1,594 research outputs found
Robust Cryptography in the Noisy-Quantum-Storage Model
It was shown in [WST08] that cryptographic primitives can be implemented
based on the assumption that quantum storage of qubits is noisy. In this work
we analyze a protocol for the universal task of oblivious transfer that can be
implemented using quantum-key-distribution (QKD) hardware in the practical
setting where honest participants are unable to perform noise-free operations.
We derive trade-offs between the amount of storage noise, the amount of noise
in the operations performed by the honest participants and the security of
oblivious transfer which are greatly improved compared to the results in
[WST08]. As an example, we show that for the case of depolarizing noise in
storage we can obtain secure oblivious transfer as long as the quantum
bit-error rate of the channel does not exceed 11% and the noise on the channel
is strictly less than the quantum storage noise. This is optimal for the
protocol considered. Finally, we show that our analysis easily carries over to
quantum protocols for secure identification.Comment: 34 pages, 2 figures. v2: clarified novelty of results, improved
security analysis using fidelity-based smooth min-entropy, v3: typos and
additivity proof in appendix correcte
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Quantum to Classical Randomness Extractors
The goal of randomness extraction is to distill (almost) perfect randomness
from a weak source of randomness. When the source yields a classical string X,
many extractor constructions are known. Yet, when considering a physical
randomness source, X is itself ultimately the result of a measurement on an
underlying quantum system. When characterizing the power of a source to supply
randomness it is hence a natural question to ask, how much classical randomness
we can extract from a quantum system. To tackle this question we here take on
the study of quantum-to-classical randomness extractors (QC-extractors). We
provide constructions of QC-extractors based on measurements in a full set of
mutually unbiased bases (MUBs), and certain single qubit measurements. As the
first application, we show that any QC-extractor gives rise to entropic
uncertainty relations with respect to quantum side information. Such relations
were previously only known for two measurements. As the second application, we
resolve the central open question in the noisy-storage model [Wehner et al.,
PRL 100, 220502 (2008)] by linking security to the quantum capacity of the
adversary's storage device.Comment: 6+31 pages, 2 tables, 1 figure, v2: improved converse parameters,
typos corrected, new discussion, v3: new reference
Unconditional security from noisy quantum storage
We consider the implementation of two-party cryptographic primitives based on
the sole assumption that no large-scale reliable quantum storage is available
to the cheating party. We construct novel protocols for oblivious transfer and
bit commitment, and prove that realistic noise levels provide security even
against the most general attack. Such unconditional results were previously
only known in the so-called bounded-storage model which is a special case of
our setting. Our protocols can be implemented with present-day hardware used
for quantum key distribution. In particular, no quantum storage is required for
the honest parties.Comment: 25 pages (IEEE two column), 13 figures, v4: published version (to
appear in IEEE Transactions on Information Theory), including bit wise
min-entropy sampling. however, for experimental purposes block sampling can
be much more convenient, please see v3 arxiv version if needed. See
arXiv:0911.2302 for a companion paper addressing aspects of a practical
implementation using block samplin
Entanglement sampling and applications
A natural measure for the amount of quantum information that a physical
system E holds about another system A = A_1,...,A_n is given by the min-entropy
Hmin(A|E). Specifically, the min-entropy measures the amount of entanglement
between E and A, and is the relevant measure when analyzing a wide variety of
problems ranging from randomness extraction in quantum cryptography, decoupling
used in channel coding, to physical processes such as thermalization or the
thermodynamic work cost (or gain) of erasing a quantum system. As such, it is a
central question to determine the behaviour of the min-entropy after some
process M is applied to the system A. Here we introduce a new generic tool
relating the resulting min-entropy to the original one, and apply it to several
settings of interest, including sampling of subsystems and measuring in a
randomly chosen basis. The sampling results lead to new upper bounds on quantum
random access codes, and imply the existence of "local decouplers". The results
on random measurements yield new high-order entropic uncertainty relations with
which we prove the optimality of cryptographic schemes in the bounded quantum
storage model.Comment: v3: fixed some typos, v2: fixed minor issue with the definition of
entropy and improved presentatio
Experimental implementation of bit commitment in the noisy-storage model
Fundamental primitives such as bit commitment and oblivious transfer serve as
building blocks for many other two-party protocols. Hence, the secure
implementation of such primitives are important in modern cryptography. In this
work, we present a bit commitment protocol which is secure as long as the
attacker's quantum memory device is imperfect. The latter assumption is known
as the noisy-storage model. We experimentally executed this protocol by
performing measurements on polarization-entangled photon pairs. Our work
includes a full security analysis, accounting for all experimental error rates
and finite size effects. This demonstrates the feasibility of two-party
protocols in this model using real-world quantum devices. Finally, we provide a
general analysis of our bit commitment protocol for a range of experimental
parameters.Comment: 21 pages (7 main text +14 appendix), 6+3 figures. New version changed
author's name from Huei Ying Nelly Ng to Nelly Huei Ying Ng, for consistency
with other publication
- …