On the Security of Password-Authenticated Quantum Key Exchange
This addresses the challenge of combining human-memorable passwords with quantum key distribution for practical security applications, representing a theoretical advance rather than an incremental improvement.
The paper tackles the problem of achieving secure password-authenticated quantum key exchange, showing impossibility results for strong security but constructing a protocol that provably achieves everlasting security in a simulation-based model.
Motivated by the Quantum Key Distribution (QKD) protocol, introduced in 1984 in the seminal paper of Bennett and Brassard, we investigate in this paper the achievability of unconditionally secure password-authenticated quantum key exchange (quantum PAKE), where the authentication is implemented by the means of human-memorable passwords. We first show a series of impossibility results forbidding the achievement of very strong security, leaving open the feasibility of achieving a weaker security notion. We then answer this open question positively by presenting a construction for quantum PAKE that provably achieves everlasting security in the simulation-based model. Everlasting security is a security notion introduced by Müller-Quade and Unruh in 2007, which implies unconditional security after the execution of the protocol and only reduces the power of the adversary to be computational during the execution of the protocol, which seems quite a reasonable assumption for nowadays practical use-cases.