高效的安全多方半量子求和协议  

作　　者：李佩珊 陈灵丽 谢勇[1] 李琴[1] LI Pei-Shan;CHEN Ling-Li;XIE Yong;LI Qin(School of Computer Science,Xiangtan University,Xiangtan 411105,China;School of Computer Science and Engineering,Hunan University of Information Technology,Changsha 410151,China)

机构地区：[1]湘潭大学计算机学院网络空间安全学院,湘潭411105 [2]湖南信息学院计算机科学与工程学院,长沙410151

出　　处：《密码学报》2023年第4期786-795,共10页Journal of Cryptologic Research

基　　金：国家自然科学基金(62271436,U1736113);湖南省科技创新计划(2022RC1187);湖南省教育厅重点项目(20A471)。

摘　　要：安全多方半量子求和(SMSQS)是指多个互不信任且资源受限的参与方,借助量子第三方(TP)的帮助联合计算出他们私有秘密之和,其求和结果可以根据实际应用场景来设计是否公开,但是协议需确保参与者输入的隐私性和计算结果的正确性.本文提出一种第三方TP只需制备单量子比特就可对多个资源受限的参与方进行秘密求和的协议.协议中参与方无论执行直接返回操作或者执行测量返回操作,协议都可以对参与方的秘密进行求和计算,从而提高协议中量子比特的使用效率.其次基于一种d维的量子叠加态给出将参与方秘密数值的维度扩展到高维的SMSQS协议,并通过数学证明和具体实例验证其协议的正确性.通过对所提出的协议进行安全性分析可知它们能够防范拦击重发攻击、测量重发攻击、双CNOT门攻击和TP攻击等典型的攻击行为.Secure multi-party semi-quantum summation(SMSQS)allows multiple distrusted and resource-constrained participants to jointly compute the summation of their private secrets with the help of a quantum third party(TP).Whether the result of SMSQS can be disclosed depends on its application.However,the computation must ensure the privacy of the participants’inputs and the correctness of the computation result.This paper proposes an efficient SMSQS protocol where TP only needs to prepare single qubits and can help multiple resource-constrained participants to carry out summation operation on their inputs.Whether or not the participants choose to reflect what they received directly or perform measurements on the received qubits,the protocol can sum up the secrets of the participants,thus the qubit efficiency is greatly improved.In addition,based on a ddimensional quantum superposition state,a high-dimensional SMSQS protocol which can compute the summation of d-dimensional secrets is presented.The correctness of the protocol is verified through mathematical proofs and specific examples are given.The security analysis of the proposed protocols shows that the proposed protocols can prevent some typical attacks such as the intercept-resend attack,the measure-resend attack,the double CNOT attack and the TP attack.

关 键 词：安全多方计算 半量子密码 半量子求和 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]