Quantum message authentication codes

I describe protocols which assure the recipient of a quantum state that it has come from a sender with whom he has previously shared secret key. Their security is information-theoretic (“unconditional”) rather than based on computational assumptions. A particular class of such protocols is constructed, for which the different keys correspond to different, secret, quantum error detecting codes. The codes correspond to points on an algebraic curve over a finite field. These protocols have probability of undetected tampering inverse in the number of keys, which is better than the classical bound of inverse in the square root of the number of keys. They are efficient in that the required key length for a given security parameter (negative log of probability of undetected tampering) grows only logarithmically in message size, while the security parameter grows linearly with key size. Thus their security and efficiency are similar to, but even stronger than, those of the classical Wegman-Carter protocols.