An Attack On Zawadzki'S Quantum Authentication Scheme

Identification schemes are interactive cryptographic protocols typically involving two parties, a prover, who wants to provide evidence of their identity and a verifier, who checks the provided evidence and decides whether or not it comes from the intended prover. Given the growing interest in quantum computation, it is indeed desirable to have explicit designs for achieving user identification through quantum resources. In this paper, we comment on a recent proposal for quantum identity authentication from Zawadzki. We discuss the applicability of the theoretical impossibility results from Lo, Colbeck and Buhrman et al. and formally prove that the protocol must necessarily be insecure. Moreover, to better illustrate our insecurity claim, we present an attack on Zawadzki's protocol and show that by using a simple strategy an adversary may indeed obtain relevant information on the shared identification secret. Specifically, through the use of the principal of conclusive exclusion on quantum measurements, our attack geometrically reduces the key space resulting in the claimed logarithmic security being reduced effectively by a factor of two after only three verification attempts.