在數位化的時代中,幾乎所有資訊都以數位化的形式在網路上傳輸。在此環境下 如何保障資料的私密性,即成為一重要的課題。密碼學家已提出多種基於數學難題的 機制來保障資訊之私密性,諸如對稱式金鑰密碼系統、非對稱式金鑰密碼系統等等, 且已被廣泛的運用在實務中。然而近年來隨著量子性質的研究與發展,Shor 證明了 利用量子演算法,可在多項式時間內破解因式分解之數學難題,如何在量子電腦之強 大運算能力下保持資訊的安全性,成為對數位化時代的一項挑戰。
有鑑於此,量子密碼學研究開始被拓展,基於量子特性建立安全的金鑰分配、訊 息傳輸、私密分享等等通訊協定也被提出。其中部分學者提出了基於量子特性之訊息 傳輸協定──量子通訊協定,可透過量子安全的傳遞訊息。而本論文著眼於其中的分 支:可控制式量子通訊,在此協定中一位或多位控制者有能力控制傳送方與接收方之 間的通訊;接收方必須得到控制者的允許才能讀取傳送者之私密訊息。本論文首先分 析現有可控制式量子通訊協定所存在之缺陷與可能遭受之攻擊──資訊洩漏問題、木 馬光子攻擊、關聯萃取攻擊。最後設計一完善之可控制式量子通訊協定,並可抵抗以上缺陷。

In the era of digitalization, almost all information is digitalized and transmitted on the internet. Therefore, guaranteeing the privacy of information is an important issue to be discussed. Cryptographists have presented many schemes to achieve this goal. Based on mathematics, symmetric and asymmetric key encryption schemes have been proposed; these schemes are widely used in modern society for message-passing, e-commerce, e-voting, etc. Recently, research has been focused on developing quantum computation, which is based on quantum phenomena. Peter Shor proposed a quantum algorithm to crack the factorization problem more quickly than any classical algorithm. Hence, the encryption system based on mathematical properties might become insecure, which is a brand new challenge to the era of digitalization.
The research of quantum cryptography has rapidly developed in the past few years. Based on quantum mechanisms, such as the key distribution protocols, communication protocols and secret sharing protocols have been developed. The quantum communication (QC) protocol is one of the key topics in quantum cryptography. This thesis focuses on one type of QC protocols, the controlled QC (CQC), which allows one or more controllers to control the communication between a sender and a receiver. The receiver needs the controller’s permission to obtain the sender’s secret. This thesis first analyzes the flaws and attacks, such as the information leakage problem, the Trojan Horse attack, and the correlation-elicitation attack, on the existing CQC protocols. Then, a new CQC protocol to avoid the above-mentioned problems will be presented.

[1] P. W. Shor, "Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer," SIAM Review, vol. 41, pp. 303-332, 1999.
[2] L. K. Grover, "Quantum Mechanics Helps in Searching for a Needle in a Haystack," Physical Review Letters, vol. 79, p. 325, 1997.
[3] C. Bennett and G. Brassard, "Quantum cryptography: Public key distribution and coin tossing," presented at the Proceedings of IEEE International Conference on Computers Systems and Signal Processing, Bangalore, India, 1987.
[4] F.-G. Deng, G. L. Long, and X.-S. Liu, "Two-step quantum direct communication protocol using the Einstein-Podolsky-Rosen pair block," Physical Review A, vol. 68, p. 042317, 2003.
[5] J. Wang, Q. Zhang, and C.-j. Tang, "Multiparty controlled quantum secure direct communication using Greenberger-Horne-Zeilinger state," Optics Communications, vol. 266, pp. 732-737, 2006.
[6] X.-B. Chen, T.-Y. Wang, J.-Z. Du, Q.-Y. Wen, and F.-C. Zhu, "Controlled quantum secure direct communication with quantum encryption," International Journal of Quantum Information, vol. 6, pp. 543-551, 2008.
[7] T. Gao, F.-L. Yan, and Z.-X. Wang, "Controlled quantum teleportation and secure direct communication," Chinese Physics, vol. 14, p. 893, 2005.
[8] X.-B. Chen, Q.-Y. Wen, F.-Z. Guo, Y. Sun, G. Xu, and F.-C. Zhu, "Controlled Quantum Secure Direct Communication with W State," International Journal of Quantum Information, vol. 6, pp. 899-906, 2008.
[9] Y. Xia, J. Song, and H.-S. Song, "Controlled Secure Quantum Communication Using Pure Entangled W Class States," Communications in Theoretical Physics, vol. 49, p. 919, 2008.
[10] L. Dong, X.-M. Xiu, Y.-J. Gao, Y.-P. Ren, and H.-W. Liu, "Controlled three-party communication using GHZ-like state and imperfect Bell-state measurement," Optics Communications, vol. 284, pp. 905-908, 2011.
[11] X.-M. Xiu, L. Dong, Y.-J. Gao, and F. Chi, "Controlled deterministic secure quantum communication using five-qubit entangled states and two-step security test," Optics Communications, vol. 282, pp. 333-337, 2009.
[12] S.-J.Qin,Q.-Y.Wen,L.-M.Meng,andF.-C.Zhu,"Commenton"ControlledDSQCusing five-qubit entangled states and two-step security test"," Optics Communications, vol. 282, pp. 2656-2658, 2009.
[13] X.-M. Xiu, L. Dong, Y.-J. Gao, F. Chi, Y.-P. Ren, and H.-W. Liu, "A revised controlled deterministic secure quantum communication with five-photon entangled state," Optics Communications, vol. 283, pp. 344-347, 2010.
[14] X.-M. Xiu, L. Dong, and Y.-J. Gao, "Secure four-site distribution and quantum communication of [chi]-type entangled states," Optics Communications, vol. 284, pp. 2065-2069, 2011.
[15] F.-G. Deng, X.-H. Li, H.-Y. Zhou, and Z.-j. Zhang, "Improving the security of multiparty quantum secret sharing against Trojan horse attack," Physical Review A, vol. 72, p. 044302, 2005.
[16] Q.-Y. Cai, "Eavesdropping on the two-way quantum communication protocols with invisible photons," Physics Letters A, vol. 351, pp. 23-25, 2006.
[17] J. Lee, H. Min, and S. D. Oh, "Multipartite entanglement for entanglement teleportation," Physical Review A, vol. 66, p. 052318, 2002.
[18] Y. Yeo and W. K. Chua, "Teleportation and Dense Coding with Genuine Multipartite Entanglement," Physical Review Letters, vol. 96, p. 060502, 2006.
[19] C. H. Bennett, G. Brassard, and N. D. Mermin, "Quantum cryptography without Bell's theorem," Physical Review Letters, vol. 68, p. 557, 1992.
[20] G. L. Long and X. S. Liu, "Theoretically efficient high-capacity quantum-key-distribution scheme," Physical Review A, vol. 65, p. 032302, 2002.
[21] S. Lin, Q.-Y. Wen, F. Gao, and F.-C. Zhu, "Quantum secure direct communication with chi -type entangled states," Physical Review A, vol. 78, p. 064304, 2008.
[22] F. Gao, Q.-Y. Wen, and F.-C. Zhu, "Comment on: "Quantum exam" [Phys. Lett. A 350 (2006) 174]," Physics Letters A, vol. 360, pp. 748-750, 2007.
[23] S.-J. Qin, Q.-Y. Wen, and F.-C. Zhu, "An external attack on the Brádler–Dušek protocol," Journal of Physics B: Atomic, Molecular and Optical Physics, vol. 40, p. 4661, 2007.
[24] F.Gao,S.Lin,Q.-Y.Wen,andF.-C.Zhu,"ASpecialEavesdroppingonOne-Sender Versus N -Receiver QSDC Protocol," Chinese Physics Letters, vol. 25, p. 1561, 2008.
[25] S.-J. Qin, F. Gao, Q.-Y. Wen, L.-M. Meng, and F.-C. Zhu, "Cryptanalysis and improvement of a secure quantum sealed-bid auction," Optics Communications, vol. 282, pp. 4014-4016, 2009.
[26] F.Gao,S.-J.Qin,Q.-Y.Wen,andF.-C.Zhu,"Cryptanalysisofmultipartycontrolled quantum secure direct communication using Greenberger-Horne-Zeilinger state," Optics Communications, vol. 283, pp. 192-195, 2010.
[27] S.-K. Chong, Y.-P. Luo, and T. Hwang, "On "Arbitrated quantum signature of classical messages against collective amplitude damping noise"," Optics Communications, vol. 284, pp. 893-895, 2011.
[28] C.-Y.Liandetal.,"SecureQuantumKeyDistributionNetworkwithBellStatesand Local Unitary Operations," Chinese Physics Letters, vol. 22, p. 1049, 2005.
[29] C.-Y. Li and et al., "Efficient Quantum Cryptography Network without Entanglement and Quantum Memory," Chinese Physics Letters, vol. 23, p. 2896, 2006.
[30] S.-J.Qin,F.Gao,F.-Z.Guo,andQ.-Y.Wen,"Commenton"Two-wayprotocolsfor quantum cryptography with a nonmaximally entangled qubit pair"," Physical Review A, vol. 82, p. 036301, 2010.