Quantum non-malleability and authentication

In the setting of encryption schemes, non-malleability is a highly desirable property: it ensures that no adversary can meaningfully manipulate the plaintext by acting on the ciphertext. In this work, we give a new definition of non-malleability for encryption of quantum data, improving on the previous definition of Ambainis Bouda and Winter. Our definition is expressed in terms of entropic quantities, considers stronger adversaries, and does not assume secrecy. We prove that quantum non-malleability implies secrecy, in stark contrast to the classical setting where the two properties are independent. In the case of non-unitary schemes, we also provide a separation example which demonstrates a weakness in the definition of Ambainis et al. In the case of unitary schemes, we establish that the two definitions are equivalent, by showing that our definition is equivalent to the notion of a unitary two-design. We also give new results regarding the closely-related task of quantum authentication. We show that the strong notion of "total authentication" recently proposed by Garg, Yuen and Zhandry can be satisfied with two-designs. This is a significant improvement over their construction, which required eight-designs. We also show that, under a mild adaptation of the rejection procedure, both total authentication and our notion of non-malleability yield quantum authentication as defined by Dupuis, Nielsen and Salvail.