dorsal/arxiv
View SchemaOn the Key-Uncertainty of Quantum Ciphers and the Computational Security of One-way Quantum Transmission
| Authors | Ivan Damgaard, Thomas Pedersen, Louis Salvail |
|---|---|
| Categories | |
| ArXiv ID | quant-ph/0407066 |
| URL | https://arxiv.org/abs/quant-ph/0407066 |
Abstract
We consider the scenario where Alice wants to send a secret (classical) $n$-bit message to Bob using a classical key, and where only one-way transmission from Alice to Bob is possible. In this case, quantum communication cannot help to obtain perfect secrecy with key length smaller then $n$. We study the question of whether there might still be fundamental differences between the case where quantum as opposed to classical communication is used. In this direction, we show that there exist ciphers with perfect security producing quantum ciphertext where, even if an adversary knows the plaintext and applies an optimal measurement on the ciphertext, his Shannon uncertainty about the key used is almost maximal. This is in contrast to the classical case where the adversary always learns $n$ bits of information on the key in a known plaintext attack. We also show that there is a limit to how different the classical and quantum cases can be: the most probable key, given matching plain- and ciphertexts, has the same probability in both the quantum and the classical cases. We suggest an application of our results in the case where only a short secret key is available and the message is much longer.
{
"annotation_id": "71e6421d-0b26-465c-9f4e-0b41646ff242",
"date_created": "2026-03-02T18:02:10.285000Z",
"date_modified": "2026-03-02T18:02:10.285000Z",
"file_hash": "09ea39e5e73ef9f6c6490e9fe5d747c1b8400daf38bc0bc43d927d3b187f2fbd",
"private": false,
"record": {
"abstract": "We consider the scenario where Alice wants to send a secret (classical)\n$n$-bit message to Bob using a classical key, and where only one-way\ntransmission from Alice to Bob is possible. In this case, quantum communication\ncannot help to obtain perfect secrecy with key length smaller then $n$. We\nstudy the question of whether there might still be fundamental differences\nbetween the case where quantum as opposed to classical communication is used.\nIn this direction, we show that there exist ciphers with perfect security\nproducing quantum ciphertext where, even if an adversary knows the plaintext\nand applies an optimal measurement on the ciphertext, his Shannon uncertainty\nabout the key used is almost maximal. This is in contrast to the classical case\nwhere the adversary always learns $n$ bits of information on the key in a known\nplaintext attack. We also show that there is a limit to how different the\nclassical and quantum cases can be: the most probable key, given matching\nplain- and ciphertexts, has the same probability in both the quantum and the\nclassical cases. We suggest an application of our results in the case where\nonly a short secret key is available and the message is much longer.",
"arxiv_id": "quant-ph/0407066",
"authors": [
"Ivan Damgaard",
"Thomas Pedersen",
"Louis Salvail"
],
"categories": [
"quant-ph"
],
"title": "On the Key-Uncertainty of Quantum Ciphers and the Computational Security of One-way Quantum Transmission",
"url": "https://arxiv.org/abs/quant-ph/0407066"
},
"schema_id": "dorsal/arxiv",
"source": {
"execution_id": "038a948c-e73b-4cde-9a78-3831521d8a5c",
"id": "arXiv Dataset IDs",
"type": "Model",
"variant": "snapshot-2026-03-01",
"version": "0.1.0"
},
"user_id": 1000002
}