Hussein Abulkasim,Eatedal Alabdulkreem and Safwat Hamad

1Faculty of Science,New Valley University,El-Kharga&the Academy of Scientific Research and Technology,Cairo,Egypt

2College of Computer and Information Sciences,Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia

3Faculty of Computer and Information Sciences,Ain Shams University,Cairo,Egypt

Abstract:Quantum key agreement is a promising key establishing protocol that can play a significant role in securing 5G/6G communication networks.Recently,Liu et al.(Quantum Information Processing 18(8):1-10,2019)proposed a multi-party quantum key agreement protocol based on four-qubit cluster states was proposed.The aim of their protocol is to agree on a shared secret key among multiple remote participants.Liu et al.employed four-qubit cluster states to be the quantum resources and the X operation to securely share a secret key.In addition,Liu et al.’s protocol guarantees that each participant makes an equal contribution to the final key.The authors also claimed that the proposed protocol is secure against participant attack and dishonest participants cannot generate the final shared key alone.However,we show here that Liu et al.protocol is insecure against a collusive attack,where dishonest participants can retrieve the private inputs of a trustworthy participant without being caught.Additionally,the corresponding modifications are presented to address these security flaws in Liu et al.’s protocol.

Keywords:Quantum key agreement;5G/6G communication networks;collusive attacks;quantum cryptography

1 Introduction

The recent advancement of quantum technology threatens the ability of classical cryptosystems,including 5G/6G communication networks to secure data and communications against growing security attacks[1,2].In this context,the concept of quantum cryptography or quantum key distribution (QKD) was introduced by Bennet and Brassard[3].Thanks to the principle of quantum physics,quantum cryptography can provide unconditional security solutions whose security has been proven by[4].These solutions may be adopted to secure 5G/6G communication networks[5-7].Subsequently,scholars focused their attention and passion on quantum communication and quantum cryptography,and various quantum protocols were investigated,including quantum secure direct communication[8,9],quantum secret sharing[10-13],quantum teleportation[14],quantum private computation[15-17],quantum signature[18],quantum key agreement (QKA)[19-23],and so on.Currently,QKA is one of the most significant aspects that may be used to generate a secured shared key between two or more distance users using a public quantum channel.It differs from the QKD protocol,which predetermines the key and then distributes it to the users in that no user or subgroup can independently identify the shared key.

In 2004,Zhou et al.[19]presented the pioneering work of the QKA protocol.Several QKA schemes have also been introduced throughout time[20-23].In the same year,another QKA protocol was proposed based on entangled quantum states.Unfortunately,as Chong et al.[24]pointed out,it was not a true QKA protocol since malicious users may derive the final shared key independently and entirely.In 2010,a QKA protocol based on the BB84 protocol was suggested,which is proved to be secure against inside and outside attacks[24].In 2014,the authors in[25]developed an efficient twouser QKA protocol using four-qubit cluster quantum states.However,the authors could not extend their protocol to the multi-party case.The multi-party case of the QKA protocol is more complicated,but it is more suitable for real applications.As a result,the multi-party case of the QKA protocol has gotten a lot of interest[26-33].

Recently,Liu et al.[34](Liu-QKA protocol)presented an interesting multi-party QKA protocol with four-qubit quantum cluster states.Their protocol adopted the four-qubit quantum cluster state as a quantum resource and a unitary operation to generate and share a secure key.Liu-QKA protocol generated and shared quantum key with high efficiency.The authors claimed that their protocol is secure against the outsider and participant attacks.However,our work shows that Liu-QKA protocol cannot resist the collusive attack.Two or more malicious participants can drive the private inputs of the honest ones and execute the protocol without being caught.The rest of this manuscript is organized as follows.A review of Liu-QKA protocol is presented in Section 2.Sections 3 introduces the suggested attack strategy on Liu=-QKA protocol and the suggested improvement.Finally,Section 4 concludes this work.

2 Review of Liu-QKA Protocol

This subsection introduces a brief background of Liu-QKA protocol.

2.1 Preliminaries

The relationship between secret key of parties and the evolved 4-qubit cluster is indicated in Tab.1.

Table 1:The relationship between the secret key of parties and the evolved 4-qubit cluster

2.2 Liu-QKA Protocol

3 Collusive Attack on Liu-QKA Protocol and Improvement

We show in this section that Liu-QKA Protocol is vulnerable to a collusive attack,in which two dishonest players can obtain the secret information of an honest participant.Then,to address this flaw,an improvement is provided.

3.1 The Collusive Attack on Liu-QKA Protocol

Figure 1:(a),(b),and (c) represent an example of the three-party Liu-QKA protocol,while (d)represents the collusive attack on Liu-QKA’s protocol of three participants

3.2 Improvement on Liu-QKA Protocol

4 Conclusion

Liu et al.presented an interesting quantum key agreement protocol with four-qubit cluster quantum states,which could be used as an unconditional security solution for enhancing the security of 5G/6G networks against the increasing cyber-attacks.However,this work shows that Liu et al.’s protocol is vulnerable to collusive attacks,where dishonest participants can conspire together to obtain the private information of a trustworthy participant without being caught.With the help of a third party,we suggested an additional process to protect participants’private data from leakage.Finally,an improvement is suggested to address the security loopholes in Liu et al.’s protocol.

Acknowledgement:The authors acknowledge the Academy of Scientific Research &Technology(ASRT)in Egypt for their financial support.

Funding Statement:This project was financially supported by the Academy of Scientific Research and Technology(ASRT)in Egypt,under the project of Science Up,Grant no.6626.

Conflicts of Interest:The authors declare that they have no conflicts of interest to report regarding the present study.