Content uploaded by Khaled Elleithy
Author content
All content in this area was uploaded by Khaled Elleithy on Oct 05, 2017
Content may be subject to copyright.
Quantum Mutual Authentication Scheme Based on
Bell State Measurement
Muneer Alshowkan, IEEE Student Member and Khaled Elleithy, IEEE Senior Member
Department of Computer Science and Engineering
University of Bridgeport
Bridgeport, CT 06604, USA
malshowk@my.bridgeport.edu, elleithy@bridgeport.edu
Abstract—Authentication is one of the security services that en
sures sufficient security of the system by identification and verifi
cation. Also, it assures the identity of the communicating party to
be that the claimed one. To build a quantum channel between two
unauthenticated to each other parties, first, a trusted authority is
needed to establish a mutual authentication with each party. Using
Bell measurement and entanglement swapping, we present a pro
tocol that mutually authenticates the identity of the sender and the
receiver, then constructs a quantum channel based on Bell basis.
After, the sender and the receiver use the quantum channel to
communicate using entanglementassisted quantum communica
tion protocols. Additionally, the protocol renews the shared secret
key between the trusted authority and each user after each authen
tication process. The protocol provides the necessary authentica
tion and key distribution to create a quantum channel between the
sender and receiver.
Keywords— quantum; entanglement; authentication; bell meas
urement; bell basis
I. I
NTRODUCTION
The field of quantum computing and information processing
uses the laws of quantum physics, including states superposition
and entanglement. Quantum cryptography is amongst the most
surprising application of quantum mechanics in quantum com
puting and information processing. Unlike classical cryptog
raphy, which depends on the computational complexity of solv
ing difficult mathematical problems such as, the publickey
algorithm of the RSA. Quantum key distribution offers a method
of sharing a private key with unconditional security. By applying
the laws of quantum mechanics, messages and secret keys can
be hidden and securely shared over a quantum channel between
a sender and a receiver. For instance, one can use quantum key
distribution protocols to share secret keys or use quantum direct
communication to send messages. Bennett and Brassard were
the first to propose the quantum key distribution protocol BB84
in 1984 [1]. After, the field of quantum computing and infor
mation processing became an active research area. Thus, many
protocols in quantum communication and information pro
cessing have been proposed. For example, some of the quantum
protocols are quantum secret sharing [28], quantum secure di
rect communication [914] and quantum identity authentication
[13, 1520]. Quantum secret sharing is the transformation of
classical secret sharing to quantum information processing and,
it can be used classical and quantum messages. Quantum secure
direct communication protocol provides a secure method to send
a secret message without prior sharing of a secret key. Classical
cryptography has an extensive research on identity and message
authentication. In the field of quantum information processing,
quantum identity authentication is the natural generalization of
the classical authentication. For instance, the quantum authenti
cation and key distribution protocol presented in [16]. Identity
authentication and simultaneous secret key distribution protocol
presented in [21]. In addition, two protocols were presented in
[13] for quantum user identification and secure direct communi
cation. The protocols use the GreenbergerHorneZeilinger
states for authentication and then secure communication.
One of the most fundamental elements of quantum cryptog
raphy is quantum entanglement. Quantum entanglement has no
classical counterpart, which is a nonlocal correlation between
two quantum subsystems. In 1991, Ekert [22] presented the first
entanglementbased quantum key distribution protocol to share
private secret keys. For example, if Alice and Bob have many
prior shared maximally entangled pairs, then for each pair they
perform measurement in any bases. After, on the classical chan
nel they disclose the measurement basis used on each pair. The
results should be correlated if they used the same basis. Pairs
measured in different bases can be used to detect the presence of
Eve by Bell’s inequality. Entrapment swapping [23, 24] is a tech
nique that makes two nondirectly interacted systems entangled
with each other. Using entanglement swapping led to presenting
new quantum key distribution protocol [2530].
In this paper, we assume that a sender (Alice) wishes to com
municate with a receiver (Bob) but they are untrusted to each
other and do not have access to a quantum channel nor they share
entanglement. So, Alice contacts the trust authority Trent, who
can authenticate each user using a prior shared secret key be
tween them. Trent will distribute many twoparticle entangled
pairs with each party for authentication and communication. The
goal is to verify and authenticate the identity of each user then,
creates a quantum channel based on Bell basis. Trent renews the
secret key between him and the users after each authentication.
In the communication process, Alice and Bob use the entangle
mentbased quantum channel to communicate using entangle
mentassisted communication protocol. The organization of the
paper is as follows: the related work in section II, the proposed
protocol in section III, the security analysis in section IV, and the
conclusion in section V.
II. R
ELATED WORK
In the literature, there are different quantum authentication
protocols [19, 3133]. The protocols in [32, 33] are based on en
tanglement swapping and Bell state measurement. In addition,
they have three participants in the protocols, a sender Alice, who
wishes to communicate with a remote receiver Bob and Trent
who is a trusted party. Trent will try to help and build an authen
ticated quantum communication channel between Alice and
Bob. In the presented scheme registration, authentication and
communication are the three main components. Next, we review
the scheme presented in [33]. The protocol has three processes,
which are registration, authentication, and communication.
A. Registration:
Suppose that each of Alice and Bob shares bits secret key
with the trusted authority Trent. Alice and Trent share the secret
key
={
,
,…,
,}. Also, Bob and Trent share the
secret key
={
,
,…,
,} . The key distribution
method was the quantum key distribution protocol in [27] to
guarantee the unconditional security. Alice asks Trent to com
municate with Bob. Then, Trent starts the authentication process
by using the prior shared secret keys
and
with Alice
and Bob respectively. For each secret key, Trent derives a set of
bases from the bases
={0〉,1〉} and
={+〉,−〉} for
Alice and Bob called secret bases
and
respectively.
Where, the bases
and
correspond to the secret key −ℎ
bit of “0” and “1” respectively. Trent authenticates the identity
of Alice and Bob by creating and sending a random secret se
quence encoded by the secret bases. For Alice, Trent creates:
={
,
,…
}(1)
and for Bob, Trent creates:
={
,
,…
}(2)
If Alice and Bob are the legitimate users, then they can use their
shared secret key with Trent to derive the secret bases and de
code the secret sequence. Therefore, Trent meets with each user
on the classical channel to verify the result. They continue the
protocol if both got the correct secret sequences or abandon the
channel if one of them got the wrong result.
B. Authentication:
After the authentication of Alice and Bob identities, Trent
starts building the quantum channel. Trent aims to create a quan
tum channel consists of twoparticle maximally entangled states
{Ψ
±
〉,Φ
±
〉}. So, Trent prepares maximally entangled pairs
shared between him and Alice:
δ
()〉={δ
(1)〉,δ
(2)〉,…δ
()〉} (3)
also, another pair shared between him and Bob:
ζ
(
)〉={ζ
(1)〉,ζ
(2)〉,…ζ
()〉} (4)
where δ,ζ〉∈{Ψ
±
〉,Φ
±
〉} . After, Trent keeps his particles
which δ
()〉 andζ
()〉. Then, he sends the particles δ
()〉
and ζ
()〉 to Alice and Bob respectively. Trent makes another
authentication by asking each party to perform Bell basis meas
urement on random pairs. For instance, if the chosen random
state is then Bell measurement should be performed on
δ
()〉δ
(+1)〉 and ζ
()〉ζ
(+1)〉 for Alice and Bob
respectively. After that, each party meets Trent on the classical
channel to inform him of the chosen states and the measure
ments result. Trent verifies that the results of each party confirm
the entanglement swapping of Bell states by performing Bell ba
sis measurement on the chosen states. Trent continues the proto
col if both parties obtained correct states.
C. Communication:
After successfully authenticated Alice and Bob, Trent is
ready to create the quantum channel. First, Trent discards the
used entanglement and asks Alice and Bob to discard them as
well. The total remaining states in Trent possession will be
{δ
()〉,ζ
()〉} where ==1,2,..−. Also, the remain
ing states in the possession of Alice and Bob will be {δ
()〉}
and {ζ
()〉} respectively where ==1,2,..− . After,
Trent performs Bell basis measurement on the remaining states
shared between him each party where (=) . For instance,
Trent performs Bell basis measurement on {δ
()〉⊗ζ
()〉}
which will cause entanglement swapping making the states of
Alice and Bob {δ
()〉,ζ
()〉} in one of Bell entangled states.
Finally, Alice and Bob use an entanglementassisted communi
cation protocol such as quantum teleportation for communica
tion.
The protocol presented in [34] is a bidirectional quantum se
cure direct communication with authentication. The communi
cation channel between the sender Alice and the receiver Bob is
based on twoparticle prior shared entanglement. Alice and Bob
encode their secret key and the secret message by Pauli opera
tors
,
,
, and
. Also, they use the shared entanglement
for authentication and secret key generating with help of 2 and
2 bits of classical communication. Moreover, Alice and Bob
previously agree to encode the two bits 00,01,10,and 11with
Pauli operators
,
,
, and
respectively:
=0〉〈0+1〉〈1 (5)
=0〉〈1+1〉〈0 (6)
=0〉〈0−1〉〈1 (7)
=0〉〈1−1〉〈0(8)
The protocol has eight steps. First, Alice prepares 2+
2
+ entangled pairs chosen randomly from Bell states then,
shares them with Bob. Second, Bob randomly selects states
from his entangled states then randomly measures them in
. After, Bob informs Alice of the chosen state and their
results through the classical channel. After that, Alice performs
the same measurement on the same state then compares them
with the results received from Bob. Third, using the remaining
entanglement Alice encodes a secret key. Fourth, Bob perform
measurement on the chosen state by Alice then announce the re
sult through the classical channel. Fifth, Alice informs Bob of
the position of the secret key states so, Bob perform the neces
sary decoding. Six, Alice encodes the secret message using the
secret key. Seven, Bob perform Bell measurement then confirms
with Alice the results through the classical channel. Eight, Alice
informs Bob of the state of the direct communication and the
updated authentication key. They use the direct communication
states to send secret messages using Bell basis measurement.
III. Q
UANTUM
M
UTUAL
A
UTHENTICATION
S
CHEME
B
ASED
ON
B
ELL
S
TATE
M
EASUREMENT
The previous protocols especially [32, 33] do not offer mu
tual authentication and depend on the trusted authority to au
thenticate the users. Without mutual authentication, the com
municating parties have no confidence they are connected with
the trusted authority. Therefore, attacks such as replay and man
inthemiddle are possible. In our proposed protocol, we secure
the registration process by mutual authentication. Also, renews
the secret key after each use by distributing a new secret key
after each successful authentication.
A. Mutual Authentication and Registration:
Consider a network of users
where is the user identi
fication number
∈={
,
,…,
} . Each user shares a
secret key
∈={
,
,…,
} of size 2 where
={
+
} with the trusted user Trent. We assume
that the key exchange occurred during the setup of each user in
the network. If Alice wishes to communicate with Bob, then she
contacts Trent who knows every user in the network. At the be
ginning, Trent and Alice need to build mutual authentication by
identification and verification of each’s identity. They use the
shared secret key
={
+
} to derive the encoding
bases
={
+
} from the bases
={0〉,1〉}
and the bases
={+〉,−〉}. For each bit in the secret key,
they make the bits “0” and “1” correspond to bases
and
respectively. After, Trent and Alice each generate a random se
quence
and
respectively of size, then encoded it by
the bases
. Next, Trent and Alice exchange the encoded se
quences. So, the legitimate Trent and Alice must be able to de
rive the decoding bases
from the secret key
then de
code the each other’s sequence. After, they meet on the classical
channel. Trent announces Alice’s
and Alice announces
Trent’s sequence
. Trent and Alice verify their sequences
then, they continue if they received the correct sequences so that
they are mutually authenticated. If one of them received the
wrong sequence then, they abandon the channel. After that,
Trent contacts Bob and performs the same authentication pro
cess. Trent and Bob use the shared secret key
=
{
+
} to derive the encoding bases
={
+
} . Next, Each of Trent and Bob generates a random se
quence
and
respectively of size then, encode it by
bases
. After, Trent and Bob exchange the encoded se
quences then meet on the classical channel to verify their se
quences. Trent and Bob verify the sequences
and
re
spectively then, they continue if both received the correct
sequences or they abandon the channel. If no one abandoned the
channel then, Trent and Alice, as well as Trent and Bob, are mu
tually authenticated. Further, Trent will provide Alice and Bob
with a secret key to create a secret sequence for authenticating
before communication. Trent encodes the second part of Bob’s
secret key
by
then sends it to Alice. Also, Trent en
codes the second part of Alice’s secret key
using
then
sends to Bob.
B. Secret Key Distribution:
Trent builds the quantum channel after he created the mutual
authentication between him and each of Alice and Bob. For each
user, Trent prepares random Bell basis:

Υ
()〉
={
Υ
(1)〉
,
Υ
(2)〉
,…,
Υ
(L)〉
}(9)
where Υ〉∈{Ψ
〉,Ψ
〉,Φ
〉,Φ
〉} then shares them with
the user. Also, let and be the indexes of Alice and Bob states
respectively where ==++=. Trent shares the en
tangled pairs Υ()〉
with Alice by keeping the first particle of
Υ()〉
and sending the second particle Υ()〉
to Alice. Like
wise, Trent shares the entangled pairs
Υ()〉
with Bob by
keeping the first particles Υ()〉
and sending the second parti
cle Υ()〉
to Bob. After, Alice randomly chooses (+)/2
inconsecutive states of her entanglement with Trent
Υ()〉
then performs Bell measurement on the state Υ()〉
⊗
Υ(+1)〉
. For example, if the random state is Φ
()〉
and the state +1 is Φ
(+1)〉
where the particles 1 and 4
belong to Trent and the particles 2 and 3 belong to Alice. Then,
Bell measurement on Φ
〉
⊗Φ
〉
will give one result of
{Φ
〉
Φ
〉
} , {Φ
〉
Φ
〉
} , {Ψ
〉
Ψ
〉
} , or
Ψ
〉
Ψ
〉
each occurs with a probability of1/4 . If Alice
finds the state Ψ
〉
then the state Trent holds should be
Ψ
〉
. All the possible outcomes of Bell measurement when
the state equals to Bell state Φ
〉
are:
Φ
⊗Φ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(10)
Φ
⊗Φ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(11)
Φ
⊗Ψ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(12)
Φ
⊗Ψ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(13)
If the state equals to Φ
〉
, then all the possible outcomes of
Bell measurement are:
Φ
⊗Φ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(14)
Φ
⊗Ψ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(15)
Φ
⊗Φ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(16)
Φ
⊗Ψ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(17)
If the state equals to Ψ
〉
, then all the possible outcomes of
Bell measurement are:
Ψ
⊗Ψ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(18)
Ψ
⊗Ψ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(19)
Ψ
⊗Φ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(20)
Ψ
⊗Φ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(21)
If the state equals to Ψ
〉
, then all the possible outcomes of
Bell measurement are:
Ψ
⊗Ψ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(22)
Ψ
⊗Ψ
=Φ
Φ
,Φ
Φ
,Ψ
Ψ
,Ψ
Ψ
(23)
Ψ
⊗Φ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(24)
Ψ
⊗Φ
=Φ
Ψ
,Φ
Ψ
,Ψ
Φ
,Ψ
Φ
(25)
For each measurement result, Alice will represent the states Φ〉
and Ψ〉 by the bits "0" and "1" respectively. In the same man
ner, she represents the phase of the states "+" and "−" by the
bits "0" and"1" respectively Fig. 1. For error detection, Alice
meets with Trent on the classical channel to inform him of the
/2 chosen pairs and the measurement result of each pair. Trent
verifies if the results Alice obtained satisfy Bell state measure
ment for the chosen /2 pairs. If Trent finds the results do not
satisfy Bell measurement then, the channel is compromised and
they abandon the channel. However, if the results satisfy Bell
measurement for entanglement swapping then, Trent and Alice
represent the remaining /2 pairs in bits and consider them as
an initial secret key .
Fig. 1. The representation of the states using classical bits.
Let consider an attacker (Eve) listens to the classical channel
and gains some information about the initial secret key. Then
another level of security is needed to reduce Eve’s information.
Therefore, Trent and Alice apply privacy amplification to derive
a secret key with a low correlation to the initial key. We assume
that every user shares with Trent a family of universal hash func
tion [35] with a uniform distribution of hash functions
which, maps bits input to bits output . Also, if {
,
}∈
and is randomly selected then, (
)=(
) with proba
bility of 1/ . Trent selects a hash function ∈ then in
forms Alice through the classical channel which hash function
was selected. After, Trent and Alice feed the initial secret key
into the hash function to obtain the final secret key ()=
.
Similarly, Trent follows the same process of verification and key
distribution with Bob to obtain a new secret key
.
C. Communication:
Trent reorders the remaining entangled pairs between him
and Alice:

Υ
()〉
={
Υ
(1)〉
,
Υ
(2)〉
,…,
Υ
()〉
}(26)
and the remaining entangled pairs between him and Bob:

Υ
(
)〉
={
Υ
(1)〉
,
Υ
(2)〉
,…,
Υ
()〉
}(27)
Then, Trent performs entanglements swapping to create entan
glement state between Alice and Bob. Trent performs entangle
ment swapping process using Υ()〉
⊗Υ()〉
. For exam
ple if the entangled state between Trent and Alice is Υ()〉
=
Φ
〉
and the entangled state between Trent and Bob is
Υ()〉
=Φ
〉
then Φ
()〉
⊗Φ
()〉
is as fol
lows:
=0
0
+1
1
√
2⊗0
0
+1
1
√
2(28)
=1
20
0
(0
0
+1
1
)
+1
1
(0
0
+1
1
)(29)
Trent applies CNOT gate on using the forst as the control
and the second as the target:
=1
20
0
(0
0
+1
1
)
+1
1
(1
0
+0
1
)(30)
Trent apples the Hadamard gate on the first :
=1
2
√
2(0
+1
)0
(0
0
+1
1
)
+(0
−1
)1
(1
0
+0
1
)(31)
Rearranging and combining :
=1
2
√
200
0
0
+1
1
01
0
1
+1
0
10
0
0
−1
1
11
0
1
−1
0
(32)
Trent informs Alice and Bob about which state they share using
two classical bits. Therefore, Alice and Bob will have their and
states respectively entangled in one of Bell states each occur
ring with probability of 1/4.
Ψ
(,
)
=1
√
2(0
1
−1
0
)(33)
Ψ
(,
)
=1
√
2(0
1
+1
0
)(34)
Φ
(,
)
=1
√
2(0
0
−1
1
)(35)
Φ
(,
)
=1
√
2(0
0
+1
1
)(36)
Alice and Bob use their entangled pairs to communicate us
ing quantum communication protocols such as teleportation,
Ekert 91, or remote state preparation. Alice and Bob make final
authentication to make sure that each party is the same party,
Trent authenticated in the first process. They use the secret
key
and
which, Trent distributed to Bob and Alice re
spectively. Each party derives the encoding basis, then creates
and exchanges a secret sequence. After, Alice and Bob meet on
the classical channel to verify each other’s sequence. The legiti
mate Alice and Bob should be able to decode and verify their
identity. If one of them cannot decode the sequence and verify
their identity, then they cannot trust each other and abandon the
channel. However, if they are the legitimate Alice and Bob then,
they will be able to decode the sequences and have mutual au
thentication. So, Alice and Bob are authenticated to each other’s
and able to start the communication using the entanglementas
sisted quantum communication protocols.
IV. S
ECURITY
A
NALYSIS AND
D
ISCUSSION
Mutual authentication requires the communicating parties to
build confidence about the identity of each other’s by identifica
tion and verification. For comparison, the quantum authentica
tion protocol in [33] does not authenticate Trent to the communi
cating parties Alice and Bob. The protocol assumes that Trent
and each party share a secret, which then used by Trent to derive
basis to encode a challenging sequence. Trent sends the encoded
sequence and asks each party to decode it after deriving the de
coding basis from their shared secret key with him. They retrieve
the correct sequence then send the result to Trent to decide if
they are the legitimate users or not. However, an attacker (Eve)
can masquerades Trent without being detected by Alice and Bob
because Trent uses the quantum channel to send encoded se
quence and Alice and Bob use the classical channel to verify
their identity. For example, Eve can intercept the communica
tion between Alice and Trent then forge a verification process.
Eve generates random secret key
then derives encoding ba
sis
. After, Eve creates the sequence
then, sends it to Al
ice. Using the secret key
, Alice derives the basis
then
tries to decode the sequence
. Without identity verification
of the source of the sequence, Alice will send the result to Trent.
However, Eve can intercept the communication from reaching
Trent then continues with Bob because Trent is the only one per
forms the authentication. Even if Alice requests acknowledge
ment from Trent then, without authentication, Eve can perform
the replay attack. Therefore, Alice and Bob also need to authen
ticate the identity of Trent at the initial communication. Alice
and Bob each creates a sequence using the shared secret key with
Trent then ask him to verify the sequence on the classical chan
nel. Thus, Alice and Bob require Trent to verify himself and pass
the verification step to be as well authenticated. If the mutual
authentication succeeds then, Alice and Bob with high confi
dence can continue communicating with Trent because they
have mutual authentication. If not, they abandon the channel. In
our protocol, consider Eve tries to perform the replay attack. Us
ing the passive attack on the classical channel, Eve could capture
acknowledgements and use them later. However, the shared se
cret key in our protocol changes after each authentication pro
cess. Thus, each secret key is used once and the replay attack
cannot be effective.
Let us consider the intercept/send attack against the authen
tication and key distribution process. If Eve intercepts the entan
gled pairs sent from Trent to Alice then, creates entanglement
and share with Alice. So, Trent and Eve share Υ()〉
. Also,
Eve and Alice share Υ()〉
. Alice chooses random pairs then,
performs Bell measurement to obtain an outcome with a proba
bility of 1/4 for each measurement as in Bell measurement out
comes (1025). Similarly, Eve measures random pairs from the
shared entanglement with Trent to obtain an outcome for each
measurement with a probability of 1/4. When Alice meets Trent
on the classical channel to inform him of the chosen pairs and
their measurement results, Alice will not be able to provide the
correct measurement because there is no correlation between
their pairs. Therefore, each measurement result of Alice and
Trent will have success probability of 1/16. As a result, Trent
and Alice with high probability can detect the presence of Eve
on the channel.
V. C
ONCLUSION
We presented a quantum mutual authentication protocol
based on Bell state measurement and entanglement swapping. A
trusted authority authenticates untrusted to each other users then
creates an entanglementbased quantum communication chan
nel. Using the prior shared secret key with each user, the trusted
authority mutually authenticates each user then builds the quan
tum channel. In addition, the protocol renews the secret key
shared with the trusted authority after each authentication pro
cess. The protocol successfully creates Bell states between par
ties who their particles did not interact with each other’s before.
Then, they use their Bell states to communicate by quantum en
tanglement communication protocols.
VI. R
EFERENCES
[1] C. H. Bennett and G. Brassard, "Quantum cryptography: Public key
distribution and coin tossing," in Proceedings of IEEE International
Conference on Computers, Systems and Signal Processing, 1984, p. 8.
[2] A. Karlsson, M. Koashi, and N. Imoto, "Quantum entanglement for secret
sharing and secret splitting," Physical Review A, vol. 59, p. 162, 1999.
[3] L. Xiao, G. L. Long, F.G. Deng, and J.W. Pan, "Efficient multiparty
quantumsecretsharing schemes," Physical Review A, vol. 69, p. 052307,
2004.
[4] Z.j. Zhang, Y. Li, and Z.x. Man, "Multiparty quantum secret sharing,"
Physical Review A, vol. 71, p. 044301, 2005.
[5] M. Hillery, V. Bužek, and A. Berthiaume, "Quantum secret sharing,"
Physical Review A, vol. 59, p. 1829, 1999.
[6] Z.j. Zhang, G. Gao, X. Wang, L.f. Han, and S.h. Shi, "Multiparty
quantum secret sharing based on the improved Boström–Felbinger
protocol," Optics communications, vol. 269, pp. 418422, 2007.
[7] P. Zhou, X.H. Li, Y.J. Liang, F.G. Deng, and H.Y. Zhou, "Multiparty
quantum secret sharing with pure entangled states and decoy photons,"
Physica A: Statistical Mechanics and its Applications, vol. 381, pp. 164
169, 2007.
[8] Y. Sun, Q.y. Wen, F. Gao, X.b. Chen, and F.c. Zhu, "Multiparty
quantum secret sharing based on Bell measurement," Optics
Communications, vol. 282, pp. 36473651, 2009.
[9] C. QingYu and L. BaiWen, "Deterministic secure communication
without using entanglement," Chinese Physics Letters, vol. 21, p. 601,
2004.
[10] K. Boström and T. Felbinger, "Deterministic secure direct communication
using entanglement," Physical Review Letters, vol. 89, p. 187902, 2002.
[11] F.G. Deng and G. L. Long, "Secure direct communication with a
quantum onetime pad," Physical Review A, vol. 69, p. 052319, 2004.
[12] A. Beige, B. G. Englert, C. Kurtsiefer, and H. Weinfurter, "Secure
communication with a publicly known key," Acta Physica Polonica A,
vol. 101, pp. 357368, 2002.
[13] H. Lee, J. Lim, and H. Yang, "Quantum direct communication with
authentication," Physical Review A, vol. 73, p. 042305, 2006.
[14] Q.Y. Cai and B.W. Li, "Improving the capacity of the Boström
Felbinger protocol," Physical Review A, vol. 69, p. 054301, 2004.
[15] T. Mihara, "Quantum identification schemes with entanglements,"
Physical review A, vol. 65, p. 052326, 2002.
[16] M. Dušek, O. Haderka, M. Hendrych, and R. Myška, "Quantum
identification system," Physical Review A, vol. 60, p. 149, 1999.
[17] Z. Zhang, G. Zeng, N. Zhou, and J. Xiong, "Quantum identity
authentication based on pingpong technique for photons," Physics
Letters A, vol. 356, pp. 199205, 2006.
[18] X. Zhang, "Oneway quantum identity authentication based on public
key," Chinese Science Bulletin, vol. 54, pp. 20182021, 2009.
[19] Y. Yang, Q. Wen, and X. Zhang, "Multiparty simultaneous quantum
identity authentication with secret sharing," Science in China Series G:
Physics, Mechanics and Astronomy, vol. 51, pp. 321327, 2008.
[20] C.H. Yu, G.D. Guo, and S. Lin, "Quantum secure direct communication
with authentication using two nonorthogonal states," International
Journal of Theoretical Physics, vol. 52, pp. 19371945, 2013.
[21] G. Zeng and W. Zhang, "Identity verification in quantum key
distribution," Physical Review A, vol. 61, p. 022303, 2000.
[22] A. K. Ekert, "Quantum cryptography based on Bell's theorem," Phys Rev
Lett, vol. 67, pp. 661663, Aug 5 1991.
[23] M. Zukowski, A. Zeilinger, M. Horne, and A. Ekert, "" Eventready
detectors" Bell experiment via entanglement swapping," Physical Review
Letters, vol. 71, pp. 42874290, 1993.
[24] L. Hardy and D. D. Song, "Entanglementswapping chains for general
pure states," Physical Review A, vol. 62, p. 052315, 2000.
[25] S. Bose, V. Vedral, and P. L. Knight, "Multiparticle generalization of
entanglement swapping," Physical Review A, vol. 57, p. 822, 1998.
[26] A. Cabello, "Quantum key distribution in the Holevo limit," Phys Rev
Lett, vol. 85, pp. 56358, Dec 25 2000.
[27] D. Song, "Secure key distribution by swapping quantum entanglement,"
Physical Review A, vol. 69, p. 034301, 2004.
[28] C. Li, H.S. Song, L. Zhou, and C.F. Wu, "A random quantum key
distribution achieved by using Bell states," Journal of Optics B: Quantum
and Semiclassical Optics, vol. 5, p. 155, 2003.
[29] G. Gao, "Quantum key distribution by swapping the entanglement of χ
type state," Physica Scripta, vol. 81, p. 065005, 2010.
[30] N. Zhou, L. Wang, L. Gong, X. Zuo, and Y. Liu, "Quantum deterministic
key distribution protocols based on teleportation and entanglement
swapping," Optics Communications, vol. 284, pp. 48364842, 2011.
[31] Y. YuGuang and W. QiaoYan, "Economical multiparty simultaneous
quantum identity authentication based on Greenberger–Horne–Zeilinger
states," Chinese Physics B, vol. 18, 2009.
[32] N. Penghao, C. Yuan, and L. Chong, "Quantum Authentication Scheme
Based on Entanglement Swapping," International Journal of Theoretical
Physics, pp. 111, 2015.
[33] M. Naseri, "Revisiting Quantum Authentication Scheme Based on
Entanglement Swapping," International Journal of Theoretical Physics,
pp. 18, 2015.
[34] D. Shen, W. Ma, X. Yin, and X. Li, "Quantum dialogue with
authentication based on Bell states," International Journal of Theoretical
Physics, vol. 52, pp. 18251835, 2013.
[35] J. L. Carter and M. N. Wegman, "Universal classes of hash functions," in
Proceedings of the ninth annual ACM symposium on Theory of
computing, 1977, pp. 106112.