Unconditional security from noisy quantum storage

We consider the implementation of two-party cryptographic primitives based on the sole assumption that no large-scale reliable quantum storage is available to the cheating party. We construct novel protocols for oblivious transfer and bit commitment, and prove that realistic noise levels provide security even against the most general attack. Such unconditional results were previously only known in the so-called bounded-storage model which is a special case of our setting. Our protocols can be implemented with present-day hardware used for quantum key distribution. In particular, no quantum storage is required for the honest parties.Comment: 25 pages (IEEE two column), 13 figures, v4: published version (to appear in IEEE Transactions on Information Theory), including bit wise min-entropy sampling. however, for experimental purposes block sampling can be much more convenient, please see v3 arxiv version if needed. See arXiv:0911.2302 for a companion paper addressing aspects of a practical implementation using block samplin

Continuous-variable quantum enigma machines for long-distance key distribution

Quantum physics allows for unconditionally secure communication through insecure communication channels. The achievable rates of quantum-secured communication are fundamentally limited by the laws of quantum physics and in particular by the properties of entanglement. For a lossy communication line, this implies that the secret-key generation rate vanishes at least exponentially with the communication distance. We show that this fundamental limitation can be violated in a realistic scenario where the eavesdropper can store quantum information for only a finite, yet arbitrarily long, time. We consider communication through a lossy bononic channel (modeling linear loss in optical fibers) and we show that it is in principle possible to achieve a constant rate of key generation of one bit per optical mode over arbitrarily long communication distances.Comment: 13 pages. V2: new title, new result on active attacks, increased rigour in the security proo

Entanglement sampling and applications

A natural measure for the amount of quantum information that a physical system E holds about another system A = A_1,...,A_n is given by the min-entropy Hmin(A|E). Specifically, the min-entropy measures the amount of entanglement between E and A, and is the relevant measure when analyzing a wide variety of problems ranging from randomness extraction in quantum cryptography, decoupling used in channel coding, to physical processes such as thermalization or the thermodynamic work cost (or gain) of erasing a quantum system. As such, it is a central question to determine the behaviour of the min-entropy after some process M is applied to the system A. Here we introduce a new generic tool relating the resulting min-entropy to the original one, and apply it to several settings of interest, including sampling of subsystems and measuring in a randomly chosen basis. The sampling results lead to new upper bounds on quantum random access codes, and imply the existence of "local decouplers". The results on random measurements yield new high-order entropic uncertainty relations with which we prove the optimality of cryptographic schemes in the bounded quantum storage model.Comment: v3: fixed some typos, v2: fixed minor issue with the definition of entropy and improved presentatio