Cryptography in the Bounded Quantum-Storage Model

We initiate the study of two-party cryptographic primitives with unconditional security, assuming that the adversary’s quantum memory is of bounded size. We show that oblivious transfer and bit commitment can be implemented in this model using protocols where honest parties need no quantum memory, whereas an adversarial player needs quantum memory of size at least n/2 in order to break the protocol, where n is the number of qubits transmitted. This is in sharp contrast to the classical bounded-memory model, where we can only tolerate adversaries with memory of size quadratic in honest players’ memory size. Our protocols are efficient and noninteractive and can be implemented using today’s technology. On the technical side, a new entropic uncertainty relation involving min-entropy is established

Cryptography in the Bounded-Quantum-Storage Model

This thesis initiates the study of cryptographic protocols in the bounded-quantum-storage model. On the practical side, simple protocols for Rabin Oblivious Transfer, 1-2 Oblivious Transfer and Bit Commitment are presented. No quantum memory is required for honest players, whereas the protocols can only be broken by an adversary controlling a large amount of quantum memory. The protocols are efficient, non-interactive and can be implemented with today's technology. On the theoretical side, new entropic uncertainty relations involving min-entropy are established and used to prove the security of protocols according to new strong security definitions. For instance, in the realistic setting of Quantum Key Distribution (QKD) against quantum-memory-bounded eavesdroppers, the uncertainty relation allows to prove the security of QKD protocols while tolerating considerably higher error rates compared to the standard model with unbounded adversaries.Comment: PhD Thesis, BRICS, University of Aarhus, Denmark, 128 page

Robust Cryptography in the Noisy-Quantum-Storage Model

It was shown in [WST08] that cryptographic primitives can be implemented based on the assumption that quantum storage of qubits is noisy. In this work we analyze a protocol for the universal task of oblivious transfer that can be implemented using quantum-key-distribution (QKD) hardware in the practical setting where honest participants are unable to perform noise-free operations. We derive trade-offs between the amount of storage noise, the amount of noise in the operations performed by the honest participants and the security of oblivious transfer which are greatly improved compared to the results in [WST08]. As an example, we show that for the case of depolarizing noise in storage we can obtain secure oblivious transfer as long as the quantum bit-error rate of the channel does not exceed 11% and the noise on the channel is strictly less than the quantum storage noise. This is optimal for the protocol considered. Finally, we show that our analysis easily carries over to quantum protocols for secure identification.Comment: 34 pages, 2 figures. v2: clarified novelty of results, improved security analysis using fidelity-based smooth min-entropy, v3: typos and additivity proof in appendix correcte

Practical Quantum Bit Commitment Protocol

A quantum protocol for bit commitment the security of which is based on technological limitations on nondemolition measurements and long-term quantum memory is presented.Comment: Quantum Inf. Process. (2011

Quantum computing on encrypted data

The ability to perform computations on encrypted data is a powerful tool for protecting privacy. Recently, protocols to achieve this on classical computing systems have been found. Here we present an efficient solution to the quantum analogue of this problem that enables arbitrary quantum computations to be carried out on encrypted quantum data. We prove that an untrusted server can implement a universal set of quantum gates on encrypted quantum bits (qubits) without learning any information about the inputs, while the client, knowing the decryption key, can easily decrypt the results of the computation. We experimentally demonstrate, using single photons and linear optics, the encryption and decryption scheme on a set of gates sufficient for arbitrary quantum computations. Because our protocol requires few extra resources compared to other schemes it can be easily incorporated into the design of future quantum servers. These results will play a key role in enabling the development of secure distributed quantum systems

Conditional entropic uncertainty relations for Tsallis entropies

The entropic uncertainty relations are a very active field of scientific inquiry. Their applications include quantum cryptography and studies of quantum phenomena such as correlations and non-locality. In this work we find entanglement-dependent entropic uncertainty relations in terms of the Tsallis entropies for states with a fixed amount of entanglement. Our main result is stated as Theorem~\ref{th:bound}. Taking the special case of von Neumann entropy and utilizing the concavity of conditional von Neumann entropies, we extend our result to mixed states. Finally we provide a lower bound on the amount of extractable key in a quantum cryptographic scenario.Comment: 11 pages, 4 figure

A Tight High-Order Entropic Quantum Uncertainty Relation With Applications

We derive a new entropic quantum uncertainty relation involving min-entropy. The relation is tight and can be applied in various quantum-cryptographic settings. Protocols for quantum 1-out-of-2 Oblivious Transfer and quantum Bit Commitment are presented and the uncertainty relation is used to prove the security of these protocols in the bounded quantum-storage model according to new strong security definitions. As another application, we consider the realistic setting of Quantum Key Distribution (QKD) against quantum-memory-bounded eavesdroppers. The uncertainty relation allows to prove the security of QKD protocols in this setting while tolerating considerably higher error rates compared to the standard model with unbounded adversaries. For instance, for the six-state protocol with one-way communication, a bit-flip error rate of up to 17% can be tolerated (compared to 13% in the standard model). Our uncertainty relation also yields a lower bound on the min-entropy key uncertainty against known-plaintext attacks when quantum ciphers are composed. Previously, the key uncertainty of these ciphers was only known with respect to Shannon entropy.Comment: 21 pages; editorial changes, additional applicatio

Quantum Cryptography Beyond Quantum Key Distribution

Quantum cryptography is the art and science of exploiting quantum mechanical effects in order to perform cryptographic tasks. While the most well-known example of this discipline is quantum key distribution (QKD), there exist many other applications such as quantum money, randomness generation, secure two- and multi-party computation and delegated quantum computation. Quantum cryptography also studies the limitations and challenges resulting from quantum adversaries---including the impossibility of quantum bit commitment, the difficulty of quantum rewinding and the definition of quantum security models for classical primitives. In this review article, aimed primarily at cryptographers unfamiliar with the quantum world, we survey the area of theoretical quantum cryptography, with an emphasis on the constructions and limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference