On the Efficiency of Classical and Quantum Secure Function Evaluation

We provide bounds on the efficiency of secure one-sided output two-party computation of arbitrary finite functions from trusted distributed randomness in the statistical case. From these results we derive bounds on the efficiency of protocols that use different variants of OT as a black-box. When applied to implementations of OT, these bounds generalize most known results to the statistical case. Our results hold in particular for transformations between a finite number of primitives and for any error. In the second part we study the efficiency of quantum protocols implementing OT. While most classical lower bounds for perfectly secure reductions of OT to distributed randomness still hold in the quantum setting, we present a statistically secure protocol that violates these bounds by an arbitrarily large factor. We then prove a weaker lower bound that does hold in the statistical quantum setting and implies that even quantum protocols cannot extend OT. Finally, we present two lower bounds for reductions of OT to commitments and a protocol based on string commitments that is optimal with respect to both of these bounds

Composable Security in the Bounded-Quantum-Storage Model

We present a simplified framework for proving sequential composability in the quantum setting. In particular, we give a new, simulation-based, definition for security in the bounded-quantum-storage model, and show that this definition allows for sequential composition of protocols. Damgard et al. (FOCS '05, CRYPTO '07) showed how to securely implement bit commitment and oblivious transfer in the bounded-quantum-storage model, where the adversary is only allowed to store a limited number of qubits. However, their security definitions did only apply to the standalone setting, and it was not clear if their protocols could be composed. Indeed, we first give a simple attack that shows that these protocols are not composable without a small refinement of the model. Finally, we prove the security of their randomized oblivious transfer protocol in our refined model. Secure implementations of oblivious transfer and bit commitment then follow easily by a (classical) reduction to randomized oblivious transfer.Comment: 21 page

Metropolitan all-pass and inter-city quantum communication network

We have demonstrated a metropolitan all-pass quantum communication network in field fiber for four nodes. Any two nodes of them can be connected in the network to perform quantum key distribution (QKD). An optical switching module is presented that enables arbitrary 2-connectivity among output ports. Integrated QKD terminals are worked out, which can operate either as a transmitter, a receiver, or even both at the same time. Furthermore, an additional link in another city of 60 km fiber (up to 130 km) is seamless integrated into this network based on a trusted relay architecture. On all the links, we have implemented protocol of decoy state scheme. All of necessary electrical hardware, synchronization, feedback control, network software, execution of QKD protocols are made by tailored designing, which allow a completely automatical and stable running. Our system has been put into operation in Hefei in August 2009, and publicly demonstrated during an evaluation conference on quantum network organized by the Chinese Academy of Sciences on August 29, 2009. Real-time voice telephone with one-time pad encoding between any two of the five nodes (four all-pass nodes plus one additional node through relay) is successfully established in the network within 60km.Comment: 9 pages, 2 figures, 2 table