Abstract:
The classical one-time pad suffers from one undesirable property -
negation of a particular ciphertext bit induces negation of the
corresponding plaintext bit regardless of the key. In this way the
adversary can modify the plaintext in a predictable way, although he is
not able to learn anything about the plaintext or the key. The same
applies for the Pauli private quantum channel (quantum one-time pad),
where the adversary can apply any Pauli operator to the plaintext qubit
due to the mutuall (anti-)commutation of Pauli operators.
We show that this property is not necessary in case of a general private
quantum channel, specify quantum operations adversary can always
implement on the plaintext (depolarizing channels) and show how to
construct private quantum channels that prevent adversary from
implementing other quantum operations. We call such a channel tamper
resistant. We show that any unitary 2-desing is a tamper resistant
private quantum channel and any private quantum channel with equal
plaintext and ciphertext dimension is a unitary 2-design. This gives us
directly lower bound on the key length as well as constructions of both
exact and approximate tamper resistant private quantum channels.
(PLEASE NOTE NON-STANDARD PLACE)