The quantum world is fascinating. Some things become more robust and go many folds deep when we are in the quantum world. Today we will read about Conference Key Agreement. It is a cryptographic task where more than two sides want to set up a secret key which will be familiar to all the parties. Let us dive deep into this secret world.

About Conference Key Agreement

Conference key agreement (CKA), also known as multipartite key distribution. It is a cryptographic activity in which more than two parties want to set up a common secret key. This goal can get achieved by combining bipartite quantum key distribution algorithms. Yet, we know that we have multipartite quantum correlations. It lets us go for new and more efficient protocols. Protocols that can get used in future quantum networks. The available quantum CKA methods based on multipartite entanglement gets reviewed. It happens both in the device-dependent and device-independent scenarios as well.

Depth use of Quantum Conference Key Agreement

Quantum mechanics has the potential to provide exceptional benefits. This takes us many leaps forward in the execution of information-processing tasks. Quantum key distribution, or QKD, is possibly the most developed and advanced quantum technology and is a prime example. QKD enables two people from any part of the world to interact securely by establishing a secret key. This key is information-theoretically secure. Security proofs are provided for various levels of assumptions. A high level of security is shown for real parameters with implementations. It lets us achieve vast distances in the case where the devices and/or quantum states are defined.

Security proof in a completely adversarial scenario is also well established. It is for the device-independent scenario. No assumptions about the quantum states. Along with that, the operating behaviour of the devices, barring composability if the devices get re-used. For protocols based on the simplest Bell inequality, the needed experimental parameters get defined.

Now we have a big growth of quantum technological applications. Because of this, near-future applications based on genuine multipartite quantum protocols using shared multipartite entangled states in network architectures are now possible. Applications span from distributed quantum computing to true multipartite quantum communication protocols. This may eventually lead to the quantum internet.

We will concentrate on the conference key agreement or CKA. This is also known as multiparty key distribution. It is an expansion of the key distribution problem to the case in which N users want to establish a common secret key. This enables users to send secure messages across a network. Conference key agreement can be implemented, for example, by first establishing bipartite keys amongst users. Then securely distributing a common key to all other users using the bipartite keys. In the classical case, this technique has been criticised as inefficient. Along with that, numerous classical protocols allowing the parties to establish a shared key have been presented.

A secure conference key can also get established in the quantum scenario. That is when the parties can employ quantum resources by using many bipartite QKD lines. Bipartite quantum links are already getting used in tiny quantum networks that cover metropolitan areas. This, as well as more extensive networks that span entire nations. However, the long-term idea of a general quantum network includes network nodes that process quantum information. This allows the dissemination of multipartite entangled states across the network. In a quantum network, true multipartite entangled states may give us advantages above the bipartite situation. This allows secure interactions between an arbitrary subset of participating partners.

Developers have a rich structure of multipartite entangled quantum states. They allow for a large range of new key distribution techniques to be developed. While protocols for CKA based solely on bipartite QKD only introduces a little originality. This is in terms of the requisite quantum technologies or theoretical tools for security analysis. It changes when procedures investigate multipartite entanglement. Quantum correlations can be used to design fully multipartite schemes in this case.

Preliminaries

Now let us take a look at the Preliminaries. We will see them in sections.

Multipartite Entangled Resources

The structure of multipartite quantum states is more complicated than that of bipartite quantum states. Different kinds of states can be defined based on their entanglement features. Giving rise to ideas like k-separability and genuine multipartite entanglement. There are many entanglement classes for multipartite systems that are not equal under stochastic local operations and classical communication (SLOCC). In particular, two non-equivalent classes of really multipartite entangled states can be described in the tripartite case: the GHZ-class, represented by the Greenberger-Horne-Zeilinger (GHZ) state.

and the W-class represented by the W state

These classes of states have various physical features as well. The GHZ state is a direct generalisation of Bell states to the multipartite case. It also violates the well-studied family of N-party Bell inequalities known as MABK to the greatest extent possible. But, the entanglement in the GHZ state is not resistant to particle losses. But the W-state retains bipartite entanglement even when one particle gets lost.

The 3-party GHZ and W states in Equations (1) and (2) are easily expanded to N parties. They are the resources for quantum CKA protocols, which are detailed in the following sections.

Security

Security Definition

We take into account N users. The users want to create a shared string of bits that is unknown to any other party. Especially any prospective eavesdropper.

A quantum conference key agreement protocol's security is based on two conditions: accuracy and secrecy.

Security Model

The adversary in the case where N parties want to safely interact is an external party. The crook, who can eavesdrop on all public communication exchanged. Crook may also experiment with the quantum channels. Along with that, investigate correlations with the produced conference key.

Similar to the bipartite scenario, we may divide the eavesdropper's attacks into three categories:

1. Individual attacks: In each round of the protocol, the eavesdropper can only attack individually. We note that the crook is considered to have no quantum memory in this situation. So the optimal strategy is to measure his quantum side information. This is at each round.

2. Collective attacks: The crook is supposed to undertake the same attack for each round of the protocol, implying that her quantum side information is distributed identically and independently (IID) across rounds. The crook E, unlike individual attacks, is now thought to have a quantum memory. As a result, the crook can save the quantum side information at each round and conduct a global operation on it at the end of the protocol execution.

3. Coherent attacks: This is the most general sort of attack in which no assumptions are made about the eavesdropper's skills, except that the crook is limited by the principles of quantum physics. In this instance, the parties' shared states at each round may have arbitrary connections with prior and subsequent rounds.

Generic Protocols

The purpose of a quantum conference key agreement is for N users to use their shared quantum resources, as well as local operations and public communication, to create a secure conference key.

Further in the blog, we will find out more about The proposed quantum protocols for performing CKA using multipartite entanglement.

GHZ State Protocols

The first quantum conference key agreement protocol ideas investigate the multipartite correlations displayed by the N-party GHZ state:

Where "equation" refers to the Z-basis, it is made up of the eigenstates of the Pauli operator. The GHZ state meets all of the requirements for a conference key agreement protocol: measurements in the Z-basis are fully correlated, random, and uniformly distributed. Surprisingly, this perfect connection is only possible if all parties measure on the Z-axis.

If the parties adopt a different foundation, even a complete bipartite correlation cannot be reached. This is a significant departure from the bipartite case (). Indeed, if side A and side B are in the maximally entangled state, there exists a local basis for B for each choice of local basis for A such that their outcomes exhibit complete correlation. This feature gets used in the bipartite six-state and BB84 QKD methods.

W State Protocol

The correlations supplied by multipartite GHZ states are not required for quantum conference key agreements. Some protocols take advantage of the multipartite entanglement of a W-class state to establish a conference key. N parties' W state is defined as

A W-class state has arbitrary phases on every term.

Continuous Variable Conference Key Agreement

Continuous variable (CV) quantum systems can also be used to generate quantum conference keys. Following the first of these protocols, which allows for three-party quantum conferencing without relying on measurement devices, more broad and enhanced protocols have been developed. When linked to an untrusted central relay in a star network, the latter permits an arbitrary number of users to create conference keys. These schemes would enable high-speed intra-city secure conferencing among a large number of users.

Both techniques are dependent on the correlations produced by an N-mode CV GHZ state.

Device-Independent Conference Key Agreement

We want to refrain from assuming any knowledge of the distributed system. We want to avoid assuming the internal workings of their devices in the device-independent scenario. Security can even be examined on the assumption that the attacker created the shared states as well as the measuring devices. We should highlight that several assumptions remain in the device-independent scenario. Such as isolated labs and trusted random number generators. The parties' purpose is to ensure security. This can get done by solely using observable input and output statistics. The violation of a Bell inequality validates security in a device-independent protocol.

Multipartite Private States

The correlations of the multipartite GHZ state are used in the majority of the quantum conference key agreement protocols. As a result, GHZ distillation methods are closely related to secret conference key distillation. Indeed, if the parties share several copies of a resource state that can be converted into a smaller number of GHZ states, they could use a distillation process followed by measurements to establish a secret key.

Frequently Asked Questions

What is a key-agreement protocol?

A key-agreement protocol in cryptography is a mechanism. It allows two or more parties to agree on a key. This gets done in such a way that both parties influence the outcome. If done correctly, this can stop unwanted third parties from forcing a key choice on the parties making the agreement.

What are the commonly used key-agreement protocols?

Key-agreement protocols that are commonly used include Diffie-Hellman and protocols based on RSA or ECC.

Which is better, RSA or AES?

The cypher text approach of the Advance Encryption Standard (AES) is a more precise and elegant cryptographic mechanism. Based on it, we can say that the AES algorithm outperforms the Data Encryption Standard (DES) and the RSA algorithms.

Conclusion

The world of cryptography can be complex, for a start. It may take work to understand. But it is definitely interesting. In this article, we read about Conference Key Agreement Schemes and elements related to them. Refer to our courses and explore Coding Ninjas Studio to find more exciting stuff. You can also look into the interview experiences and solve different problems. Look into our Guided paths, test series, libraries and resources to know more.