Leftover Hashing Against Quantum Side Information

The Leftover Hash Lemma states that the output of a two-universal hash function applied to an input with sufficiently high entropy is almost uniformly random. In its standard formulation, the lemma refers to a notion of randomness that is (usually implicitly) defined with respect to classical side information. Here, we prove a (strictly) more general version of the Leftover Hash Lemma that is valid even if side information is represented by the state of a quantum system. Furthermore, our result applies to arbitrary delta-almost two-universal families of hash functions. The generalized Leftover Hash Lemma has applications in cryptography, e.g., for key agreement in the presence of an adversary who is not restricted to classical information processing

Non-Asymptotic Analysis of Privacy Amplification via Renyi Entropy and Inf-Spectral Entropy

This paper investigates the privacy amplification problem, and compares the existing two bounds: the exponential bound derived by one of the authors and the min-entropy bound derived by Renner. It turns out that the exponential bound is better than the min-entropy bound when a security parameter is rather small for a block length, and that the min-entropy bound is better than the exponential bound when a security parameter is rather large for a block length. Furthermore, we present another bound that interpolates the exponential bound and the min-entropy bound by a hybrid use of the Renyi entropy and the inf-spectral entropy.Comment: 6 pages, 4 figure

Variations on Classical and Quantum Extractors

Many constructions of randomness extractors are known to work in the presence of quantum side information, but there also exist extractors which do not [Gavinsky {\it et al.}, STOC'07]. Here we find that spectral extractors $\psi$ with a bound on the second largest eigenvalue $\lambda_{2}(\psi^{\dagger}\circ\psi)$ are quantum-proof. We then discuss fully quantum extractors and call constructions that also work in the presence of quantum correlations decoupling. As in the classical case we show that spectral extractors are decoupling. The drawback of classical and quantum spectral extractors is that they always have a long seed, whereas there exist classical extractors with exponentially smaller seed size. For the quantum case, we show that there exists an extractor with extremely short seed size $d=O(\log(1/\epsilon))$, where $\epsilon>0$ denotes the quality of the randomness. In contrast to the classical case this is independent of the input size and min-entropy and matches the simple lower bound $d\geq\log(1/\epsilon)$.Comment: 7 pages, slightly enhanced IEEE ISIT submission including all the proof

Source-device-independent heterodyne-based quantum random number generator at 17 Gbps

For many applications, quantum random number generation should be fast and independent from assumptions on the apparatus. Here, the authors devise and implement an approach which assumes a trusted detector but not a trusted source, and allows random bit generations at ~17 Gbps using off-the-shelf components

Insider-proof encryption with applications for quantum key distribution

It has been pointed out that current protocols for device independent quantum key distribution can leak key to the adversary when devices are used repeatedly and that this issue has not been addressed. We introduce the notion of an insider-proof channel. This allows us to propose a means by which devices with memories could be reused from one run of a device independent quantum key distribution protocol to the next while bounding the leakage to Eve, under the assumption that one run of the protocol could be completed securely using devices with memories.Comment: 20 pages, version 2: new presentation introducing the insider-proof channel as a cryptographic elemen

Source-independent quantum random number generation

Quantum random number generators can provide genuine randomness by appealing to the fundamental principles of quantum mechanics. In general, a physical generator contains two parts---a randomness source and its readout. The source is essential to the quality of the resulting random numbers; hence, it needs to be carefully calibrated and modeled to achieve information-theoretical provable randomness. However, in practice, the source is a complicated physical system, such as a light source or an atomic ensemble, and any deviations in the real-life implementation from the theoretical model may affect the randomness of the output. To close this gap, we propose a source-independent scheme for quantum random number generation in which output randomness can be certified, even when the source is uncharacterized and untrusted. In our randomness analysis, we make no assumptions about the dimension of the source. For instance, multiphoton emissions are allowed in optical implementations. Our analysis takes into account the finite-key effect with the composable security definition. In the limit of large data size, the length of the input random seed is exponentially small compared to that of the output random bit. In addition, by modifying a quantum key distribution system, we experimentally demonstrate our scheme and achieve a randomness generation rate of over $5\times 10^3$ bit/s.Comment: 11 pages, 7 figure