How to reuse a one-time pad and other notes on authentication, encryption and protection of quantum information

Quantum information is a valuable resource which can be encrypted in order to protect it. We consider the size of the one-time pad that is needed to protect quantum information in a number of cases. The situation is dramatically different from the classical case: we prove that one can recycle the one-time pad without compromising security. The protocol for recycling relies on detecting whether eavesdropping has occurred, and further relies on the fact that information contained in the encrypted quantum state cannot be fully accessed. We prove the security of recycling rates when authentication of quantum states is accepted, and when it is rejected. We note that recycling schemes respect a general law of cryptography which we prove relating the size of private keys, sent qubits, and encrypted messages. We discuss applications for encryption of quantum information in light of the resources needed for teleportation. Potential uses include the protection of resources such as entanglement and the memory of quantum computers. We also introduce another application: encrypted secret sharing and find that one can even reuse the private key that is used to encrypt a classical message. In a number of cases, one finds that the amount of private key needed for authentication or protection is smaller than in the general case.Comment: 13 pages, improved rate of recycling proved in the case of rejection of authenticatio

Quantum secret sharing without entanglement

After analysing the main quantum secret sharing protocol based on the entanglement states, we propose an idea to directly encode the qubit of quantum key distributions, and then present a quantum secret sharing scheme where only product states are employed. As entanglement, especially the inaccessable multi-entangled state, is not necessary in the present quantum secret sharing protocol, it may be more applicable when the number of the parties of secret sharing is large. Its theoretic efficiency is also doubled to approach 100%.Comment: 2 tables, to appear in Phys. Lett.

Universally-composable privacy amplification from causality constraints

We consider schemes for secret key distribution which use as a resource correlations that violate Bell inequalities. We provide the first security proof for such schemes, according to the strongest notion of security, the so called universally-composable security. Our security proof does not rely on the validity of quantum mechanics, it solely relies on the impossibility of arbitrarily-fast signaling between separate physical systems. This allows for secret communication in situations where the participants distrust their quantum devices.Comment: 4 page

Beyond Gisin's Theorem and its Applications: Violation of Local Realism by Two-Party Einstein-Podolsky-Rosen Steering

We demonstrate here that for a given mixed multi-qubit state if there are at least two observers for whom mutual Einstein-Podolsky-Rosen steering is possible, i.e. each observer is able to steer the other qubits into two different pure states by spontaneous collapses due to von Neumann type measurements on his/her qubit, then nonexistence of local realistic models is fully equivalent to quantum entanglement (this is not so without this condition). This result leads to an enhanced version of Gisin's theorem (originally: all pure entangled states violate local realism). Local realism is violated by all mixed states with the above steering property. The new class of states allows one e.g. to perform three party secret sharing with just pairs of entangled qubits, instead of three qubit entanglements (which are currently available with low fidelity). This significantly increases the feasibility of having high performance versions of such protocols. Finally, we discuss some possible applications.Comment: 9 pages, 1 figur

Using quantum key distribution for cryptographic purposes: a survey

The appealing feature of quantum key distribution (QKD), from a cryptographic viewpoint, is the ability to prove the information-theoretic security (ITS) of the established keys. As a key establishment primitive, QKD however does not provide a standalone security service in its own: the secret keys established by QKD are in general then used by a subsequent cryptographic applications for which the requirements, the context of use and the security properties can vary. It is therefore important, in the perspective of integrating QKD in security infrastructures, to analyze how QKD can be combined with other cryptographic primitives. The purpose of this survey article, which is mostly centered on European research results, is to contribute to such an analysis. We first review and compare the properties of the existing key establishment techniques, QKD being one of them. We then study more specifically two generic scenarios related to the practical use of QKD in cryptographic infrastructures: 1) using QKD as a key renewal technique for a symmetric cipher over a point-to-point link; 2) using QKD in a network containing many users with the objective of offering any-to-any key establishment service. We discuss the constraints as well as the potential interest of using QKD in these contexts. We finally give an overview of challenges relative to the development of QKD technology that also constitute potential avenues for cryptographic research.Comment: Revised version of the SECOQC White Paper. Published in the special issue on QKD of TCS, Theoretical Computer Science (2014), pp. 62-8