Unambiguous state discrimination in quantum cryptography with weak coherent states

The use of linearly independent signal states in realistic implementations of quantum key distribution (QKD) enables an eavesdropper to perform unambiguous state discrimination. We explore quantitatively the limits for secure QKD imposed by this fact taking into account that the receiver can monitor to some extend the photon number statistics of the signals even with todays standard detection schemes. We compare our attack to the beamsplitting attack and show that security against beamsplitting attack does not necessarily imply security against the attack considered here.Comment: 10 pages, 6 figures, updated version with added discussion of beamsplitting attac

Many Roads to Synchrony: Natural Time Scales and Their Algorithms

We consider two important time scales---the Markov and cryptic orders---that monitor how an observer synchronizes to a finitary stochastic process. We show how to compute these orders exactly and that they are most efficiently calculated from the epsilon-machine, a process's minimal unifilar model. Surprisingly, though the Markov order is a basic concept from stochastic process theory, it is not a probabilistic property of a process. Rather, it is a topological property and, moreover, it is not computable from any finite-state model other than the epsilon-machine. Via an exhaustive survey, we close by demonstrating that infinite Markov and infinite cryptic orders are a dominant feature in the space of finite-memory processes. We draw out the roles played in statistical mechanical spin systems by these two complementary length scales.Comment: 17 pages, 16 figures: http://cse.ucdavis.edu/~cmg/compmech/pubs/kro.htm. Santa Fe Institute Working Paper 10-11-02

Correlated Errors in Quantum Error Corrections

We show that errors are not generated correlatedly provided that quantum bits do not directly interact with (or couple to) each other. Generally, this no-qubits-interaction condition is assumed except for the case where two-qubit gate operation is being performed. In particular, the no-qubits-interaction condition is satisfied in the collective decoherence models. Thus, errors are not correlated in the collective decoherence. Consequently, we can say that current quantum error correcting codes which correct single-qubit-errors will work in most cases including the collective decoherence.Comment: no correction, 3 pages, RevTe

Is Quantum Bit Commitment Really Possible?

We show that all proposed quantum bit commitment schemes are insecure because the sender, Alice, can almost always cheat successfully by using an Einstein-Podolsky-Rosen type of attack and delaying her measurement until she opens her commitment.Comment: Major revisions to include a more extensive introduction and an example of bit commitment. Overlap with independent work by Mayers acknowledged. More recent works by Mayers, by Lo and Chau and by Lo are also noted. Accepted for publication in Phys. Rev. Let

Insecurity of Quantum Secure Computations

It had been widely claimed that quantum mechanics can protect private information during public decision in for example the so-called two-party secure computation. If this were the case, quantum smart-cards could prevent fake teller machines from learning the PIN (Personal Identification Number) from the customers' input. Although such optimism has been challenged by the recent surprising discovery of the insecurity of the so-called quantum bit commitment, the security of quantum two-party computation itself remains unaddressed. Here I answer this question directly by showing that all ``one-sided'' two-party computations (which allow only one of the two parties to learn the result) are necessarily insecure. As corollaries to my results, quantum one-way oblivious password identification and the so-called quantum one-out-of-two oblivious transfer are impossible. I also construct a class of functions that cannot be computed securely in any ``two-sided'' two-party computation. Nevertheless, quantum cryptography remains useful in key distribution and can still provide partial security in ``quantum money'' proposed by Wiesner.Comment: The discussion on the insecurity of even non-ideal protocols has been greatly extended. Other technical points are also clarified. Version accepted for publication in Phys. Rev.

Security against individual attacks for realistic quantum key distribution

I prove the security of quantum key distribution against individual attacks for realistic signals sources, including weak coherent pulses and downconversion sources. The proof applies to the BB84 protocol with the standard detection scheme (no strong reference pulse). I obtain a formula for the secure bit rate per time slot of an experimental setup which can be used to optimize the performance of existing schemes for the considered scenario.Comment: 10 pages, 4 figure

Role of causality in ensuring unconditional security of relativistic quantum cryptography

The problem of unconditional security of quantum cryptography (i.e. the security which is guaranteed by the fundamental laws of nature rather than by technical limitations) is one of the central points in quantum information theory. We propose a relativistic quantum cryptosystem and prove its unconditional security against any eavesdropping attempts. Relativistic causality arguments allow to demonstrate the security of the system in a simple way. Since the proposed protocol does not employ collective measurements and quantum codes, the cryptosystem can be experimentally realized with the present state-of-art in fiber optics technologies. The proposed cryptosystem employs only the individual measurements and classical codes and, in addition, the key distribution problem allows to postpone the choice of the state encoding scheme until after the states are already received instead of choosing it before sending the states into the communication channel (i.e. to employ a sort of ``antedate'' coding).Comment: 9 page