Abstract:

The classical one-time pad suffers from one undesirable property - negation of a particular ciphertext bit induces negation of the corresponding plaintext bit regardless of the key.  In this way the adversary can modify the plaintext in a predictable way, although he is not able to learn anything about the plaintext or the key.  The same applies for the Pauli private quantum channel (quantum one-time pad), where the adversary can apply any Pauli operator to the plaintext qubit due to the mutuall (anti-)commutation of Pauli operators.

We show that this property is not necessary in case of a general private quantum channel, specify quantum operations adversary can always implement on the plaintext (depolarizing channels) and show how to construct private quantum channels that prevent adversary from implementing other quantum operations.  We call such a channel tamper resistant.  We show that any unitary 2-desing is a tamper resistant private quantum channel and any private quantum channel with equal plaintext and ciphertext dimension is a unitary 2-design.  This gives us directly lower bound on the key length as well as constructions of both exact and approximate tamper resistant private quantum channels.

(PLEASE NOTE NON-STANDARD PLACE)