A quantum secure direct communication scheme based on intermediate-basis

Kexin Liang; Zhengwen Cao; Xinlei Chen; Lei Wang; Geng Chai; Jinye Peng

doi:10.1007/s11467-023-1284-4

PDF(6991 KB)

Front. Phys. ›› 2023, Vol. 18 ›› Issue (5) : 51301. DOI: 10.1007/s11467-023-1284-4

RESEARCH ARTICLE

A quantum secure direct communication scheme based on intermediate-basis

Author information +

History +

Abstract

Quantum secure direct communication (QSDC) is a method of communication that transmits secret information directly through a quantum channel. This paper proposes a two-step QSDC scheme based on intermediate-basis, in which the intermediate-basis Einstein−Podolsky−Rosen (EPR) pairs can assist to detect channel security and help encode information. Specifically, the intermediate-basis EPR pairs reduce the probability of Eve choosing the correct measurement basis in the first step, enhancing the security of the system. Moreover, they encode information together with information EPR pairs to improve the transmission efficiency in the second step. We consider the security of the protocol under coherent attack when Eve takes different dimensions of the auxiliary system. The simulation results show that intermediate-basis EPR pairs can lower the upper limit of the amount of information that Eve can steal in both attack scenarios. Therefore, the proposed protocol can ensure that the legitimate parties get more confidential information and improve the transmission efficiency.

Graphical abstract

Keywords

quantum secure direct communication / two-step / intermediate-basis

Cite this article

EndNote

Ris (Procite)

Bibtex

Download citation ▾

Kexin Liang, Zhengwen Cao, Xinlei Chen, Lei Wang, Geng Chai, Jinye Peng. A quantum secure direct communication scheme based on intermediate-basis. Front. Phys., 2023, 18(5): 51301 https://doi.org/10.1007/s11467-023-1284-4

1 Introduction

Secure communication guarantees political and economic security and social well-being. However, fast-growing supercomputer technology and quantum computing [1] threaten traditional encryption methods (for example, RSA public key scheme [2]). Quantum communication is an emerging and vibrant alternative approach based on the uncertainty principle and no-cloning theorem of quantum mechanics, which can fulfill unconditional theoretical security. So far, it mainly includes quantum key distribution (QKD) [3, 4], quantum teleportation (QT) [5], and quantum secure direct communication (QSDC) [6].

QKD was first proposed in 1984 to establish a secure key before transmitting a message and has come a long way since then [7, 8]. QT can execute the transmission and reconstruction of the quantum state over arbitrary distance, and it will be a critical ingredient for a quantum computation network [9, 10]. QSDC is a milestone during the development of quantum communication, which can achieve the direct transmission of messages through a quantum channel [11]. There are two well-known protocols known as two-step protocol [12] and DL04 protocol [13], and the former uses Einstein−Podolsky−Rosen (EPR) pairs while the latter uses single photons. The security analyses [14–16] and experimental demonstrations [17, 18] enable the two protocols to become the mainstream of QSDC. Moreover, [19] reports the first practical QSDC experiment through the fiber transmission of 0.5 km, and quantum state fidelity of entanglement is 91%, which shows the potential of QSDC and supports its application on quantum communication networks. A QSDC scheme without quantum memory is proposed to solve one of the biggest obstacles to its practical applications [20]. In addition, the measurement-device-independent (MDI) QSDC [21, 22] and its security analysis [23] gradually become mature. The theories and researches on free space QSDC and its experiments are in progress [24, 25]. Another important QSDC scheme that has been studied in recent years is semi-quantum secure direct communication, which is proposed in [26]. And some further development has been done in [27–29]. Continuous variable QSDC is also being studied [30, 31]. Therefore, the research branch of QSDC is becoming more and more abundant.

Although QSDC has made some progress, there is still a need to improve system performance. In this paper, we propose a novel two-step QSDC scheme with intermediate-basis [32]. Intermediate-basis EPR pairs, on one hand, enhance the system security by reducing the probability of Eve choosing the correct measurement basis, and they also participate in information encoding together with information EPR pairs, improving the transmission efficiency. Finally, the security analyses when Eve employs two different auxiliary systems to execute coherent attack are all considered. Results show that the intermediate-basis EPR pairs played a positive role in resisting these attacks.

The remainder of this paper is organized as follows. In Section 2, the proposed two-step QSDC protocol is described in detail. The security analyses of this protocol under coherent attack with two different auxiliary systems of Eve are proved in Section 3. The summary is given in Section 4.

2 The two-step QSDC scheme with intermediate-basis

In this section, we describe the proposed protocol as shown in Fig.1, which includes two stages: security detection and message transmission. Alice employs block transmission technology, for arbitrary

i - t h

block,

i \in [1, M]

(

M

is the number of all information blocks)

Fig.1 A QSDC scheme based on intermediate-basis. ( $U$ : A unitary operation for encoding. The red balls refer to information EPR pairs $| ψ^{-} ⟩$ , and the green balls refer to intermediate-basis EPR pairs $| ψ_{θ_{i}}^{-} ⟩$ . Black dashed frame represents these particles are chosen for channel security detection and blue dashed frame represents these particles are used for channel secondary detection.)

Full size|PPT slide

Step 1: Preparation of entangled pairs

Alice prepares two kinds of entangled pairs,

| ψ^{-} ⟩ =

(| 01 ⟩ - | 10 ⟩) / \sqrt{2}

represented by red balls in Fig.1, and

| ψ_{θ_{i}}^{-} ⟩ = (| θ_{i} θ_{i}^{⊥} ⟩ - | θ_{i}^{⊥} θ_{i} ⟩) / \sqrt{2}, (θ_{i} \in (0, \frac{π}{4}))

represented by green balls in Fig.1.

θ_{i}

is the angle of intermediate-basis selected by legal parties when transmitting the

i

-th block (its range is shown in Fig.2) and is represented as

Fig.2 The relationship between intermediate basis and $X$ basis and $Z$ basis. ( $| H ⟩ = | 0 ⟩, | V ⟩ = | 1 ⟩, | D ⟩ = | + ⟩, | A ⟩ = | - ⟩,$ and the shaded part is the effective range of $θ_{i}$ .)

Full size|PPT slide

(1)

\begin{aligned} | θ_{i} ⟩ = c o s (θ_{i} / 2) | 0 ⟩ + s i n (θ_{i} / 2) | 1 ⟩, \\ | θ_{i}^{⊥} ⟩ = s i n (θ_{i} / 2) | 0 ⟩ - c o s (θ_{i} / 2) | 1 ⟩ . \end{aligned}

Alice randomly arranges two entangled pairs to form a new sequence and keeps one subsequence

{P_{n} (A), n = 1, 2, . . ., N}

by herself. Then she sends another subsequence

{P_{n} (B), n = 1, 2, . . ., N}

to Bob and announces

θ_{i}

(

N

is the length of the two sequences).

Step 2: Channel security check

Entanglement is a resource that can resist interference [19], attenuation, and mutation from the channel. However, it is destroyed when Eve lurks in the channel, and the measurement results of Alice and Bob no longer conform to the EPR relationship. Therefore, an unreasonable quantum bit error rate (QBER) appears.

Here, we judge the security of the first step of transmission through the Clauser−Horne−Shimony−Holt (CHSH) inequality [33–35]. That is, when the CHSH inequality is violated, Eve cannot completely determine the measurement results of both communication parties. When the violation is greater, the weaker its correlation with Eve; When the violation reaches the maximum, the quantum state and Eve are completely separated, and the measurement results of both sides of the communication will not be leaked to Eve.

(2.

a

) Alice chooses randomly

\hat{Q}

basis or

\hat{R}

basis to measure the chosen photons in

P_{n} (A)

. (2.

b

) Bob chooses randomly

\hat{S}

basis or

\hat{T}

basis to measure the chosen photons in

P_{n} (B)

, where

(2)

\begin{aligned} \hat{Q} = \hat{Z}, \\ \hat{R} = \hat{X}, \\ \hat{S} = \frac{- \hat{Z} - \hat{X}}{\sqrt{2}}, \\ \hat{T} = \frac{\hat{Z} - \hat{X}}{\sqrt{2}} . \end{aligned}

(2.

c

) After all the checking photon pairs have been measured, Alice and Bob reveal their measurement basis and results, then they can calculate the CHSH polynomial,

(3)

\begin{array}{l} S_{C H S H} = ⟨ \hat{Q} \hat{S} ⟩ + ⟨ \hat{R} \hat{S} ⟩ + ⟨ \hat{R} \hat{T} ⟩ - ⟨ \hat{Q} \hat{T} ⟩ . \end{array}

where

⟨ \cdot ⟩

represents mean value of measurement results.

According to the measurement reasults, if

S_{C H S H} \leq 2

, entanglement does not exist. At this time, the channel security detection fails and the communication process is abandoned. If

2 < S_{C H S H} \leq 2 \sqrt{2}

, the measurement results are non-local correlated, at this time, the channel security detection passes. When

S_{C H S H} = 2 \sqrt{2}

, this means Alice and Bob share the maximally entanglement. In specific experiments, this maximum value is generally difficult to reach due to the influence of the environment. The detection process of intermediate-basis EPR pairs is similar.

Step 3: Encoding information

Alice relies on four unitary operations to load information on the rest of the particles in

P_{n} (A)

, and the four unitary operations are represented as Eq. (4).

(4)

\begin{aligned} U_{1} = I = | 0 ⟩ ⟨ 0 | + | 1 ⟩ ⟨ 1 |, \\ U_{2} = σ_{z} = | 0 ⟩ ⟨ 0 | - | 1 ⟩ ⟨ 1 |, \\ U_{3} = σ_{x} = | 1 ⟩ ⟨ 0 | + | 0 ⟩ ⟨ 1 |, \\ U_{4} = σ_{x} σ_{z} = | 0 ⟩ ⟨ 1 | - | 1 ⟩ ⟨ 0 | . \end{aligned}

Then the information EPR pairs

| ψ^{-} ⟩ = (| 01 ⟩ - | 10 ⟩) / \sqrt{2}

are transformed into

| ψ^{-} ⟩

| ψ^{+} ⟩

| Φ^{-} ⟩

and

| Φ^{+} ⟩

, respectively. And the intermediate-basis EPR pairs

| ψ_{θ_{i}}^{-} ⟩

are transformed into

| ψ_{θ_{i}}^{-} ⟩

| ψ_{θ_{i}}^{+} ⟩

| Φ_{θ_{i}}^{+} ⟩

and

| Φ_{θ_{i}}^{-} ⟩

, respectively.

(5)

\begin{aligned} | ψ^{-} ⟩ = \frac{1}{\sqrt{2}} ({| 0 ⟩}_{A} {| 1 ⟩}_{B} - {| 1 ⟩}_{A} {| 0 ⟩}_{B}), \\ | ψ^{+} ⟩ = \frac{1}{\sqrt{2}} ({| 0 ⟩}_{A} {| 1 ⟩}_{B} + {| 1 ⟩}_{A} {| 0 ⟩}_{B}), \\ | Φ^{-} ⟩ = \frac{1}{\sqrt{2}} ({| 0 ⟩}_{A} {| 0 ⟩}_{B} - {| 1 ⟩}_{A} {| 1 ⟩}_{B}), \\ | Φ^{+} ⟩ = \frac{1}{\sqrt{2}} ({| 0 ⟩}_{A} {| 0 ⟩}_{B} + {| 1 ⟩}_{A} {| 1 ⟩}_{B}), \\ | ψ_{θ_{i}}^{-} ⟩ = {| θ_{i} ⟩}_{A} {| θ_{i}^{⊥} ⟩}_{B} - {| θ_{i}^{⊥} ⟩}_{A} {| θ_{i} ⟩}_{B}, \\ | ψ_{θ_{i}}^{+} ⟩ = {| θ_{i} ⟩}_{A} {(\begin{array}{l} - c o s (\frac{θ_{i}}{2}) \\ s i n (\frac{θ_{i}}{2}) \end{array})}_{B} - {| θ_{i}^{⊥} ⟩}_{A} {(\begin{array}{l} s i n (\frac{θ_{i}}{2}) \\ c o s (\frac{θ_{i}}{2}) \end{array})}_{B}, \\ | Φ_{θ_{i}}^{+} ⟩ = {| θ_{i} ⟩}_{A} {| θ_{i} ⟩}_{B} + {| θ_{i}^{⊥} ⟩}_{A} {| θ_{i}^{⊥} ⟩}_{B}, \\ | Φ_{θ_{i}}^{-} ⟩ = {| θ_{i} ⟩}_{A} {(\begin{array}{l} s i n (\frac{θ_{i}}{2}) \\ c o s (\frac{θ_{i}}{2}) \end{array})}_{B} - {| θ_{i}^{⊥} ⟩}_{A} {(\begin{array}{l} c o s (\frac{θ_{i}}{2}) \\ - s i n (\frac{θ_{i}}{2}) \end{array})}_{B} . \end{aligned}

Step 4: Decoding information

After Bob receives these quantum states, Alice publishes the positions of these sampling pairs and the chosen unitary operations on them to Bob. Bob executes corresponding Bell-basis measurement on the two particles simultaneously. The result of comparing random numbers judges whether Eve cut the communication off. If the communication process is unbroken, Bob can obtain the secret information through Tab.1.

Tab.1 Summary of Alice’s encoding and Bob’s decoding.

Entangled pair	Alice’s encoding	Information	Bob’s decoding

$\| ψ^{-} ⟩$	$U_{1}$	000	$\| ψ^{-} ⟩$
	$U_{2}$	001	$\| ψ^{+} ⟩$
	$U_{3}$	010	$\| Φ^{-} ⟩$
	$U_{4}$	011	$\| Φ^{+} ⟩$
$\| ψ_{θ_{i}}^{-} ⟩$	$U_{1}$	100	$\| ψ_{θ_{i}}^{-} ⟩$
	$U_{2}$	101	$\| ψ_{θ_{i}}^{+} ⟩$
	$U_{3}$	110	$\| Φ_{θ_{i}}^{+} ⟩$
	$U_{4}$	111	$\| Φ_{θ_{i}}^{-} ⟩$

It can be seen from Tab.1 that due to the help of intermediate-basis EPR pair

| ψ_{θ_{i}}^{-} ⟩

, the number of quantum states that can be used for encoding is increased from 4 to 8, and the information transmission rate is increased from 2 bit to 3 bit per operation.

3 Security analysis

3.1 Security analysis under coherent attack

A compound channel with an eavesdropper is called a compound wiretap channel, with the novel difference that one information rate is to be maximized and the other minimized. As a way to realize secure communication, wiretap channel provides a good model for realizing secure communication [36]. The security capacity

C_{s}

is an important parameter which refers to the maximum transmission rate that can be reached when the eavesdropper Eve can’t eavesdrop any useful information, that is, when the legitimate users realize secure communication, as shown in Fig.3.

Fig.3 Wiretap channel model. The model comprises a transmitter, a legitimate receiver, and an eavesdropper. The channel between transmitter and legitimate receiver is the main channel, and the channel between transmitter and eavesdropper is the eavesdropper’s channel.

Full size|PPT slide

Theorem: Supposed that

X

is a random variable Alice send to Bob,

Y

is the outcome of Bob’s measurements through legal channel and

Z

is the outcome of Eve’s measurements through wiretap channel.

C_{s}

is defined as [36]

(6)

\begin{array}{l} C_{s} = m a x (I (X; Y) - I (X; Z)) . \end{array}

In order to achieve this goal, it is necessary to maximize the reliable communication rate from the source to the legitimate receiver

I (X; Y)

, but the premise is that the eavesdropper reduces the output of the source

I (X; Z)

as much as possible.

Definition: The quantum wiretap channel has been described by a single quantum operation

T

from Alice to Bob and Eve together. The legal channel and the wiretapper channel are defined

ε = {T r}_{E} \circ T

and

ε^{'} = {T r}_{B} \circ T

[37], respectively.

In other words, the main difference between classical wiretap channel and quantum wiretap channel [38, 39] comes from the no-cloning theorem, that is, Alice’s input state can not be duplicated and then sent through both channels

ε

and

ε^{'}

. According to Wyner’s wiretap channel theory, there exised an encoding method that allows the secure transmission of information at a rate lower than the secrecy capacity, provided that the secrecy capacity is positive. Notablly, the legal channel and wiretap channel are all quantum channel, thus,

I (X; Y)

and

I (X; Z)

are all replaced by the Holevo quantity [37].

Theorem: Supposed

χ (\cdot)

is Holevo quantity,

χ_{1}

and

χ_{2}

are quantum version of

I (X; Y)

and

I (X; Z)

, respectively.

S (\cdot)

is the von Neumann entropy,

P

is a probability distribution over a finite set

Ω

ρ (\cdot)

is density operator, and

Υ := {ρ (x) : x \in Ω}

is a set of states labeled by elements of

Ω

(7)

\begin{aligned} χ_{1} (P, Υ) = S (\sum_{x \subseteq Ω} P_{X} (x) ε (ρ (x))) \\ - \sum_{x \subseteq Ω} P_{X} (x) S (ε (ρ (x))), \\ χ_{2} (P, Υ) = S (\sum_{x \subseteq Ω} P_{X} (x) ε^{'} (ρ (x))) \\ - \sum_{x \subseteq Ω} P_{X} (x) S (ε^{'} (ρ (x))), \\ C_{s} \geq max_{P} (χ_{1} (P, Υ) - χ_{2} (P, Υ)) . \end{aligned}

Some relevent proofs are in Ref. [40].

Similar to the original two-step QSDC protocol, the security of the first step guarantees the security of the proposed scheme. Assuming Eve performs a coherent attack [41] where she attaches an auxiliary system

| E ⟩

to quantum channel and performs

U_{i}

, then she sends system B to Bob. Then the original EPR relationship between Alice and Bob becomes

(8)

\begin{aligned} ρ_{A B} = {T r}_{E} (U_{B E} | E ⟩ | ψ^{-} ⟩ ⟨ ψ^{-} | ⟨ E | U_{B E}^{†}), \\ ρ_{A B_{θ_{i}}} = {T r}_{E} (U_{B E} | E ⟩ | ψ_{θ_{i}}^{-} ⟩ ⟨ ψ_{θ_{i}}^{-} | ⟨ E | U_{B E}^{†}) . \end{aligned}

To simplify the effect of the attack on the system, an additional operation that randomly chosen from

U

is applied, the

ρ_{A B}

and

ρ_{A B_{θ_{i}}}

are simplified to

(9)

ρ_{A B} = (\begin{array}{l} λ_{1} & 0 & 0 & 0 \\ 0 & λ_{2} & 0 & 0 \\ 0 & 0 & λ_{3} & 0 \\ 0 & 0 & 0 & λ_{4} \end{array}),

and

(10)

\begin{array}{l} ρ_{A B_{θ_{i}}} = (\begin{array}{l} λ_{θ_{i}, 1} & 0 & 0 & 0 \\ 0 & λ_{θ_{i}, 2} & 0 & 0 \\ 0 & 0 & λ_{θ_{i}, 3} & 0 \\ 0 & 0 & 0 & λ_{θ_{i}, 4} \end{array}) . \end{array}

The whole system

ψ_{A B E}

can be expressed as

(11)

\begin{aligned} | ψ_{A B E} ⟩ = \sum_{m = 1}^{4} \sqrt{λ_{m}} | Φ_{m} ⟩ | E_{m} ⟩, \\ | ψ_{A B_{θ_{i}} E} ⟩ = \sum_{m = 1}^{4} \sqrt{λ_{θ_{i}, m}} | Φ_{θ_{i}, m} ⟩ | E_{m} ⟩, \end{aligned}

where

| Φ_{m} ⟩

and

| Φ_{θ_{i}, m} ⟩

is the Bell state and the intermediate-basis Bell state of system

A B

| E_{m} ⟩

is a set of orthogonal states of Eve’s auxiliary system.

Finally, Eve intercepts all the qubits from Alice in the last step to obtain maximal information about the message and measure them. Tracing out system

B

from

ψ_{A B E}

(12)

\begin{aligned} ρ_{A E} = T r_{B} (| ψ_{A B E} ⟩ ⟨ ψ_{A B E} |), \\ ρ_{A E_{θ_{i}}} = T r_{B} (| ψ_{A B_{θ_{i}} E} ⟩ ⟨ ψ_{A B_{θ_{i}} E} |), \end{aligned}

the encoded states are

(13)

\begin{aligned} ρ_{A E, 000} = U_{1} ρ_{A E} U_{1}^{†}, \\ ρ_{A E, 001} = U_{2} ρ_{A E} U_{2}^{†}, \\ ρ_{A E, 010} = U_{3} ρ_{A E} U_{3}^{†}, \\ ρ_{A E, 011} = U_{4} ρ_{A E} U_{4}^{†}, \\ ρ_{A E_{θ_{i}}, 100} = U_{1} ρ_{A E_{θ_{i}}} U_{1}^{†}, \\ ρ_{A E_{θ_{i}}, 101} = U_{2} ρ_{A E_{θ_{i}}} U_{2}^{†}, \\ ρ_{A E_{θ_{i}}, 110} = U_{3} ρ_{A E_{θ_{i}}} U_{3}^{†}, \\ ρ_{A E_{θ_{i}}, 111} = U_{4} ρ_{A E_{θ_{i}}} U_{4}^{†} . \end{aligned}

Even Eve measures all subsystems jointly, the information acquired from one subsystem on average in adjoint measurement cannot exceed that in single measurement of one subsystem, thus, the upper bound of

χ_{2}

(P, Υ)

is [14]

(14)

\begin{aligned} χ_{2} (P, Υ) & \leq S (\sum_{a} p_{a} ρ_{A E, a}) - \sum_{a} p_{a} S (ρ_{A E, a}) \\ \leq h (ϵ_{z}) + h (ϵ_{x}), \end{aligned}

where

ϵ_{x}

and

ϵ_{z}

are QBERs,

h (\cdot)

is Shannon entropy, and

h (ϵ_{z}) = h (ϵ_{z_{ψ^{-}}}) + h (ϵ_{z_{ψ_{θ_{i}}^{-}}})

h (ϵ_{x}) = h (ϵ_{x_{ψ^{-}}}) + h (ϵ_{x_{ψ_{θ_{i}}^{-}}})

ϵ_{x} = λ_{2} + λ_{4}

ϵ_{z} = λ_{3} + λ_{4}

ϵ_{x_{ψ_{θ_{i}}^{-}}} = λ_{θ_{i}, 2} + λ_{θ_{i}, 4}

, and

ϵ_{z_{ψ_{θ_{i}}^{-}}} =

λ_{θ_{i}, 3} + λ_{θ_{i}, 4}

In the absence of transmission disturbance, the information amount of Y received by Bob is consistent with that of X sent by Alice. In this scheme, each quantum bit encodes 3 bit information. Thus,

H (Y) = H (X) = 3

bit/symbol. In practical transmission, due to transmission, interference and other factors, bite error rate will be introduced, leading to the existence of transfer entropy

H (Y | X)

. The randomness of

H (Y | X)

is mainly related to bite error rate. Hence, the capacity of the main channel

χ_{1} (P, Υ)

is determined by the bit error rate between classical information Alice and Bob [14],

(15)

\begin{array}{l} χ_{1} (P, Υ) = H (Y) - H (Y | X) = 3 - h_{8} (e), \end{array}

where

e

is the bite error rate distribution of the main channel which can be obtained through the decoding process. The lower bound of the secrecy capacity of the two-step protocol is [14]

(16)

\begin{aligned} C_{s} & = χ_{1} (P, Υ) - χ_{2} (P, Υ) \\ \geq [3 - h_{8} (e)] - [h (ϵ_{x}) + h (ϵ_{z})] . \end{aligned}

Considering the block reception rate of Bob

Q_{B}

and Eve

Q_{E}

that represent the receiving capability of Bob and Eve channels. The lower channel capacity bound of

C_{s}

is given by [14]

(17)

\begin{array}{l} C_{s} \geq Q_{B} [3 - h_{8} (e)] - Q_{E} [h (ϵ_{x}) + h (ϵ_{z})] . \end{array}

Fig.4 shows the channel capacity of the proposed QSDC protocol. Fig.4 depicts the extreme adverse condition where the two particles lose their entanglement completely.

ψ_{θ_{i}}^{-}

cannot improve the security of the protocol, and the

C_{s}

of the two protocols are all negative. Therefore, the transfer process is unsafe. In Fig.4, when entanglement between the two particles exists but is not strong, two

C_{s}

are still positive, but compared with Fig.4, they decrease. Fig.4 describes when a channel is almost perfect and entanglement of the two particles is intact,

C_{s}

in the original two-step QSDC protocol and the new protocol are all positive, thus, the transfer process under coherent attack is secure. Besides, the blue solid line is always lower than the blue dotted line, which means the upper bound Eve can steal reduces, so that the amount of effective information between legitimate parties increases.

Fig.4 The relation of channel capacity and the value of $S_{C H S H}$ . In (a), based on the starting positions on the left, the lines from top to bottom are the capacity of the wiretap channel without intermediate-basis EPR pairs, the capacity of the wiretap channel with intermediate-basis EPR pairs, the capacity of the main channel, the capacity of the secrecy channel with intermediate-basis EPR pairs, and the capacity of the secrecy channel without intermediate-basis EPR pairs. In (b) and (c), based on the starting positions on the left, the lines from top to bottom are the capacity of the main channel, the capacity of the wiretap channel without intermediate-basis EPR pairs, the capacity of the wiretap channel with intermediate-basis EPR pairs, the capacity of the secrecy channel with intermediate-basis EPR pairs, and the capacity of the secrecy channel without intermediate-basis EPR pairs. Simulation parameters: reception rates $Q_{B}$ and $Q_{E}$ are all set to 1.

Full size|PPT slide

3.2 Security analysis under an optional eavesdropping strategy

Now consider a more powerful strategy that Eve can employ a higher dimension ancilla system since the Stinespring dilation theorem [42] allows Eve to resort to a four-dimensional system or two qubits to carry out an attack in order to obtain a higher probability of guessing right. The attack process can be reexpressed as

(18)

\begin{array}{l} U_{B E} | a ⟩ | E^{'} ⟩ = | a ⟩ | F_{a} ⟩ + | a^{⊥} ⟩ | D_{a} ⟩, \end{array}

where

| α ⟩ \in {| 0 ⟩, | 1 ⟩, | + ⟩, | - ⟩}

and

⟨ α | α^{⊥} ⟩ = 0

| E^{'} ⟩

is a higher-dimensional ancilla system,

| F_{α} ⟩

and

| D_{α} ⟩

are Eve’s state after the interaction under guessing right or wrong, respectively.

For the proposed protocol, the optional unitary interactions are [32]

(19)

\begin{aligned} U | 0 ⟩ | E^{'} ⟩ = | 0 ⟩ | F_{0} ⟩ + | 1 ⟩ | D_{0} ⟩, \\ U | 1 ⟩ | E^{'} ⟩ = | 1 ⟩ | F_{1} ⟩ + | 0 ⟩ | D_{1} ⟩, \\ U | + ⟩ | E^{'} ⟩ = | + ⟩ | F_{+} ⟩ + | - ⟩ | D_{+} ⟩, \\ U | - ⟩ | E^{'} ⟩ = | - ⟩ | F_{-} ⟩ + | + ⟩ | D_{-} ⟩ . \\ U | θ_{i} ⟩ | E^{'} ⟩ = | θ_{i} ⟩ | F_{θ_{i}} ⟩ + | θ_{i}^{⊥} ⟩ | D_{θ_{i}} ⟩, \\ U | θ_{i}^{⊥} ⟩ | E^{'} ⟩ = | θ_{i}^{⊥} ⟩ | F_{θ_{i}^{⊥}} ⟩ + | θ_{i} ⟩ | D_{θ_{i}^{⊥}} ⟩, \end{aligned}

where

| F_{0, 1, +, -, θ_{i}, θ_{i}^{⊥}} ⟩

and

| D_{0, 1, +, -, θ_{i}, θ_{i}^{⊥}} ⟩

are Eve’s ancillary states after the interaction. And the relations between Eve’s states in the two bases are

(20)

\begin{aligned} 2 | F_{\pm} ⟩ = | F_{0} ⟩ + | F_{1} ⟩ \pm | D_{0} ⟩ \pm | D_{1} ⟩, \\ 2 | D_{\pm} ⟩ = | F_{0} ⟩ - | F_{1} ⟩ \mp | D_{0} ⟩ \pm | D_{1} ⟩ . \end{aligned}

Assuming that the unitary

U_{B E}

is such that Eve’s un-normalized states are orthogonal of the following form (in Eve’s two-qubit computational basis),

(21)

\begin{aligned} | F_{0} ⟩ = {(\sqrt{F}, 0, 0, 0)}^{T}, \\ | F_{1} ⟩ = {(\sqrt{F} c o s x, 0, 0, \sqrt{F} s i n x)}^{T}, \\ | D_{0} ⟩ = {(0, \sqrt{D}, 0, 0)}^{T}, \\ | D_{1} ⟩ = {(0, \sqrt{D} c o s y, \sqrt{D} s i n y, 0)}^{T}, \end{aligned}

where

(22)

\begin{array}{l} F = 1 - D, D = \frac{1 - c o s x}{2 - c o s x + c o s y}, \end{array}

and

x

y

are two arbitrary angles. Then according to the conditional total output state,

(23)

\begin{array}{l} ρ_{B E ∣_{α}} = U | α ⟩ ⟨ α | \otimes | E^{'} ⟩ ⟨ E^{'} | U^{†}, \end{array}

Bob’s conditional state is

(24)

\begin{aligned} ρ_{B ∣_{α}} & = T r_{E} (ρ_{B E ∣_{α}}) \\ = F^{- 1} ⟨ F_{α} ∣ ρ_{B E ∣_{α}} ∣ F_{α} ⟩ + D^{- 1} ⟨ D_{α} ∣ ρ_{B E ∣_{α}} ∣ D_{α} ⟩ \\ = F | α ⟩ ⟨ α | + D | α^{⊥} ⟩ ⟨ α^{⊥} |, \end{aligned}

while Eve’s conditional output state is

(25)

\begin{array}{l} ρ_{E ∣_{α}} = | F_{α} ⟩ ⟨ F_{α} | + | D_{α} ⟩ ⟨ D_{α} | . \end{array}

In this way, Eve has a higher probability of correct guessing at the same QBER, as shown in Fig.5.

Fig.5 Eve’s attack capability with different auxiliary systems.

Full size|PPT slide

Once again, according to the Wiretap channel model [36], the channel capacity of the QSDC protocol under a higher-dimensional attack is shown in Fig.6. It can be seen that the preservation of entanglement is still the premise of protocol security. Although the

C_{s}

in Fig.6 and (c) are all positive, the channel capacity under higher-dimensional attack is much lower compared with that in Fig.4 and (c). Fortunately, the intermediate-basis EPR pairs play a positive role in dealing with these two attacks, and both reduce the amount of information obtained by Eve.

Fig.6 The relation of channel capacity and the value of $S_{C H S H}$ . In (a), the lines from top to bottom are the capacity of the wiretap channel without intermediate-basis EPR pairs, the capacity of the wiretap channel with intermediate-basis EPR pairs, the capacity of the main channel, the capacity of the secrecy channel with intermediate-basis EPR pairs, and the capacity of the secrecy channel without intermediate-basis EPR pairs. In (b), the lines from top to bottom are the capacity of the wiretap channel without intermediate-basis EPR pairs, the capacity of the main channel, the capacity of the wiretap channel with intermediate-basis EPR pairs, the capacity of the secrecy channel with intermediate-basis EPR pairs, and the capacity of the secrecy channel without intermediate-basis EPR pairs. In (c), based on the starting positions on the left, the lines from top to bottom are the capacity of the main channel, the capacity of the secrecy channel with intermediate-basis EPR pairs, the capacity of the secrecy channel without intermediate-basis EPR pairs, the capacity of the wiretap channel without intermediate-basis EPR pairs, and the capacity of the wiretap channel with intermediate-basis EPR pairs. Simulation parameters: reception rates $Q_{B}$ and $Q_{E}$ are all set to 1.

Full size|PPT slide

4 Conclusion and discussion

We make a comparison of the original two-step protocol and the proposed protocol in Tab.2 from aspects of efficiency and safety analysis.

Tab.2 Comparison of the advantages and disadvantages of the new protocol and the original two-step protocol.

	The original two-step protocol	The proposed protocol
Probability of Eve guessing right	$\frac{1}{2}$	$\frac{1}{3}$
Upper bound of the amount of secret information stole by Eve	Higher	Lower
Necessary quantum resource	$\| ψ^{-} ⟩$	$\| ψ_{θ_{i}}^{-} ⟩$ , $\| ψ^{-} ⟩$
Encoding methods	4 kinds	8 kinds
Encoding efficiency	2 bit per operation	3 bit per operation

Due to the intermediate-bisis EPR pairs, the probability of Eve choosing the correct measurement basis reduces from

\frac{1}{2}

\frac{1}{3}

. Moreover, they not only enhance the security of particle transmission in the first step but also improve the transmission efficiency of information in the second step. In the security analysis of the new protocol, two attacks with different dimensions are considered. Under the premise of ensuring the security of the protocol, the amount of information obtained by Eve is lessened, hence, the amount of communication information between the legal parties is increased.

However, any quantum system inevitably interacts with the environment and thus results in decoherence. The effect of the noise should be carefully considered in order to estimate the success probability of the proposal. Therefore, the practical security of this protocol, including decoherence effect, active attack and passive attack of Eve will be studied by some exact and efficient quantum algorithms [43, 44]. The research on the practical security of the protocol will further optimize our protocol, which will be the focus of our future work. Therefore, the proposed protocol will further enrich the technology of QSDC and promote the implementation of a practical QSDC system.

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	P.W. Shor, Algorithms for quantum computation: Discrete logarithms and factoring, Proceedings of 35th Annual Symposium on Foundations of Computer Science, 1994, pp 124–134

[2]	R. L. Rivest , A. Shamir , L. Adleman . A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM, 1978, 21(2): 120 CrossRef ADS Google scholar

[3]	C. H. Bennett , G. Brassard . Quantum cryptography: Public key distribution and coin tossing. Theor. Comput. Sci., 2014, 560: 7 CrossRef ADS Google scholar

[4]	S. Srikara , K. Thapliyal , A. Pathak . Continuous variable direct secure quantum communication using Gaussian states. Quantum Inform. Process., 2020, 19(4): 132 CrossRef ADS Google scholar

[5]	D. Bouwmeester , J. W. Pan , K. Mattle , M. Eibl , H. Weinfurter , A. Zeilinger . Experimental quantum teleportation. Nature, 1997, 390(6660): 575 CrossRef ADS Google scholar

[6]	G. L. Long , X. S. Liu . Theoretically efficient high-capacity quantum-key distribution scheme. Phys. Rev. A, 2002, 65(3): 032302 CrossRef ADS Google scholar

[7]	Y. C. Zhang , Z. Chen , S. Pirandola , X. Wang , C. Zhou , B. Chu , Y. Zhao , B. Xu , S. Yu , H. Guo . Long-distance continuous-variable quantum key distribution over 202.81 km fiber. Phys. Rev. Lett., 2020, 125(1): 010502 CrossRef ADS Google scholar

[8]	M. Lucamarini , Z. L. Yuan , J. F. Dynes , A. J. Shields . Overcoming the rate-distance limit of quantum key distribution without quantum repeaters. Nature, 2018, 557(7705): 400 CrossRef ADS Google scholar

[9]	A. Furusawa , J. L. Srensen , S. L. Braunstein , C. A. Fuchs , H. J. Kimble , E. S. Polzik . Unconditional quantum teleportation between distant solid-state quantum bits. Science, 1998, 345(6196): 532

[10]	S. Pirandola , J. Eisert , C. Weedbrook , A. Furusawa , S. L. Braunstein . Advances in quantum teleportation. Nat. Photonics, 2015, 9(10): 641 CrossRef ADS Google scholar

[11]	P. Zawadzki . Advances in quantum secure direct communication. IET Quantum Commun., 2021, 2(2): 54 CrossRef ADS Google scholar

[12]	F. G. Deng , G. L. Long , X. S. Liu . Two-step quantum direct communication protocol using the Einstein−Podolsky−Rosen pair block. Phys. Rev. A, 2003, 68(4): 042317 CrossRef ADS Google scholar

[13]	F. G. Deng , G. L. Long . Secure direct communication with a quantum one-time pad. Phys. Rev. A, 2004, 69(5): 052319 CrossRef ADS Google scholar

[14]	J. Wu , Z. Lin , L. Yin , G. L. Long . Security of quantum secure direct communication based on Wyners wiretap channel theory. Quantum Eng., 2019, 1(4): e26 CrossRef ADS Google scholar

[15]	R. Qi , Z. Sun , Z. Lin , P. Niu , W. Hao , L. Song , Q. Huang , J. Gao , L. Yin , G. L. Long . Implementation and security analysis of practical quantum secure direct communication. Light Sci. Appl., 2019, 8(1): 22 CrossRef ADS Google scholar

[16]	Z. Ye , D. Pan , Z. Sun , C. Du , G. L. Long . Generic security analysis framework for quantum secure direct communication. Front. Phys., 2020, 16(2): 1

[17]	J. Y. Hu , B. Yu , M. Y. Jing , L. T. Xiao , S. T. Jia , G. Q. Qin , G. L. Long . Experimental quantum secure direct communication with single photons. Light Sci. Appl., 2016, 5(9): e16144 CrossRef ADS Google scholar

[18]	W. Zhang , D. S. Ding , Y. B. Sheng , L. Zhou , B. S. Shi , G. C. Guo . Quantum secure direct communication with quantum memory. Phys. Rev. Lett., 2017, 118(22): 220501 CrossRef ADS Google scholar

[19]	F. Zhu , W. Zhang , Y. B. Sheng , Y. D. Huang . Experimental long-distance quantum secure direct communication. Sci. Bull. (Beijing), 2017, 62(22): 1519 CrossRef ADS Google scholar

[20]	Z.SunR.QiZ.LinL.YinG.LongJ.Lu, Design and implementation of a practical quantum secure direct communication system, 2018 IEEE Globecom Workshops (GC Wkshps), 18472318 (2018)

[21]	Z. R. Zhou , Y. B. Sheng , P. H. Niu , L. Yin , G. L. Long , L. Hanzo . Measurement-device-independent quantum secure direct communication. Sci. China Phys. Mech. Astron., 2020, 63(3): 230362 CrossRef ADS Google scholar

[22]	T. Li , Z. K. Gao , Z. H. Li . Measurement-device–independent quantum secure direct communication: Direct quantum communication with imperfect measurement device and untrusted operator. Europhys. Lett., 2020, 131(6): 60001 CrossRef ADS Google scholar

[23]	P. H. Niu , J. W. Wu , L. G. Yin , G. L. Long . Security analysis of measurement-device-independent quantum secure direct communication. Quantum Inform. Process., 2020, 19(10): 356 CrossRef ADS Google scholar

[24]	Z. Gao , M. Ma , T. Liu , J. Long , T. Li , Z. Li . Free-space quantum secure direct communication based on decoherence-free space. J. Opt. Soc. Am. B, 2020, 37(10): 3028 CrossRef ADS Google scholar

[25]	D. Pan , Z. Lin , J. Wu , H. Zhang , Z. Sun , D. Ruan , L. Yin , G. L. Long . Experimental free-space quantum secure direct communication and its security analysis. Photon. Res., 2020, 8(9): 1522 CrossRef ADS Google scholar

[26]	X. F. Zou , D. W. Qiu . Three-step semiquantum secure direct communication protocol. Sci. China Phys. Mech. Astron., 2014, 57(9): 1696 CrossRef ADS Google scholar

[27]	Z. Rong , D. Qiu , P. Mateus , X. F. Zou . Mediated semi-quantum secure direct communication. Quantum Inform. Process., 2021, 20(2): 58 CrossRef ADS Google scholar

[28]	Z. Rong , D. Qiu , X. Zou . Two single-state semi-quantum secure direct communication protocols based on single photons. Int. J. Mod. Phys. B, 2020, 34(11): 2050106 CrossRef ADS Google scholar

[29]	Z. Rong , D. Qiu , X. Zou . Semi-quantum secure direct communication using entanglement. Int. J. Theor. Phys., 2020, 59(6): 1807 CrossRef ADS Google scholar

[30]	G. Chai , Z. W. Cao , W. Q. Liu , M. H. Zhang , K. X. Liang , J. Y. Peng . Novel continuous-variable quantum secure direct communication and its security analysis. Laser Phys. Lett., 2019, 16(9): 095207 CrossRef ADS Google scholar

[31]	Z. W. Cao , L. Wang , K. X. Liang , G. Chai , J. Y. Peng . Continuous-variable quantum secure direct communication based on Gaussian mapping. Phys. Rev. Appl., 2021, 16(2): 024012 CrossRef ADS Google scholar

[32]

S. Pirandola , U. L. Andersen , L. Banchi , M. Berta , D. Bunandar , R. Colbeck , D. Englund , T. Gehring , C. Lupo , C. Ottaviani , J. L. Pereira , M. Razavi , J. Shamsul Shaari , M. Tomamichel , V. C. Usenko , G. Vallone , P. Villoresi , P. Wallden . Advances in quantum cryptography. Adv. Opt. Photonics, 2020, 12(4): 1012

CrossRef ADS Google scholar

[33]	A. K. Ekert . Quantum cryptography based on Bell’s theorem. Phys. Rev. Lett., 1991, 67(6): 661 CrossRef ADS Google scholar

[34]	D. Collins , N. Gisin . A relevant two qubit Bell inequality inequivalent to the CHSH inequality. J. Phys. Math. Gen., 2004, 37(5): 1775 CrossRef ADS Google scholar

[35]	A. Khrennikov . CHSH inequality: Quantum probabilities as classical conditional probabilities. Found. Phys., 2015, 45(7): 711 CrossRef ADS Google scholar

[36]	S. Leung-Yan-Cheong , M. Hellman . The Gaussian wire-tap channel. IEEE Trans. Inf. Theory, 1978, 24(4): 451 CrossRef ADS Google scholar

[37]	N. Cai , A. Winter , R. W. Yeung . Quantum privacy and quantum wiretap channels. Probl. Inf. Transm., 2004, 40(4): 318 CrossRef ADS Google scholar

[38]	I. Devetak . The private classical capacity and quantum capacity of a quantum channel. IEEE Trans. Inf. Theory, 2005, 51(1): 44 CrossRef ADS Google scholar

[39]	M. Hayashi . Quantum wiretap channel with non-uniform random number and its exponent and equivocation rate of leaked information. IEEE Trans. Inf. Theory, 2015, 61(10): 5595 CrossRef ADS Google scholar

[40]	A. Winter . Coding theorem and strong converse for quantum channels. IEEE Trans. Inf. Theory, 1999, 45(7): 2481 CrossRef ADS Google scholar

[41]	L. Zhou , Y. B. Sheng , G. L. Long . Device-independent quantum secure direct communication against collective attacks. Sci. Bull. (Beijing), 2020, 65(1): 12 CrossRef ADS Google scholar

[42]	D. Kretschmann , D. Schlingemann , R. F. Werner . A continuity theorem for stinesprings dilation. J. Funct. Anal., 2008, 255(8): 1889 CrossRef ADS Google scholar

[43]	B. X. Wang , M. J. Tao , Q. Ai , T. Xin , N. Lambert , D. Ruan , Y. C. Cheng , F. Nori , F. G. Deng , G. L. Long . Efficient quantum simulation of photosynthetic light harvesting. npj Quantum Inform., 2018, 4(1): 52 CrossRef ADS Google scholar

[44]	X. Y. Chen , N. N. Zhang , W. T. He , X. Y. Kong , M. J. Tao , F. G , Deng Ai , Q. L. Long . Global correlation and local information flows in controllable non-Markovian open quantum dynamics. npj Quantum Inform., 2022, 8(1): 22 CrossRef ADS Google scholar

Acknowledgements

This work was supported by the National Natural Science Foundation of China (Grant No. 62071381), Shaanxi Provincial Key R&D Program General Project (Grant No. 2022GY-023), ISN 23rd Open Project (Grant No. ISN23-06) of the State Key Laboratory of Integrated Services Networks (Xidian University), and Qinchuangyuan “Scientist + Engineer” Team Construction Project of Shaanxi Province of China (Grant No. 2022KXJ-009).