Private quantum channels
Proceedings 41st Annual Symposium on Foundations of Computer Science
We investigate how a classical private key can be used by two players, connected by an insecure one-way quantum channel, to perform private communication of quantum information. In particular we show that in order to transmit n qubits privately, 2n bits of shared private key are necessary and sufficient. This result may be viewed as the quantum analogue of the classical one-time pad encryption scheme. Introduction Secure transmission of classical information is a well studied topic. Suppose
... topic. Suppose Alice wants to send an n-bit message M to Bob over an insecure (i.e. spied-on) channel, in such a way that the eavesdropper Eve cannot obtain any information about M from tapping the channel. If Alice and Bob share some secret n-bit key K, then here is a simple way for them to achieve their goal: Alice exclusive-ors M with K and sends the result M 0 = M K over the channel, Bob then xors M 0 again with K and obtains the original message M 0 K = M. Eve may see the encoded message M 0 , but if she does not know K then this will give her no information about the real message M, since for any message M there is a key K 0 giving rise to the same encoding M 0 . This scheme is known as the Vernam cipher or onetime pad ("one-time" because K can be used only once if we want information-theoretic security). It shows that n bits of shared secret key are sufficient to securely transmit n bits of information. Shannon [7, 8] has shown that this scheme is optimal: n bits of shared key are also necessary in order to transmit an n-bit message in an information-theoretically secure way.