One-Sided Device-Independent QKD and Position-based Cryptography from Monogamy Games

A serious concern with quantum key distribution (QKD) schemes is that, when under attack, the quantum devices in a real-life implementation may behave differently than modeled in the security proof. This can lead to real-life attacks against provably secure QKD schemes. In this work, we show that the standard BB84 QKD scheme is one-sided device-independent. This means that security holds even if Bob\u27s quantum device is arbitrarily malicious, as long as Alice\u27s device behaves as it should. Thus, we can completely remove the trust into Bob\u27s quantum device for free, without the need for changing the scheme, and without the need for hard-to-implement loophole-free violations of Bell inequality, as is required for fully (meaning two-sided) device-independent QKD. For our analysis, we introduce a new quantum game, called a monogamy-of-entanglement game, and we show a strong parallel repetition theorem for this game. This new notion is likely to be of independent interest and to find additional applications. Indeed, besides the application to QKD, we also show a direct application to position-based quantum cryptography: we give the first security proof for a one-round position-verification scheme that requires only single-qubit operations

Quantum authentication and encryption with key recycling

We propose an information-theoretically secure encryption scheme for classical messages with quantum ciphertexts that offers detection of eavesdropping attacks, and re-usability of the key in case no eavesdropping took place: the entire key can be securely re-used for encrypting new messages as long as no attack is detected. This is known to be impossible for fully classical schemes, where there is no way to detect plain eavesdropping attacks. This particular application of quantum techniques to cryptography was originally proposed by Bennett, Brassard and Breidbart in 1982, even before proposing quantum-key-distribution, and a simple candidate scheme was suggested but no rigorous security analysis was given. The idea was picked up again in 2005, when Damgård, Pedersen and Salvail suggested a new scheme for the same task, but now with a rigorous security analysis. However, their scheme is much more demanding in terms of quantum capabilities: it requires the users to have a quantum computer. In contrast, and like the original scheme by Bennett et al., our new scheme requires from the honest users merely to prepare and measure single BB84 qubits. As such, we not only show the first provably-secure scheme that is within reach of current technology, but we also confirm Bennett et al.’s original intuition that a scheme in the spirit of their original construction is indeed secure

One-sided device-independent QKD and position-based cryptography from monogamy games

10.1007/978-3-642-38348-9_36Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)7881 LNCS609-62

One-Sided Device Independent QKD and Position-Based Cryptography from Monogamy Games

A serious concern with quantum key distribution (QKD) schemes is that, when under attack, the quantum devices in a real-life implementation may behave differently than modeled in the security proof. This can lead to real-life attacks against provably secure QKD schemes. In this work, we show that the standard BB84 QKD scheme is one-sided device-independent. This means that security holds even if Bob’s quantum device is arbitrarily malicious, as long as Alice’s device behaves as it should. Thus, we can completely remove the trust into Bob’s quantum device for free, without the need for changing the scheme, and without the need for hard-to-implement loophole-free violations of Bell inequality, as is required for fully (meaning two-sided) device-independent QKD. For our analysis, we introduce a new quantum game, called a monogamy-of-entanglement game, and we show a strong parallel repetition theorem for this game. This new notion is likely to be of independent interest and to find additional applications. Indeed, besides the application to QKD, we also show a direct application to position-based quantum cryptography: we give the first security proof for a one-round position-verification scheme that requires only single-qubit operations

Certifying long-range quantum correlations through routed Bell tests

Losses in the transmission channel, which increase with distance, pose a major obstacle to photonics demonstrations of quantum nonlocality and its applications. Recently, Chaturvedi, Viola, and Pawlowski (CVP) [arXiv:2211.14231] introduced a variation of standard Bell experiments with the goal of extending the range over which quantum nonlocality can be demonstrated. In these experiments, which we call 'routed Bell experiments', Bob can route his quantum particle along two possible paths and measure it at two distinct locations - one near and another far from the source. The idea is that a Bell violation in the short-path should weaken the conditions required to detect nonlocal correlations in the long-path. Indeed, CVP showed that there are quantum correlations in routed Bell experiments such that the outcomes of the remote device cannot be classically predetermined, even when its detection efficiency is arbitrarily low. In this paper, we show that the correlations considered by CVP, though they cannot be classically predetermined, do not require the transmission of quantum systems to the remote device. This leads us to define the concept of 'short-range' and 'long-range' quantum correlations in routed Bell experiments. We show that these correlations can be characterized through standard semidefinite programming hierarchies for non-commutative polynomial optimization. We then explore the conditions under which short-range quantum correlations can be ruled out. We point out that there exist fundamental lower-bounds on the critical detection efficiency of the distant device, implying that routed Bell experiments cannot demonstrate long-range quantum nonlocality at arbitrarily large distances. However, we do find that routed Bell experiments allow for reducing the detection efficiency threshold. The improvements, though, are significantly smaller than those suggested by CVP's analysis.Comment: 35 pages, 17 figures. Comments are welcome. Changelog: Version 2 - Updated the abridged abstract on arXiv. Manuscript unchanged ; Version 3 - Corrected minor typos in Proposition

Limitations on Protecting Information Against Quantum Adversaries

The aim of this thesis is to understand the fundamental limitations on secret key distillation in various settings of quantum key distribution. We first consider quantum steering, which is a resource for one-sided device-independent quantum key distribution. We introduce a conditional mutual information based quantifier for quantum steering, which we call intrinsic steerability. Next, we consider quantum non-locality, which is a resource for device-independent quantum key distribution. In this context, we introduce a quantifier, intrinsic non-locality, which is a monotone in the resource theory of Bell non-locality. Both these quantities are inspired by intrinsic information and squashed entanglement and are based on conditional mutual information. The idea behind these quantifiers is to suppress the correlations that can be explained by a local hidden variable or by an inaccessible quantum system, thus quantifying the remaining intrinsic correlations. We then prove various properties of these two monotones, which includes the following: monotonicity under free operations, additivity under tensor product of objects, convexity, and faithfulness, among others. Next, we prove that intrinsic steerability is an upper bound on the secret-key-agreement capacity of an assemblage, and intrinsic non-locality is an upper bound on the secret-key-agreement capacity of a quantum probability distribution. Thus we prove that these quantities are upper bounds on the achievable key rates in one-sided device-independent and device-independent quantum key distribution protocols. We also calculate these bounds for certain honest devices. The study of these upper bounds is instrumental in understanding the limitations of protocols that can be designed for various settings. These upper bounds inform us that, even if one considers the best possible protocol, there is no possibility of exceeding the upper bounds on key rates without a quantum repeater. The upper bounds introduced in this thesis are an important step for initiating this line of research in one-sided device-independent and in device-independent quantum key distribution