22 research outputs found
Short seed extractors against quantum storage
Some, but not all, extractors resist adversaries with limited quantum
storage. In this paper we show that Trevisan's extractor has this property,
thereby showing an extractor against quantum storage with logarithmic seed
length
From Graphs to Keyed Quantum Hash Functions
We present two new constructions of quantum hash functions: the first based
on expander graphs and the second based on extractor functions and estimate the
amount of randomness that is needed to construct them. We also propose a keyed
quantum hash function based on extractor function that can be used in quantum
message authentication codes and assess its security in a limited attacker
model
Leftover Hashing Against Quantum Side Information
The Leftover Hash Lemma states that the output of a two-universal hash
function applied to an input with sufficiently high entropy is almost uniformly
random. In its standard formulation, the lemma refers to a notion of randomness
that is (usually implicitly) defined with respect to classical side
information. Here, we prove a (strictly) more general version of the Leftover
Hash Lemma that is valid even if side information is represented by the state
of a quantum system. Furthermore, our result applies to arbitrary delta-almost
two-universal families of hash functions. The generalized Leftover Hash Lemma
has applications in cryptography, e.g., for key agreement in the presence of an
adversary who is not restricted to classical information processing
On Quantum Fingerprinting and Quantum Cryptographic Hashing
Fingerprinting and cryptographic hashing have quite different usages in computer science, but have similar properties. Interpretation of their properties is determined by the area of their usage: fingerprinting methods are methods for constructing efficient randomized and quantum algorithms for computational problems, whereas hashing methods are one of the central cryptographical primitives. Fingerprinting and hashing methods are being developed from the mid of the previous century, whereas quantum fingerprinting and quantum hashing have a short history. In this chapter, we investigate quantum fingerprinting and quantum hashing. We present computational aspects of quantum fingerprinting and quantum hashing and discuss cryptographical properties of quantum hashing
Convex-split and hypothesis testing approach to one-shot quantum measurement compression and randomness extraction
We consider the problem of quantum measurement compression with side
information in the one-shot setting with shared randomness. In this problem,
Alice shares a pure state with Reference and Bob and she performs a measurement
on her registers. She wishes to communicate the outcome of this measurement to
Bob using shared randomness and classical communication, in such a way that the
outcome that Bob receives is correctly correlated with Reference and Bob's own
registers. Our goal is to simultaneously minimize the classical communication
and randomness cost. We provide a protocol based on convex-split and position
based decoding with its communication upper bounded in terms of smooth max and
hypothesis testing relative entropies.
We also study the randomness cost of our protocol in both one-shot and
asymptotic and i.i.d. setting. By generalizing the convex-split technique to
incorporate pair-wise independent random variables, we show that our one shot
protocol requires small number of bits of shared randomness. This allows us to
construct a new protocol in the asymptotic and i.i.d. setting, which is optimal
in both the number of bits of communication and the number of bits of shared
randomness required.
We construct a new protocol for the task of strong randomness extraction in
the presence of quantum side information. Our protocol achieves error guarantee
in terms of relative entropy (as opposed to trace distance) and extracts close
to optimal number of uniform bits. As an application, we provide new
achievability result for the task of quantum measurement compression without
feedback, in which Alice does not need to know the outcome of the measurement.
This leads to the optimal number of bits communicated and number of bits of
shared randomness required, for this task in the asymptotic and i.i.d. setting.Comment: version 5: 29 pages, 1 figure. Added applications to randomness
extraction (against quantum side information) and measurement compression
without feedbac
Trevisan's extractor in the presence of quantum side information
Randomness extraction involves the processing of purely classical information
and is therefore usually studied in the framework of classical probability
theory. However, such a classical treatment is generally too restrictive for
applications, where side information about the values taken by classical random
variables may be represented by the state of a quantum system. This is
particularly relevant in the context of cryptography, where an adversary may
make use of quantum devices. Here, we show that the well known construction
paradigm for extractors proposed by Trevisan is sound in the presence of
quantum side information.
We exploit the modularity of this paradigm to give several concrete extractor
constructions, which, e.g, extract all the conditional (smooth) min-entropy of
the source using a seed of length poly-logarithmic in the input, or only
require the seed to be weakly random.Comment: 20+10 pages; v2: extract more min-entropy, use weakly random seed;
v3: extended introduction, matches published version with sections somewhat
reordere
Quantum-Proof Extractors: Optimal up to Constant Factors
We give the first construction of a family of quantum-proof extractors that has optimal seed
length dependence O(log(n/ǫ)) on the input length n and error ǫ. Our extractors support any
min-entropy k = Ω(log n + log1+α
(1/ǫ)) and extract m = (1 − α)k bits that are ǫ-close to uniform,
for any desired constant α > 0. Previous constructions had a quadratically worse seed length or
were restricted to very large input min-entropy or very few output bits.
Our result is based on a generic reduction showing that any strong classical condenser is automatically
quantum-proof, with comparable parameters. The existence of such a reduction for
extractors is a long-standing open question; here we give an affirmative answer for condensers.
Once this reduction is established, to obtain our quantum-proof extractors one only needs to consider
high entropy sources. We construct quantum-proof extractors with the desired parameters
for such sources by extending a classical approach to extractor construction, based on the use of
block-sources and sampling, to the quantum setting.
Our extractors can be used to obtain improved protocols for device-independent randomness
expansion and for privacy amplification
Unconditional security from noisy quantum storage
We consider the implementation of two-party cryptographic primitives based on
the sole assumption that no large-scale reliable quantum storage is available
to the cheating party. We construct novel protocols for oblivious transfer and
bit commitment, and prove that realistic noise levels provide security even
against the most general attack. Such unconditional results were previously
only known in the so-called bounded-storage model which is a special case of
our setting. Our protocols can be implemented with present-day hardware used
for quantum key distribution. In particular, no quantum storage is required for
the honest parties.Comment: 25 pages (IEEE two column), 13 figures, v4: published version (to
appear in IEEE Transactions on Information Theory), including bit wise
min-entropy sampling. however, for experimental purposes block sampling can
be much more convenient, please see v3 arxiv version if needed. See
arXiv:0911.2302 for a companion paper addressing aspects of a practical
implementation using block samplin