1,614 research outputs found
The impossibility of non-signaling privacy amplification
Barrett, Hardy, and Kent have shown in 2005 that protocols for quantum key
agreement exist the security of which can be proven under the assumption that
quantum or relativity theory is correct. More precisely, this is based on the
non-local behavior of certain quantum systems, combined with the non-signaling
postulate from relativity. An advantage is that the resulting security is
independent of what (quantum) systems the legitimate parties' devices operate
on: they do not have to be trusted. Unfortunately, the protocol proposed by
Barrett et al. cannot tolerate any errors caused by noise in the quantum
channel. Furthermore, even in the error-free case it is inefficient: its
communication complexity is Theta(1/epsilon) when forcing the attacker's
information below epsilon, even if only a single key bit is generated.
Potentially, the problem can be solved by privacy amplification of relativistic
- or non-signaling - secrecy. We show, however, that such privacy amplification
is impossible with respect to the most important form of non-local behavior,
and application of arbitrary hash functions.Comment: 24 pages, 2 figure
Separation of Reliability and Secrecy in Rate-Limited Secret-Key Generation
For a discrete or a continuous source model, we study the problem of
secret-key generation with one round of rate-limited public communication
between two legitimate users. Although we do not provide new bounds on the
wiretap secret-key (WSK) capacity for the discrete source model, we use an
alternative achievability scheme that may be useful for practical applications.
As a side result, we conveniently extend known bounds to the case of a
continuous source model. Specifically, we consider a sequential key-generation
strategy, that implements a rate-limited reconciliation step to handle
reliability, followed by a privacy amplification step performed with extractors
to handle secrecy. We prove that such a sequential strategy achieves the best
known bounds for the rate-limited WSK capacity (under the assumption of
degraded sources in the case of two-way communication). However, we show that,
unlike the case of rate-unlimited public communication, achieving the
reconciliation capacity in a sequential strategy does not necessarily lead to
achieving the best known bounds for the WSK capacity. Consequently, reliability
and secrecy can be treated successively but not independently, thereby
exhibiting a limitation of sequential strategies for rate-limited public
communication. Nevertheless, we provide scenarios for which reliability and
secrecy can be treated successively and independently, such as the two-way
rate-limited SK capacity, the one-way rate-limited WSK capacity for degraded
binary symmetric sources, and the one-way rate-limited WSK capacity for
Gaussian degraded sources.Comment: 18 pages, two-column, 9 figures, accepted to IEEE Transactions on
Information Theory; corrected typos; updated references; minor change in
titl
A classical analogue of entanglement
We show that quantum entanglement has a very close classical analogue, namely
secret classical correlations. The fundamental analogy stems from the behavior
of quantum entanglement under local operations and classical communication and
the behavior of secret correlations under local operations and public
communication. A large number of derived analogies follow. In particular
teleportation is analogous to the one-time-pad, the concept of ``pure state''
exists in the classical domain, entanglement concentration and dilution are
essentially classical secrecy protocols, and single copy entanglement
manipulations have such a close classical analog that the majorization results
are reproduced in the classical setting. This analogy allows one to import
questions from the quantum domain into the classical one, and vice-versa,
helping to get a better understanding of both. Also, by identifying classical
aspects of quantum entanglement it allows one to identify those aspects of
entanglement which are uniquely quantum mechanical.Comment: 13 pages, references update
On the Commitment Capacity of Unfair Noisy Channels
Noisy channels are a valuable resource from a cryptographic point of view.
They can be used for exchanging secret-keys as well as realizing other
cryptographic primitives such as commitment and oblivious transfer. To be
really useful, noisy channels have to be consider in the scenario where a
cheating party has some degree of control over the channel characteristics.
Damg\r{a}rd et al. (EUROCRYPT 1999) proposed a more realistic model where such
level of control is permitted to an adversary, the so called unfair noisy
channels, and proved that they can be used to obtain commitment and oblivious
transfer protocols. Given that noisy channels are a precious resource for
cryptographic purposes, one important question is determining the optimal rate
in which they can be used. The commitment capacity has already been determined
for the cases of discrete memoryless channels and Gaussian channels. In this
work we address the problem of determining the commitment capacity of unfair
noisy channels. We compute a single-letter characterization of the commitment
capacity of unfair noisy channels. In the case where an adversary has no
control over the channel (the fair case) our capacity reduces to the well-known
capacity of a discrete memoryless binary symmetric channel
A Talk on Quantum Cryptography, or How Alice Outwits Eve
Alice and Bob wish to communicate without the archvillainess Eve
eavesdropping on their conversation. Alice, decides to take two college
courses, one in cryptography, the other in quantum mechanics. During the
courses, she discovers she can use what she has just learned to devise a
cryptographic communication system that automatically detects whether or not
Eve is up to her villainous eavesdropping. Some of the topics discussed are
Heisenberg's Uncertainty Principle, the Vernam cipher, the BB84 and B92
cryptographic protocols. The talk ends with a discussion of some of Eve's
possible eavesdropping strategies, opaque eavesdropping, translucent
eavesdropping, and translucent eavesdropping with entanglement.Comment: 31 pages, 8 figures. Revised version of a paper published in "Coding
Theory, and Cryptography: From Geheimscheimschreiber and Enigma to Quantum
Theory," (edited by David Joyner), Springer-Verlag, 1999 (pp. 144-174). To be
published with the permission of Springer-Verlag in an AMS PSAPM Short Course
volume entitled "Quantum Computation.
Information-theoretic Physical Layer Security for Satellite Channels
Shannon introduced the classic model of a cryptosystem in 1949, where Eve has
access to an identical copy of the cyphertext that Alice sends to Bob. Shannon
defined perfect secrecy to be the case when the mutual information between the
plaintext and the cyphertext is zero. Perfect secrecy is motivated by
error-free transmission and requires that Bob and Alice share a secret key.
Wyner in 1975 and later I.~Csisz\'ar and J.~K\"orner in 1978 modified the
Shannon model assuming that the channels are noisy and proved that secrecy can
be achieved without sharing a secret key. This model is called wiretap channel
model and secrecy capacity is known when Eve's channel is noisier than Bob's
channel.
In this paper we review the concept of wiretap coding from the satellite
channel viewpoint. We also review subsequently introduced stronger secrecy
levels which can be numerically quantified and are keyless unconditionally
secure under certain assumptions. We introduce the general construction of
wiretap coding and analyse its applicability for a typical satellite channel.
From our analysis we discuss the potential of keyless information theoretic
physical layer security for satellite channels based on wiretap coding. We also
identify system design implications for enabling simultaneous operation with
additional information theoretic security protocols
- âŠ