1,027 research outputs found

    Authenticated teleportation with one-sided trust

    Full text link
    We introduce a protocol for authenticated teleportation, which can be proven secure even when the receiver does not trust their measurement devices, and is experimentally accessible. We use the technique of self-testing from the device-independent approach to quantum information, where we can characterise quantum states and measurements from the exhibited classical correlations alone. First, we derive self-testing bounds for the Bell state and Pauli σX,σZ\sigma_X, \sigma_Z measurements, that are robust enough to be implemented in the lab. Then, we use these to determine a lower bound on the fidelity of an untested entangled state to be used for teleportation. Finally, we apply our results to propose an experimentally feasible protocol for one-sided device-independent authenticated teleportation. This can be interpreted as a first practical authentication of a quantum channel, with additional one-sided device-independence.Comment: published versio

    Symbolic Abstractions for Quantum Protocol Verification

    Get PDF
    Quantum protocols such as the BB84 Quantum Key Distribution protocol exchange qubits to achieve information-theoretic security guarantees. Many variants thereof were proposed, some of them being already deployed. Existing security proofs in that field are mostly tedious, error-prone pen-and-paper proofs of the core protocol only that rarely account for other crucial components such as authentication. This calls for formal and automated verification techniques that exhaustively explore all possible intruder behaviors and that scale well. The symbolic approach offers rigorous, mathematical frameworks and automated tools to analyze security protocols. Based on well-designed abstractions, it has allowed for large-scale formal analyses of real-life protocols such as TLS 1.3 and mobile telephony protocols. Hence a natural question is: Can we use this successful line of work to analyze quantum protocols? This paper proposes a first positive answer and motivates further research on this unexplored path

    Quantum Cryptography Based Solely on Bell's Theorem

    Full text link
    Information-theoretic key agreement is impossible to achieve from scratch and must be based on some - ultimately physical - premise. In 2005, Barrett, Hardy, and Kent showed that unconditional security can be obtained in principle based on the impossibility of faster-than-light signaling; however, their protocol is inefficient and cannot tolerate any noise. While their key-distribution scheme uses quantum entanglement, its security only relies on the impossibility of superluminal signaling, rather than the correctness and completeness of quantum theory. In particular, the resulting security is device independent. Here we introduce a new protocol which is efficient in terms of both classical and quantum communication, and that can tolerate noise in the quantum channel. We prove that it offers device-independent security under the sole assumption that certain non-signaling conditions are satisfied. Our main insight is that the XOR of a number of bits that are partially secret according to the non-signaling conditions turns out to be highly secret. Note that similar statements have been well-known in classical contexts. Earlier results had indicated that amplification of such non-signaling-based privacy is impossible to achieve if the non-signaling condition only holds between events on Alice's and Bob's sides. Here, we show that the situation changes completely if such a separation is given within each of the laboratories.Comment: 32 pages, v2: changed introduction, added reference

    Key Distillation and the Secret-Bit Fraction

    Full text link
    We consider distillation of secret bits from partially secret noisy correlations P_ABE, shared between two honest parties and an eavesdropper. The most studied distillation scenario consists of joint operations on a large number of copies of the distribution (P_ABE)^N, assisted with public communication. Here we consider distillation with only one copy of the distribution, and instead of rates, the 'quality' of the distilled secret bits is optimized, where the 'quality' is quantified by the secret-bit fraction of the result. The secret-bit fraction of a binary distribution is the proportion which constitutes a secret bit between Alice and Bob. With local operations and public communication the maximal extractable secret-bit fraction from a distribution P_ABE is found, and is denoted by Lambda[P_ABE]. This quantity is shown to be nonincreasing under local operations and public communication, and nondecreasing under eavesdropper's local operations: it is a secrecy monotone. It is shown that if Lambda[P_ABE]>1/2 then P_ABE is distillable, thus providing a sufficient condition for distillability. A simple expression for Lambda[P_ABE] is found when the eavesdropper is decoupled, and when the honest parties' information is binary and the local operations are reversible. Intriguingly, for general distributions the (optimal) operation requires local degradation of the data.Comment: 12 page

    Fundamental rate-loss tradeoff for optical quantum key distribution

    Get PDF
    Since 1984, various optical quantum key distribution (QKD) protocols have been proposed and examined. In all of them, the rate of secret key generation decays exponentially with distance. A natural and fundamental question is then whether there are yet-to-be discovered optical QKD protocols (without quantum repeaters) that could circumvent this rate-distance tradeoff. This paper provides a major step towards answering this question. We show that the secret-key-agreement capacity of a lossy and noisy optical channel assisted by unlimited two-way public classical communication is limited by an upper bound that is solely a function of the channel loss, regardless of how much optical power the protocol may use. Our result has major implications for understanding the secret-key-agreement capacity of optical channels---a long-standing open problem in optical quantum information theory---and strongly suggests a real need for quantum repeaters to perform QKD at high rates over long distances.Comment: 9+4 pages, 3 figures. arXiv admin note: text overlap with arXiv:1310.012

    Authentication of Quantum Messages

    Full text link
    Authentication is a well-studied area of classical cryptography: a sender S and a receiver R sharing a classical private key want to exchange a classical message with the guarantee that the message has not been modified by any third party with control of the communication line. In this paper we define and investigate the authentication of messages composed of quantum states. Assuming S and R have access to an insecure quantum channel and share a private, classical random key, we provide a non-interactive scheme that enables S both to encrypt and to authenticate (with unconditional security) an m qubit message by encoding it into m+s qubits, where the failure probability decreases exponentially in the security parameter s. The classical private key is 2m+O(s) bits. To achieve this, we give a highly efficient protocol for testing the purity of shared EPR pairs. We also show that any scheme to authenticate quantum messages must also encrypt them. (In contrast, one can authenticate a classical message while leaving it publicly readable.) This has two important consequences: On one hand, it allows us to give a lower bound of 2m key bits for authenticating m qubits, which makes our protocol asymptotically optimal. On the other hand, we use it to show that digitally signing quantum states is impossible, even with only computational security.Comment: 22 pages, LaTeX, uses amssymb, latexsym, time
    corecore