# Quantum Secret Aggregation Utilizing a Network of Agents

^{*}

^{†}

## Abstract

**:**

## 1. Introduction

**Example**

**1**

**.**This example serves as a simple metaphor for elaborate real-life situations, where digitized visual, acoustic, or similar types of information, must be combined in order to reveal the complete picture. Note that each piece of information by itself is incomplete. The proposed protocol can produce the whole picture as fast as possible.

**Example**

**2**

**.**This example should also be seen as a metaphor for special instances of voting procedures.

**Contribution**. This paper poses and solves a novel, to the best of our knowledge, problem in the general context of quantum cryptographic protocols. We refer to it as the quantum secret aggregation problem because it involves aggregating many small secrets in order to reveal a bigger secret. The underlying setting visualizes a completely distributed network of agents, each in possession of a small secret. These secrets contain incomplete information by themselves, and only by combining them together can the bigger secret be revealed. Therefore, the agents have to send their partial secrets to the spatially separated Alice, which is our famous spymaster. The operation must be completed in the most secure way possible, as there are eavesdroppers eager to intercept their communications and steal the big secret. To address this problem, we present the quantum secret aggregation protocol as a game. The solution outlined is completely general, as the number of players can be scaled arbitrarily as needed and all n players are assumed to reside in different positions in space. Obviously, the solution still holds, even if a subset of the players are located in the same place. Security is enforced because of the integral role of entanglement in the protocol. The use of maximally entangled GHZ tuples shared among Alice and all her spies not only makes possible the secure transmission of the small partial secrets from the agents to Alice, but also guarantees the security of the protocol by making it statistically improbable for the notorious eavesdropper Eve to obtain the big secret.

**Organization**. The structure of this paper is the following. Section 1 provides an introduction to the subject along with some relevant references. Section 2 is a brief exposition on GHZ states and the phenomenon of entanglement. Section 3 rigorously defines the problem at hand, while Section 4 explains in detail the quantum secret aggregation protocol. Section 5 presents a small example of the protocol executed using Qiskit. Section 6 is devoted to the security analysis on a number of possible attacks from Eve, and, finally, Section 7 contains a summary and a brief discussion on some of the finer points of this protocol.

## 2. A Brief Reminder about GHZ States

## 3. The Problem of Quantum Secret Aggregation

**Definition**

**1**

**.**Let us assume that the following hold.

- (
**A**_{1}) - There are $n-1$ spatially separated agents Agent
_{0}, …, Agent${}_{n-2}$. The number of agents is totally arbitrary, i.e., it may be odd or even. Each agent possesses of a partial secret key ${\mathbf{p}}_{i},\phantom{\rule{4pt}{0ex}}0\le i\le n-2$. - (
**A**_{2}) - Every partial secret key is unique and is known only to the corresponding agent. Furthermore, there is no information redundancy among the partial secret keys, i.e., no one can be inferred from the rest.
- (
**A**_{3}) - The partial secret keys are, in general of different length. This means that, denoting by $|{\mathbf{p}}_{i}|$ the length of ${\mathbf{p}}_{i}$, in general, it holds that $|{\mathbf{p}}_{i}|\ne |{\mathbf{p}}_{j}|,\phantom{\rule{4pt}{0ex}}0\le i\ne j\le n-2$.
- (
**A**_{4}) - The agents want to securely send their secret key to the spymaster Alice, who is also in an entirely different location.
- (
**A**_{5}) - Alice wants to discover the complete secret key, denoted by $\mathbf{s}$. This can only be done by combining all the partial secret keys ${\mathbf{p}}_{0},\dots ,{\mathbf{p}}_{n-2}$.
- (
**A**_{6}) - The length of the complete secret key, denoted by m, is the sum of the lengths of all the partial secret keys: $m=|{\mathbf{p}}_{0}|+\dots +|{\mathbf{p}}_{n-2}|$. The agents send the length of their partial key to Alice, thus enabling her to compute m. Subsequently, Alice sends m to all her spies so that it becomes common knowledge to Alice and her agents.
- (
**A**_{7}) - The whole operation must be executed with utmost secrecy, due to the presence of the eavesdropper Eve.

- Implicit in the definition of the problem is the assumption that Alice has assigned a specific ordering to her ring of agents and all her agents are aware of this ordering. This simply means that not only Alice but also all agents know who are Agent${}_{0}$, …, Agent${}_{n-2}$.
- Definition 1 explicitly allows the partial secret keys to be of different length, which is far more probable and realistic.
- Although neither Alice nor her agents know the partial secret keys (except their own), they all know their lengths $|{\mathbf{p}}_{0}|,\dots ,|{\mathbf{p}}_{n-2}|$. This does not compromise the secrecy factor because knowing the length of a secret key does not reveal its contents.

**Definition**

**2**

**.**Each Agent${}_{i},\phantom{\rule{4pt}{0ex}}0\le i\le n-2,$ constructs from her partial secret key ${\mathbf{p}}_{i}$ her extended partial secret key ${\mathbf{s}}_{i}$, which is defined as

## 4. The Quantum Secret Aggregation Protocol

#### 4.1. Initialization Phase through the Quantum Channel

#### 4.2. Input Phase in the Local Quantum Circuits

#### 4.3. Retrieval Phase

**fundamental correlation property**. This property asserts that in each term of the linear combination described by $|{\psi}_{3}\rangle $, the states ${|\mathbf{a}\rangle}_{A},{|{\mathbf{y}}_{n-2}\rangle}_{n-2},\dots ,{|{\mathbf{y}}_{0}\rangle}_{0}$ of the n players’ input registers are correlated by the following constraint:

## 5. A Toy Scale Example Demonstrating the QSA Protocol

## 6. Security Analysis of the QSA Protocol

#### 6.1. Assumptions

#### 6.2. Intercept and Resend Attack

#### 6.3. PNS Attack

#### 6.4. Blinding Attack

## 7. Discussion and Conclusions

## Author Contributions

## Funding

## Institutional Review Board Statement

## Informed Consent Statement

## Data Availability Statement

## Conflicts of Interest

## References

- Shor, P. Algorithms for quantum computation: Discrete logarithms and factoring. In Proceedings of the Proceedings 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, 20–22 November 1994. [Google Scholar] [CrossRef]
- Grover, L. A fast quantum mechanical algorithm for database search. In Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, PA, USA, 22–24 May 1996. [Google Scholar] [CrossRef]
- Chow, J.; Dial, O.; Gambetta, J. IBM Quantum Breaks the 100-Qubit Processor Barrier. 2021. Available online: https://research.ibm.com/blog/127-qubit-quantum-processor-eagle (accessed on 3 April 2022).
- Newsroom, I. IBM Unveils 400 Qubit-Plus Quantum Processor. 2022. Available online: https://newsroom.ibm.com/2022-11-09-IBM-Unveils-400-Qubit-Plus-Quantum-Processor-and-Next-Generation-IBM-Quantum-System-Two (accessed on 18 November 2022).
- Chamola, V.; Jolfaei, A.; Chanana, V.; Parashari, P.; Hassija, V. Information security in the post quantum era for 5G and beyond networks: Threats to existing cryptography, and post-quantum cryptography. Comput. Commun.
**2021**, 176, 99–118. [Google Scholar] [CrossRef] - Chen, L.; Jordan, S.; Liu, Y.K.; Moody, D.; Peralta, R.; Perlner, R.; Smith-Tone, D. Report on Post-Quantum Cryptography; US Department of Commerce, National Institute of Standards and Technology: Gaithersburg, MD, USA, 2016. Available online: https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8105.pdf (accessed on 3 April 2022).
- Alagic, G.; Alperin-Sheriff, J.; Apon, D.; Cooper, D.; Dang, Q.; Liu, Y.K.; Miller, C.; Moody, D.; Peralta, R.; Perlner, R.; et al. Status Report on the First Round of the NIST Post-Quantum Cryptography Standardization Process; US Department of Commerce, National Institute of Standards and Technology: Gaithersburg, MD, USA, 2019. Available online: https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=927303 (accessed on 3 April 2022).
- Alagic, G.; Alperin-Sheriff, J.; Apon, D.; Cooper, D.; Dang, Q.; Kelsey, J.; Liu, Y.K.; Miller, C.; Moody, D.; Peralta, R.; et al. Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process; US Department of Commerce, NIST: Gaithersburg, MD, USA, 2020. [Google Scholar]
- Alagic, G.; Apon, D.; Cooper, D.; Dang, Q.; Dang, T.; Kelsey, J.; Lichtinger, J.; Miller, C.; Moody, D.; Peralta, R.; et al. Status Report on the Third Round of the NIST Post-Quantum Cryptography Standardization Process; National Institute of Standards and Technology: Gaithersburg, MD, USA, 2022. [Google Scholar]
- Ekert, A.K. Quantum cryptography based on Bell’s theorem. Phys. Rev. Lett.
**1991**, 67, 661–663. [Google Scholar] [CrossRef] - Bennett, C.H.; Brassard, G.; Mermin, N.D. Quantum cryptography without Bell’s theorem. Phys. Rev. Lett.
**1992**, 68, 557–559. [Google Scholar] [CrossRef] - Gisin, N.; Ribordy, G.; Zbinden, H.; Stucki, D.; Brunner, N.; Scarani, V. Towards practical and fast quantum cryptography. arXiv
**2004**, arXiv:quant-ph/0411022. [Google Scholar] - Inoue, K.; Waks, E.; Yamamoto, Y. Differential phase shift quantum key distribution. Phys. Rev. Lett.
**2002**, 89, 037902. [Google Scholar] [CrossRef] - Guan, J.Y.; Cao, Z.; Liu, Y.; Shen-Tu, G.L.; Pelc, J.S.; Fejer, M.; Peng, C.Z.; Ma, X.; Zhang, Q.; Pan, J.W. Experimental passive round-robin differential phase-shift quantum key distribution. Phys. Rev. Lett.
**2015**, 114, 180502. [Google Scholar] [CrossRef] - Waks, E.; Takesue, H.; Yamamoto, Y. Security of differential-phase-shift quantum key distribution against individual attacks. Phys. Rev. A
**2006**, 73, 012344. [Google Scholar] [CrossRef] - Ampatzis, M.; Andronikos, T. QKD Based on Symmetric Entangled Bernstein-Vazirani. Entropy
**2021**, 23, 870. [Google Scholar] [CrossRef] [PubMed] - Ampatzis, M.; Andronikos, T. A Symmetric Extensible Protocol for Quantum Secret Sharing. Symmetry
**2022**, 14, 1692. [Google Scholar] [CrossRef] - Attasena, V.; Darmont, J.; Harbi, N. Secret sharing for cloud data security: A survey. VLDB J.
**2017**, 26, 657–681. [Google Scholar] [CrossRef] - Ermakova, T.; Fabian, B. Secret sharing for health data in multi-provider clouds. In Proceedings of the 2013 IEEE 15th Conference on Business Informatics, Vienna, Austria, 15–18 July 2013; pp. 93–100. [Google Scholar]
- Cha, J.; Singh, S.K.; Kim, T.W.; Park, J.H. Blockchain-empowered cloud architecture based on secret sharing for smart city. J. Inf. Secur. Appl.
**2021**, 57, 102686. [Google Scholar] [CrossRef] - Hillery, M.; Bužek, V.; Berthiaume, A. Quantum secret sharing. Phys. Rev. A
**1999**, 59, 1829. [Google Scholar] [CrossRef] - Cleve, R.; Gottesman, D.; Lo, H.K. How to share a quantum secret. Phys. Rev. Lett.
**1999**, 83, 648. [Google Scholar] [CrossRef] - Karlsson, A.; Koashi, M.; Imoto, N. Quantum entanglement for secret sharing and secret splitting. Phys. Rev. A
**1999**, 59, 162. [Google Scholar] [CrossRef] - Smith, A.D. Quantum secret sharing for general access structures. arXiv
**2000**, arXiv:quant-ph/0001087. [Google Scholar] - Gottesman, D. Theory of quantum secret sharing. Phys. Rev. A
**2000**, 61, 042311. [Google Scholar] [CrossRef] - Fortescue, B.; Gour, G. Reducing the quantum communication cost of quantum secret sharing. IEEE Trans. Inf. Theory
**2012**, 58, 6659–6666. [Google Scholar] [CrossRef] - Qin, H.; Tang, W.K.; Tso, R. Hierarchical quantum secret sharing based on special high-dimensional entangled state. IEEE J. Sel. Top. Quantum Electron.
**2020**, 26, 1–6. [Google Scholar] [CrossRef] - Senthoor, K.; Sarvepalli, P.K. Theory of communication efficient quantum secret sharing. IEEE Trans. Inf. Theory
**2022**, 68, 3164–3186. [Google Scholar] [CrossRef] - Fu, Y.; Yin, H.L.; Chen, T.Y.; Chen, Z.B. Long-distance measurement-device-independent multiparty quantum communication. Phys. Rev. Lett.
**2015**, 114, 090501. [Google Scholar] [CrossRef][Green Version] - Wu, X.; Wang, Y.; Huang, D. Passive continuous-variable quantum secret sharing using a thermal source. Phys. Rev. A
**2020**, 101, 022301. [Google Scholar] [CrossRef] - Grice, W.P.; Qi, B. Quantum secret sharing using weak coherent states. Phys. Rev. A
**2019**, 100, 022339. [Google Scholar] [CrossRef] - Gu, J.; Xie, Y.M.; Liu, W.B.; Fu, Y.; Yin, H.L.; Chen, Z.B. Secure quantum secret sharing without signal disturbance monitoring. Opt. Express
**2021**, 29, 32244–32255. [Google Scholar] [CrossRef] [PubMed] - Keet, A.; Fortescue, B.; Markham, D.; Sanders, B.C. Quantum secret sharing with qudit graph states. Phys. Rev. A
**2010**, 82, 062315. [Google Scholar] [CrossRef] - Helwig, W.; Cui, W.; Latorre, J.I.; Riera, A.; Lo, H.K. Absolute maximal entanglement and quantum secret sharing. Phys. Rev. A
**2012**, 86, 052335. [Google Scholar] [CrossRef] - Liu, C.J.; Li, Z.H.; Bai, C.M.; Si, M.M. Quantum-secret-sharing scheme based on local distinguishability of orthogonal seven-qudit entangled states. Int. J. Theor. Phys.
**2018**, 57, 428–442. [Google Scholar] [CrossRef] - Mansour, M.; Dahbi, Z. Quantum secret sharing protocol using maximally entangled multi-qudit states. Int. J. Theor. Phys.
**2020**, 59, 3876–3887. [Google Scholar] [CrossRef] - Bennett, C.H.; Brassard, G. Quantum Cryptography: Public Key Distribution and Coin Tossing. In Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, Bangalore, India, 10–12 December 1984; pp. 175–179. [Google Scholar]
- Meyer, D.A. Quantum strategies. Phys. Rev. Lett.
**1999**, 82, 1052. [Google Scholar] [CrossRef] - Eisert, J.; Wilkens, M.; Lewenstein, M. Quantum games and quantum strategies. Phys. Rev. Lett.
**1999**, 83, 3077. [Google Scholar] [CrossRef] - Andronikos, T.; Sirokofskich, A.; Kastampolidou, K.; Varvouzou, M.; Giannakis, K.; Singh, A. Finite Automata Capturing Winning Sequences for All Possible Variants of the PQ Penny Flip Game. Mathematics
**2018**, 6, 20. [Google Scholar] [CrossRef][Green Version] - Andronikos, T.; Sirokofskich, A. The Connection between the PQ Penny Flip Game and the Dihedral Groups. Mathematics
**2021**, 9, 1115. [Google Scholar] [CrossRef] - Andronikos, T. Conditions that enable a player to surely win in sequential quantum games. Quantum Inf. Process.
**2022**, 21. [Google Scholar] [CrossRef] - Giannakis, K.; Theocharopoulou, G.; Papalitsas, C.; Fanarioti, S.; Andronikos, T. Quantum Conditional Strategies and Automata for Prisoners’ Dilemmata under the EWL Scheme. Appl. Sci.
**2019**, 9, 2635. [Google Scholar] [CrossRef] - Giannakis, K.; Papalitsas, C.; Kastampolidou, K.; Singh, A.; Andronikos, T. Dominant Strategies of Quantum Games on Quantum Periodic Automata. Computation
**2015**, 3, 586–599. [Google Scholar] [CrossRef] - Andronikos, T.; Stefanidakis, M. A Two-Party Quantum Parliament. Algorithms
**2022**, 15, 62. [Google Scholar] [CrossRef] - Cruz, D.; Fournier, R.; Gremion, F.; Jeannerot, A.; Komagata, K.; Tosic, T.; Thiesbrummel, J.; Chan, C.L.; Macris, N.; Dupertuis, M.A.; et al. Efficient Quantum Algorithms for GHZ and W States, and Implementation on the IBM Quantum Computer. Adv. Quantum Technol.
**2019**, 2, 1900015. [Google Scholar] [CrossRef] - IBM. IBM Quantum Composer. Available online: https://quantum-computing.ibm.com/composer. (accessed on 18 November 2022).
- Aspelmeyer, M.; Jennewein, T.; Pfennigbauer, M.; Leeb, W.R.; Zeilinger, A. Long-distance quantum communication with entangled photons using satellites. IEEE J. Sel. Top. Quantum Electron.
**2003**, 9, 1541–1551. [Google Scholar] [CrossRef] - Qiskit. Qiskit Open-Source Quantum Development. Available online: https://qiskit.org. (accessed on 18 November 2022).
- Nielsen, M.A.; Chuang, I.L. Quantum Computation and Quantum Information; Cambridge University Press: Cambridge, UK, 2010. [Google Scholar]
- Mermin, N. Quantum Computer Science: An Introduction; Cambridge University Press: Cambridge, UK, 2007. [Google Scholar] [CrossRef]
- Qasm. The Qasm Simulator. Available online: https://qiskit.org/documentation/stubs/qiskit.providers.aer.QasmSimulator.html. (accessed on 3 April 2022).
- Wootters, W.K.; Zurek, W.H. A single quantum cannot be cloned. Nature
**1982**, 299, 802–803. [Google Scholar] [CrossRef] - Coffman, V.; Kundu, J.; Wootters, W.K. Distributed entanglement. Phys. Rev. A
**2000**, 61, 052306. [Google Scholar] [CrossRef][Green Version] - Brunner, N.; Cavalcanti, D.; Pironio, S.; Scarani, V.; Wehner, S. Bell nonlocality. Rev. Mod. Phys.
**2014**, 86, 419. [Google Scholar] [CrossRef] - Colbeck, R.; Renner, R. No extension of quantum theory can have improved predictive power. Nat. Commun.
**2011**, 2, 411. [Google Scholar] [CrossRef] - Huttner, B.; Imoto, N.; Gisin, N.; Mor, T. Quantum cryptography with coherent states. Phys. Rev. A
**1995**, 51, 1863. [Google Scholar] [CrossRef] - Lütkenhaus, N. Security against individual attacks for realistic quantum key distribution. Phys. Rev. A
**2000**, 61, 052304. [Google Scholar] [CrossRef] - Brassard, G.; Lütkenhaus, N.; Mor, T.; Sanders, B.C. Limitations on practical quantum cryptography. Phys. Rev. Lett.
**2000**, 85, 1330. [Google Scholar] [CrossRef] [PubMed][Green Version]

**Figure 1.**This figure depicts Bob and Charlie’s incomplete maps, that must be sent to Alice, so that she may dig-up the treasure.

**Figure 2.**The above (efficient) quantum circuit in Qiskit can entangle 5 qubits in the $|GH{Z}_{5}\rangle =\frac{|0\rangle |0\rangle |0\rangle |0\rangle |0\rangle +|1\rangle |1\rangle |1\rangle |1\rangle |1\rangle}{\sqrt{2}}$ state. Following the same pattern, we can construct efficient quantum circuits that entangle n qubits in the $|GH{Z}_{n}\rangle $ state.

**Figure 3.**This figure depicts the state vector description of 5 qubits that are entangled in the $|GH{Z}_{5}\rangle $ state.

**Figure 4.**This figure visualizes the situation where each of the n subsystems is a quantum register ${r}_{i},\phantom{\rule{4pt}{0ex}}0\le i\le n-1,$ that has m qubits, and the corresponding qubits in all the registers are entangled in the $|GH{Z}_{n}\rangle $ state. This means that qubit $|{q}_{0}\rangle $ of register ${r}_{0}$, qubit $|{q}_{0}\rangle $ of register ${r}_{1}$, …, qubit $|{q}_{0}\rangle $ of register ${r}_{n-1}$ constitute an n-tuple entangled in the $|GH{Z}_{n}\rangle $ state. As a visual confirmation of this fact, these qubits have been drawn with the same color. The same holds for all n qubits in position $j,\phantom{\rule{4pt}{0ex}}1\le j\le n-1,$ of registers ${r}_{0},\dots ,{r}_{n-1}$ and the coloring scheme employed aims to emphasize this fact.

**Figure 5.**The above figure depicts the situation where Alice herself initiates the protocol by creating and sending through the quantum channel to each of the $n-1$ spatially distributed agents in her spy network m qubits, each one of them entangled in the $|GH{Z}_{n}\rangle $ state.

**Figure 6.**The above figure shows the quantum circuits employed by Alice and her agents. We point out that these circuits are spatially separated, but, due to entanglement, strongly correlated forming a composite system. The state vectors $|{\psi}_{0}\rangle $, $|{\psi}_{1}\rangle $, $|{\psi}_{2}\rangle $, $|{\psi}_{3}\rangle $ and $|{\psi}_{4}\rangle $ describe the evolution of the composite system.

**Figure 7.**The above figure visualizes the conclusion of the QSA protocol when the $n-1$ spatially distributed agents in the spy network send to Alice through the classical channel the final measurements ${\mathbf{y}}_{0},\dots ,{\mathbf{y}}_{n-2}$ of their input registers.

**Figure 8.**A toy scale quantum circuit simulating the QSA protocol, as applied to the spymaster Alice and her two agents Bob and Charlie.

**Figure 9.**Some of the possible measurements and their corresponding probabilities for the circuit of Figure 8.

**Table 1.**This table contains the notations and abbreviations that are used in Figure 6.

Notations and Abbreviations | |
---|---|

Symbolism | Explanation |

n | Number of players (Alice plus her $n-1$ agents) |

m | Length of the secret key $\mathbf{s}$, equal to the |

number of qubits in the Input Registers | |

of Alice & every one of her agents | |

AIR | Alice’s m-qubit Input Register |

IR${}_{i}$ | The m-qubit Input Register of Agent${}_{i},\phantom{\rule{4pt}{0ex}}0\le i\le n-2$ |

OR${}_{i}$ | The single-qubit Output Register of Agent${}_{i},\phantom{\rule{4pt}{0ex}}0\le i\le n-2$ |

Differences and Similarities | |
---|---|

Differences | Similarities |

Alice’s circuit lacks Output Register | All circuits contain an m-qubit Input Register |

Alice does not apply any function | All agents’ circuits contain an Output Register |

Every agent applies a different function ${f}_{i}$ | All Output Registers are initialized to $|1\rangle $ |

All circuits apply the m-fold | |

Hadamard transform on their | |

Input Register prior to measurement |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Ampatzis, M.; Andronikos, T.
Quantum Secret Aggregation Utilizing a Network of Agents. *Cryptography* **2023**, *7*, 5.
https://doi.org/10.3390/cryptography7010005

**AMA Style**

Ampatzis M, Andronikos T.
Quantum Secret Aggregation Utilizing a Network of Agents. *Cryptography*. 2023; 7(1):5.
https://doi.org/10.3390/cryptography7010005

**Chicago/Turabian Style**

Ampatzis, Michael, and Theodore Andronikos.
2023. "Quantum Secret Aggregation Utilizing a Network of Agents" *Cryptography* 7, no. 1: 5.
https://doi.org/10.3390/cryptography7010005