Sharing Classical Secrets with Continuous-Variable Entanglement: Composable Security and Network Coding Advantage

Secret sharing is a multiparty cryptographic primitive that can be applied to a network of partially distrustful parties for encrypting data that is both sensitive (it must remain secure) and important (it must not be lost or destroyed). When sharing classical secrets (as opposed to quantum states), one can distinguish between protocols that leverage bipartite quantum key distribution (QKD) and those that exploit multipartite entanglement. The latter class are known to be vulnerable to so-called participant attacks and, while progress has been made recently, there is currently no analysis that quantifies their performance in the composable, finite-size regime, which has become the gold standard for QKD security. Given this—and the fact that distributing multipartite entanglement is typically challenging—one might well ask is there any virtue in pursuing multipartite entanglement-based schemes? Here, we answer this question in the affirmative for a class of secret-sharing protocols based on continuous-variable graph states. We establish security in a composable framework and identify a network topology, specifically a bottleneck network of lossy channels, and parameter regimes within the reach of present-day experiments for which a multipartite scheme outperforms the corresponding QKD-based method in the asymptotic and finite-size setting. Finally, we establish experimental parameters where the multipartite schemes outperform any possible QKD-based protocol. This is one of the first concrete compelling examples of multipartite entangled resources achieving a genuine advantage over point-to-point protocols for quantum communication and represents a rigorous, operational benchmark to assess the usefulness of such resources

Optimal realistic attacks in continuous-variable quantum key distribution

Quantum cryptographic protocols are typically analysed by assuming that potential opponents can carry out all physical operations, an assumption which grants capabilities far in excess of present technology. Adjusting this assumption to reflect more realistic capabilities is an attractive prospect, but one that can only be justified with a rigorous, quantitative framework that relates adversarial restrictions to the protocols security and performance. We investigate the effect of limitations on the eavesdropper's (Eve's) ability to make a coherent attack on the security of continuous-variable quantum key distribution (CV-QKD). We consider a realistic attack, in which the total decoherence induced during the attack is modelled by a Gaussian channel. Based on our decoherence model we propose an optimal hybrid attack, which allows Eve to perform a combination of both coherent and individual attacks simultaneously. We evaluate the asymptotic and composable finite-size security of a heterodyne CV-QKD protocol against such hybrid attacks in terms of Eve's decoherence. We show that when the decoherence is greater than a threshold value, Eve's most effective strategy is reduced to the individual attack. Thus, if we are willing to assume that the decoherence caused by the memory and the collective measurement is large enough, it is sufficient to analyse the security of the protocol only against individual attacks, which significantly improves the CV-QKD performance in terms of both the key rate and the maximum secure transmission distance.Comment: 11 pages, 4 figure

Gaussian Post-selection for Continuous Variable Quantum Cryptography

We extend the security proof for continuous variable quantum key distribution protocols using post selection to account for arbitrary eavesdropping attacks by employing the concept of an equivalent protocol where the post-selection is implemented as a series of quantum operations including a virtual distillation. We introduce a particular `Gaussian' post selection and demonstrate that the security can be calculated using only experimentally accessible quantities. Finally we explicitly evaluate the performance for the case of a noisy Gaussian channel in the limit of unbounded key length and find improvements over all pre-existing continuous variable protocols in realistic regimes.Comment: 4+4 pages. arXiv admin note: substantial text overlap with arXiv:1106.082

Teleportation-based collective attacks in Gaussian quantum key distribution

In Gaussian quantum key distribution eavesdropping attacks are conventionally modeled through the universal entangling cloner scheme, which is based on the premise that the whole environment is under control of the adversary, i.e., the eavesdropper purifies the system. This assumption implies that the eavesdropper has either access to an identity (noiseless) channel or an infinite amount of entanglement in order to simulate such an identity channel. In this work we challenge the necessity of this assumption and we propose a teleportation-based eavesdropping attack, where the eavesdropper is not assumed to have access to the shared channel, that represents the unavoidable noise due to the environment. Under collective measurements, this attack reaches optimality in the limit of an infinite amount of entanglement, while for finite entanglement resources it outperforms the corresponding optimal individual attack. We also calculate the minimum amount of distributed entanglement that is necessary for this eavesdropping scheme, since we consider it as the operationally critical quantity capturing the limitations of a realistic attack. We conclude that the fact that an infinite amount of entanglement is required for an optimal collective eavesdropping attack signifies the robustness of Gaussian quantum key distribution

ReQuSim: Faithfully simulating near-term quantum repeaters

Quantum repeaters have long been established to be essential for distributing entanglement over long distances. Consequently, their experimental realization constitutes a core challenge of quantum communication. However, there are numerous open questions about implementation details for realistic, near-term experimental setups. In order to assess the performance of realistic repeater protocols, we here present ReQuSim, a comprehensive Monte-Carlo based simulation platform for quantum repeaters that faithfully includes loss and models a wide range of imperfections such as memories with time-dependent noise. Our platform allows us to perform an analysis for quantum repeater setups and strategies that go far beyond known analytic results: This refers to being able to both capture more realistic noise models and analyse more complex repeater strategies. We present a number of findings centered around the combination of strategies for improving performance, such as entanglement purification and the use of multiple repeater stations, and demonstrate that there exist complex relationships between them. We stress that numerical tools such as ours are essential to model complex quantum communication protocols aimed at contributing to the quantum internet.Comment: 13+4 pages, 10+4 figures, 0+2 tables; v2: updated presentation; v3: accepted version plus tiny changes, adds one more scenario and runtime informatio

Faithfully Simulating Near-Term Quantum Repeaters

Quantum repeaters have long been established to be essential for distributing entanglement over long distances. Consequently, their experimental realization constitutes a core challenge of quantum communication. However, there are numerous open questions about implementation details for realistic near-term experimental setups. In order to assess the performance of realistic repeater protocols, here we present ReQuSim, a comprehensive Monte Carlo–based simulation platform for quantum repeaters that faithfully includes loss and models a wide range of imperfections such as memories with time-dependent noise. Our platform allows us to perform an analysis for quantum repeater setups and strategies that go far beyond known analytical results: This refers to being able to both capture more realistic noise models and analyze more complex repeater strategies. We present a number of findings centered around the combination of strategies for improving performance, such as entanglement purification and the use of multiple repeater stations, and demonstrate that there exist complex relationships between them. We stress that numerical tools such as ours are essential to model complex quantum communication protocols aimed at contributing to the quantum Internet

Measurement-Based Noiseless Linear Amplification for Quantum Communication

Entanglement distillation is an indispensable ingredient in extended quantum communication networks. Distillation protocols are necessarily non-deterministic and require advanced experimental techniques such as noiseless amplification. Recently it was shown that the benefits of noiseless amplification could be extracted by performing a post-selective filtering of the measurement record to improve the performance of quantum key distribution. We apply this protocol to entanglement degraded by transmission loss of up to the equivalent of 100km of optical fibre. We measure an effective entangled resource stronger than that achievable by even a maximally entangled resource passively transmitted through the same channel. We also provide a proof-of-principle demonstration of secret key extraction from an otherwise insecure regime. The measurement-based noiseless linear amplifier offers two advantages over its physical counterpart: ease of implementation and near optimal probability of success. It should provide an effective and versatile tool for a broad class of entanglement-based quantum communication protocols.Comment: 7+3 pages, 5+1 figures, close to published versio

Rate limits in quantum networks with lossy repeaters

The derivation of ultimate limits to communication over certain quantum repeater networks have provided extremely valuable benchmarks for assessing near-term quantum communication protocols. However, these bounds are usually derived in the limit of ideal devices and leave questions about the performance of practical implementations unanswered. To address this challenge, we quantify how the presence of loss in repeater stations affect the maximum attainable rates for quantum communication over linear repeater chains and more complex quantum networks. Extending the framework of node splitting, we model the loss introduced at the repeater stations and then prove the corresponding limits. In the linear chain scenario we show that, by increasing the number of repeater stations, the maximum rate cannot overcome a quantity which solely depends on the loss of a single station. We introduce a way of adapting the standard machinery for obtaining bounds to this realistic scenario. The difference is that whilst ultimate limits for any strategy can be derived given a fixed channel, when the repeaters introduce additional decoherence, then the effective overall channel is itself a function of the chosen repeater strategy. Classes of repeater strategies can be analysed using additional modelling and the subsequent bounds can be interpreted as the optimal rate within that class