Continuous Variable Quantum Secret Sharing with Security Enhancement in Practical Quantum Communications

: Quantum communications can be conveniently implemented by two participants, but quantum secret key sharing (QSS) through multi-participant communication seems difﬁcult in practice. In this paper, we propose a multi-participant QSS scheme with the local local oscillator (LLO) in continuous variable (CV) quantum communications. It allows an honest participant called a dealer to share a secret key with the others, making it possible to establish a secret key if and only if all participants gather together. The LLO scheme, which eliminates the need for the local oscillator (LO) to be propagated in insecure channels, can be used to avoid the potential LO attack in the traditional CVQSS scheme. Numerical simulation shows that the performance of the LLO-based CVQSS can be improved in terms of the maximal transmission distance even if it is performed with the partially trusted noise.


Introduction
Continuous variable quantum communications, which has the advantage of compatibility and convenience in signal preparations [1,2], has been proposed for secure communications with two participants. With the popularization of networks, however, the demand for multi-participant quantum communication increases. In order to establish a multi-participant approach to network, we consider implementations of quantum secret sharing (QSS) [3][4][5], where the secret message or information is divided into many pieces and sent to all users who participate in sharing information. The legal users can recover the initial message only if they cooperate together.
The traditional QSS was the discrete variable (DV) QSS [3][4][5] since it uses the singlephoton for the signal single-photon source and single-photon detector for detection. Whereas, for CVQSS, it employs continuous light for the signal source and uses either a homodyne detector or heterodyne detector for detection. There is an advantage since it can be carried out by using the existing optical communication technology, resulting in good compatibility and usability [6]. After CVQSS was suggested in feasible implementations [7,8], lots of schemes on CVQSS have been proposed, which involve the detection of eavesdroppers, the modulation of coherent states, and so on [9,10]. However, there are few studies on security enhancement that are related to the key distribution in quantum communications.
Motivated by structure characteristics of the CV quantum communication systems [11], the propagation of local oscillator (LO) between the sender and the receiver is a necessary factor for security assurance [12,13]. Taking into account the performance improvement [14,15], we consider the local local oscillator (LLO)-based CVQSS. Different from the previous CVQSS that involves the LO used to avoid the practical security problems of coherent detection [12], the proposed CVQSS can be implemented with the LLO-based detection scheme, aiming at security enhancement. Consequently, it provides an advantage because the LLO can be used to eliminate the potential dangers through insecure channels, such as the wavelength attack, the LO fluctuation attack, and the LO polarization attack [16,17]. However, when the LLO scheme is implemented in CVQSS for a large number of users, the performance of the system becomes worse. Fortunately, we can make the part of phase noise regarded as reliable to improve the performance, where the trusted part of phase noise is overestimated [18]. As the dealer needs to establish quantum communication links with all legal users, we can achieve security enhancement while making use of the partially trusted noises.
This paper is organized as follows. In Section 2, we suggest an approach to the implementation of the LLO-based CVQSS. In Section 3, we demonstrate the security analysis of the CVQSS system. Moreover, we perform numerical simulations to prove its feasibility in practical implementation, which includes the number of users, the maximal transmission distance and the secure key rate. Finally, the conclusion is drawn in Section 4.

The LLO-Based CVQSS
In the QSS scheme, each legal user U i can send the discretely modulated coherent states (DMCS), denoted by u i ∈ {(x i , p i ) : |x i + ip i } for i ∈ Z n = {1, 2, . . . , n}, to the dealer, and then recover the secret in cooperation by using the highly asymmetric beam splitter (HABS). The QSS scheme can be designed as follows.
Step 1. The user who is the farthest from the dealer can be arranged as the first user U 1 , as shown in Figure 1. For all legal users U = {U i : i ∈ Z n }, the user who is nearest to U i but has not been selected as U i+1 for i ∈ Z n . In this way, we define the order of n participants.
Step 2. U 1 prepares u 1 with phase reference, where both the signal and the phase reference are synchronously generated by using the same laser [11]. Then, U 1 sends them to U 2 . Subsequently, U 2 prepares u 2 with phase reference and couples them to the same mode as U 1 has. Finally, U n sends the final mode to the dealer. Because the displacement of each user is (x i , p i ), the resulting signal which is received by the dealer can be expressed as (x d , p d ) with where T i is the i-th channel transmittance established between U i and the dealer.
Step 3. Repeat the above steps to ensure all participants hold sufficient raw data. In order to estimate T i , the dealer requests all participants to announce the corresponding data in a random subset of raw data. After that, they discard the disclosed data.
Step 4. All users U achieve the key K according to the calculation Assuming that U i is honest, the dealer chooses a random subset of remaining raw data while asking all users U except U i to announce their raw data, respectively. Following the resulting data, the measurements will be updated as for i, j ∈ Z n . When establishing the link T i between the dealer and U i , we can achieve the secret key rate R i . Subsequently, a lower bound of the final secret key rate R of CVQSS can be expressed as R = min{R i : i ∈ Z n } [19]. When considering the characteristics of R for the LLO-based CVQSS, we take into account the effect of the phase noise given by [20] where V A denotes the modulation variance, V est is the variance of the phase noise given by V est = var θ S −θ S with the real phase rotation value θ S and the estimated valueθ S . The analysis and extrapolation of V est are detailed in Appendix A, where the relations of the trusted phase noise, the total channel added noise, the total detection added noise and the total added noise has been derived in details.

Derivation of the Secret Key Rate
We have achieved the secret key rate R of the LLO-based QSS system for U. The secret key rate can be obtained from the longest transmission distance when each user U i has an equal amount of noise ξ tot , including the phase noise ξ phase 0 and ξ rest [19]. Without loss of generality, Alice is the farthest user U 1 and Bob is the dealer. The rest of n − 1 users are assumed to be dishonestly located with an equal interval. Then, the secret key rate R can be calculated as [21] where β denotes the traditional reconciliation efficiency, I AB is Alice and Bob's mutual information, and χ BE is Eve and Bob's Holevo bound.
Assuming that the transmittance of HABS approaches one, the channel transmittance of the i-th participant U i is calculated as where l i denotes the transmission distance between U i and the dealer, and δ is the attenuation coefficient of the fiber link. The excess noise of U i , referring to the channel input, can be calculated by [6] where ξ rest = ξ 0 + ξ AM + ξ LE + ξ ADC [19]. Combined with the results in Appendix A, the channel-added noise, the total channel-added noise, the total detection-added noise and the total added noise can be derived as Consequently, Alice and Bob's mutual information I AB can be derived as where V = 1 + V A . The Holevo bound χ BE is given by where (x B , p B ) is Bob's results with the probability density P(x B , p B ), ρ denotes the eavesdropper's state based on Bob's measurements, and S represents the von Neumann entropy. Followed by the derivation in Appendix A, we assume that the loss and noise of Bob's detector are all trusted, and then we obtain where G(x) = (x + 1) log 2 (x + 1) − x log 2 x, and {λ k : k ∈ {1, 2, 3, 4}} can be described as involving the parameters A, B, C and D given by We note that the derivation of the parameter κ 4 can be found in Appendix B.

Numerical Simulations
For security analysis with numerical simulations, we make use of parameters, including attenuation coefficient 0.2 dB/km, detection efficiency 0.6, electronics noise 0.05, reconciliation efficiency 0.98, and so on, which can usually be used as performance evaluation of the traditional CV quantum communication system [21][22][23][24].
In Figure 2, we demonstrate the performance of the LLO-based CVQSS system in terms of the secret key rate R and the maximal transmission distance for n ∈ {2, 5, 10, 15} when taking into account effects of the conventional phase noise and the partially trusted phase noise. For the given phase noise, the maximal transmission distance of the LLO-based QSS is achieved with more than 50 km for two legal users, whereas the performance declines with an increased number of legal users. When the number of users is selected more than 15, the maximal transmission distance approaches 10 km. While deriving the secure key rate for each sub-system, the effect of noise and influence brought by other n − 1 untrusted users become disastrous when the number of users U is increased. Meanwhile, for the given number of legal users U, the maximal transmission distance can be lengthened when taking into account the partially trusted noise. The reason is that the tolerance of the traditional phase noise is lower than that of the partially trusted noise. Taking n = 2 as an example, the maximal transmission distance is slightly less than 40 km. However, it reaches more than 50 km for the trusted noise, which means it delivers a performance improvement. With the traditional phase noise, the implementation of the LLO-based CVQSS will result in limits in terms of the secret key rate and the maximal transmission distance. A slight excess noise will become a great impact on the performance because the system is sensitive to the excess noise, as shown in Figure 3. This improvement is more pronounced with the large number of users U. It seems that the proposed scheme is very sensitive to the number of users U. Therefore, three factors, which include the secret key rate, the maximal transmission distance and the number of legal users, should be determined to illustrate the security of the LLO-based CVQSS. For example, while designing a scheme with long-distance transmission and high-rate secret keys, the number of legal users U has to be sacrificed.

Conclusions
We have proposed an approach to the LLO-based CVQSS with security enhancement, which can be further improved by making the partial phase noise be trusted. We prove the security of the CVQSS system while considering effects of the external eavesdroppers and dishonest users. Numerical simulations demonstrate the performance of the LLO-based CVQSS system when taking into account the effect of the number of legal users. When we take the suitable numbers of legal participants, the performance of the LLO-based CVQSS can be furthermore improved in terms of the secret key rate, which is compared with the traditional one. Moreover, we find that the performance of the system can be improved by making full use of the partially trusted phase noise. It leaves an optimization space for multi-participant secret sharing in practical networks. Data Availability Statement: All data generated or analyzed during this study are included in this published article.

Conflicts of Interest:
The authors declare no conflict of interest.

Appendix A. The Phase Noise
The parameter V error denotes the variance generated by the error between the real phase rotation value θ R and estimated valueθ R given by where χ is the total noise of phase reference can be calculated by The first three items mentioned above are the components of channel-added noise in quantum communications, and the last item denotes the heterodyne detector noise. The parameter V drift represents the variance of the relative phase drift between two lasers for ∆T, which can be described as where ∆v A and ∆v B correspond to the line widths of the two free-running lasers. The parameter V channel represents the variance of the noise resulting from the accumulated drift of phase of the signal pulse. Therefore, when V est approaches 0, the phase noise can be approximated as Furthermore, we consider the characteristics of the trusted noise after calibration. The excess noise ξ is a component element of the channel added noise, which is part of the total added noise, and hence it can be described as Then the total channel added noise χ line can be given by The total detection added noise χ het can be calculated as Combined with the noise calculation method, the total noise can be derived as In what follows, we try to distinguish the trusted and untrusted parts among them. We assume χ het is the trusted noise based on a well calibration of µ and v el . Meanwhile, since the part of the phase noise ξ error can be perfectly controlled and calibrated by Bob, it can be regarded as the trusted noise [18,22].
(A16) Therefore, the mixture state ρ 4 can be defined as Let A and B describe two output modes of state |Ψ 4 , whereasâ andb denote the respective annihilation operators corresponding to A and B. We can achieve the covariance matrix, denoted by Γ 4 AB , of |Ψ 4 . Namely, we obtain where I and σ z represent the respective diagonal matrices diag(1,1) and diag(1,−1), and X, Y, and Z 4 are parameters given by