Comment on 'Improving the security of protocols of quantum key agreement solely using Bell states and Bell measurement'

TL;DR

This paper critically analyzes a recent quantum key agreement protocol, revealing that despite improvements, it remains vulnerable to colluding attacks by dishonest participants, highlighting ongoing security challenges.

Contribution

It identifies a new security vulnerability in an improved quantum key agreement protocol, emphasizing the need for more robust solutions against collusion.

Findings

The improved protocol is susceptible to colluding participant attacks.

Security flaws persist despite recent protocol enhancements.

Collusion can manipulate the final secret key undetected.

Abstract

Designing a quantum key agreement (QKA) protocol is always a challenging task, because both the security and the fairness properties have to be considered simultaneously. Recently, Zhu et al. (Quantum Inf Process 14(11): 4245-4254) pointed out that Shukla et al.'s QKA protocol (Quantum Inf Process 13(11): 2391-2405) has some security flaws (which lead to the Participant Attack). Moreover, they proposed an improvement to avoid these weaknesses. However this study points out that the improved protocol also suffers from a colluding attack, i.e., two dishonest participants in the protocol can collaborate to manipulate the final secret key without being detected.