815 research outputs found
The impossibility of non-signaling privacy amplification
Barrett, Hardy, and Kent have shown in 2005 that protocols for quantum key
agreement exist the security of which can be proven under the assumption that
quantum or relativity theory is correct. More precisely, this is based on the
non-local behavior of certain quantum systems, combined with the non-signaling
postulate from relativity. An advantage is that the resulting security is
independent of what (quantum) systems the legitimate parties' devices operate
on: they do not have to be trusted. Unfortunately, the protocol proposed by
Barrett et al. cannot tolerate any errors caused by noise in the quantum
channel. Furthermore, even in the error-free case it is inefficient: its
communication complexity is Theta(1/epsilon) when forcing the attacker's
information below epsilon, even if only a single key bit is generated.
Potentially, the problem can be solved by privacy amplification of relativistic
- or non-signaling - secrecy. We show, however, that such privacy amplification
is impossible with respect to the most important form of non-local behavior,
and application of arbitrary hash functions.Comment: 24 pages, 2 figure
Quantum Cryptography Based Solely on Bell's Theorem
Information-theoretic key agreement is impossible to achieve from scratch and
must be based on some - ultimately physical - premise. In 2005, Barrett, Hardy,
and Kent showed that unconditional security can be obtained in principle based
on the impossibility of faster-than-light signaling; however, their protocol is
inefficient and cannot tolerate any noise. While their key-distribution scheme
uses quantum entanglement, its security only relies on the impossibility of
superluminal signaling, rather than the correctness and completeness of quantum
theory. In particular, the resulting security is device independent. Here we
introduce a new protocol which is efficient in terms of both classical and
quantum communication, and that can tolerate noise in the quantum channel. We
prove that it offers device-independent security under the sole assumption that
certain non-signaling conditions are satisfied. Our main insight is that the
XOR of a number of bits that are partially secret according to the
non-signaling conditions turns out to be highly secret. Note that similar
statements have been well-known in classical contexts. Earlier results had
indicated that amplification of such non-signaling-based privacy is impossible
to achieve if the non-signaling condition only holds between events on Alice's
and Bob's sides. Here, we show that the situation changes completely if such a
separation is given within each of the laboratories.Comment: 32 pages, v2: changed introduction, added reference
Stronger Attacks on Causality-Based Key Agreement
Remarkably, it has been shown that in principle, security proofs for quantum
key-distribution (QKD) protocols can be independent of assumptions on the
devices used and even of the fact that the adversary is limited by quantum
theory. All that is required instead is the absence of any hidden information
flow between the laboratories, a condition that can be enforced either by
shielding or by space-time causality. All known schemes for such Causal Key
Distribution (CKD) that offer noise-tolerance (and, hence, must use privacy
amplification as a crucial step) require multiple devices carrying out
measurements in parallel on each end of the protocol, where the number of
devices grows with the desired level of security. We investigate the power of
the adversary for more practical schemes, where both parties each use a single
device carrying out measurements consecutively. We provide a novel construction
of attacks that is strictly more powerful than the best known attacks and has
the potential to decide the question whether such practical CKD schemes are
possible in the negative
Quantifying the randomness of copies of noisy Popescu-Rohrlich correlations
In a no-signaling world, the outputs of a nonlocal box cannot be completely
predetermined, a feature that is exploited in many quantum information
protocols exploiting non-locality, such as device-independent randomness
generation and quantum key distribution. This relation between non-locality and
randomness can be formally quantified through the min-entropy, a measure of the
unpredictability of the outputs that holds conditioned on the knowledge of any
adversary that is limited only by the no-signaling principle. This quantity can
easily be computed for the noisy Popescu-Rohrlich (PR) box, the paradigmatic
example of non-locality. In this paper, we consider the min-entropy associated
to several copies of noisy PR boxes. In the case where n noisy PR-boxes are
implemented using n non-communicating pairs of devices, it is known that each
PR-box behaves as an independent biased coin: the min-entropy per PR-box is
constant with the number of copies. We show that this doesn't hold in more
general scenarios where several noisy PR-boxes are implemented from a single
pair of devices, either used sequentially n times or producing n outcome bits
in a single run. In this case, the min-entropy per PR-box is smaller than the
min-entropy of a single PR-box, and it decreases as the number of copies
increases.Comment: 14 pages + 8 figures. Mathematica files attached. Comments welcom
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Certified randomness in quantum physics
The concept of randomness plays an important role in many disciplines. On one
hand, the question of whether random processes exist is fundamental for our
understanding of nature. On the other hand, randomness is a resource for
cryptography, algorithms and simulations. Standard methods for generating
randomness rely on assumptions on the devices that are difficult to meet in
practice. However, quantum technologies allow for new methods for generating
certified randomness. These methods are known as device-independent because do
not rely on any modeling of the devices. Here we review the efforts and
challenges to design device-independent randomness generators.Comment: 18 pages, 3 figure
Some Physics And System Issues In The Security Analysis Of Quantum Key Distribution Protocols
In this paper we review a number of issues on the security of quantum key
distribution (QKD) protocols that bear directly on the relevant physics or
mathematical representation of the QKD cryptosystem. It is shown that the
cryptosystem representation itself may miss out many possible attacks which are
not accounted for in the security analysis and proofs. Hence the final security
claims drawn from such analysis are not reliable, apart from foundational
issues about the security criteria that are discussed elsewhere. The cases of
continuous-variable QKD and multi-photon sources are elaborated upon
- …