P_{i} \) can deduce the final shared key \( K \), where \( K = K_{i} \oplus K_{i}^{'} \).
3 Security analysis of the Wang–Ma multiparty QKA protocol
This section analyses the security of the Wang–Ma QKA protocol and introduces two cases. In Case 1, Wang and Ma claimed that the above multiparty QKA protocol could achieve privacy. However, Case 1 shows that Wang–Ma multiparty QKA protocol is not secure against a collusive attack performed by a group of two dishonest parties. Moreover, in Case 2, if two nested groups of dishonest parties or more try to adopt our suggested attack strategy, they will not succeed in stealing the private information of other parties as depicted in Fig. 2 and Table 2. Case 1 and Case 2 can be described in detail as follows.
3.1 Case 1: Wang–Ma protocol is not secure against our attack strategy
This collusive attack shows that two dishonest parties can eavesdrop on the sub-secret key of an honest party without being detected. For convenience, we assume that five parties \( P_{0} ,P_{1} ,P_{2} ,P_{3} \), and \( P_{4} \) are wanting to agree upon a secure shared key. According to the Wang–Ma protocol, the initiator \( P_{0} \)\( (P_{1} /P_{2} /P_{3} /P_{4} ) \) generates \( N \) single photons in both polarization and spatial-mode degrees of freedom and transmits them to \( P_{1} \)\( (P_{2} /P_{3} /P_{4} /P_{0} ) \). Then \( P_{1} \)\( (P_{2} /P_{3} /P_{4} /P_{0} ) \) applies joint unitary operations to the received photons based on his/her sub-secret key and sends the new states to \( P_{2} \)\( (P_{3} /P_{4} /P_{0} /P_{1} ) \). Also \( P_{2} \)\( (P_{3} /P_{4} /P_{0} /P_{1} ) \), \( P_{3} \)\( (P_{4} /P_{0} /P_{1} /P_{2} ) \), and \( P_{4} \)\( (P_{0} /P_{1} /P_{2} /P_{3} ) \) follow the same process of \( P_{1} \)\( (P_{2} /P_{3} /P_{4} /P_{0} ) \) and send the new states to \( P_{3} \)\( (P_{4} /P_{0} /P_{1} /P_{2} ) \), \( P_{4} \)\( (P_{0} /P_{1} /P_{2} /P_{3} ) \), and \( P_{0} \)\( (P_{1} /P_{2} /P_{3} /P_{4} ) \), respectively. Finally, according to the key extraction stage, \( P_{0} \)\( (P_{1} /P_{2} /P_{3} /P_{4} ) \) can obtain the final shared key.
However, for example, if \( P_{1} \) and \( P_{3} \) are dishonest parties, they can easily eavesdrop on the sub-secret key of the honest party \( P_{2} \). That is, in step (4), the dishonest party \( P_{1} \) encodes the received photons with collective unitary operations decided according to the bit values of his sub-secret key. He also applies some extra collective unitary operations according to step (5). Then \( P_{1} \) sends the new photons (\( S_{2} \)) to the dishonest party \( P_{3} \) instead of the honest party \( P_{2} \) as illustrated in Fig. 2a. Also, \( P_{1} \) generates a fake sequence (\( S_{F1}^{1} \)) of ordered \( N \) single photons in both polarization and spatial-mode degrees of freedom as in step (2). Afterwards, \( P_{1} \) generates \( kN \) decoy photons and inserts them into the fake sequence \( S_{F1}^{1} \) for security checking. Then, \( P_{1} \) sends the sequence \( S_{F1}^{1} \) to the honest party \( P_{2} \). Upon receiving \( S_{F1}^{1} \), \( P_{2} \) executes the step \( (3) - (5) \) loyally because he does not know that the received sequence is fake. Hence, \( P_{2} \) encodes the received photons with collective unitary operations decided according to the bit values of his sub-secret key, and he also applies some extra collective unitary operations. Then \( P_{2} \) sends the new sequence (\( S_{F1}^{2} \)) to \( P_{3} \). \( P_{3} \) checks the security of the transmission with \( P_{2} \) using the decoy photons (Fig. 2).
Since \( P_{1} \) and \( P_{3} \) know all the information about \( S_{F1}^{1} \), \( P_{1} \) and \( P_{3} \) can easily recover \( P_{2} \)’s unitary operations that are applied to \( S_{F1}^{1} \) by comparing the measuring result of \( S_{F1}^{2} \) and the original states as shown in Table 1. For clarity, for \( N = 1 \), assume that \( P_{2} \)’s (the honest party) sub-secret key is “10”. According to Table 1, without considering the security check process, assume that the initiator \( P_{0} \) sends \( S_{0}^{1} \) (e.g. \( \left| H \right\rangle \left| {b_{1} } \right\rangle \)) to the dishonest party \( P_{1} \). \( P_{1} \) applies \( U^{1} = ({\text{e}} . {\text{g}} .\;\{ U_{P} \otimes I_{S} \} ) \) and \( U^{1C} = ({\text{e}} . {\text{g}} .\;\{ U_{P} \otimes U_{S} \} ) \) to the state \( \left| H \right\rangle \left| {b_{1} } \right\rangle \), where \( U^{1} \) represents unitary operation corresponding to the private information of \( P_{1} \) and \( U^{1C} \) represents an additional unitary operation to be applied to some particles. So, the evolved state is \( \left| H \right\rangle \left| {b_{2} } \right\rangle \). Also, \( P_{1} \) sends a fake state \( S_{F1}^{1} \)(e.g. \( \left| V \right\rangle \left| {b_{1} } \right\rangle \)) to the honest party \( P_{2} \). \( P_{2} \) applies \( U^{2} = \{ U_{P} \otimes I_{S} \} \) (where \( U^{2} \) represents his private information (i.e. 10)) and \( U^{2C} = ({\text{e}} . {\text{g}} .\;\{ U_{P} \otimes U_{S} \} ) \) to the fake state \( \left| V \right\rangle \left| {b_{1} } \right\rangle \). \( P_{2} \) then sends the evolved state to the dishonest \( P_{3} \). Subsequently, \( P_{3} \) measures \( P_{2} \)’s states getting the state \( \left| V \right\rangle \left| {b_{2} } \right\rangle \). \( P_{1} \) and \( P_{3} \) compare the initial fake state (i.e. \( \left| V \right\rangle \left| {b_{1} } \right\rangle \)) with the measuring result (i.e. \( \left| V \right\rangle \left| {b_{2} } \right\rangle \)), which means that \( P_{2} \) applied the overall unitary operation \( I_{P} \otimes U_{S} \) to \( \left| V \right\rangle \left| {b_{1} } \right\rangle \).
However, the goal of \( P_{1} \) and \( P_{3} \) is not to know the overall unitary operation but to recover \( U^{2} \) that represents the private information of \( P_{2} \). Thus, \( P_{1} \) and \( P_{3} \) register the previous information and wait for step (7), where every party publicly announces the information of extra collective unitary operation (i.e. \( U^{2C} = \{ U_{P} \otimes U_{S} \} \)). Finally, \( P_{1} \) and \( P_{3} \) can easily recover \( U^{2} ({\text{i}} . {\text{e}} .\;\{ U_{P} \otimes I_{S} \} ) \) with the help of Table 2 and \( U^{2C} = \{ U_{P} \otimes U_{S} \} \).
3.2 Case 2: Wang–Ma protocol is secure against our attack strategy
Figure 2b shows that Wang–Ma protocol can resist our suggested attack strategy. For clarity, according to Fig. 2b, assume that there are two nested groups of dishonest parties \( \{ P_{1} ,P_{3} \} \) and \( \{ P_{2} ,P_{4} \} \), each group would like to steal the private information of the middle party. At the beginning, the initiator \( P_{0} \) sends the initial states \( S_{0}^{1} \) to \( P_{1} \). \( P_{1} \) applies her unitary operations to \( S_{0}^{1} \) and sends the evolved states to \( P_{3} \). Also \( P_{1} \) prepares a fake sequence (\( S_{F1}^{1} \)) and sends it to \( P_{2} \). Because \( \{ P_{2} ,P_{4} \} \) is another group of dishonest parties, they will not perform the process of the protocol honestly. So, \( P_{2} \) sends another fake sequence (\( S_{F2}^{1} \)) to \( P_{3} \). Now, \( P_{2} \) and \( P_{3} \) encode their information with two fake sequences producing two evolved fake sequences \( U^{2} U^{2C} S_{F1}^{2} \) and \( U^{3} U^{3C} S_{F2}^{3} \), respectively. Accordingly, \( P_{4} \) sends fake evolved sequence (i.e. \( U^{3} U^{3C} S_{F2}^{3} \)) to \( P_{0} \). Finally, in step (7), \( P_{0} \) checks the security of transmission, and she will find that the error rate is greater than the preset threshold, because the received operated sequence is not real. As a result, \( P_{0} \) ends the protocol and announces that the transmission is not secure. So, we can say that the Wang–Ma protocol is secure against our attack strategy in that case.
4 Improvement to Wang–Ma multiparty QKA protocol
In Wang–Ma multiparty QKA protocol, the security of the transmission between every two parties is checked by the parties themselves. Thus, this strategy enables the dishonest parties to deceive the honest ones and steal their sub-secret keys. Following some previous works [15, 46, 51] for solving such kinds of collusive attacks, we present here modifications to the steps 2, 3, and 7 of Wang–Ma multiparty QKA protocol to solve this defect (see also Fig. 3). The modifications are:
(2*) Preparation stage The initiator \( P_{i} \) generates a sequence \( S_{i} \) of ordered \( N \) single photons in both polarization and spatial-mode degrees of freedom. And each photon in \( S_{i} \) in the state \( \left| \phi \right\rangle = \left| \phi \right\rangle_{P} \otimes \left| \phi \right\rangle_{S} \). \( P_{i} \) generates \( kN_{i} \) decoy single photons, where each photon is randomly in one of the states \( \{ \left| H \right\rangle ,\left| V \right\rangle ,\left| A \right\rangle_{P} ,\left| S \right\rangle_{P} \} \) for checking the quantum channel between \( P_{i} \) and \( P_{i + 1} \), and inserts them into \( S_{i} \). Also, \( P_{i} \) generates \( k^{i} \) decoy single photons and inserts them into \( S_{i} \) producing a new sequence \( S_{i}^{i} \). Then \( P_{i} \) sends \( S_{i}^{i} \) to \( P_{i + 1} \). Here, \( k^{i} \) is the decoy photon subsequence used for checking the security of the overall transmission, by the initiators \( P_{i} \).
(3*) Security detection stage \( P_{i + 1} \) uses the quantum filter and the photon number splitter device for avoiding a Trojan horse attack. Upon receiving \( S_{i}^{i} \), \( P_{i} \) informs \( P_{i + 1} \) the positions and the corresponding measuring bases of \( kN_{i} \). Hence, \( P_{i} \) and \( P_{i + 1} \) can check the security of the transmission. If the transmission is not secure, they terminate the protocol. Otherwise, \( P_{i} \) and \( P_{i + 1} \) continue to the encoding stage.
(7*) Key extraction stage Upon confirming that \( P_{1} , \ldots ,P_{i} , \ldots ,P_{M} \) have finished the step \( (1) - (6) \), the parties \( P_{M} , \ldots ,P_{i - 1} , \ldots ,P_{1} \) send \( S_{0}^{1} , \ldots ,S_{i}^{i - 1} , \ldots ,S_{M}^{M - 1} \) to \( P_{1} , \ldots ,P_{i} , \ldots ,P_{M} \), respectively. Afterwards, \( P_{M} \) and \( P_{1} \),…, \( P_{i - 1} \) and \( P_{i} \),…, \( P_{M - 1} \) and \( P_{M} \) check the security of the quantum channel using the decoy photons technique. If the transmission is not safe, they terminate the protocol. Otherwise, they move to the sub-step (7.1*).
(7.1*) Additional security detection stage Firstly, every party announces the information of the extra collective unitary operations. Secondly, \( P_{i} \) announces the positions of \( k^{i} \) and asks every party to announce the information of the collective unitary operations that were applied to it. \( P_{i} \) then applies the same unitary operations to \( k^{i} \) and measures each photon in \( k^{i} \) with the corresponding basis. Hence, \( P_{i} \) can judge whether the final transmission is secure or not. If not, \( P_{i} \) ends the protocol and announces that there is a collusive attack. Otherwise, \( P_{i} \) measures each photon in \( S_{i} \) with the corresponding basis. Finally, since \( P_{i} \) knows the initial states of all single photons in \( S_{i} \), \( K_{i}^{'} \) can be recovered by measuring \( S_{i} \). Hence, \( P_{i} \) can deduce the final shared key \( K \), where \( K = K_{i} \oplus K_{i}^{'} \).
Steps (1*), (4*), (5*), and (6*) will remain the same as steps (1), (4), (5), and (6) in Sect. 2. According to the above improvement, if the dishonest parties try to eavesdrop on the honest one by adopting the collusive attack strategy mentioned in Sect. 3.1, they will be detected in Step (7*) by the initiator \( P_{i} \). Thus, the privacy problem mentioned in Case 1 can be addressed.
5 Conclusion
This paper shows the security flaw of the Wang–Ma multiparty QKA protocol. In their protocol, the quantum channels among participants are checked using the decoy photon technique. However, we proved that two dishonest participants could deduce the secret key of an honest participant using a fake sequence of single photons without being detected. Moreover, an additional security detection process is suggested to avoid the security loophole in Wang–Ma’s protocol.
References
Bennet, C.H., Brassard, G.: Quantum cryptography: public-key distribution and coin tossing. In: IEEE International Conference on Computers, Systems, and Signal Processing, Bangalore, India, pp. 175–179 (1984)
Bouwmeester, D., Pan, J.-W., Mattle, K., Eibl, M., Weinfurter, H., Zeilinger, A.: Experimental quantum teleportation. Nature 390(6660), 575 (1997)
Bennett, C.H., Brassard, G., Crépeau, C., Jozsa, R., Peres, A., Wootters, W.K.: Teleporting an unknown quantum state via dual classical and Einstein–Podolsky–Rosen channels. Phys. Rev. Lett. 70(13), 1895 (1993)
Zhao, N., Li, M., Chen, N., Zhu, C.-H., Pei, C.-X.: Quantum teleportation of eight-qubit state via six-qubit cluster state. Int. J. Theor. Phys. 57(2), 516–522 (2018)
Muralidharan, S., Panigrahi, P.K.: Perfect teleportation, quantum-state sharing, and superdense coding through a genuinely entangled five-qubit state. Phys. Rev. A 77(3), 032321 (2008)
Choudhury, S., Muralidharan, S., Panigrahi, P.K.: Quantum teleportation and state sharing using a genuinely entangled six-qubit state. J. Phys. A Math. Theor. 42(11), 115303 (2009)
Sarvaghad-Moghaddam, M., Farouk, A., Abulkasim, H.: Bidirectional Quantum Controlled Teleportation by Using Five-qubit Entangled State as a Quantum Channel (2018). arXiv preprint arXiv:1806.07061
Boström, K., Felbinger, T.: Deterministic secure direct communication using entanglement. Phys. Rev. Lett. 89(18), 187902 (2002)
Farouk, A., Zakaria, M., Megahed, A., Omara, F.A.: A generalized architecture of quantum secure direct communication for N disjointed users with authentication. Sci. Rep. 5, 16080 (2015)
Jain, S., Muralidharan, S., Panigrahi, P.K.: Secure quantum conversation through non-destructive discrimination of highly entangled multipartite states. EPL (Europhys. Lett.) 87(6), 60008 (2009)
Wei, H., Qiao-Yan, W., Heng-Yue, J., Su-Juan, Q., Fei, G.: Fault tolerant quantum secure direct communication with quantum encryption against collective noise. Chin. Phys. B 21(10), 100308 (2012)
Hillery, M., Bužek, V., Berthiaume, A.: Quantum secret sharing. Phys. Rev. A 59(3), 1829 (1999)
Abulkasim, H., Hamad, S., Khalifa, A., El Bahnasy, K.: Quantum secret sharing with identity authentication based on Bell states. Int. J. Quantum Information 15(04), 1750023 (2017)
Abulkasim, H., Hamad, S., El Bahnasy, K., Rida, S.Z.: Authenticated quantum secret sharing with quantum dialogue based on Bell states. Phys. Scr. 91(8), 085101 (2016)
Abulkasim, H., Hamad, S., Elhadad, A.: Reply to Comment on ‘Authenticated quantum secret sharing with quantum dialogue based on Bell states’. Phys. Scr. 93(2), 027001 (2018)
Joy, D., Behera, B.K., Panigrahi, P.K.: In principle demonstration of quantum secret sharing in the IBM quantum computer (2018). arXiv preprint arXiv:1807.03219
Deng, F.-G., Long, G.L., Liu, X.-S.: Two-step quantum direct communication protocol using the Einstein–Podolsky–Rosen pair block. Phys. Rev. A 68(4), 042317 (2003)
Yang, Y.-G., Wen, Q.-Y.: An efficient two-party quantum private comparison protocol with decoy photons and two-photon entanglement. J. Phys. A: Math. Theor. 42(5), 055305 (2009)
Hung, S.-M., Hwang, S.-L., Hwang, T., Kao, S.-H.: Multiparty quantum private comparison with almost dishonest third parties for strangers. Quantum Inf. Process. 16(2), 36 (2017)
Zhou, M.-K.: Improvements of quantum private comparison protocol based on cluster states. Int. J. Theor. Phys. 57(1), 42–47 (2018)
Huang, W., Wen, Q., Liu, B., Gao, F., Sun, Y.: Robust and efficient quantum private comparison of equality with collective detection over collective-noise channels. Sci. China Phys. Mech. Astron. 56(9), 1670–1678 (2013)
Vaccaro, J.A., Spring, J., Chefles, A.: Quantum protocols for anonymous voting and surveying. Phys. Rev. A 75(1), 012333 (2007)
Huang, W., Wen, Q.-Y., Liu, B., Su, Q., Qin, S.-J., Gao, F.: Quantum anonymous ranking. Phys. Rev. A 89(3), 032325 (2014)
Jakobi, M., Simon, C., Gisin, N., Bancal, J.-D., Branciard, C., Walenta, N., Zbinden, H.: Practical private database queries based on a quantum-key-distribution protocol. Phys. Rev. A 83(2), 022301 (2011)
Wei, C.-Y., Wang, T.-Y., Gao, F.: Practical quantum private query with better performance in resisting joint-measurement attack. Phys. Rev. A 93(4), 042318 (2016)
Gao, F., Liu, B., Huang, W., Wen, Q.-Y.: Postprocessing of the oblivious key in quantum private query. IEEE J. Sel. Top. Quantum Electron. 21(3), 98–108 (2015)
Wei, C.-Y., Cai, X.-Q., Liu, B., Wang, T., Gao, F.: A generic construction of quantum-oblivious-key-transfer-based private query with ideal database security and zero failure. IEEE Trans. Comput. 67, 2–8 (2017)
Zhou, N., Zeng, G., Xiong, J.: Quantum key agreement protocol. Electron. Lett. 40(18), 1149–1150 (2004)
Tsai, C., Hwang, T.: On quantum key agreement protocol. Technical Report C-S-I-E, NCKU, Taiwan (2009)
He, Y.-F., Ma, W.-P.: Two-party quantum key agreement based on four-particle GHZ states. Int. J. Quantum Inf. 14(01), 1650007 (2016)
Huang, W., Wen, Q.-Y., Liu, B., Gao, F., Sun, Y.: Quantum key agreement with EPR pairs and single-particle measurements. Quantum Inf. Process. 13(3), 649–663 (2014)
He, Y.-F., Ma, W.-P.: Two-party quantum key agreement against collective noise. Quantum Inf. Process. 15(12), 5023–5035 (2016)
Shi, R.-H., Zhong, H.: Multi-party quantum key agreement with bell states and bell measurements. Quantum Inf. Process. 12(2), 921–932 (2013)
Cai, B., Guo, G., Lin, S.: Multi-party quantum key agreement with teleportation. Mod. Phys. Lett. B 31(10), 1750102 (2017)
Cai, B.-B., Guo, G.-D., Lin, S.: Multi-party quantum key agreement without entanglement. Int. J. Theor. Phys. 56(4), 1039–1051 (2017)
Cao, H., Ma, W.: Multiparty quantum key agreement based on quantum search algorithm. Sci. Rep. 7, 45046 (2017)
Huang, W., Su, Q., Liu, B., He, Y.-H., Fan, F., Xu, B.-J.: Efficient multiparty quantum key agreement with collective detection. Sci. Rep. 7(1), 15264 (2017)
Huang, W., Su, Q., Xu, B., Liu, B., Fan, F., Jia, H., Yang, Y.: Improved multiparty quantum key agreement in travelling mode. Sci. CHINA Phys. Mech. Astron. 59(12), 120311 (2016)
Liu, B., Xiao, D., Jia, H.-Y., Liu, R.-Z.: Collusive attacks to “circle-type” multi-party quantum key agreement protocols. Quantum Inf. Process. 15(5), 2113–2124 (2016)
Liu, W.-J., Chen, Z.-Y., Ji, S., Wang, H.-B., Zhang, J.: Multi-party semi-quantum key agreement with delegating quantum computation. Int. J. Theor. Phys. 56(10), 3164–3174 (2017)
Luo, Q.-B., Yang, G.-W., She, K., Niu, W.-N., Wang, Y.-Q.: Multi-party quantum private comparison protocol based on d-dimensional entangled states. Quantum Inf. Process. 13(10), 2343–2352 (2014)
Sun, Z., Huang, J., Wang, P.: Efficient multiparty quantum key agreement protocol based on commutative encryption. Quantum Inf. Process. 15(5), 2101–2111 (2016)
Sun, Z., Yu, J., Wang, P.: Efficient multi-party quantum key agreement by cluster states. Quantum Inf. Process. 15(1), 373–384 (2016)
Sun, Z., Zhang, C., Wang, B., Li, Q., Long, D.: Improvements on “multiparty quantum key agreement with single particles”. Quantum Inf. Process. 12(11), 3411–3420 (2013)
Sun, Z., Zhang, C., Wang, P., Yu, J., Zhang, Y., Long, D.: Multi-party quantum key agreement by an entangled six-qubit state. Int. J. Theor. Phys. 55(3), 1920–1929 (2016)
Wang, P., Sun, Z., Sun, X.: Multi-party quantum key agreement protocol secure against collusion attacks. Quantum Inf. Process. 16(7), 170 (2017)
Xu, G.-B., Wen, Q.-Y., Gao, F., Qin, S.-J.: Novel multiparty quantum key agreement protocol with GHZ states. Quantum Inf. Process. 13(12), 2587–2594 (2014)
Huang, W., Wen, Q.-Y., Liu, B., Su, Q., Gao, F.: Cryptanalysis of a multi-party quantum key agreement protocol with single particles. Quantum Inf. Process. 13(7), 1651–1657 (2014)
Liu, B., Gao, F., Huang, W., Wen, Q.-Y.: Multiparty quantum key agreement with single particles. Quantum Inf. Process. 12(4), 1797–1805 (2013)
Wang, L., Ma, W.: Quantum key agreement protocols with single photon in both polarization and spatial-mode degrees of freedom. Quantum Inf. Process. 16(5), 130 (2017)
Wang, T.-Y., Liu, Y.-Z., Wei, C.-Y., Cai, X.-Q., Ma, J.-F.: Security of a kind of quantum secret sharing with entangled states. Sci. Rep. 7(1), 2485 (2017)
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Abulkasim, H., Farouk, A., Alsuqaih, H. et al. Improving the security of quantum key agreement protocols with single photon in both polarization and spatial-mode degrees of freedom. Quantum Inf Process 17, 316 (2018). https://doi.org/10.1007/s11128-018-2091-7
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11128-018-2091-7