On the robustness of information-theoretic authentication in quantum cryptography

Abstract

In addition to the quantum channel, an auxiliary classical authentic communication channel is required for quantum key distribution. To provide unconditional security in quantum cryptography, which based on the fundamental laws of quantum mechanics, information-theoretic authentication is required, and not authentication based on computational complexity. The paper provides a security proof of information-theoretic authentication in quantum cryptography using ɛ-ASU2 hash functions. The internal structure of ɛ-ASU2 hash functions is not used in the proof, so these hash functions can be implemented by a different composition of other hash functions, for example, including the composition ɛ-AXU2 functions with a reused key and subsequent encryption of the tag with a one-time pad key, which is taken from the previous session of quantum key distribution. It is also shown that information-theoretic authentication preserves composable security of the keys. This authentication method can also be used for key agrrement in in networks with trusted nodes (Molotkov 2022 Laser Phys. Lett. 19 045201–9; Arbekov and Molotkov 2020 Laser Phys. Lett. 17 055202–8) and with quantum key distribution.