The quantum one-time pad in the presence of an eavesdropper

A classical one-time pad allows two parties to send private messages over a public classical channel -- an eavesdropper who intercepts the communication learns nothing about the message. A quantum one-time pad is a shared quantum state which allows two parties to send private messages or private quantum states over a public quantum channel. If the eavesdropper intercepts the quantum communication she learns nothing about the message. In the classical case, a one-time pad can be created using shared and partially private correlations. Here we consider the quantum case in the presence of an eavesdropper, and find the single letter formula for the rate at which the two parties can send messages using a quantum one-time pad

Return times, recurrence densities and entropy for actions of some discrete amenable groups

Results of Wyner and Ziv and of Ornstein and Weiss show that if one observes the first k outputs of a finite-valued ergodic process, then the waiting time until this block appears again is almost surely asymptotic to $2^{hk}$, where $h$ is the entropy of the process. We examine this phenomenon when the allowed return times are restricted to some subset of times, and generalize the results to processes parameterized by other discrete amenable groups. We also obtain a uniform density version of the waiting time results: For a process on $s$ symbols, within a given realization, the density of the initial $k$-block within larger $n$-blocks approaches $2^{-hk}$, uniformly in $n>s^k$, as $k$ tends to infinity. Again, similar results hold for processes with other indexing groups.Comment: To appear in Journal d'Analyse Mathematiqu

Locking of accessible information and implications for the security of quantum cryptography

The unconditional security of a quantum key distribution protocol is often defined in terms of the accessible information, that is, the maximum mutual information between the distributed key S and the outcome of an optimal measurement on the adversary's (quantum) system. We show that, even if this quantity is small, certain parts of the key S might still be completely insecure when S is used in applications, such as for one-time pad encryption. This flaw is due to a locking property of the accessible information: one additional (physical) bit of information might increase the accessible information by more than one bit.Comment: 5 pages; minor change

Multidimensional reconciliation for continuous-variable quantum key distribution

We propose a method for extracting an errorless secret key in a continuous-variable quantum key distribution protocol, which is based on Gaussian modulation of coherent states and homodyne detection. The crucial feature is an eight-dimensional reconciliation method, based on the algebraic properties of octonions. Since the protocol does not use any postselection, it can be proven secure against arbitrary collective attacks, by using well-established theorems on the optimality of Gaussian attacks. By using this new coding scheme with an appropriate signal to noise ratio, the distance for secure continuous-variable quantum key distribution can be significantly extended.Comment: 8 pages, 3 figure

Hard Discs on the Hyperbolic Plane

We examine a simple hard disc fluid with no long range interactions on the two dimensional space of constant negative Gaussian curvature, the hyperbolic plane. This geometry provides a natural mechanism by which global crystalline order is frustrated, allowing us to construct a tractable model of disordered monodisperse hard discs. We extend free area theory and the virial expansion to this regime, deriving the equation of state for the system, and compare its predictions with simulation near an isostatic packing in the curved space.Comment: 4 pages, 3 figures, included, final versio

Sharp error terms for return time statistics under mixing conditions

We describe the statistics of repetition times of a string of symbols in a stochastic process. Denote by T(A) the time elapsed until the process spells the finite string A and by S(A) the number of consecutive repetitions of A. We prove that, if the length of the string grows unbondedly, (1) the distribution of T(A), when the process starts with A, is well aproximated by a certain mixture of the point measure at the origin and an exponential law, and (2) S(A) is approximately geometrically distributed. We provide sharp error terms for each of these approximations. The errors we obtain are point-wise and allow to get also approximations for all the moments of T(A) and S(A). To obtain (1) we assume that the process is phi-mixing while to obtain (2) we assume the convergence of certain contidional probabilities

Linguistic Analysis of Requirements of a Space Project and Their Conformity with the Recommendations Proposed by a Controlled Natural Language

International audienceWe propose a linguistic analysis of requirements written in French for a project carried out by the French National Space Agency (CNES). The aim is to determine to what extent they conform to some of the rules laid down in INCOSE, a recent guide for writing requirements, with a focus on the notion of sentence " comprehensibility ". Although CNES engineers are not obliged to follow any Controlled Natural Language, we believe that language regularities are likely to emerge from this task, mainly due to the writers' experience. As a first step, we use natural language processing tools to identify sentences that do not comply with INCOSE rules. We further review these sentences to understand why the recommendations cannot (or should not) always be applied when specifying large-scale projects, and how they could be improved. This paper presents a corpus linguistics approach applied to the melioration of requirements writing. We propose a linguistic diagnosis of the way requirements are written in a space project by comparing these requirements with a guide for writing specifications (a controlled natural language). Initial results obtained from this analysis suggest that guides for writing specifications are not fully adapted to the real writing process: they are sometimes too constraining, and sometimes insufficiently so. In the medium term, the aim is to propose another guide based on the spontaneous regularities observed in requirements. The paper comprises two parts. In the first one (see section 2), we present the context of our study and the tool-assisted method used for making the diagnosis. In the second one (see section 3), we describe and discuss our preliminary results

Quantum information can be negative

Given an unknown quantum state distributed over two systems, we determine how much quantum communication is needed to transfer the full state to one system. This communication measures the "partial information" one system needs conditioned on it's prior information. It turns out to be given by an extremely simple formula, the conditional entropy. In the classical case, partial information must always be positive, but we find that in the quantum world this physical quantity can be negative. If the partial information is positive, its sender needs to communicate this number of quantum bits to the receiver; if it is negative, the sender and receiver instead gain the corresponding potential for future quantum communication. We introduce a primitive "quantum state merging" which optimally transfers partial information. We show how it enables a systematic understanding of quantum network theory, and discuss several important applications including distributed compression, multiple access channels and multipartite assisted entanglement distillation (localizable entanglement). Negative channel capacities also receive a natural interpretation

Linking Classical and Quantum Key Agreement: Is There "Bound Information"?

After carrying out a protocol for quantum key agreement over a noisy quantum channel, the parties Alice and Bob must process the raw key in order to end up with identical keys about which the adversary has virtually no information. In principle, both classical and quantum protocols can be used for this processing. It is a natural question which type of protocols is more powerful. We prove for general states but under the assumption of incoherent eavesdropping that Alice and Bob share some so-called intrinsic information in their classical random variables, resulting from optimal measurements, if and only if the parties' quantum systems are entangled. In addition, we provide evidence that the potentials of classical and of quantum protocols are equal in every situation. Consequently, many techniques and results from quantum information theory directly apply to problems in classical information theory, and vice versa. For instance, it was previously believed that two parties can carry out unconditionally secure key agreement as long as they share some intrinsic information in the adversary's view. The analysis of this purely classical problem from the quantum information-theoretic viewpoint shows that this is true in the binary case, but false in general. More explicitly, bound entanglement, i.e., entanglement that cannot be purified by any quantum protocol, has a classical counterpart. This "bound intrinsic information" cannot be distilled to a secret key by any classical protocol. As another application we propose a measure for entanglement based on classical information-theoretic quantities.Comment: Accepted for Crypto 2000. 17 page