Towards Communication-Efficient Quantum Oblivious Key Distribution

Oblivious Transfer, a fundamental problem in the field of secure multi-party computation is defined as follows: A database DB of N bits held by Bob is queried by a user Alice who is interested in the bit DB_b in such a way that (1) Alice learns DB_b and only DB_b and (2) Bob does not learn anything about Alice's choice b. While solutions to this problem in the classical domain rely largely on unproven computational complexity theoretic assumptions, it is also known that perfect solutions that guarantee both database and user privacy are impossible in the quantum domain. Jakobi et al. [Phys. Rev. A, 83(2), 022301, Feb 2011] proposed a protocol for Oblivious Transfer using well known QKD techniques to establish an Oblivious Key to solve this problem. Their solution provided a good degree of database and user privacy (using physical principles like impossibility of perfectly distinguishing non-orthogonal quantum states and the impossibility of superluminal communication) while being loss-resistant and implementable with commercial QKD devices (due to the use of SARG04). However, their Quantum Oblivious Key Distribution (QOKD) protocol requires a communication complexity of O(N log N). Since modern databases can be extremely large, it is important to reduce this communication as much as possible. In this paper, we first suggest a modification of their protocol wherein the number of qubits that need to be exchanged is reduced to O(N). A subsequent generalization reduces the quantum communication complexity even further in such a way that only a few hundred qubits are needed to be transferred even for very large databases.Comment: 7 page

Exponential Lower Bound for 2-Query Locally Decodable Codes via a Quantum Argument

A locally decodable code encodes n-bit strings x in m-bit codewords C(x), in such a way that one can recover any bit x_i from a corrupted codeword by querying only a few bits of that word. We use a quantum argument to prove that LDCs with 2 classical queries need exponential length: m=2^{Omega(n)}. Previously this was known only for linear codes (Goldreich et al. 02). Our proof shows that a 2-query LDC can be decoded with only 1 quantum query, and then proves an exponential lower bound for such 1-query locally quantum-decodable codes. We also show that q quantum queries allow more succinct LDCs than the best known LDCs with q classical queries. Finally, we give new classical lower bounds and quantum upper bounds for the setting of private information retrieval. In particular, we exhibit a quantum 2-server PIR scheme with O(n^{3/10}) qubits of communication, improving upon the O(n^{1/3}) bits of communication of the best known classical 2-server PIR.Comment: 16 pages Latex. 2nd version: title changed, large parts rewritten, some results added or improve

Quantum Cryptography Based Solely on Bell's Theorem

Information-theoretic key agreement is impossible to achieve from scratch and must be based on some - ultimately physical - premise. In 2005, Barrett, Hardy, and Kent showed that unconditional security can be obtained in principle based on the impossibility of faster-than-light signaling; however, their protocol is inefficient and cannot tolerate any noise. While their key-distribution scheme uses quantum entanglement, its security only relies on the impossibility of superluminal signaling, rather than the correctness and completeness of quantum theory. In particular, the resulting security is device independent. Here we introduce a new protocol which is efficient in terms of both classical and quantum communication, and that can tolerate noise in the quantum channel. We prove that it offers device-independent security under the sole assumption that certain non-signaling conditions are satisfied. Our main insight is that the XOR of a number of bits that are partially secret according to the non-signaling conditions turns out to be highly secret. Note that similar statements have been well-known in classical contexts. Earlier results had indicated that amplification of such non-signaling-based privacy is impossible to achieve if the non-signaling condition only holds between events on Alice's and Bob's sides. Here, we show that the situation changes completely if such a separation is given within each of the laboratories.Comment: 32 pages, v2: changed introduction, added reference

Unconditional security at a low cost

By simulating four quantum key distribution (QKD) experiments and analyzing one decoy-state QKD experiment, we compare two data post-processing schemes based on security against individual attack by L\"{u}tkenhaus, and unconditional security analysis by Gottesman-Lo-L\"{u}tkenhaus-Preskill. Our results show that these two schemes yield close performances. Since the Holy Grail of QKD is its unconditional security, we conclude that one is better off considering unconditional security, rather than restricting to individual attacks.Comment: Accepted by International Conference on Quantum Foundation and Technology: Frontier and Future 2006 (ICQFT'06