Abulkasim Hussein, Mashatan Atefeh, Ghose Shohini
Ted Rogers School of Information Technology Management, Ryerson University, Toronto, Canada.
Faculty of Science, New Valley University, El-Kharga, Egypt.
Sci Rep. 2021 May 4;11(1):9456. doi: 10.1038/s41598-021-88837-w.
Quantum key agreement enables remote participants to fairly establish a secure shared key based on their private inputs. In the circular-type multiparty quantum key agreement mode, two or more malicious participants can collude together to steal private inputs of honest participants or to generate the final key alone. In this work, we focus on a powerful collusive attack strategy in which two or more malicious participants in particular positions, can learn sensitive information or generate the final key alone without revealing their malicious behaviour. Many of the current circular-type multiparty quantum key agreement protocols are not secure against this collusive attack strategy. As an example, we analyze the security of a recently proposed multiparty key agreement protocol to show the vulnerability of existing circular-type multiparty quantum key agreement protocols against this collusive attack. Moreover, we design a general secure multiparty key agreement model that would remove this vulnerability from such circular-type key agreement protocols and describe the necessary steps to implement this model. The proposed model is general and does not depend on the specific physical implementation of the quantum key agreement.
量子密钥协商使远程参与者能够基于他们的私有输入公平地建立一个安全的共享密钥。在循环型多方量子密钥协商模式中,两个或更多恶意参与者可以勾结在一起,窃取诚实参与者的私有输入,或者单独生成最终密钥。在这项工作中,我们关注一种强大的勾结攻击策略,在这种策略中,处于特定位置的两个或更多恶意参与者可以在不暴露其恶意行为的情况下,获取敏感信息或单独生成最终密钥。当前许多循环型多方量子密钥协商协议都无法抵御这种勾结攻击策略。例如,我们分析了最近提出的一个多方密钥协商协议的安全性,以展示现有循环型多方量子密钥协商协议在这种勾结攻击面前的脆弱性。此外,我们设计了一个通用的安全多方密钥协商模型,该模型将消除此类循环型密钥协商协议中的这一漏洞,并描述实现该模型的必要步骤。所提出的模型具有通用性,不依赖于量子密钥协商的具体物理实现。
