CN110266489B - Quantum threshold secret sharing method and system based on Lagrange unitary operator - Google Patents

Abstract

The invention belongs to the field of quantum computation and quantum communication, and particularly relates to a quantum threshold secret sharing method and a quantum threshold secret sharing system based on Lagrange unitary operators, wherein a distributor prepares a shadow key and a rotary key for participants; the distributor appoints the trusted participants in the authorization subset as reconstructors, and the reconstructor selects t participants including the reconstructor from the authorization subset as the authorization subset; a distributor generates a secret particle and performs Lagrange unitary operation on the secret particle to obtain an information particle; the distributor transmits the information particles to the reconstructor in the transmission mode of the decoy particles; the restructurer verifies whether the transmission process has theft or not; if the transmission process has no stealing behavior, each participant in the authorization subset operates the information particles in sequence and sends the information particles to the reconstructor to perform mixed operation to obtain the secret particles; the invention not only verifies the validity of the message particles, but also reconstructs the original secret particles, thereby improving the verification efficiency.

Description

Quantum threshold secret sharing method and system based on Lagrange unitary operator

Technical Field

The invention belongs to the field of quantum communication, and particularly relates to a quantum threshold secret sharing method and system based on Lagrange unitary operators.

Background

The classical secret sharing is used as a tool for protecting the secret information, the reconstruction of the shared secret information cannot be influenced under the condition that part of shares are exposed, lost or damaged, and the problems that part of participants are absent or dishonest and part of shares are attacked can be solved. The basic idea of classical threshold secret sharing: the distributor has a shared secret, divides the secret into n shares, distributes the n shares to n participants, and collects any t shares or more than t shares from which the shared secret can be reconstructed.

Quantum secret sharing is an extension of classical secret sharing in the field of quantum cryptography, and the difference between the two lies in that the security of quantum secret sharing is based on the fundamental principle of quantum physics, and the quantum secret sharing detects eavesdropping attacks existing in quantum channels by using inherent characteristics of quantum state entanglement, unclonability, wave-particle duality, measurement collapse and the like. Quantum (t, n) threshold secret sharing is a typical class of quantum secret sharing, and different levels of permissions are generally used to control access rights of participants. Each participant has a share, only an authorized subset of the participants can reconstruct the secret, and an unauthorized subset cannot obtain any information about the secret. Each authorization subset may have a different number of participants, and one participant may belong to several authorization subsets. For quantum (t, n) threshold secret sharing, the number of participants in each authorized subset is ≧ t.

In existing quantum (t, n) threshold secret sharing, where both the secret and its shares are classical information, special encoding methods are used to convert the shares into quantum states and transmit them to the receiver via a quantum channel. To improve compatibility and practicality, quantum state (t, n) threshold secret sharing arises, and its secret information and shares are quantum states. In quantum state (t, n) threshold secret sharing in real-world scenarios, some participants may also be dishonest, providing false shares to reconstructors. To prevent the occurrence of participant fraud, some researchers have proposed verifiable quantum state (t, n) threshold secret sharing methods to verify the authenticity of shares, verifying that participants take false shares to reconstruct the secret dishonest behavior.

Disclosure of Invention

The invention provides a quantum threshold secret sharing method and system based on Lagrange unitary operator, aiming at solving the problems that the current verifiable quantum state (t, n) threshold secret sharing faces higher resource consumption in the particle preparation and measurement process and lower efficiency in the verification process, wherein the method comprises the following steps:

s1, the distributor prepares a shadow key and a rotation key for each participant in the set of n participants;

s2, the distributor appoints a trusted participant in the authorization subset as a reconstructor, and the reconstructor selects t participants including the reconstructor from the authorization subset as the authorization subset;

s3, the distributor generates a secret particle and performs Lagrange unitary operation on the secret particle to obtain an information particle;

s4, the distributor transmits the information particles to the reconstructor in the transmission mode of the decoy particles;

s5, the distributor verifies whether the transmission process has theft, if yes, the distributor returns to the step S4 to restart the new protocol; otherwise, performing step S6;

and S6, if the theft does not exist in the transmission process, each participant in the authorized subset operates the information particles in sequence, and then sends the information particles to the reconstructor to perform mixed operation to obtain the secret particles.

Further, the process of preparing the shadow key comprises the following steps:

s1, constructing a polynomial f (x) with a degree t-1, expressed as f (x) a₀+a₁x+a₂x²+…+a_t-1x^t-1；

S2, randomly selecting n different and nonzero values { x_iI ∈ {1,2, …, n } }, and discloses these values;

s3, shadow Key representation of the ith participant { wk_i＝f(x_i)∈Z_d|i∈{1,2,...,n}}；

Wherein, a₀Is a constant term of a polynomial (a)₁,a₂,...,a_t-1) Is a coefficient of a polynomial, and the value range is (a)₀,a₁,a₂,...,a_t-1)∈Z_d，Z_dD is a prime number with the value range of n being less than or equal to d being less than or equal to 2 n; the participant has a master key mk with a value of a₀。

Further, the process of preparing the rotation key comprises: randomly generating n different rotation keys, the n keys being denoted as { delta }_i∈[0,2π]1, 2.., n }, each rotation key δ_iShared by the reconstructor and the participant in the authorized subset.

Further, the step S3 includes:

s31, the distributor generates a secret particle

Is shown as

S32 distributor pair

Executing Lagrange unitary operation to obtain information particles

Expressed as:

wherein, M (θ)_A) Is Lagrange unitary operator, expressed as

a₀Is the distributor's master key, d is the prime number used in the shadow key generation algorithm; i is an imaginary unit; alpha is alpha₀、β₀Is two complex numbers and satisfies | α₀|²+|β₀|²＝1。

Further, the distributor transmitting the information particles to the reconstructor in the transmission mode of the spoofing particles comprises:

s41, distributor selects four particles { |0>,|1>,|+>,|->Randomly selecting l particles to prepare a decoy particle sequence, wherein |0>、|1>Is a quantum bit particle, | +>、|->Particles generated for a qubit via the adama gate are represented as:

s42, the distributor randomly inserts the information particles into the decoy particle sequence to obtain the particle sequence;

s43, the distributor reserves the position information of the information particle insertion and transmits the particle sequence to the reconstructor through the safe quantum channel.

Further, step S43 specifically includes:

s431, divideThe sequence sent by the sender is psi_AThe t participants of the authorization subset are denoted as B₁,...,B_r,...,B_tIn which B is_rRepresents the reconstructor;

s432, the reconstructor sends the sequence to the first participant B in the authorized subset₁The sequence from the reconstructor is denoted as Ψ_r；

S433, the first participant B₁Receiving a sequence Ψ from a reconstructor_rAnd forwards the sequence to a second participant B in the authorized subset₂The first participant B₁The sequence emitted is denoted as Ψ₁；

S434, according to the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe current participant forwards the received particle sequence to the next participant;

s435 when the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe last participant B of_tThe sequence emitted is denoted as Ψ_tParticipant B_tWill sequence Ψ_tAnd sending the data to the reconstructor to complete transmission.

Further, the distributor verifying whether the transmission process is stolen comprises:

when the distributor confirms that the reconstructor receives the particle sequence Ψ_AWhen, the distributor will sequence Ψ_AInforming the reconstructor of the positions of the q decoy particles and the measurement basis corresponding to each position;

the reconstructor finds the positions of the q decoy particles, measures the particles by using the measurement basis of the positions and sends the measurement result to the distributor;

the distributor compares the measuring result with the initial state of the decoy particles and calculates the error rate; if the error rate is higher than the set threshold value, judging that a thief exists, otherwise, sending the positions of the remaining l-q decoy particles and the measurement basis corresponding to each position to a reconstructor by the distributor;

wherein q is less than l, and l is the total number of the decoy particles.

The invention provides a quantum threshold secret sharing system based on Lagrange unitary operators, which comprises a shadow key generator, a rotary key generator, a secret particle generator, a Lagrange unitary operation module, a decoy particle generator, a sharing environment safety test module and a rotary unitary operation module, wherein:

the shadow key generator is used for generating a shadow key;

the rotation key generator is used for generating a rotation key;

the secret particle generator is used for generating secret particles;

the Lagrange unitary operation module is used for performing unitary operation on the particles;

the decoy particle generator is used for generating a sequence of decoy particles;

the sharing environment safety testing module is used for judging whether the current transmission environment is safe or not, if so, sending secret particles, and otherwise, stopping sending and restarting the protocol;

the unitary rotation operation module is used for performing unitary rotation operation;

the mixing operation module is used for carrying out mixing operation.

The invention has the beneficial effects that:

1. according to the scheme, a secret particle is prepared, and Lagrange unitary operator is executed on the secret particle, so that resource consumption in a multi-particle preparation process is avoided;

2. after t persons in the n participants complete the unitary transformation in a cooperative manner, the reconstructor executes a mixed rotation unitary operator on the received message particles, so that the legality of the message particles is verified, the original secret particles are reconstructed, and the verification efficiency is improved.

Drawings

FIG. 1 is a flow chart of a quantum threshold secret sharing method based on Lagrange unitary operator according to the present invention;

FIG. 2 is a diagram of the transmission path of the information particles according to the present invention;

fig. 3 is a diagram of a quantum circuit during the sharing and reconstruction phases of the secret particles.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The invention provides a quantum threshold secret sharing method based on Lagrange unitary operators, which specifically comprises the following steps:

s1, the distributor prepares a shadow key and a rotation key for each participant in the set of n participants;

s2, the distributor appoints a trusted participant in the authorization subset as a reconstructor, and the reconstructor selects t participants including the reconstructor from the authorization subset as the authorization subset;

s3, the distributor generates a secret particle and performs Lagrange unitary operation on the secret particle to obtain an information particle;

s4, the distributor transmits the information particles to the reconstructor in the transmission mode of the decoy particles;

s5, the distributor verifies whether the transmission process has theft, if yes, the distributor returns to the step S4 to restart the new protocol; otherwise, performing step S6;

and S6, if the theft does not exist in the transmission process, each participant in the authorized subset operates the information particles in sequence, and then sends the information particles to the reconstructor to perform mixed operation to obtain the secret particles.

In this embodiment, as shown in fig. 1, the method can be divided into an initial stage, a secret particle sharing stage, and a secret particle reconstruction stage, where a distributor, a reconstructor, and participants can both establish a secure quantum channel and a secure classical channel, transmit a quantum state on the secure quantum channel, and transmit feedback and share information on the secure classical channel; the method specifically comprises the following steps:

first, initial stage

In the initial phase, the distributor generates a shadow secret for each participantKeys, distributed to respective participants B_i(i ∈ {1, 2.., n }), the distributor possesses a master key mk ═ a₀The other participants have a private key wk_i(ii) a The process of preparing the shadow key comprises the following steps:

s1, constructing a polynomial f (x) with a degree t-1, expressed as f (x) a₀+a₁x+a₂x²+…+a_t-1x^t-1；

S2, randomly selecting n different and nonzero values { x_iI ∈ {1,2, ·, n } }, and discloses these values in the set of participants;

s3, shadow Key representation of the ith participant { wk_i＝f(x_i)∈Z_d|i∈{1,2,...,n}}；

Wherein, a₀Is a constant term of a polynomial₁,a₂,...,a_t-1Is a coefficient of a polynomial with a value range of a₀,a₁,a₂,...,a_t-1∈Z_d，Z_dIs an integer domain with the value range in the d interval, and d is a prime number with the value range of n being less than or equal to d being less than or equal to 2 n.

The distributor generates a rotation key delta for each participant_iThe rotary key is provided by participant B_i(i ∈ {1, 2.,. n }), and the preparation process of the rotation key comprises the following steps: randomly generating n different rotation keys, the n keys being denoted as { delta }_i∈[0,2π]1, 2.., n }, each rotation key δ_iShared by the reconstructor and the participant in the authorized subset.

Second, secret particle sharing stage

In this implementation phase, the distributor first generates a secret particle

Then for the particles

Performing Lagrange unitary operation to obtain information particles

The method specifically comprises the following steps:

s31, the distributor generates a secret particle

Is shown as

S32 distributor pair

Executing Lagrange unitary operation to obtain information particles

Expressed as:

wherein, M (θ)_A) Is Lagrange unitary operator, expressed as

a₀Is the distributor's master key, d is the prime number used in the shadow key generation algorithm; i is an imaginary unit; alpha is alpha₀、β₀Is two complex numbers and satisfies | α₀|²+|β₀|²＝1。

To prevent theft attacks, the distributor transmits the information particles to the reconstructor in a transmission mode of the spoofing particles, the process comprising:

s41, distributor selects four particles { |0>,|1＞,|+>,|->Randomly selecting l particles to prepare a decoy particle sequence, wherein |0>、|1>Is a quantum bit particle, | +>、|->Particles generated for a qubit via the adama gate are represented as:

s42, the distributor randomly inserts the information particles into the decoy particle sequence to obtain the particle sequence;

s43, the distributor retains the position information of the information particle insertion, and transmits the particle sequence to the reconstructor through the secure quantum channel, where the specific transmission line is as shown in fig. 2, and includes the following transmission processes:

s431, the sequence sent by the distributor is psi_AThe t participants of the authorization subset are denoted as B₁,...,B_r,...,B_tIn which B is_rRepresents the reconstructor;

s432, the reconstructor sends the sequence to the first participant B in the authorized subset₁The sequence from the reconstructor is denoted as Ψ_r；

S433, the first participant B₁Receiving a sequence Ψ from a reconstructor_rAnd forwards the sequence to a second participant B in the authorized subset₂The first participant B₁The sequence emitted is denoted as Ψ₁；

S434, according to the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe current participant forwards the received particle sequence to the next participant;

s435 when the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe last participant B of_tThe sequence emitted is denoted as Ψ_tParticipant B_tWill sequence Ψ_tAnd sending the data to the reconstructor to complete transmission.

After the transmission is completed, the distributor needs to confirm whether theft exists in the transmission process, that is:

when the distributor confirms that the reconstructor receives the particle sequence Ψ_AWhen, the distributor will sequence Ψ_AInforming the reconstructor of the positions of the q decoy particles and the measurement basis corresponding to each position;

the reconstructor finds the positions of the q decoy particles, measures the particles by using the measurement basis of the positions and sends the measurement result to the distributor; the reconstructor finds out the position of the decoy particle and measures with the measuring base corresponding to the position, the result of the measurement is the original state of the particle in general, and the state of the particle may change after theft occurs, for example: when the initial state of a certain decoy particle is 0, the particle needs to be measured by using a Z base, when a thief uses a wrong measuring machine (such as an X base) to measure, the state of the particle has the probability of 1, and when a reconstructor uses a correct measuring machine to measure, the result of measurement is also 1;

the distributor compares the measuring result with the initial state of the decoy particles and calculates the error rate; if the error rate is higher than the set threshold value, judging that a thief exists, otherwise, sending the positions of the remaining l-q decoy particles and the measurement basis corresponding to each position to a reconstructor by the distributor, and sending the particle sequence psi to the reconstructor by the reconstructor_ARemoving the decoy particles to obtain information particles; the distributor compares the received measuring result of the decoy particles with the initial state of the decoy particles, calculates the error rate, and sets a threshold value of the error rate to judge whether the transmission process is intercepted or not because the channel noise can cause the inconsistency of the measuring result and the initial state;

wherein q is less than l, and l is the total number of the decoy particles.

Thirdly, secret particle reconstruction stage

In the quantum secret sharing scheme, only the authorized subset can reconstruct the original secret particles, and the number of members of the authorized subset is greater than or equal to t and less than or equal to n, as shown in fig. 3, the reconstruction process specifically includes:

s61, if there is no theft, the restructurer removes the decoy particles to obtain the information particles, the restructurer takes out the shadow key and the rotation key belonging to the restructurer, and performs Lagrangian unitary operation and rotation unitary operation on the information particles, which are expressed as:

s62 particles obtained by reconstitution

Inserting decoy particles to obtain the particle sequence psi_AAnd passes the sequence to participant B in the authorized subset₁；

S63, participant B₁The received particle sequence Ψ_AFor information particles

Successively executing Lagrange unitary operation and rotary unitary operation to obtain

S64, according to the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe current participant B_iThe obtained particles

Inserting decoy particles to obtain the particle sequence psi_iOf the particle sequence Ψ_iTo participant B_i+1；

S65, participant B_i+1Receiving a sequence of particles Ψ_iParticipant B_i+1Removing decoy particles in the sequence to obtain information particles

Information particle pair using own shadow key and rotation key

Performing Lagrange unitary operation and rotation unitary operation to obtain

S66, repeating the above operations until the participant B_tThe obtained particles

Inserting decoy particles to obtain the particle sequence psi_tAnd the particle sequence Ψ_tTransmitting to the reconstructor;

s67, receiving the particle sequence Ψ by the reconstructor_tThe reconstructor removes decoy particles in the particle sequence to obtain information particles

Reconstructor based on t rotating keys [ delta ]₁,δ₂,...,δ_r,...,δ_tFor information particles

Performing a mixing operation U (delta) to recover the original secret particles

The blending operation U (δ) is expressed as:

for information particles

The mixing operation U (δ) is performed as:

where r is the serial number of the reconstructor in the authorization subset, and i represents an imaginary number.

The embodiment also provides a quantum threshold secret sharing system based on the lagrangian unitary operator, the system comprises a shadow key generator, a rotation key generator, a secret particle generator, a lagrangian unitary operation module, a decoy particle generator, a sharing environment security test module and a rotation unitary operation module, wherein:

the shadow key generator is used for generating a shadow key;

the rotation key generator is used for generating a rotation key;

the secret particle generator is used for generating secret particles;

the Lagrange unitary operation module is used for performing unitary operation on the particles;

the sharing environment safety testing module is used for judging whether the current transmission environment is safe or not, if so, sending secret particles, and otherwise, stopping sending and restarting the protocol;

the decoy particle generator is used for generating a sequence of decoy particles;

the unitary rotation operation module is used for performing unitary rotation operation;

the mixing operation module is used for carrying out mixing operation.

Further, the sharing environment security testing module comprises a random selector, a measurement basis measuring unit, an error rate calculator and a threshold value judger, wherein:

the random selector is used for randomly selecting the positions of q decoy particles and the information of the measuring base corresponding to the positions from the decoy particles generated by the decoy particle generator;

the measuring base measuring unit is used for measuring the position of the received decoy particles with a measuring machine at the position;

the error rate calculator is used for acquiring the error rate of the measurement result in the measurement base measurement unit;

the threshold value judger is used for judging that the threshold value of the error rate calculator exceeds the threshold value of the threshold value judger afterwards, and if the threshold value does not exceed the threshold value, the current transmission environment is safe.

When the system is used, the class A user generates a shadow key for each class B user by using the shadow key generator; generating a rotary key for each class B user by using a rotary key generator, and sharing the rotary key to all class B users; the method for generating the secret particle by the class A user by using the secret particle generator specifically comprises the following steps when the class A user wants to share the secret particle to an authorized class B user:

s101, a trusted B-class user is designated as a representative by the A-class user, and the B-class user selects t B-class users including the user as an authorization subset;

s102, inputting the secret particles into a Lagrange unitary operation module by the class A user, and outputting information particles;

s103, the class A user generates a decoy particle sequence by using the decoy particle generator and inserts the information particles into the decoy sequence;

s104, the class A user sends the decoy particle sequence inserted with the information particles to a representative of the class B user through a safe quantum channel, the class A judges whether the current environment is safe or not through a sharing environment safety test module, and if the current environment is not safe, the protocol is restarted; otherwise, the following operations are carried out:

s105, obtaining information particles by the representatives of the B-class users, sequentially operating by using a Lagrangian unitary operation module and a rotation operation module, sending the operated information particles to a first user in the authorization subset, sequentially operating by using the Lagrangian unitary operation module and the rotation operation module by the first user, and sending the operated information particles to a second user in the authorization subset until the t-th user receives a sequence of the t-1 th sequence operated by the Lagrangian unitary operation module and the rotation operation module;

s106, the tth B-class user operates the received sequence through a Lagrange unitary operation module and a rotation operation module and sends the operated sequence to a representative of the B-class user;

and S107, the representative of the B-class user inputs the sequence and the rotary password of the B-class user in the authorization subset into a mixing module to obtain the secret particle.

In the invention, the class A user or distributor represents a user for preparing the secret particles, the participants or the class B users in the authorization subset are users requesting the secret particles, and the representatives or reconstructors of the class B users are the most trusted users of the class A users or the distributors.

The invention provides a verifiable quantum state threshold secret sharing method based on Lagrange unitary operators, which is combined with the technical background of the current quantum threshold and aims at solving the problems that the existing verifiable quantum state threshold secret sharing is lack of verification function in the aspect of safety, higher in particle preparation resource overhead in the aspect of efficiency and lower in verification efficiency.

In the aspect of safety, the method uses the private shadow secret key to reconstruct the secret particles, uses the rotation secret key to realize the verification function, and has stronger safety compared with quantum secret sharing based on the rotation unitary operator. In the aspect of efficiency, the method only needs to prepare one secret particle without measurement operation, reduces resource overhead required by particle preparation and measurement, executes Lagrange unitary operator and rotation unitary operator to jointly complete reconstruction and verification operation, and improves verification efficiency.

Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (6)

1. A quantum threshold secret sharing method based on Lagrange unitary operator is characterized by comprising the following steps:

s1, the distributor prepares a shadow key and a rotation key for each participant in the set of n participants, including:

constructing a polynomial f (x) with a degree t-1, expressed as f (x) a₀+a₁x+a₂x²+…+a_t-1x^t-1；

Randomly picking n different and non-zero values { x_iI ∈ {1,2, ·, n } }, and discloses these values in the set of participants;

shadow Key representation of the ith participant { wk_i＝f(x_i)∈Z_d|i∈{1,2,...,n}}；

Randomly generating n different rotation keys, the n keys being denoted as { delta }_i∈[0,2π]1, 2.., n }, each rotation key δ_iShared by reconstructors and participants in the authorized subset;

wherein, a₀Is a constant term of a polynomial₁,a₂,...,a_t-1Is a coefficient of a polynomial with a value range of a₀,a₁,a₂,...,a_t-1∈Z_d，Z_dD is a prime number with the value range of n being less than or equal to d being less than or equal to 2 n; the participant has a master secretThe keys mk, mk have values a₀；

S2, the distributor appoints a trusted participant in the authorization subset as a reconstructor, and the reconstructor selects t participants including the reconstructor from the authorization subset as the authorization subset;

s3, the distributor generates a secret particle, and performs lagrangian unitary operation on the secret particle to obtain an information particle, that is, the method includes:

s31, the distributor generates a secret particle

Is shown as

S32 distributor pair

Executing Lagrange unitary operation to obtain information particles

Expressed as:

wherein, M (θ)_A) Is Lagrange unitary operator, expressed as

θ_AIs shown as

a₀Is the distributor's master key; d is a prime number used in the shadow key generation algorithm; i is an imaginary unit; alpha is alpha₀、β₀Is two complex numbers and satisfies | α₀|²+|β₀|²＝1；

S4, the distributor transmits the information particles to the reconstructor in the transmission mode of the decoy particles;

s5, the distributor verifies whether the transmission process has theft, if yes, the distributor returns to the step S4 to restart the new protocol; otherwise, performing step S6;

s6, if there is no theft in the transmission process, each participant in the authorization subset operates the information particles in turn, and then sends the information particles to the reconstructor to perform the mixing operation to obtain the secret particles, namely:

s61, if there is no theft, the restructurer removes the decoy particles to obtain the information particles, the restructurer takes out the shadow key and the rotation key belonging to the restructurer, and performs Lagrangian unitary operation on the information particles, which is expressed as:

s62 particles obtained by reconstitution

Inserting decoy particles to obtain the particle sequence psi_AAnd passes the sequence to participant B in the authorized subset₁；

S63, participant B₁The received particle sequence Ψ_AFor information particles

Successively executing Lagrange unitary operator M (theta)₁) And rotation unitary operation U (delta)₁) To obtain

S64, according to the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe current participant B_iThe obtained particles

Inserting decoy particles to obtain the particle sequence psi_iOf the particle sequence Ψ_iTo participantsB_i+1；

S65, participant B_i+1Receiving a sequence of particles Ψ_iParticipant B_i+1Removing decoy particles in the sequence to obtain information particles

Information particle pair using own shadow key and rotation key

Performing Lagrangian unitary operation M (theta)_i+1) And rotation unitary operation U (delta)_i+1) To obtain

S66, repeating the above operations until the participant B_tThe obtained particles

Inserting decoy particles to obtain the particle sequence psi_tAnd the particle sequence Ψ_tTransmitting to the reconstructor;

s67, receiving the particle sequence Ψ by the reconstructor_tThe reconstructor removes decoy particles in the particle sequence to obtain information particles

Reconstructor based on t rotating keys [ delta ]₁,δ₂,...,δ_r,...,δ_tFor information particles

Performing a mixing operation U (delta) to recover the original secret particles

The blending operation U (δ) is expressed as:

wherein r is the serial number of the reconstructor in the authorization subset, and i is an imaginary number; m (theta)_i) As participant B_iLagrange unitary operators of (a); u (delta)_i) As participant B_iThe unitary rotation operator of (a); Ψ_iRepresents participant B_iThe emitted particle sequence.

2. The quantum threshold secret sharing method based on Lagrangian unitary operator as claimed in claim 1, wherein the distributor transmits the information particles to the reconstructor in transmission mode of decoy particles comprises:

s41, distributor selects four particles { |0>,|1>,|+>,|->Randomly selecting l particles to prepare a decoy particle sequence, wherein |0>、|1>Is a quantum bit particle, | +>、|->Particles generated for a qubit via the adama gate are represented as:

s42, the distributor randomly inserts the information particles into the decoy particle sequence to obtain the particle sequence;

s43, the distributor reserves the position information of the information particle insertion and transmits the particle sequence to the reconstructor through the safe quantum channel.

3. The quantum threshold secret sharing method based on the lagrangian unitary operator according to claim 2, wherein the step S43 specifically includes:

s431, the sequence sent by the distributor is psi_AThe t participants of the authorization subset are denoted as B₁,...,B_r,...,B_tIn which B is_rRepresents the reconstructor;

s432, the reconstructor sends the sequence to the first participant B in the authorized subset₁The sequence from the reconstructor is denoted as Ψ_r；

S433, the first participant B₁ReceivingSequence Ψ emitted by reconstructor_rAnd forwards the sequence to a second participant B in the authorized subset₂The first participant B₁The sequence emitted is denoted as Ψ₁；

S434, according to the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe current participant forwards the received particle sequence to the next participant;

s435 when the sequence { B₁,...,B_r-1,B_r+1,...,B_tThe last participant B of_tThe sequence emitted is denoted as Ψ_tParticipant B_tWill sequence Ψ_tAnd sending the data to the reconstructor to complete transmission.

4. The quantum threshold secret sharing method based on Lagrangian unitary operator as claimed in claim 1, wherein the distributor verifying whether there is theft during the transmission process comprises:

when the distributor confirms that the reconstructor receives the particle sequence Ψ_AWhen, the distributor will sequence Ψ_AInforming the reconstructor of the positions of the q decoy particles and the measurement basis corresponding to each position;

the reconstructor finds the positions of the q decoy particles, measures the particles by using the measurement basis of the positions and sends the measurement result to the distributor;

the distributor compares the measuring result with the initial state of the decoy particles and calculates the error rate; if the error rate is higher than the set threshold value, judging that a thief exists, otherwise, sending the positions of the remaining l-q decoy particles and the measurement basis corresponding to each position to a reconstructor by the distributor;

wherein q is less than l, and l is the total number of the decoy particles.

5. A quantum threshold secret sharing system based on Lagrange unitary operator is characterized in that the system is used for realizing the quantum threshold secret sharing method based on Lagrange unitary operator in claim 1, the system comprises a shadow key generator, a rotation key generator, a secret particle generator, a Lagrange unitary operation module, a sharing environment safety test module, a decoy particle generator, a mixed operation module and a rotation unitary operation module, wherein:

the shadow key generator is used for generating a shadow key, namely constructing a polynomial f (x) with a degree of t-1, and expressing f (x) as a₀+a₁x+a₂x²+…+a_t-1x^t-1Randomly choosing n different and non-zero values { x_iI ∈ {1, 2., n } }, and discloses these values, the shadow key representation of the ith participant

{wk_i＝f(x_i)∈Z_dI belongs to {1,2, ·, n } }; wherein, a₀Is a constant term of a polynomial₁,a₂,...,a_t-1Is a coefficient of a polynomial with a value range of a₀,a₁,a₂,...,a_t-1∈Z_d，Z_dD is a prime number with the value range of n being less than or equal to d being less than or equal to 2 n; the participant has a master key mk with a value of a₀

The rotating key generator is used for generating a rotating key, i.e. randomly generating n different rotating keys, the n keys being denoted as { δ }_i∈[0,2π]1, 2.., n }, each rotation key δ_iShared by reconstructors and participants in the authorized subset;

the secret particle generator is used for generating secret particles represented as

α₀、β₀Is two complex numbers and satisfies | α₀|²+|β₀|²＝1；

The Lagrange unitary operation module is used for performing unitary operation on the particles and is represented as follows:

M(θ_A) Is Lagrange unitary operator, expressed as

θ_AIs shown as

The decoy particle generator is used for generating a sequence of decoy particles, and four particles { |0>,|1>,|+>,|->Randomly selecting l particles to prepare a decoy particle sequence, wherein |0>、|1>Is a quantum bit particle, | +>、|->Particles generated for a qubit via the adama gate are represented as:

the sharing environment safety testing module is used for judging whether the current transmission environment is safe or not, if so, the distributor sends the secret particles to the reconstructor, and otherwise, the sending is stopped and the protocol is restarted;

the unitary rotation operation module is used for performing unitary rotation operation;

the mixing operation module is used for carrying out mixing operation and is represented as

Wherein r is the serial number of the reconstructor in the authorization subset, and i is an imaginary number; m (theta)_i) As participant B_iLagrange unitary operators of (a); u (delta)_i) As participant B_iThe unitary rotation operator of (a); Ψ_iRepresents participant B_iThe emitted particle sequence.

6. The quantum threshold secret sharing system based on Lagrangian unitary operator as claimed in claim 5, wherein the sharing environment security testing module comprises a random selector, a measurement basis measuring unit, an error rate calculator and a threshold value judger, wherein:

the random selector is used for randomly selecting the positions of q decoy particles and the information of the measuring base corresponding to the positions from the decoy particles generated by the decoy particle generator;

the measuring base measuring unit is used for measuring the position of the received decoy particles with a measuring machine at the position;

the error rate calculator is used for acquiring the error rate of the measurement result in the measurement base measurement unit;

the threshold value judger is used for judging that the threshold value of the error rate calculator exceeds the threshold value of the threshold value judger afterwards, and if the threshold value does not exceed the threshold value, the current transmission environment is safe.

Images