33,820 research outputs found
Strong converse for the classical capacity of optical quantum communication channels
We establish the classical capacity of optical quantum channels as a sharp
transition between two regimes---one which is an error-free regime for
communication rates below the capacity, and the other in which the probability
of correctly decoding a classical message converges exponentially fast to zero
if the communication rate exceeds the classical capacity. This result is
obtained by proving a strong converse theorem for the classical capacity of all
phase-insensitive bosonic Gaussian channels, a well-established model of
optical quantum communication channels, such as lossy optical fibers, amplifier
and free-space communication. The theorem holds under a particular
photon-number occupation constraint, which we describe in detail in the paper.
Our result bolsters the understanding of the classical capacity of these
channels and opens the path to applications, such as proving the security of
noisy quantum storage models of cryptography with optical links.Comment: 15 pages, final version accepted into IEEE Transactions on
Information Theory. arXiv admin note: text overlap with arXiv:1312.328
Verifying security protocols by knowledge analysis
This paper describes a new interactive method to analyse knowledge of participants involved in security protocols and further to verify the correctness of the protocols. The method can detect attacks and flaws involving interleaving sessions besides normal attacks. The implementation of the method in a generic theorem proving environment, namely Isabelle, makes the verification of protocols mechanical and efficient; it can verify a medium-sized security protocol in less than ten seconds. As an example, the paper finds the flaw in the Needham-Schroeder public key authentication protocol and proves the secure properties and guarantees of the protocol with Lowe's fix to show the effectiveness of this method
Generalized weights: an anticode approach
In this paper we study generalized weights as an algebraic invariant of a
code. We first describe anticodes in the Hamming and in the rank metric,
proving in particular that optimal anticodes in the rank metric coincide with
Frobenius-closed spaces. Then we characterize both generalized Hamming and rank
weights of a code in terms of the intersection of the code with optimal
anticodes in the respective metrics. Inspired by this description, we propose a
new algebraic invariant, which we call "Delsarte generalized weights", for
Delsarte rank-metric codes based on optimal anticodes of matrices. We show that
our invariant refines the generalized rank weights for Gabidulin codes proposed
by Kurihara, Matsumoto and Uyematsu, and establish a series of properties of
Delsarte generalized weights. In particular, we characterize Delsarte optimal
codes and anticodes in terms of their generalized weights. We also present a
duality theory for the new algebraic invariant, proving that the Delsarte
generalized weights of a code completely determine the Delsarte generalized
weights of the dual code. Our results extend the theory of generalized rank
weights for Gabidulin codes. Finally, we prove the analogue for Gabidulin codes
of a theorem of Wei, proving that their generalized rank weights characterize
the worst-case security drops of a Gabidulin rank-metric code
Verifying a signature architecture: a comparative case study
We report on a case study in applying different formal methods to model and verify an architecture for administrating digital signatures. The architecture comprises several concurrently executing systems that authenticate users and generate and store digital signatures by passing security relevant data through a tightly controlled interface. The architecture is interesting from a formal-methods perspective as it involves complex operations on data as well as process coordination and hence is a candidate for both data-oriented and process-oriented formal methods. We have built and verified two models of the signature architecture using two representative formal methods. In the first, we specify a data model of the architecture in Z that we extend to a trace model and interactively verify by theorem proving. In the second, we model the architecture as a system of communicating processes that we verify by finite-state model checking. We provide a detailed comparison of these two different approaches to formalization (infinite state with rich data types versus finite state) and verification (theorem proving versus model checking). Contrary to common belief, our case study suggests that Z is well suited for temporal reasoning about process models with complex operations on data. Moreover, our comparison highlights the advantages of proving theorems about such models and provides evidence that, in the hands of an experienced user, theorem proving may be neither substantially more time-consuming nor more complex than model checkin
Security of quantum key distribution with iterative sifting
Several quantum key distribution (QKD) protocols employ iterative sifting.
After each quantum transmission round, Alice and Bob disclose part of their
setting information (including their basis choices) for the detected signals.
The quantum phase of the protocol then ends when the numbers of detected
signals per basis exceed certain pre-agreed threshold values. Recently,
however, Pfister et al. [New J. Phys. 18 053001 (2016)] showed that iterative
sifting makes QKD insecure, especially in the finite key regime, if the
parameter estimation for privacy amplification uses the random sampling theory.
This implies that a number of existing finite key security proofs could be
flawed and cannot guarantee security. Here, we solve this serious problem by
showing that the use of Azuma's inequality for parameter estimation makes QKD
with iterative sifting secure again. This means that the existing protocols
whose security proof employs this inequality remain secure even if they employ
iterative sifting. Also, our results highlight a fundamental difference between
the random sampling theorem and Azuma's inequality in proving security.Comment: 9 pages. We have found a flaw in the first version, which we have
corrected in the revised versio
- …