Experimental implementation of bit commitment in the noisy-storage model

Fundamental primitives such as bit commitment and oblivious transfer serve as building blocks for many other two-party protocols. Hence, the secure implementation of such primitives are important in modern cryptography. In this work, we present a bit commitment protocol which is secure as long as the attacker's quantum memory device is imperfect. The latter assumption is known as the noisy-storage model. We experimentally executed this protocol by performing measurements on polarization-entangled photon pairs. Our work includes a full security analysis, accounting for all experimental error rates and finite size effects. This demonstrates the feasibility of two-party protocols in this model using real-world quantum devices. Finally, we provide a general analysis of our bit commitment protocol for a range of experimental parameters.Comment: 21 pages (7 main text +14 appendix), 6+3 figures. New version changed author's name from Huei Ying Nelly Ng to Nelly Huei Ying Ng, for consistency with other publication

Robust quantum data locking from phase modulation

Quantum data locking is a unique quantum phenomenon that allows a relatively short key to (un)lock an arbitrarily long message encoded in a quantum state, in such a way that an eavesdropper who measures the state but does not know the key has essentially no information about the encrypted message. The application of quantum data locking in cryptography would allow one to overcome the limitations of the one-time pad encryption, which requires the key to have the same length as the message. However, it is known that the strength of quantum data locking is also its Achilles heel, as the leakage of a few bits of the key or the message may in principle allow the eavesdropper to unlock a disproportionate amount of information. In this paper we show that there exist quantum data locking schemes that can be made robust against information leakage by increasing the length of the shared key by a proportionate amount. This implies that a constant size key can still encrypt an arbitrarily long message as long as a fraction of it remains secret to the eavesdropper. Moreover, we greatly simplify the structure of the protocol by proving that phase modulation suffices to generate strong locking schemes, paving the way to optical experimental realizations. Also, we show that successful data locking protocols can be constructed using random codewords, which very well could be helpful in discovering random codes for data locking over noisy quantum channels.Comment: A new result on the robustness of quantum data locking has been adde