24 research outputs found
Two-sided estimates of minimum-error distinguishability of mixed quantum states via generalized Holevo-Curlander bounds
We prove a concise factor-of-2 estimate for the failure rate of optimally
distinguishing an arbitrary ensemble of mixed quantum states, generalizing work
of Holevo [Theor. Probab. Appl. 23, 411 (1978)] and Curlander [Ph.D. Thesis,
MIT, 1979]. A modification to the minimal principle of Cocha and Poor
[Proceedings of the 6th International Conference on Quantum Communication,
Measurement, and Computing (Rinton, Princeton, NJ, 2003)] is used to derive a
suboptimal measurement which has an error rate within a factor of 2 of the
optimal by construction. This measurement is quadratically weighted and has
appeared as the first iterate of a sequence of measurements proposed by Jezek
et al. [Phys. Rev. A 65, 060301 (2002)]. Unlike the so-called pretty good
measurement, it coincides with Holevo's asymptotically optimal measurement in
the case of nonequiprobable pure states. A quadratically weighted version of
the measurement bound by Barnum and Knill [J. Math. Phys. 43, 2097 (2002)] is
proven. Bounds on the distinguishability of syndromes in the sense of
Schumacher and Westmoreland [Phys. Rev. A 56, 131 (1997)] appear as a
corollary. An appendix relates our bounds to the trace-Jensen inequality.Comment: It was not realized at the time of publication that the lower bound
of Theorem 10 has a simple generalization using matrix monotonicity (See [J.
Math. Phys. 50, 062102]). Furthermore, this generalization is a trivial
variation of a previously-obtained bound of Ogawa and Nagaoka [IEEE Trans.
Inf. Theory 45, 2486-2489 (1999)], which had been overlooked by the autho
Entropic uncertainty relations - A survey
Uncertainty relations play a central role in quantum mechanics. Entropic
uncertainty relations in particular have gained significant importance within
quantum information, providing the foundation for the security of many quantum
cryptographic protocols. Yet, rather little is known about entropic uncertainty
relations with more than two measurement settings. In this note we review known
results and open questions.Comment: 12 pages, revte
Unconditional security from noisy quantum storage
We consider the implementation of two-party cryptographic primitives based on
the sole assumption that no large-scale reliable quantum storage is available
to the cheating party. We construct novel protocols for oblivious transfer and
bit commitment, and prove that realistic noise levels provide security even
against the most general attack. Such unconditional results were previously
only known in the so-called bounded-storage model which is a special case of
our setting. Our protocols can be implemented with present-day hardware used
for quantum key distribution. In particular, no quantum storage is required for
the honest parties.Comment: 25 pages (IEEE two column), 13 figures, v4: published version (to
appear in IEEE Transactions on Information Theory), including bit wise
min-entropy sampling. however, for experimental purposes block sampling can
be much more convenient, please see v3 arxiv version if needed. See
arXiv:0911.2302 for a companion paper addressing aspects of a practical
implementation using block samplin
Provably secure key establishment against quantum adversaries
At Crypto 2011, some of us had proposed a family of cryptographic protocols
for key establishment capable of protecting quantum and classical legitimate
parties unconditionally against a quantum eavesdropper in the query complexity
model. Unfortunately, our security proofs were unsatisfactory from a
cryptographically meaningful perspective because they were sound only in a
worst-case scenario. Here, we extend our results and prove that for any e > 0,
there is a classical protocol that allows the legitimate parties to establish a
common key after O(N) expected queries to a random oracle, yet any quantum
eavesdropper will have a vanishing probability of learning their key after
O(N^{1.5-e}) queries to the same oracle. The vanishing probability applies to a
typical run of the protocol. If we allow the legitimate parties to use a
quantum computer as well, their advantage over the quantum eavesdropper becomes
arbitrarily close to the quadratic advantage that classical legitimate parties
enjoyed over classical eavesdroppers in the seminal 1974 work of Ralph Merkle.
Along the way, we develop new tools to give lower bounds on the number of
quantum queries required to distinguish two probability distributions. This
method in itself could have multiple applications in cryptography. We use it
here to study average-case quantum query complexity, for which we develop a new
composition theorem of independent interest.Comment: 22 pages, no figures, fixes a problem with arXiv:1108.2316v2. Will
appear in the Proceedings of the 12th Conference on Theory of Quantum
Computation, Communication and Cryptography (TQC), Paris, June 2017. The only
change in v2 is that there was a problem with the affiliations in v
Entanglement Cost of Quantum Channels
The entanglement cost of a quantum channel is the minimal rate at which
entanglement (between sender and receiver) is needed in order to simulate many
copies of a quantum channel in the presence of free classical communication. In
this paper we show how to express this quantity as a regularised optimisation
of the entanglement formation over states that can be generated between sender
and receiver. Our formula is the channel analog of a well-known formula for the
entanglement cost of quantum states in terms of the entanglement of formation;
and shares a similar relation to the recently shattered hope for additivity.
The entanglement cost of a quantum channel can be seen as the analog of the
quantum reverse Shannon theorem in the case where free classical communication
is allowed. The techniques used in the proof of our result are then also
inspired by a recent proof of the quantum reverse Shannon theorem and feature
the one-shot formalism for quantum information theory, the post-selection
technique for quantum channels as well as Sion's minimax theorem. We discuss
two applications of our result. First, we are able to link the security in the
noisy-storage model to a problem of sending quantum rather than classical
information through the adversary's storage device. This not only improves the
range of parameters where security can be shown, but also allows us to prove
security for storage devices for which no results were known before. Second,
our result has consequences for the study of the strong converse quantum
capacity. Here, we show that any coding scheme that sends quantum information
through a quantum channel at a rate larger than the entanglement cost of the
channel has an exponentially small fidelity.Comment: v3: error in proof of Lemma 13 corrected, corrected Figure 5, 24
pages, 5 figure