26 research outputs found

    Tight bounds for classical and quantum coin flipping

    Full text link
    Coin flipping is a cryptographic primitive for which strictly better protocols exist if the players are not only allowed to exchange classical, but also quantum messages. During the past few years, several results have appeared which give a tight bound on the range of implementable unconditionally secure coin flips, both in the classical as well as in the quantum setting and for both weak as well as strong coin flipping. But the picture is still incomplete: in the quantum setting, all results consider only protocols with perfect correctness, and in the classical setting tight bounds for strong coin flipping are still missing. We give a general definition of coin flipping which unifies the notion of strong and weak coin flipping (it contains both of them as special cases) and allows the honest players to abort with a certain probability. We give tight bounds on the achievable range of parameters both in the classical and in the quantum setting.Comment: 18 pages, 2 figures; v2: published versio

    Simple, near-optimal quantum protocols for die-rolling

    Get PDF
    Die-rolling is the cryptographic task where two mistrustful, remote parties wish to generate a random DD-sided die-roll over a communication channel. Optimal quantum protocols for this task have been given by Aharon and Silman (New Journal of Physics, 2010) but are based on optimal weak coin-flipping protocols which are currently very complicated and not very well understood. In this paper, we first present very simple classical protocols for die-rolling which have decent (and sometimes optimal) security which is in stark contrast to coin-flipping, bit-commitment, oblivious transfer, and many other two-party cryptographic primitives. We also present quantum protocols based on integer-commitment, a generalization of bit-commitment, where one wishes to commit to an integer. We analyze these protocols using semidefinite programming and finally give protocols which are very close to Kitaev's lower bound for any D3D \geq 3. Lastly, we briefly discuss an application of this work to the quantum state discrimination problem.Comment: v2. Updated titl

    Multiparty Quantum Coin Flipping

    Full text link
    We investigate coin-flipping protocols for multiple parties in a quantum broadcast setting: (1) We propose and motivate a definition for quantum broadcast. Our model of quantum broadcast channel is new. (2) We discovered that quantum broadcast is essentially a combination of pairwise quantum channels and a classical broadcast channel. This is a somewhat surprising conclusion, but helps us in both our lower and upper bounds. (3) We provide tight upper and lower bounds on the optimal bias epsilon of a coin which can be flipped by k parties of which exactly g parties are honest: for any 1 <= g <= k, epsilon = 1/2 - Theta(g/k). Thus, as long as a constant fraction of the players are honest, they can prevent the coin from being fixed with at least a constant probability. This result stands in sharp contrast with the classical setting, where no non-trivial coin-flipping is possible when g <= k/2.Comment: v2: bounds now tight via new protocol; to appear at IEEE Conference on Computational Complexity 200

    Fidelity of Quantum Strategies with Applications to Cryptography

    Get PDF
    We introduce a definition of the fidelity function for multi-round quantum strategies, which we call the strategy fidelity, that is a generalization of the fidelity function for quantum states. We provide many interesting properties of the strategy fidelity including a Fuchs-van de Graaf relationship with the strategy norm. We illustrate an operational interpretation of the strategy fidelity in the spirit of Uhlmann\u27s Theorem and discuss its application to the security analysis of quantum protocols for interactive cryptographic tasks such as bit-commitment and oblivious string transfer. Our analysis is very general in the sense that the actions of the protocol need not be fully specified, which is in stark contrast to most other security proofs. Lastly, we provide a semidefinite programming formulation of the strategy fidelity

    A large family of quantum weak coin-flipping protocols

    Get PDF
    Each classical public-coin protocol for coin flipping is naturally associated with a quantum protocol for weak coin flipping. The quantum protocol is obtained by replacing classical randomness with quantum entanglement and by adding a cheat detection test in the last round that verifies the integrity of this entanglement. The set of such protocols defines a family which contains the protocol with bias 0.192 previously found by the author, as well as protocols with bias as low as 1/6 described herein. The family is analyzed by identifying a set of optimal protocols for every number of messages. In the end, tight lower bounds for the bias are obtained which prove that 1/6 is optimal for all protocols within the family.Comment: 17 pages, REVTeX 4 (minor corrections in v2
    corecore