Multi-party quantum private size comparison protocol with d-dimensional Bell states

Abstract

A feasible multi-party quantum private comparison (MQPC) protocol based on -dimensional Bell states was proposed. In the protocol, all participants can independently encrypt their privacies and send them to a semi-honest quantum third party (TP) through authenticated channels. Then, the TP can determine the size relationship among all participants’ privacies without gaining access to the private information. We verified correctness and effectiveness of the proposed protocol with some examples. In addition, compared with other similar protocols, it is not necessary to perform unitary operation on particles and only single-particle measurement is required. Furthermore, the relatively high qubit efficiency is promised. The security analysis verifies that the proposed protocol can counteract external and internal attacks in theory.

1 Introduction

Secure multi-party computation (SMC) was introduced by the famous Millionaires’ problem in 1982 [1], where two millionaires want to compare their wealth and learn who is wealthier without revealing their actual property. With the combination of quantum mechanics and information science, researchers have found that processing information using quantum systems has led to many striking results, such as teleportation of quantum states and quantum algorithms that are exponentially faster than their known classical counterpart. Therefore, the quantum version of SMC has once again set off a research boom. As a particular instance of quantum SMC (QSMC), quantum private comparison (QPC) has wide applications in private bidding and auctions, secret ballot elections, commercial business, identification.

Right after Yao’s millionaire problem, [2] designed an efficient and fair protocol to determine whether two millionaires are equal rich. However, as proved by [3], a quantum two-party secure computation is impossible. Therefore, a third party (e.g., a semi-honest third party) is often involved to help them achieve the task in a QSMC protocol. The semi-honest quantum third party (TP) will always follow the process of the protocol honestly. He will not prepare other types of particles (e.g., GHZ state, single photon) and conspire with any participants or outside eavesdroppers to steal the participants’ privacies. But the TP is curious to know the participants’ privacies, and try to extract their private information from he knows.

In 2009, the first QPC protocol was proposed by based on Bell states [4]. With decoy particle technology, one-way hash function and unitary operation, this protocol can compare the equality. In 2010, [5] devised a novel QPC protocol to compare the equality based on GHZ states, where the unitary operation is necessary. These early QPC protocols can only compare the equality. In 2011, a new QPC protocol was presented by [6] to compare the size relationship of privacies, where the information of size was encoded into the phase of GHZ state. In 2013, Lin et al. also designed a protocol to compare the size relationship based on the -dimensional Bell states [7]. However, the four QPC protocols mentioned above are only related to the comparison between two participants. These two-party protocols are by no means the end of the QPC research. In future secure quantum network communication, the MQPC protocol will play an important role.

Fortunately, in 2013, the first MQPC protocol was proposed based on GHZ states by [8]. Suppose there are ( ) participants, each of them has a privacy, then participants can determine whether their privacies are the same or not with the assistance of the TP. In 2014, Luo et al. devised a novel MQPC protocol based on -dimensional multi-particle entangled states [9]. In their protocol, ( ) participants’ privacies can be sorted by size with the help of the TP, and decoy particles were used to check eavesdropping. In the same year, [10] presented two MQPC protocols in distributed mode and traveling mode respectively based on multi-particle entangled states. With the assistance of the TP, the two protocols can also compare the equality of privacies for ( ) participants. Since then, various two-party [11–13] and multi-party QPC protocols have been proposed [14–17]. In 2018, Ye et al. proposed two novel multi-party quantum private comparison protocols for size relation comparison by using -level single-particle states. In 2021, Zhou et al. presented an efficient QPC protocol to compare the size relationship of privacies between two classical participants based on -dimensional Bell states. It should be noted that many previous protocols involved many kinds of operations, such as quantum measurement, unitary operation, and hash function. What’s more, some of them suffer from low qubit efficiency. Besides, only few MQPC protocols can compare the size relationship among the privacies.

To make the implementation of the protocol easier, a new MQPC protocol to compare the size relationship among many participants’ privacies is proposed. The -dimensional Bell states are taken as quantum resources and the TP is introduced to help participants to make private comparison. The rest of this paper is organized as follows: the proposed MQPC protocol based on the -dimensional Bell state is detailed in Section 2. The correctness and security are analyzed in Section 3, Section 4, respectively. The comparisons of the proposed protocol and the similar QPC protocols are made in Section 5. Finally, a short conclusion is given in Section 6.

2 The proposed MQPC protocol based on d-dimensional bell states

Assume there are participants (, , ..., ) and each participant possesses a -length privacy (if the numbers of some digits are less than , then sufficient 0s are added to their highest digit), where, , , and . In addition, there is a pre-shared key through a secure QKD protocol [18] among these participants denoted as , . Via the help of TP, they want to compare their privacies by size without revealing any private information. Next, the -dimensional Bell state will be reviewed first. Then, the detailed description of the proposed protocol will be given (Figure 1).

FIGURE 1

2.1 -dimensional bell state

Bell state, used to describe the four maximal entangled states in two-qubit system, is the most basic quantum entangled state. Compared with other quantum entangled states, Bell state is the easiest to prepare in experiment. Therefore, Bell state is widely used to design quantum cryptographic protocol. In a -dimensional Hilbert space, Bell state can be expressed as [19, 20]where ,, and denotes modulo addition. Two indistinguishable orthogonal bases Z-basis and X-basis in the -dimensional quantum system arewhere with represents quantum Fourier transform.

2.2 The proposed MQPC protocol

Step 1: According to Eq. 1, the TP randomly prepares -dimensional Bell states and they are

Based on these prepared Bell states in Eq. 3, he will record the of each state and prepare quantum sequences, namely and , which contain all the first and second particles of the EPR pairs, respectively. Each particle-sequence contains particles

To prevent eavesdropping, TP will prepare decoy particles randomly in or , and uniformly insert them into each sequence to form a new sequence . Then, sequence is sent to participant via a quantum channel, while all sequences are kept by the TP.

Step 2: After all the quantum sequences have been received by the corresponding participants, TP will announce the position and the measurement basis of each decoy particle in sequence . Then, each participant will check the security of the sequence received. Concretely, according to the announcement, each participant will use the right bases to measure these decoy particles and return the measurement results to TP. Then, the TP will verify these results and check whether eavesdroppers exist in the quantum channel. If the error rate is less than a predetermined threshold, the protocol will proceed to the next step; otherwise, the protocol will be terminated.

Step 3: After removing these decoy particles, each participant will measure the remaining particles with Z basis and record them as . Then, he (she) will compute ,

Then, Participant will obtain a sequence and send it to the TP via an authenticated channel.

Step 4: When confirming all sequences embedded privacy data have been received, TP will measure the particles in each sequence and record them as . Then, he will compute ,

Here, is the record value in Step 1 and denotes modulo subtraction.

3 Correctness analysis

3.1 Output correctness

The quantum resource used in the protocol is the -dimensional Bell state. According to the entanglement properties of Bell state, if one measures the particle with , the -dimensional Bell state will collapse into . Therefore, the measurement results and satisfy the relationship, such that

Therefore, based on Eqs 4, 5 and 6, the Eq. 9 can be deduced

From Eq. 10, one can see that the value of indicates the size relationship between and . Therefore, according to Eqs 7, 8 the TP can obtain the size relationship among the privacies.

3.2 Examples

Here, some examples are given for illustration the presented protocol without considering the eavesdropping checking. Let and their privacies are , , , , respectively. The pre-shared key among four participants is .

Step 1: TP randomly prepares 9-dimensional Bell states,

First, he records , , , according to Eq. 11. Then, he prepares a set of sequences and sends sequence to the corresponding participant via the quantum channel.

Step 2: Suppose that no eavesdropper is detected; then, move to Step 3.

Step 3: After removing these decoy particles, Participants , , and will measure the remaining particles with Z basis and record the measurement results. If their measurement results are , , , , then the TP’s measurement results in Step 5 can be determined according to the entanglement properties of Bell state and they are

Therefore, after all participants encode their privacies according to Eq. 4, Participants , , and will obtain , , ,, separately. Then, each participant will send the encoding information to TP via an authenticated channel.

Step 4: When confirming that the encoding information from all participants has been received, the TP will measure the particles in sequence . From Step 3, one can know that the TP’s measurement results must be determined as Eq. 12. Therefore, after TP computes , he will obtain , , , .

Step 5: TP will finish sorting the privacies by size as follows

Similar to Eq. 13, the TP can obtain , . Therefore, based on Eqs 7, 8, TP can deduce the comparison results as follows

Apparently, the size relationship that TP sorts without knowing participants’ privacies is consistent with the actual data ( ) given in Section 3.2. To further clarify this process, more examples are compiled in Table 1.

4 Security analysis

Assumed that the quantum and authentical channels are the ideal channels, that’s to say, there is no noise in the channel and the particles can be sent to the receivers. In this section, the security of the proposed protocol will be analyzed from both external and internal attack. It is shown that no private information has been leaked according to the security analysis.

4.1 External attack

Eve, an external attacker, may attempt to acquire information from the participants including TP. In Step 1, Sequence is sent to the corresponding participant via the quantum channel. Eve may steal some useful information from sequences with many kinds of attacks in this step. Obviously, the security of the protocol is guaranteed by inserting the decoy particles [21, 22]. Since Eve does not know the position and the measurement basis of each decoy particle, some well-known attacks, such as intercept-resend attack, measurement-resend attack, and entanglement-measure attack can be detected with the checking mechanism [4, 23, 24]. The decoy particle technology can be thought as a variant of the eavesdropping check method of the BB84 protocol [25] which has been proven to provide unconditionally security [26]. In Step 2, the encoding information is sent to the TP via the authenticated channels. The security in this step is promised. Therefore, an external attacker cannot learn any useful information about the privacies without being detected.

4.2 Internal attack

From Section 2.2, one can know that TP is both the sender of quantum information and the receiver of all encrypted information. Therefore, he can obtain more information than other attackers during the protocol execution. Significantly, due to TP semi-honesty, that the only thing he can do is try to extract the information from the received ciphertext . However, he is unable to learn any information about shared among these participants with a secure QKD protocol. Thus, the TP can’t obtain any useful private information from with the internal attack.

5 Discussion

In Table 2, the proposed protocol is compared with some other similar protocols with the following aspects: quantum resource used, category of QPC (size or equality), number of participants, number of TP, need for the authenticated classical channel, need for unitary operation, measurement involved, and qubit efficiency (Defined as , where is the total number of compared qubit while is the total number of qubits and classical bits used in this protocol).

In Ref. [27], we proposed a new QPC protocol to compare the size relationship of privacies between two participants. The quantum resources used in the protocol are -dimensional GHZ states. To calculate the qubit efficiency , we must count the number of bits consumed in the transmission of information. First, TP needs ( is the length of each privacy) qubits to prepare GHZ states. Second, the participants (Alice and Bob) use qubits to send information to the TP. is the total number of compared qubit. Hence, the qubit efficiency is . It is noted that the protocol can only make private comparison between two participants. In addition, both Bell measurement and single-particle measurement are needed.

In Ref. [28], the authors presented a new QPC protocol to compare the equality of privacies between two participants. The quantum resources used are GHZ states. First, the TP needs qubits to prepare four-particle GHZ states and decoy states. Second, Alice needs qubits to send information to Bob. Third, Alice and Bob need qubits to send information to the TP. In addition, the total number of compared qubit is . Hence, the qubit efficiency is . In the protocol, both Bell measurement and single-particle measurement are involved, and unitary operation is needed.

In Ref. [29], a novel MQPC protocol for comparing the size relationship among participants’ privacies was designed. The quantum resources used are -dimensional GHZ states. First, the TP needs qubits to prepare pairs of -particle -dimensional GHZ states and decoy states. Second, each participant needs qubits to sends information to the TP. Thus, . In addition, the total number of compared bits is . Hence, the qubit efficiency is . Although the authenticated channels are not necessary in advance, quantum unitary operations have to be performed in the protocol.

In Ref. [30], the authors proposed a new MQPC protocol to compare the size relationship among participants’ privacies. The quantum resources used are -particle GHZ states. First, the TP₁ needs qubits to prepare -particle GHZ states and decoy states. It is note that TP₁ sends the information of the initial GHZ states to TP₂ using quantum secure direct communication protocol. Second, each participant needs classical bits to send information to TP₁ and TP₂ via the authenticated channels. The total number of compared qubit is . Hence, the qubit efficiency is . In addition to the classic authentication channels, two TPs are required in the protocol.

In our protocol, a new MQPC protocol to compare the size relationship among participants’ privacies was proposed. The quantum resources used are -dimensional Bell states. First, the TP₁ needs qubits to prepare -dimensional Bell states and decoy particles. Second, each participants need classical bits to send information to the TP via the authenticated classical channel. The total number of compared qubit is . Hence, the qubit efficiency is .

From Table 2, one can see that, like the protocols in [27, 29], our protocol can compare the size relationship among privacies, while in [28, 30] they can only compare the equality. When it comes to the MQPC, Refs. [27, 28] are useless. Compared with these protocols listed in Table 2, the unitary operation is not necessary, and only single-particle measurement is required in our protocol. Additionally, our protocol ensures the highest qubit efficiency only with the help of one TP. Table 2 clearly shows that the performance of the proposed protocol is better than these similar QPC protocols. However, it has to be said that the high dimensional quantum state is not easy to obtain experimentally at present. Therefore, we still need to work harder to realize the protocol based on the high dimensional quantum state in experiment.

6 Conclusion

Based on the -dimensional Bell states, a novel MQPC protocol is presented. With the help of a semi-honest quantum TP, our protocol can determine the size relationship among participants’ privacies without any information leakage. Since the quantum measurement and unitary operation aren’t required, it is easier to implement the proposed protocol. Furthermore, compared with the similar protocols, the qubit efficiency is increased. Decoy particles promise the security of the proposed protocol. Although it will take many efforts to move the theoretical research towards social practices, we will be very happy if this work plays a little facilitating role in further research of QSMC.

References

• 1.

  YaoAC. Protocols for secure computations. In: Proceedings of 23rd IEEE Symposium on Foundations of Computer Science (SFCS’08); 03-05 November 1982. Washington, DC, USA: IEEE (1982). p. 160–4. 10.1109/SFCS.1982.38

  • CrossRef
  • Google Scholar

• 2.

  BoudotFSchoenmakersBTraoreJ. A fair and efficient solution to the socialist millionaires’ problem. Discrete Appl Math (2001) 111:23–36. 10.1016/s0166-218x(00)00342-5

  • CrossRef
  • Google Scholar

• 3.

  LoHK. Insecurity of quantum secure computations. Phys Rev A (Coll Park) (1997) 56:1154–62. 10.1103/physreva.56.1154

  • CrossRef
  • Google Scholar

• 4.

  YangYGWenQY. An efficient two-party quantum private comparison protocol with decoy photons and two-photon entanglement. J Phys A: Math Theor (2009) 42:055305. 10.1088/1751-8113/42/5/055305

  • CrossRef
  • Google Scholar

• 5.

  ChenXBXuGNiuXXWenQYYangYX. An efficient protocol for the private comparison of equal information based on the triplet entangled state and single-particle measurement. Opt Commun (2010) 283:1561–5. 10.1016/j.optcom.2009.11.085

  • CrossRef
  • Google Scholar

• 6.

  JiaHYWenQYSongTTGaoF. Quantum protocol for millionaire problem. Opt Commun (2011) 284:545–9. 10.1016/j.optcom.2010.09.005

  • CrossRef
  • Google Scholar

• 7.

  LinSSunYLiuXFYaoZQ. Quantum private comparison protocol with d-dimensional Bell states. Quan Inf Process (2013) 12:559–68. 10.1007/s11128-012-0395-6

  • CrossRef
  • Google Scholar

• 8.

  ChangYJTsaiCWHwangT. Multi-user private comparison protocol using GHZ class states. Quan Inf Process (2013) 12:1077–88. 10.1007/s11128-012-0454-z

  • CrossRef
  • Google Scholar

• 9.

  LuoQBYangGWSheKNiuWNWangYQ. Multi-party quantum private comparison protocol based on $$d$$ d -dimensional entangled states. Quan Inf Process (2014) 13:2343–52. 10.1007/s11128-014-0805-z

  • CrossRef
  • Google Scholar

• 10.

  WangQLSunHXHuangW. Multi-party quantum private comparison protocol with $$n$$ n -level entangled states. Quan Inf Process (2014) 13:2375–89. 10.1007/s11128-014-0774-2

  • CrossRef
  • Google Scholar

• 11.

  ZhangBLiuXTWangJWangJTangCJ. Cryptanalysis and improvement of quantum private comparison of equality protocol without a third party. Quan Inf Process (2015) 14:4593–600. 10.1007/s11128-015-1145-3

  • CrossRef
  • Google Scholar

• 12.

  JiZXZhangHGFanPR. Two-party quantum private comparison protocol with maximally entangled seven-qubit state. Mod Phys Lett A (2019) 34:1950229. 10.1142/s0217732319502298

  • CrossRef
  • Google Scholar

• 13.

  ZhouNRXuQDDuNSGongLH. Semi-quantum private comparison protocol of size relation with d-dimensional Bell states. Quan Inf Process (2021) 20:124. 10.1007/s11128-021-03056-6

  • CrossRef
  • Google Scholar

• 14.

  LiuWWangYBWangXM. Quantum multi-party private comparison protocol using d-dimensional bell states-dimensional bell states. Int J Theor Phys (Dordr) (2015) 54:1830–9. 10.1007/s10773-014-2388-y

  • CrossRef
  • Google Scholar

• 15.

  YeCQYeTY. Multi-party quantum private comparison of size relation with d-level single-particle states-level single-particle states. Quan Inf Process (2018) 17:252. 10.1007/s11128-018-2021-8

  • CrossRef
  • Google Scholar

• 16.

  CaoHMaWPLüLDHeYFLiuG. Multi-party quantum privacy comparison of size based on d-level GHZ states. Quan Inf Process (2019) 18:287. 10.1007/s11128-019-2401-8

  • CrossRef
  • Google Scholar

• 17.

  YeTYHuJL. Multi-party quantum private comparison based on entanglement swapping of bell entangled states within d-level quantum system. Int J Theor Phys (Dordr) (2021) 60(4):1471–80. 10.1007/s10773-021-04771-7

  • CrossRef
  • Google Scholar

• 18.

  DanielBSConstantinBPatrickJCNorbertLRyanMCJunjiUet alSelf-referenced continuous-variable quantum key distribution protocol. Phys Rev X (2015) 5:041010. 10.1103/physrevx.5.041010

  • CrossRef
  • Google Scholar

• 19.

  LiuXSLongGLTongDMLiF. General scheme for super dense coding between multi-parties. Phys Rev A (Coll Park) (2002) 65:022304. 10.1103/physreva.65.022304

  • CrossRef
  • Google Scholar

• 20.

  LiuZHChenHWXuJLiuWJLiZQ. High-dimensional deterministic multiparty quantum secret sharing without unitary operations. Quan Inf Process (2013) 11:1785–95. 10.1007/s11128-011-0333-z

  • CrossRef
  • Google Scholar

• 21.

  LoHKMaXChenK. Decoy state quantum key distribution. Phys Rev Lett (2005) 94:230504. 10.1103/PhysRevLett.94.230504

  • CrossRef
  • Google Scholar

• 22.

  WangXB. Beating the photon-number-splitting attack in practical quantum cryptography. Phys Rev Lett (2005) 94:230503. 10.1103/PhysRevLett.94.230503

  • CrossRef
  • Google Scholar

• 23.

  DengFGLiXHZhouHY. Efficient high-capacity quantum secret sharing with two-photon entanglement. Phys Lett A (2008) 372(12):1957–62. 10.1016/j.physleta.2007.10.066

  • CrossRef
  • Google Scholar

• 24.

  DengFGLongGLLiuXS. Two-step quantum direct communication protocol using the Einstein-Podolsky-Rosen pair block. Phys Rev A (Coll Park) (2003) 68(4):042317. 10.1103/physreva.68.042317

  • CrossRef
  • Google Scholar

• 25.

  BennettCHBrassardG. Quantum cryptography: Public-key distribution and coin tossing. In: Proceedings of the IEEE International Conference on Computers, Systems and Signal Processing; 14-16 Nov. 2005. Bangalore. India: IEEE Press (1984). p. 175–9.

  • Google Scholar

• 26.

  ShorPWPreskillJ. Simple proof of security of the BB84 quantum key distribution protocol. Phys Rev Lett (2000) 85(2):441–4. 10.1103/physrevlett.85.441

  • CrossRef
  • Google Scholar

• 27.

  WangBLiuSQGongLH. Semi-quantum private comparison protocol of size relation with d-dimensional GHZ states. Chin Phys B (2022) 31:010302. 10.1088/1674-1056/ac1413

  • CrossRef
  • Google Scholar

• 28.

  XuQDChenHYGongLHZhouNR. Quantum private comparison protocol based on four-particle GHZ states. Int J Theor Phys (Dordr) (2020) 59:1798–806. 10.1007/s10773-020-04446-9

  • CrossRef
  • Google Scholar

• 29.

  HuangSLHwangTGopeP. Multi-party quantum private comparison with an almost-dishonest third party. Quan Inf Process (2015) 14:4225–35. 10.1007/s11128-015-1104-z

  • CrossRef
  • Google Scholar

• 30.

  HungSMHuangSLHwangTKaoSH. Multiparty quantum private comparison with almost dishonest third parties for strangers. Quan Inf Process (2017) 16:36. 10.1007/s11128-016-1498-2

  • CrossRef
  • Google Scholar