Entanglement-assisted communication of classical and quantum information

We consider the problem of transmitting classical and quantum information reliably over an entanglement-assisted quantum channel. Our main result is a capacity theorem that gives a three-dimensional achievable rate region. Points in the region are rate triples, consisting of the classical communication rate, the quantum communication rate, and the entanglement consumption rate of a particular coding scheme. The crucial protocol in achieving the boundary points of the capacity region is a protocol that we name the classically-enhanced father protocol. The classically-enhanced father protocol is more general than other protocols in the family tree of quantum Shannon theoretic protocols, in the sense that several previously known quantum protocols are now child protocols of it. The classically-enhanced father protocol also shows an improvement over a time-sharing strategy for the case of a qubit dephasing channel--this result justifies the need for simultaneous coding of classical and quantum information over an entanglement-assisted quantum channel. Our capacity theorem is of a multi-letter nature (requiring a limit over many uses of the channel), but it reduces to a single-letter characterization for at least three channels: the completely depolarizing channel, the quantum erasure channel, and the qubit dephasing channel.Comment: 23 pages, 5 figures, 1 table, simplification of capacity region--it now has the simple interpretation as the unit resource capacity region translated along the classically-enhanced father trade-off curv

Energy-Constrained Quantum Communication and Digital Dynamical Decoupling

This is a two-part thesis glued together by an everlasting theme in Quantum Information Science \-- to save the quantum state, or the information stored in it, from unavoidably environment-induced noise. The first part of this thesis studies the ultimate rate of reliably transmitting information, stored in quantum systems, through a noisy evolution. Specifically, we consider communication over optical links, upon which future inter-city quantum communication networks will be built. We show how to treat the infinite-dimensional bosonic system rigorously and establish the theory of energy-constrained private and quantum communication over quantum channels. Our result represents important progress in the field of energy-constrained quantum communication theory. As an example of communication over optical channels, we solve the triple trade-off capacity and broadcast capacity of quantum-limited amplifier channels. Our result not only includes two single-letter capacities, which are rare in quantum communication theory, but it is also the only known application of a recently proved minimum output-entropy conjecture. The second part of my thesis includes two of my works on dynamical decoupling (DD). DD is an open-loop technique to keep a qubit alive during decoherence, which is important for the actual implementation of quantum memory or a quantum computer. Instead of treating quantum evolution as a completely positive trace preserving map like in communication theory, we consider time-dependent evolution of a specific quantum system in quantum control theory. With more than decade of development of the theory of DD, people started to focus on pulse sequences with low sequencing complexity (called digital pulse sequences), which are required for large-scale implementation of quantum computation devices. We propose two unifying frameworks to systematically generate these engineering-friendly pulse sequences. Surprisingly, we prove that these two frameworks are actually two sides of the same coin, and thus our work greatly deepens our understanding of the underlying structure and the decoupling performance of digital pulse sequences

Computational Quantum Secret Sharing

Quantum secret sharing (QSS) allows a dealer to distribute a secret quantum state among a set of parties in such a way that certain authorized subsets can reconstruct the secret, while unauthorized subsets obtain no information about it. Previous works on QSS for general access structures focused solely on the existence of perfectly secure schemes, and the share size of the known schemes is necessarily exponential even in cases where the access structure is computed by polynomial size monotone circuits. This stands in stark contrast to the classical setting, where polynomial-time computationally-secure secret sharing schemes have been long known for all access structures computed by polynomial-size monotone circuits under standard hardness assumptions, and one can even obtain shares which are much shorter than the secret (which is impossible with perfect security). While QSS was introduced over twenty years ago, previous works only considered information-theoretic privacy. In this work, we initiate the study of computationally-secure QSS and show that computational assumptions help significantly in building QSS schemes, just as in the classical case. We present a simple compiler and use it to obtain a large variety results: We construct polynomial-time computationally-secure QSS schemes under standard hardness assumptions for a rich class of access structures. This includes many access structures for which previous results in QSS necessarily required exponential share size. In fact, we can go even further: We construct QSS schemes for which the size of the quantum shares is significantly smaller than the size of the secret. As in the classical setting, this is impossible with perfect security. We also apply our compiler to obtain results beyond computational QSS. In the information-theoretic setting, we improve the share size of perfect QSS schemes for a large class of n-party access structures to 1.5^{n+o(n)}, improving upon best known schemes and matching the best known result for general access structures in the classical setting. Finally, among other things, we study the class of access structures which can be efficiently implemented when the quantum secret sharing scheme has access to a given number of copies of the secret, including all such functions in ? and NP

Private Randomness Agreement and its Application in Quantum Key Distribution Networks

We define a variation on the well-known problem of private message transmission. This new problem called private randomness agreement (PRA) gives two participants access to a public, authenticated channel alongside the main channels, and the 'message' is not fixed a priori. Instead, the participants aim to agree on a random string completely unknown to a computationally unbounded adversary. We define privacy and reliability, and show that PRA cannot be solved in a single round. We then show that it can be solved in three rounds, albeit with exponential cost, and give an efficient four-round protocol based on polynomial evaluation.Comment: 6 page

Quantum information theory

Finally, here is a modern, self-contained text on quantum information theory suitable for graduate-level courses. Developing the subject \u27from the ground up\u27 it covers classical results as well as major advances of the past decade. Beginning with an extensive overview of classical information theory suitable for the non-expert, the author then turns his attention to quantum mechanics for quantum information theory, and the important protocols of teleportation, super-dense coding and entanglement distribution. He develops all of the tools necessary for understanding important results in quantum information theory, including capacity theorems for classical, entanglement-assisted, private and quantum communication. The book also covers important recent developments such as superadditivity of private, coherent and Holevo information, and the superactivation of quantum capacity. This book will be warmly welcomed by the upcoming generation of quantum information theorists and the already established community of classical information theorists

The Role of A-priori Information in Networks of Rational Agents

Until now, distributed algorithms for rational agents have assumed a-priori knowledge of n, the size of the network. This assumption is challenged here by proving how much a-priori knowledge is necessary for equilibrium in different distributed computing problems. Duplication - pretending to be more than one agent - is the main tool used by agents to deviate and increase their utility when not enough knowledge about n is given. We begin by proving that when no information on n is given, equilibrium is impossible for both Coloring and Knowledge Sharing. We then provide new algorithms for both problems when n is a-priori known to all agents. However, what if agents have partial knowledge about n? We provide tight upper and lower bounds that must be a-priori known on n for equilibrium to be possible in Leader Election, Knowledge Sharing, Coloring, Partition and Orientation

Removing the Field Size Loss from Duc et al.\u27s Conjectured Bound for Masked Encodings

At Eurocrypt 2015, Duc et al. conjectured that the success rate of a side-channel attack targeting an intermediate computation encoded in a linear secret-sharing, a.k.a masking with $d+1$ shares, could be inferred by measuring the mutual information between the leakage and each share separately. This way, security bounds can be derived without having to mount the complete attack. So far, the best proven bounds for masked encodings were nearly tight with the conjecture, up to a constant factor overhead equal to the field size, which may still give loose security guarantees compared to actual attacks. In this paper, we improve upon the state-of-the-art bounds by removing the field size loss, in the cases of Boolean masking and arithmetic masking modulo a power of two. As an example, when masking in the AES field, our new bound outperforms the former ones by a factor $256$. Moreover, we provide theoretical hints that similar results could hold for masking in other fields as well

On Polynomial Secret Sharing Schemes

Nearly all secret sharing schemes studied so far are linear or multi-linear schemes. Although these schemes allow to implement any monotone access structure, the share complexity, $SC$, may be suboptimal -- there are access structures for which the gap between the best known lower bounds and best known multi-linear schemes is exponential. There is growing evidence in the literature, that non-linear schemes can improve share complexity for some access structures, with the work of Beimel and Ishai (CCC \u2701) being among the first to demonstrate it. This motivates further study of non linear schemes. We initiate a systematic study of polynomial secret sharing schemes (PSSS), where shares are (multi-variate) polynomials of secret and randomness vectors $\vec{s},\vec{r}$ respectively over some finite field \F_q. Our main hope is that the algebraic structure of polynomials would help obtain better lower bounds than those known for the general secret sharing. Some of the initial results we prove in this work are as follows. \textbf{On share complexity of polynomial schemes.}\\ First we study degree (at most) 1 in randomness variables $\vec{r}$ (where the degree of secret variables is unlimited). We have shown that for a large subclass of these schemes, there exist equivalent multi-linear schemes with $O(n)$ share complexity overhead. Namely, PSSS where every polynomial misses monomials of exact degree $c\geq 2$ in $\vec{s}$ and 0 in $\vec{r}$, and PSSS where all polynomials miss monomials of exact degree $\geq 1$ in $\vec{s}$ and 1 in $\vec{r}$. This translates the known lower bound of $\Omega(n^{\log(n)})$ for multi linear schemes onto a class of schemes strictly larger than multi linear schemes, to contrast with the best $\Omega(n^2/\log(n))$ bound known for general schemes, with no progress since 94\u27. An observation in the positive direction we make refers to the share complexity (per bit) of multi linear schemes (polynomial schemes of total degree 1). We observe that the scheme by Liu et. al obtaining share complexity $O(2^{0.994n})$ can be transformed into a multi-linear scheme with similar share complexity per bit, for sufficiently long secrets. % For the next natural degree to consider, 2 in $\vec{r}$, we have shown that PSSS where all share polynomials are of exact degree 2 in $\vec{r}$ (without exact degree 1 in $\vec{r}$ monomials) where \F_q has odd characteristic, can implement only trivial access structures where the minterms consist of single parties. Obtaining improved lower bounds for degree-2 in $\vec{r}$ PSSS, and even arbitrary degree-1 in $\vec{r}$ PSSS is left as an interesting open question. \textbf{On the randomness complexity of polynomial schemes.}\\ We prove that for every degree-2 polynomial secret sharing scheme, there exists an equivalent degree-2 scheme with identical share complexity with randomness complexity, $RC$, bounded by $2^{poly(SC)}$. For general PSSS, we obtain a similar bound on $RC$ (preserving $SC$ and \F_q but not degree). So far, bounds on randomness complexity were known only for multi linear schemes, demonstrating that $RC \leq SC$ is always achievable. Our bounds are not nearly as practical as those for multi-linear schemes, and should be viewed as a proof of concept. If a much better bound for some degree bound $d=O(1)$ is obtained, it would lead directly to super-polynomial counting-based lower bounds for degree-$d$ PSSS over constant-sized fields. Another application of low (say, polynomial) randomness complexity is transforming polynomial schemes with polynomial-sized (in $n$) algebraic formulas $C(\vec{s},\vec{r})$ for each share , into a degree-3 scheme with only polynomial blowup in share complexity, using standard randomizing polynomials constructions