在近代資訊科技的發展中，將現代生活中的無數問題簡化與轉換成關鍵的少數問題，並著眼於解決這些少數的問題，已經成為演算法或是密碼學協定設計的核心技巧之一。而私密比較 (private comparison) 則是其關鍵的問題之一。
私密比較源自於 1982年，Yao 學者 [1] 提出的百萬富翁問題 (millionaire problem)：兩位富翁希望比較其財富的多寡，卻不希望對方或外人得知其財富的實際數值，為了達成此目的， Yao 提出了私密比較協定。自此開始，私密比較逐漸成為熱門的研究議題。
在私密比較領域中，根據實際比較之要求，可以分為比較相等以及比較大小兩種。若將比較相等視為計算兩位富翁之財富數值之互斥或 (exclusive-or, XOR) 結果 (僅有兩輸入位元均為0或1時，才會得到0之計算結果，否則計算結果將為1)，且將比較大小視為計算兩財富數值之相減後之差值為正數或負數，私密比較也可以視為是一種私密運算 (private computation) 問題：兩位參與者將自己之私密資訊隱密的送出，並獲取計算結果，在過程中各自的資訊均將保持隱私。
自Yang等學者於 2009 年提出第一篇量子私密比較協定 [2] 後，諸多比較相等 [2-20] 或比較大小 [21-23] 之量子私密比較協定也廣泛被提出與探討。現有之量子私密比較協定中，均需要一名第三方 (third party, TP) 的參與，來協助參與者們得到比較結果，在比較過程中第三方或是其他參與者皆無法得知任一參與者之私密資訊，在此環境下，第三方誠實（honest）與否便與整個協定之安全性有莫大之關聯。
在為了防範一些特殊的攻擊，部分現有的量子私密比較協定假設第三方為部分誠實，用以限制第三方只能如實的執行協定步驟，來達到安全性與效率的提高。因此，近年的文獻中，針對第三方的假設調整為切合實際的限制，稱為 “惡意第三方”。其所定義之第三方為除了不能與參與者共謀外，其他任意攻擊皆可實施。
在現有的雙方量子私密比較大小協定中，亦有針對惡意第三方所提出的協定，但卻需利用預先共享金鑰來達到協定的安全性與隱密性。然而，利用預先共享金鑰所需的量子成本較高，有鑑於此，本論文提出不需預先共享金鑰之量子私密比較大小協定。
由於在多方私密比較相等，並未有引用惡意第三方之假設的協定，本論文對此提出一篇基於GHZ量子糾結態所設計的多方量子私密比較相等協定，另因應競標、拍賣等多方大小比較，提出惡意第三方假設下的多方量子私密大小比較協定。

Recent advances in science and technology simplify millions of problems in the mod-ern life. For example, translating some complicated issues into the well-known key re-searches, where solving those problems has become the core research topics of the algo-rithm and cryptography.
Since Yao et al. [1] proposed the millionaire problem in modern cryptography, Private comparison has become a well-known issue . It allows the participants to perform compu-tations without disclosing any secret information of their operators or operands. Private comparison can be applied to many environments including secure bidding and auction, private elections, checking the identity ID and so on (see [24] for a survey). Before, most private comparison protocols were based on public key cryptosystems, where complicate computations have to be performed [1].
Quantum cryptography, which applies quantum mechanics to solve security problems, has become a focused research topic since the first quantum key distribution protocol was presented by Bennett and Brassard in 1984 [25]. Various kinds of quantum communication protocols have been introduced, such as quantum key distribution, quantum secret sharing, quantum teleportation and quantum private comparison, and so on.
Quantum private comparison (QPC), one of the most important topics in quantum cryptography has been widely discussed in recent years. Where two distrusted participants can compare their secret information with the help of the third party (TP). In QPC, one par-ticipant’s secret information will not be revealed to each other and TP. According to the properties of quantum mechanics such as uncertainty principle, no-cloning theorem and so on, the private comparison can be easily achieved without any complex computation as re-quired in classical cryptography.
In order to prevent some common attacks, some of the current QPC protocols make a strong assumption that TP is semi-honest, where TP has to execute the protocol loyally and announce the result of the comparison faithfully.
For the purpose of improving the protocols to be more practical, this thesis introduces an almost-dishonest TP. That means, except colluding with the participants, TP may per-form several possible attacks for disclosing the secret information of the participants.
Based on that, this thesis proposed a QPC protocol, and extends the QPC for compar-ing size relation to multi-party QPC.

[1] A. C. Yao, A. C. Yao, A. C. Yao, and A. C. Yao, "Protocols for secure computations," in Foundations of Computer Science, 1982. SFCS '08. 23rd Annual Symposium on, 1982, pp. 160-164.
[2] Y.-G. Yang and Q.-Y. Wen, "An efficient two-party quantum private comparison protocol with decoy photons and two-photon entanglement," Journal of Physics A: Mathematical and Theoretical, vol. 42, p. 055305, 2009.
[3] X.-B. Chen, G. Xu, X.-X. Niu, Q.-Y. Wen, and Y.-X. Yang, "An efficient protocol for the private comparison of equal information based on the triplet entangled state and single-particle measurement," Optics Communications, vol. 283, pp. 1561-1565, 2010.
[4] H.-Y. Jia, Q.-Y. Wen, T.-T. Song, and F. Gao, "Quantum protocol for millionaire problem," Optics Communications, vol. 284, pp. 545-549, 2011.
[5] W. Liu, Y.-B. Wang, and Z.-T. Jiang, "An efficient protocol for the quantum private comparison of equality with W state," Optics Communications, vol. 284, pp. 3160-3163, 2011.
[6] W. Liu, Y.-B. Wang, Z.-T. Jiang, and Y.-Z. Cao, "A Protocol for the Quantum Private Comparison of Equality with χ-Type State," International Journal of Theoretical Physics, vol. 51, pp. 69-77, 2011.
[7] H.-Y. Tseng, J. Lin, and T. Hwang, "New quantum private comparison protocol using EPR pairs," Quantum Information Processing, vol. 11, pp. 373-384, 2011.
[8] X.-B. Chen, Y. Su, X.-X. Niu, and Y.-X. Yang, "Efficient and feasible quantum private comparison of equality against the collective amplitude damping noise," Quantum Information Processing, 2012.
[9] Y. B. Li, Q. Y. Wen, F. Gao, H. Y. Jia, and Y. Sun, "Information leak in Liu et al.’s quantum private comparison and a new protocol," The European Physical Journal D, vol. 66, 2012.
[10] Y.-B. Li, S.-J. Qin, Z. Yuan, W. Huang, and Y. Sun, "Quantum private comparison against decoherence noise," Quantum Information Processing, vol. 12, pp. 2191-2205, 2012.
[11] B. Liu, F. Gao, H.-y. Jia, W. Huang, W.-w. Zhang, and Q.-y. Wen, "Efficient quantum private comparison employing single photons and collective detection," Quantum Information Processing, vol. 12, pp. 887-897, 2012.
[12] W. Liu and Y.-B. Wang, "Quantum Private Comparison Based on GHZ Entangled States," International Journal of Theoretical Physics, vol. 51, pp. 3596-3604, 2012.
[13] C. Xiao-Qiu and L. Qing-Qing, "A simple quantum private comparison protocol," in Computer Science and Automation Engineering (CSAE), 2012 IEEE International Conference on, 2012, pp. 394-396.
[14] Y.-G. Yang, J. Xia, X. I. N. Jia, L. E. I. Shi, and H. U. A. Zhang, "New Quantum Private Comparison Protocol without Entanglement," International Journal of Quantum Information, vol. 10, p. 1250065, 2012.
[15] Y.-B. Li, T.-Y. Wang, H.-Y. Chen, M.-D. Li, and Y.-T. Yang, "Fault-Tolerate Quantum Private Comparison Based on GHZ States and ECC," International Journal of Theoretical Physics, vol. 52, pp. 2818-2825, 2013.
[16] X.-T. Liu, J.-J. Zhao, J. Wang, and C.-J. Tang, "Cryptanalysis of the secure quantum private comparison protocol," Physica Scripta, vol. 87, p. 065004, 2013.
[17] C. Wang, G. Xu, and Y.-X. Yang, "Cryptanalysis and improvements for the quantum private comparison protocol using EPR pairs," International Journal of Quantum Information, vol. 11, p. 1350039, 2013/06/01 2013.
[18] Y.-G. Yang, J. Xia, X. Jia, and H. Zhang, "Comment on quantum private comparison protocols with a semi-honest third party," Quantum Information Processing, vol. 12, pp. 877-885, 2013/02/01 2013.
[19] W.-W. Zhang and K.-J. Zhang, "Cryptanalysis and improvement of the quantum private comparison protocol with semi-honest third party," Quantum Information Processing, vol. 12, pp. 1981-1990, 2013/05/01 2013.
[20] W. Zi, F. Guo, Y. Luo, S. Cao, and Q. Wen, "Quantum Private Comparison Protocol with the Random Rotation," International Journal of Theoretical Physics, vol. 52, pp. 3212-3219, 2013.
[21] S. Lin, Y. Sun, X.-F. Liu, and Z.-Q. Yao, "Quantum private comparison protocol with d-dimensional Bell states," Quantum Information Processing, vol. 12, pp. 559-568, 2012.
[22] F. Guo, F. Gao, S. Qin, J. Zhang, and Q. Wen, "Quantum private comparison protocol based on entanglement swapping of d-level Bell states," Quantum Information Processing, vol. 12, pp. 2793-2802, 2013/08/01 2013.
[23] W.-W. Zhang, D. Li, K.-J. Zhang, and H.-J. Zuo, "A quantum protocol for millionaire problem with Bell states," Quantum Information Processing, vol. 12, pp. 2241-2249, 2012.
[24] G. S, "Multi-Party Computations: Past and Present," Invited paper to the Proceedings of the Sixteenth Annual ACM Symposium on Principles of Distributed Computing (PODC'97), pp. 1-6, 1997.
[25] C. H. Bennett and G. Brassard, "Quantum Cryptography: Public Key Distribution and Coin Tossing," in Proceedings of the IEEE International Conference on Computers, Systems and Signal Processing, Bangalore, India, 1984, pp. 175-179.
[26] R. Colbeck, "Impossibility of secure two-party classical computation," Physical Review A, vol. 76, 2007.
[27] Y. J. Chang, C. W. Tsai, and T. Hwang, "Multi-user private comparison protocol using GHZ class states," Quantum Information Processing, vol. 12, pp. 1077-1088, Feb 2013.
[28] F. Gao, S.-J. Qin, Q.-Y. Wen, and F.-C. Zhu, "A simple participant attack on the Bradler-Dusek protocol," Quantum Info. Comput., vol. 7, pp. 329-334, 2007.
[29] F. Gao, F.-Z. Guo, Q.-Y. Wen, and F.-C. Zhu, "Comment on “Experimental Demonstration of a Quantum Protocol for Byzantine Agreement and Liar Detection”," Physical Review Letters, vol. 101, p. 208901, 11/13/ 2008.
[30] F. Gao, S. Lin, Q.-Y. Wen, and F.-C. Zhu, "A Special Eavesdropping on One-Sender Versus N -Receiver QSDC Protocol," Chinese Physics Letters, vol. 25, p. 1561, 2008.
[31] Q.-Y. Cai, "Eavesdropping on the two-way quantum communication protocols with invisible photons," Physics Letters A, vol. 351, pp. 23-25, 2/20/ 2006.
[32] C.-H. Yu, G.-D. Guo, and S. Lin, "Quantum private comparison with d-level single-particle states," Physica Scripta, vol. 88, Dec 2013.
[33] Y. Chao-Hua, G. Gong-De, and L. Song, "Quantum private comparison with d -level single-particle states," Physica Scripta, vol. 88, p. 065013, 2013.