University of Virginia, Department of Computer Science CS588: Cryptology - Principles and Applications, Fall 2001

 Problem Set 5: Quantum Crypto Coloring Book - Selected Answers

### 1. Maury Bond's Coloring Crypto

This question is inspired by a question by Giuseppe Ateniese.

Maury Bond's secret agents (from Problem Set 1, question 6) never did manage to decode the message and locate the super ray gun. Last he heard, they were still in Borneo XOR'ing random bits.

Maury has decided to recruit three new secret agents: Abby Avaricous, Billy Badd and Carrie A. Grudge. This time, however, he will avoid the problems with revealing bits in order by encoding the mesesage on three transparencies such that they can be placed on top of each other to reveal the message all at once. Any two transparencies by themselves should reveal no information, but when the three are aligned correctly on top of each other, everyone will see the message appear at the same time.

a. (30) Explain how Maury can create the three transparencies. You may find it useful to use an encoding scheme based on the primary subtractive colors - cyan (C), magenta (M) and yellow (Y). Cyan absorbs red; magenta absorbs green; and yellow absorbs blue. The following relations hold when transparencies of these colors are placed on top of each other:

Yellow + Cyan = Green
Yellow + Magenta = Red
Cyan + Magenta = Blue
Cyan + Magenta + Yellow = Black

b. (15) Prove that your scheme is perfectly secure in an information-theoretic sense. That is, no two transparencies by themselves reveal anything interesting about the message.

c. (15) Maury fears that one of the three agents may be killed. He decides he is no longer worried about two agents conspiring. Instead, he would like to make sure that any two agents can combine their transparencies to reveal the message, but each agent by herself has no information. Describe a scheme that satisfies this requirement.

d. (up to 50 bonus points) Implement your scheme from either part a or c to produce transparencies encoding a message that demonstrate your scheme works.

Several students found Moni Naor and Adi Shamir's Visual Cryptography paper (there was a link to this on the 7 Nov manifest) which provides a solution to this problem that uses only black and white. The image is divided into horizontal, vertical and diagonal shares so that any two shares convey no information, and the third share can make the resulting square either black or dark grey (3/4 black). The fully black squares make up the image.

A better solution would take advantage of the colors to make the image appear more clearly. See Stephen Liang's answer:

Continued on next page

Comments: Several students submitted transparencies that clearly revealed something about the message with just two (or even a single transparency), but still submitted proofs claiming their scheme was perfect. I graded these much more harshly than people who acknowledged that their scheme was imperfect, instead of constructing a bogus proof, since it is a lot more dangerous to claim something is secure that is not. Another issue with all of the implementations submitted, is the careless use of non-cryptographic pseudorandom number generators. Recall that most programming languages and operating systems do not provide cryptographically secure pseudorandom number generators, and if your implementation is highly vulnerable to attack if you use poor pseudorandom number generators.

Selected Transparencies and Code:

Jon Erdman, Eric Hutchins and Stephen Liang - an Excel spreadsheet with VBA macros that encode a Jefferson image on three colorful transparencies. (You need to enable Excel macros to try this. Click on "Generate Transparencies".)

Mike Hogye used a scheme based on Moni Naor and Adi Shamir's to produce these transparencies:

Michael Neve and Eric Peeters:

### 2. Quantum Leap

Bennet's Quantum Key Distribution scheme from Lecture 16 allows Alice and Bob to establish a shared secret key with perfect secrecy with on average 2 photons transmitted per bit (i.e., for each photon transmitted, there is a 50% chance Alice and Bob will agree on a key bit).

Alice, Bob and Coleen would now like to establish a common secret key (all three of them will know the same key, but no one else can know anything).

(40) Describe a quantum key distribution scheme three people can use to establish a secret key. For full credit, your distribution scheme should require less than 4 photons transmitted per bit, and must be perfectly secure against all forms of both passive and active eavesdropping.