1,027 research outputs found
Authenticated teleportation with one-sided trust
We introduce a protocol for authenticated teleportation, which can be proven
secure even when the receiver does not trust their measurement devices, and is
experimentally accessible. We use the technique of self-testing from the
device-independent approach to quantum information, where we can characterise
quantum states and measurements from the exhibited classical correlations
alone. First, we derive self-testing bounds for the Bell state and Pauli
measurements, that are robust enough to be implemented in
the lab. Then, we use these to determine a lower bound on the fidelity of an
untested entangled state to be used for teleportation. Finally, we apply our
results to propose an experimentally feasible protocol for one-sided
device-independent authenticated teleportation. This can be interpreted as a
first practical authentication of a quantum channel, with additional one-sided
device-independence.Comment: published versio
Symbolic Abstractions for Quantum Protocol Verification
Quantum protocols such as the BB84 Quantum Key Distribution protocol exchange
qubits to achieve information-theoretic security guarantees. Many variants
thereof were proposed, some of them being already deployed. Existing security
proofs in that field are mostly tedious, error-prone pen-and-paper proofs of
the core protocol only that rarely account for other crucial components such as
authentication. This calls for formal and automated verification techniques
that exhaustively explore all possible intruder behaviors and that scale well.
The symbolic approach offers rigorous, mathematical frameworks and automated
tools to analyze security protocols. Based on well-designed abstractions, it
has allowed for large-scale formal analyses of real-life protocols such as TLS
1.3 and mobile telephony protocols. Hence a natural question is: Can we use
this successful line of work to analyze quantum protocols? This paper proposes
a first positive answer and motivates further research on this unexplored path
Quantum Cryptography Based Solely on Bell's Theorem
Information-theoretic key agreement is impossible to achieve from scratch and
must be based on some - ultimately physical - premise. In 2005, Barrett, Hardy,
and Kent showed that unconditional security can be obtained in principle based
on the impossibility of faster-than-light signaling; however, their protocol is
inefficient and cannot tolerate any noise. While their key-distribution scheme
uses quantum entanglement, its security only relies on the impossibility of
superluminal signaling, rather than the correctness and completeness of quantum
theory. In particular, the resulting security is device independent. Here we
introduce a new protocol which is efficient in terms of both classical and
quantum communication, and that can tolerate noise in the quantum channel. We
prove that it offers device-independent security under the sole assumption that
certain non-signaling conditions are satisfied. Our main insight is that the
XOR of a number of bits that are partially secret according to the
non-signaling conditions turns out to be highly secret. Note that similar
statements have been well-known in classical contexts. Earlier results had
indicated that amplification of such non-signaling-based privacy is impossible
to achieve if the non-signaling condition only holds between events on Alice's
and Bob's sides. Here, we show that the situation changes completely if such a
separation is given within each of the laboratories.Comment: 32 pages, v2: changed introduction, added reference
Key Distillation and the Secret-Bit Fraction
We consider distillation of secret bits from partially secret noisy
correlations P_ABE, shared between two honest parties and an eavesdropper. The
most studied distillation scenario consists of joint operations on a large
number of copies of the distribution (P_ABE)^N, assisted with public
communication. Here we consider distillation with only one copy of the
distribution, and instead of rates, the 'quality' of the distilled secret bits
is optimized, where the 'quality' is quantified by the secret-bit fraction of
the result. The secret-bit fraction of a binary distribution is the proportion
which constitutes a secret bit between Alice and Bob. With local operations and
public communication the maximal extractable secret-bit fraction from a
distribution P_ABE is found, and is denoted by Lambda[P_ABE]. This quantity is
shown to be nonincreasing under local operations and public communication, and
nondecreasing under eavesdropper's local operations: it is a secrecy monotone.
It is shown that if Lambda[P_ABE]>1/2 then P_ABE is distillable, thus providing
a sufficient condition for distillability. A simple expression for
Lambda[P_ABE] is found when the eavesdropper is decoupled, and when the honest
parties' information is binary and the local operations are reversible.
Intriguingly, for general distributions the (optimal) operation requires local
degradation of the data.Comment: 12 page
Fundamental rate-loss tradeoff for optical quantum key distribution
Since 1984, various optical quantum key distribution (QKD) protocols have
been proposed and examined. In all of them, the rate of secret key generation
decays exponentially with distance. A natural and fundamental question is then
whether there are yet-to-be discovered optical QKD protocols (without quantum
repeaters) that could circumvent this rate-distance tradeoff. This paper
provides a major step towards answering this question. We show that the
secret-key-agreement capacity of a lossy and noisy optical channel assisted by
unlimited two-way public classical communication is limited by an upper bound
that is solely a function of the channel loss, regardless of how much optical
power the protocol may use. Our result has major implications for understanding
the secret-key-agreement capacity of optical channels---a long-standing open
problem in optical quantum information theory---and strongly suggests a real
need for quantum repeaters to perform QKD at high rates over long distances.Comment: 9+4 pages, 3 figures. arXiv admin note: text overlap with
arXiv:1310.012
Authentication of Quantum Messages
Authentication is a well-studied area of classical cryptography: a sender S
and a receiver R sharing a classical private key want to exchange a classical
message with the guarantee that the message has not been modified by any third
party with control of the communication line. In this paper we define and
investigate the authentication of messages composed of quantum states. Assuming
S and R have access to an insecure quantum channel and share a private,
classical random key, we provide a non-interactive scheme that enables S both
to encrypt and to authenticate (with unconditional security) an m qubit message
by encoding it into m+s qubits, where the failure probability decreases
exponentially in the security parameter s. The classical private key is 2m+O(s)
bits. To achieve this, we give a highly efficient protocol for testing the
purity of shared EPR pairs. We also show that any scheme to authenticate
quantum messages must also encrypt them. (In contrast, one can authenticate a
classical message while leaving it publicly readable.) This has two important
consequences: On one hand, it allows us to give a lower bound of 2m key bits
for authenticating m qubits, which makes our protocol asymptotically optimal.
On the other hand, we use it to show that digitally signing quantum states is
impossible, even with only computational security.Comment: 22 pages, LaTeX, uses amssymb, latexsym, time
- …