Paper 2017/119

Quantum Authentication with Key Recycling

Christopher Portmann


We show that a family of quantum authentication protocols introduced in [Barnum et al., FOCS 2002] can be used to construct a secure quantum channel and additionally recycle all of the secret key if the message is successfully authenticated, and recycle part of the key if tampering is detected. We give a full security proof that constructs the secure channel given only insecure noisy channels and a shared secret key. We also prove that the number of recycled key bits is optimal for this family of protocols, i.e., there exists an adversarial strategy to obtain all non-recycled bits. Previous works recycled less key and only gave partial security proofs, since they did not consider all possible distinguishers (environments) that may be used to distinguish the real setting from the ideal secure quantum channel and secret key resource.

Note: Full version of published paper.

Available format(s)
Publication info
Published by the IACR in EUROCRYPT 2017
Quantum cryptographycomposable securityauthenticationkey recycling
Contact author(s)
chportma @ ethz ch
2017-03-29: revised
2017-02-16: received
See all versions
Short URL
Creative Commons Attribution


      author = {Christopher Portmann},
      title = {Quantum Authentication with Key Recycling},
      howpublished = {Cryptology ePrint Archive, Paper 2017/119},
      year = {2017},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.