# Quantum Secure Multi-Party Summation Using Single Photons

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

## 2. The Three-Party Quantum Summation Protocol

#### 2.1. Proposed Protocol

**Correctness:**The result of modulo-2 summation of all participants’ secret inputs should be correct.

**Fairness:**All participants receive the summation result simultaneously.

**Privacy:**Participants’ secret inputs are private. In other words, no participant can learn about other participants’ secret inputs, even though the participant can launch various quantum attacks and up to n-2 participants are allowed to conspire but not with TP and an outside eavesdropper (here, n is the number of participants in the protocol).

**Security:**An outside eavesdropper cannot learn any information about each participant’s secret input without being detected.

**Step 1:**TP sends a secret key sequence ${l}_{A}$(${l}_{B}$, ${l}_{C}$) to Alice (Bob, Charlie) via the quantum key distribution protocol [11] beforehand, where ${l}_{A}=({l}_{A1},\dots ,{l}_{Am})({l}_{B}=({l}_{B1},\dots ,{l}_{Bm}),$${l}_{C}=({l}_{C1},\dots ,{l}_{Cm})),{l}_{At}({l}_{Bt},{l}_{Ct})\in \{0,1\},t=1,2,\cdots ,m.$

**Step 2:**According to the secret key sequence ${l}_{A}$ previously shared with Alice, TP generates m copies of single photon states and uses these particles to construct a sequence

**Step 3:**After confirming that Alice has received all the particles from TP, Alice checks the security of the transmission of $\overline{{S}_{A}}$ with TP. Specifically, TP announces the insertion positions and the bases of the decoy photons in $\overline{{S}_{A}}$ to Alice. Then, based on the announced information, Alice measures these decoy states on the correct bases and publishes the measurement results to TP. Subsequently, according to Alice’s measurements, TP checks for the presence of eavesdroppers in the quantum channel. If the error rate is higher than the threshold determined by the channel noise, TP cancels this protocol and restarts it. Otherwise, TP proceeds to the next steps.

**Step 4:**After determining that the transmission has not eavesdropped, Alice obtains ${S}_{A}$ by extracting decoy photons from $\overline{{S}_{A}}$. Then, Alice encodes his secret input ${x}_{A}$ on the sequence ${S}_{A}$. Concretely, Alice performs the unitary operation ${U}_{Y}^{{x}_{At}}$ on the t th particle of ${S}_{A}$. Here, the operators are defined by [37],

**Step 5:**After receiving the sequence $\overline{{S}_{TP}}$, TP and Charlie jointly check the security of the transmission channel. TP obtains the sequence ${S}_{TP}$ by extracting decoy photons after confirming that the channel is safe. Then, TP computing ${L}_{1}={l}_{A1}\oplus {l}_{B1}\oplus {l}_{C1},$${L}_{2}={l}_{A2}\oplus {l}_{B2}\oplus {l}_{C2},\dots ,{L}_{m}={l}_{Am}\oplus {l}_{Bm}\oplus {l}_{Cm}$. If ${L}_{t}=1(t=1,2,\dots ,m)$, TP will perform the Hadamard operation on the t th particle of ${S}_{TP}$. Otherwise, the particles in ${S}_{TP}$ will remain the same. After the above operation, TP measures the particles with the Z basis. Then, TP can acquire the summation ${x}_{A1}\oplus {x}_{B1}\oplus {x}_{C1},{x}_{A2}\oplus {x}_{B2}\oplus {x}_{C2},\dots ,{x}_{Am}\oplus {x}_{Bm}\oplus {x}_{Cm}$. Finally, TP announces the summation result to Alice, Bob, and Charlie via a public channel.

**Sample 1:**We assume the secret input of Alice Bob and Charlie are ${x}_{A}$ = (010), ${x}_{B}$ = (011) and ${x}_{C}$ = (011), respectively.

**Channel loss of the cited QKD protocol:**Although we assumed that the quantum channel is noiseless, channel loss is a major issue in the construction of QKD, so it is discussed here. The QKD protocol [11] used in our protocol utilizes coherent states to against realistic flawed sources and ensure security by adopting the reference technique. A proof-of-principle experiment in Ref. [11] demonstrates the feasibility of the QKD protocol in terms of resistance to channel loss.

#### 2.2. Correctness

#### 2.3. Security Analysis

#### 2.3.1. Outside Attack

**1**)

**The Trojan horse attacks**

**2**)

**The entangle-measure attack**

**0**donates a column zero vector. In the same way, we can infer

**3**)

**The intercept-resend attack**

**4**)

**The measurement-resend attack**

#### 2.3.2. Participant Attack

## 3. The Multi-Party Quantum Summation Protocol

#### 3.1. Proposed Protocol

**Step 1:**TP sends a secret key sequence ${l}_{i}$ to ${P}_{i}$ via the quantum key distribution protocol [11] in advance, where ${l}_{i}=({l}_{i1},{l}_{i2},\dots ,{l}_{im}),{l}_{it}\u03f5\{0,1\}$, t = 1, 2, …, m.

**Step 2:**TP encodes the secret key sequence ${l}_{1}$ previously shared with ${P}_{1}$ according to the above agreement, and he can obtain m copies of single photon states

**Step 3:**After confirming that ${P}_{1}$ received all the particles $\overline{{S}_{1}}$, TP and ${P}_{1}$ check the transmissions between them for eavesdroppers. Concretely, TP first announces the insertion positions and the bases of the decoy photons to ${P}_{1}$. Then, based on the announced information, ${P}_{1}$ uses the correct basis to measure these decoy photons and publishes the measurement results to TP. Subsequently, according to their measuring results, TP checks whether eavesdroppers exist in the quantum channels. If the error rate is higher than the threshold determined by the channel noise, TP cancels this protocol and restarts it. Otherwise, TP proceeds to the next step.

**Step 4:**By extracting all the decoy photons from $\overline{{S}_{1}}$ and discarding them, ${P}_{1}$ can acquire the sequence ${S}_{1}$. Then, ${P}_{1}$ performs the unitary operation ${U}^{{x}_{1t}}$ on the t-th particle of ${S}_{1}$ according to his secret input ${x}_{1}$. When ${P}_{1}$ completes the encoding operation, the quantum states in ${S}_{1}$ would change to $\left\{|{x}_{11}{\rangle}_{{l}_{11}},|{x}_{12}{\rangle}_{{l}_{12}},\dots ,{|{x}_{1m}\rangle}_{{l}_{1m}}\right\}$. Define the changed sequence as ${S}_{2}$. ${P}_{1}$ mixes ${S}_{2}$ with m decoy states randomly in $\left\{|0\rangle ,|1\rangle ,|+\rangle ,|-\rangle \right\}$ to form a new sequence $\overline{{S}_{2}}$. Finally, ${P}_{1}$ sends $\overline{{S}_{2}}$ to ${P}_{2}$.

**Step 5:**For j = 2, 3, …, n: when ${P}_{j}$ received the sequence $\overline{{S}_{j}}$ from ${P}_{j-1}$, ${P}_{j-1}$ checks the security of transmission with ${P}_{j}$, which similar to Step 3. After determining that the channel is secure, ${P}_{j}$ removes the decoy states and encodes his secret input ${X}_{j}$ similar to Step 4. Furthermore, ${P}_{j}$ encodes the information according to the secret key sequence ${l}_{j}$ sent by TP. To be clear, ${P}_{j}$ performs the unitary operation ${H}^{{l}_{jt}}$ on the t th particle of ${S}_{j}$. Then, ${P}_{j}$ mixes sequence ${S}_{j}$ and decoy photons randomly to form a new sequence $\overline{{S}_{j}}$, and sends it to ${P}_{j+1}$. Of note, the last participant ${P}_{n}$ sends the particle sequence $\overline{{S}_{n+1}}$ to TP.

**Step 6:**When TP has received the sequence $\overline{{S}_{n+1}}$, TP checks the security of transmission channel with ${P}_{n}$. TP obtains ${S}_{n+1}$ by extracts and discards decoy photons from $\overline{{S}_{n+1}}$. Then, TP computing ${L}_{1}$ = $\sum _{i=1}^{n}}{l}_{i1$, ${L}_{2}$ = $\sum _{i=1}^{n}}{l}_{i2$, …, ${L}_{m}$ = $\sum _{i=1}^{n}}{l}_{im$. If the result ${L}_{t}$ is 1, TP will perform the Hadamard operation on the t th particle of ${S}_{n}$. Otherwise, the particles in ${S}_{n}$ will not change. After the above steps, TP measures the particles with Z basis. Then, TP can obtain the summation ${\sum}_{i=1}^{n}{x}_{i1}$, ${\sum}_{i=1}^{n}{x}_{i2}$, …, ${\sum}_{i=1}^{n}{x}_{im}$. Finally, TP announces the summation result to ${P}_{1}$, ${P}_{2}$, …, ${P}_{n}$.

#### 3.2. Correctness

#### 3.3. Security Analyse

#### 3.3.1. Outside Attack

#### 3.3.2. Participant Attack

**Case 1:****The participant attack from one or more dishonest parties**

**a**)

**The participant attack from one dishonest party**

**b**)

**The participant attack from more than one dishonest party.**

**Case 2:****The participant attack from TP**

## 4. Comparisons

Ref. [32] | Ref. [35] | Ref. [34] | Ref. [27] | Ref. [44] | Ref. [28] | Ref. [30] | Ref. [31] | Our Protocol | |
---|---|---|---|---|---|---|---|---|---|

Quantum resource | single photons in both polarization and spatial-mode degree of freedom | d-level single-photon state | d-level single-photon state | three-particle entangled state | d-level N-particle entangled state | N-particle entangled state | Bell state | phase GHZ state | single-photon state |

Quantum operations | Single-photon operators | Unitary operations | Two unitary operations (${X}_{d}$ and ${Y}_{d}$) | CNOT and Hadamard operators | Quantum Fourier transformand and Pauli operators | Pauli and Hadamard operators | NOT and identity operators | No | Pauli and Hadamard operators |

Particle transmission mode | circle-type | circle-type | circle-type | tree-type | tree-type | tree-type | circle-type | star-type | circle-type |

Quantum measurements for TP | Single-photon projective measurements | single qudit measurements | Single qudit measurement | No | No | Single-photon projective measurements | Single-photon projective measurements | No | Single-photon projective measurements |

Quantum measurement for participants | No | No | No | Single-photon projective measurements | Single qudit measurements | No | Single-photon projective measurements | Computational basis measurements | No |

Qubit efficiency | $\frac{2}{2N+3}$ | $\frac{1}{2N+3}$ | $\frac{1}{2N+3}$ | $\frac{1}{4N-1}$ | $\frac{1}{3N-2}$ | $\frac{1}{3N-2}$ | $\frac{1}{5N}$ | $\frac{1}{4{N}^{4}+3N}$ | $\frac{1}{2N+2}$ |

## 5. Conclusions

## Author Contributions

## Funding

## Data Availability Statement

## Conflicts of Interest

## References

- Yao, A.C. Protocols for secure computations. In Proceedings of the 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982), Chicago, IL, USA, 3–5 November 1982; IEEE: Piscataway, NJ, USA, 1982; pp. 160–164. [Google Scholar]
- Dery, L.; Tassa, T.; Yanai, A. Fear not, vote truthfully: Secure multiparty computation of score based rules. Expert Syst. Appl.
**2021**, 168, 114434. [Google Scholar] [CrossRef] - Cachin, C. Efficient private bidding and auctions with an oblivious third party. In Proceedings of the 6th ACM Conference on Computer and Communications Security, Singapore, 1–4 November 1999; pp. 120–127. [Google Scholar]
- Montenegro, J.A.; Fischer, M.J.; Lopez, J.; Peralta, R. Secure sealed-bid online auctions using discreet cryptographic proofs. Math. Comput. Model.
**2013**, 57, 2583–2595. [Google Scholar] [CrossRef] - Boyle, E.; Gilboa, N.; Ishai, Y. Function secret sharing. In Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Sofia, Bulgaria, 26–30 April 2015; Springer: Berlin/Heidelberg, Germany, 2015; pp. 337–367. [Google Scholar]
- Bogdanov, D.; Niitsoo, M.; Toft, T.; Willemson, J. High-performance secure multi-party computation for data mining applications. Int. J. Inf. Secur.
**2012**, 11, 403–418. [Google Scholar] [CrossRef] - Shor, P.W. In Proceedings of the 35th Annual Symposium on Foundations of Computer Science, Santa Fe, NM, USA, 20–22 November 1994; IEEE Computer Society Press: Santa Fe, NM, USA, 1994.
- Grover, L.K. A fast quantum mechanical algorithm for database search. In Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Computing, Philadelphia, PA, USA, 22–24 May 1996; pp. 212–219. [Google Scholar]
- Lucamarini, M.; Yuan, Z.L.; Dynes, J.F.; Shields, A.J. Overcoming the rate–distance limit of quantum key distribution without quantum repeaters. Nature
**2018**, 557, 400–403. [Google Scholar] [CrossRef] [PubMed] [Green Version] - Lin, J.; Lütkenhaus, N. Simple security analysis of phase-matching measurement-device-independent quantum key distribution. Phys. Rev. A
**2018**, 98, 042332. [Google Scholar] [CrossRef] [Green Version] - Gu, J.; Cao, X.-Y.; Fu, Y.; He, Z.-W.; Yin, Z.-J.; Yin, H.-L.; Chen, Z.-B. Experimental measurement-device-independent type quantum key distribution with flawed and correlated sources. Sci. Bull.
**2022**, 67, 2167–2175. [Google Scholar] [CrossRef] - Xie, Y.-M.; Lu, Y.-S.; Weng, C.-X.; Cao, X.-Y.; Jia, Z.-Y.; Bao, Y.; Wang, Y.; Fu, Y.; Yin, H.-L.; Chen, Z.-B. Breaking the rate-loss bound of quantum key distribution with asynchronous two-photon interference. PRX Quantum
**2022**, 3, 020315. [Google Scholar] [CrossRef] - Zhang, Z.J.; Yang, J.; Man, Z.X.; Li, Y. Multiparty secret sharing of quantum information using and identifying bell states. Eur. Phys. J. D-At. Mol. Opt. Plasma Phys.
**2005**, 33, 133–136. [Google Scholar] [CrossRef] - Hwang, T.; Hwang, C.-C.; Li, C.-M. Multiparty quantum secret sharing based on ghz states. Phys. Scr.
**2011**, 83, 045004. [Google Scholar] [CrossRef] - Li, Y.; Zeng, G. Quantum anonymous voting systems based on entangled state. Opt. Rev.
**2008**, 15, 219–223. [Google Scholar] [CrossRef] - Xue, P.; Zhang, X. A simple quantum voting scheme with multi-qubit entanglement. Sci. Rep.
**2017**, 7, 7586. [Google Scholar] [CrossRef] [PubMed] [Green Version] - Bao, N.; Halpern, N.Y. Quantum voting and violation of arrow’s impossibility theorem. Phys. Rev. A
**2017**, 95, 062306. [Google Scholar] [CrossRef] [Green Version] - Li, Y.-R.; Jiang, D.-H.; Zhang, Y.-H.; Liang, X.-Q. A quantum voting protocol using single-particle states. Quantum Inf. Process.
**2021**, 20, 110. [Google Scholar] [CrossRef] - Wang, Q.; Li, Y.; Yu, C.; He, H.; Zhang, K. Quantum anonymous ranking and selection with verifiability. Quantum Inf. Process.
**2020**, 19, 166. [Google Scholar] [CrossRef] - Shi, W.-M.; Liu, S.-S.; Zhou, Y.-H.; Yang, Y.-G. A secure quantum multi-party ranking protocol based on continuous variables. Optik
**2021**, 241, 166159. [Google Scholar] [CrossRef] - He, G.P. Quantum private comparison protocol without a third party. Int. J. Quantum Inf.
**2017**, 15, 1750014. [Google Scholar] [CrossRef] [Green Version] - Lang, Y.-F. Quantum gate-based quantum private comparison. Int. J. Theor. Phys.
**2020**, 59, 833–840. [Google Scholar] [CrossRef] - Lang, Y.-F. Quantum private comparison using single bell state. Int. J. Theor. Phys.
**2021**, 60, 4030–4036. [Google Scholar] [CrossRef] - Hillery, M.; Ziman, M.; Bužek, V.; Bieliková, M. Towards quantum-based privacy and voting. Phys. Lett. A
**2006**, 349, 75–81. [Google Scholar] [CrossRef] [Green Version] - Chen, X.-B.; Xu, G.; Yang, Y.-X.; Wen, Q.-Y. An efficient protocol for the secure multi-party quantum summation. Int. J. Theor. Phys.
**2010**, 49, 2793–2804. [Google Scholar] [CrossRef] - Shi, R.-H.; Mu, Y.; Zhong, H.; Cui, J.; Zhang, S. Secure multiparty quantum computation for summation and multiplication. Sci. Rep.
**2016**, 6, 19655. [Google Scholar] [CrossRef] [PubMed] [Green Version] - Zhang, C.; Situ, H.; Huang, Q.; Yang, P. Multi-party quantum summation without a trusted third party based on single particles. Int. J. Quantum Inf.
**2017**, 15, 1750010. [Google Scholar] [CrossRef] - Liu, W.; Wang, Y.-B.; Fan, W.-Q. An novel protocol for the quantum secure multi-party summation based on two-particle bell states. Int. J. Theor. Phys.
**2017**, 56, 2783–2791. [Google Scholar] [CrossRef] - Ji, Z.; Zhang, H.; Wang, H.; Wu, F.; Jia, J.; Wu, W. Quantum protocols for secure multi-party summation. Quantum Inf. Process.
**2019**, 18, 168. [Google Scholar] [CrossRef] - Wu, W.; Ma, X. Multi-party quantum summation without a third party based on d-dimensional bell states. Quantum Inf. Process.
**2021**, 20, 200. [Google Scholar] [CrossRef] - Hayashi, M.; Koshiba, T. Quantum verifiable protocol for secure modulo zero-sum randomness. Quantum Inf. Process.
**2022**, 21, 291. [Google Scholar] [CrossRef] - Zhang, C.; Sun, Z.; Huang, Y.; Long, D. High-capacity quantum summation with single photons in both polarization and spatial-mode degrees of freedom. Int. J. Theor. Phys.
**2014**, 53, 933–941. [Google Scholar] [CrossRef] - Gu, J.; Hwang, T.; Tsai, C.-W. Improving the security of ‘high-capacity quantum summation with single photons in both polarization and spatial-mode degrees of freedom’. Int. J. Theor. Phys.
**2019**, 58, 2213–2217. [Google Scholar] [CrossRef] - Zhang, C.; Situ, H.; Huang, Q.; Sun, Z.; Huang, Z. Multi-party quantum summation with a single d-level quantum system. Int. J. Quantum Inf.
**2019**, 17, 1950027. [Google Scholar] [CrossRef] - Duan, M.-Y. Multi-party quantum summation within a d-level quantum system. Int. J. Theor. Phys.
**2020**, 59, 1638–1643. [Google Scholar] - Zhang, C.; Long, Y.; Li, Q. Quantum summation using d-level entanglement swapping. Quantum Inf. Process.
**2021**, 20, 137. [Google Scholar] [CrossRef] - Nielsen, M.A.; Chuang, I.L. Quantum Computation and Quantum Information, 10th ed.; Elsevier: Amsterdam, The Netherlands, 2010. [Google Scholar]
- Shi, R.-H.; Liu, B.; Zhang, M. Measurement-device-independent quantum secure multiparty summation. Quantum Inf. Process.
**2022**, 21, 122. [Google Scholar] [CrossRef] - Gisin, N.; Fasel, S.; Kraus, B.; Zbinden, H.; Ribordy, G. Trojan-horse attacks on quantum-key-distribution systems. Phys. Rev. A
**2006**, 73, 022320. [Google Scholar] [CrossRef] [Green Version] - Cai, Q.-Y. Eavesdropping on the two-way quantum communication protocols with invisible photons. Phys. Lett. A
**2006**, 351, 23–25. [Google Scholar] [CrossRef] [Green Version] - Bennett, C.H. Quantum cryptography: Public key distribution and coin tossing. In Proceedings of the IEEE International Conference on Computers, Bangalore, India, 9–12 December 1984. [Google Scholar]
- Shor, P.W.; Preskill, J. Simple proof of security of the bb84 quantum key distribution protocol. Phys. Rev. Lett.
**2000**, 85, 441. [Google Scholar] [CrossRef] [PubMed] [Green Version] - Cabello, A. Quantum key distribution in the holevo limit. Phys. Rev. Lett.
**2000**, 85, 5635. [Google Scholar] [CrossRef] [Green Version] - Hu, Y.; Ti, Y. Secure multi-party quantum summation based on quantum fourier transform. Quantum Inf. Process.
**2018**, 17, 129. [Google Scholar] - Kou, T.-Y.; Che, B.-C.; Dou, Z.; Chen, X.-B.; Lai, Y.-P.; Li, J. Efficient quantum private comparison protocol utilizing single photons and rotational encryption. Chin. Phys. B
**2022**, 31, 060307. [Google Scholar] [CrossRef]

${\mathit{x}}_{1}$ = (0, 1, 0) | ${\mathit{x}}_{2}$ = (0, 1, 0) | ${\mathit{x}}_{3}$ = (0, 1, 1) |
---|---|---|

${|0\rangle}_{0}\stackrel{{U}_{{x}_{A1}}}{\u27f6}{|0\rangle}_{0}$ | $\stackrel{{U}_{{l}_{B1}}{U}_{{x}_{B1}}}{\to}{|0\rangle}_{0}$ | $\stackrel{{U}_{{l}_{C1}}{U}_{{x}_{C1}}}{\to}{|0\rangle}_{0}$ |

${|0\rangle}_{1}\stackrel{{U}_{{x}_{A2}}}{\u27f6}{|1\rangle}_{0}$ | $\stackrel{{U}_{{l}_{B2}}{U}_{{x}_{B2}}}{\to}{|0\rangle}_{1}$ | $\stackrel{{U}_{{l}_{C2}}{U}_{{x}_{C2}}}{\to}{|1\rangle}_{0}$ |

${|0\rangle}_{0}\stackrel{{U}_{{x}_{A3}}}{\u27f6}{|1\rangle}_{1}$ | $\stackrel{{U}_{{l}_{B3}}{U}_{{x}_{B3}}}{\to}{|1\rangle}_{1}$ | $\stackrel{{U}_{{l}_{C3}}{U}_{{x}_{C3}}}{\to}{|0\rangle}_{0}$ |

Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |

© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Wu, W.-Q.; Xie, M.-Z.
Quantum Secure Multi-Party Summation Using Single Photons. *Entropy* **2023**, *25*, 590.
https://doi.org/10.3390/e25040590

**AMA Style**

Wu W-Q, Xie M-Z.
Quantum Secure Multi-Party Summation Using Single Photons. *Entropy*. 2023; 25(4):590.
https://doi.org/10.3390/e25040590

**Chicago/Turabian Style**

Wu, Wan-Qing, and Ming-Zhe Xie.
2023. "Quantum Secure Multi-Party Summation Using Single Photons" *Entropy* 25, no. 4: 590.
https://doi.org/10.3390/e25040590