Tight bounds for classical and quantum coin flipping

Coin flipping is a cryptographic primitive for which strictly better protocols exist if the players are not only allowed to exchange classical, but also quantum messages. During the past few years, several results have appeared which give a tight bound on the range of implementable unconditionally secure coin flips, both in the classical as well as in the quantum setting and for both weak as well as strong coin flipping. But the picture is still incomplete: in the quantum setting, all results consider only protocols with perfect correctness, and in the classical setting tight bounds for strong coin flipping are still missing. We give a general definition of coin flipping which unifies the notion of strong and weak coin flipping (it contains both of them as special cases) and allows the honest players to abort with a certain probability. We give tight bounds on the achievable range of parameters both in the classical and in the quantum setting.Comment: 18 pages, 2 figures; v2: published versio

Resonance Fluorescence of a Single Artificial Atom

An atom in open space can be detected by means of resonant absorption and reemission of electromagnetic waves, known as resonance fluorescence, which is a fundamental phenomenon of quantum optics. We report on the observation of scattering of propagating waves by a single artificial atom. The behavior of the artificial atom, a superconducting macroscopic two-level system, is in a quantitative agreement with the predictions of quantum optics for a pointlike scatterer interacting with the electromagnetic field in one-dimensional open space. The strong atom-field interaction as revealed in a high degree of extinction of propagating waves will allow applications of controllable artificial atoms in quantum optics and photonics.Comment: 5 pages, 4 figure

Predictable arguments of knowledge

We initiate a formal investigation on the power of predictability for argument of knowledge systems for NP. Specifically, we consider private-coin argument systems where the answer of the prover can be predicted, given the private randomness of the verifier; we call such protocols Predictable Arguments of Knowledge (PAoK). Our study encompasses a full characterization of PAoK, showing that such arguments can be made extremely laconic, with the prover sending a single bit, and assumed to have only one round (i.e., two messages) of communication without loss of generality. We additionally explore PAoK satisfying additional properties (including zero-knowledge and the possibility of re-using the same challenge across multiple executions with the prover), present several constructions of PAoK relying on different cryptographic tools, and discuss applications to cryptography

Secure certification of mixed quantum states with application to two-party randomness generation

We investigate sampling procedures that certify that an arbitrary quantum state on $n$ subsystems is close to an ideal mixed state $\varphi^{\otimes n}$ for a given reference state $\varphi$, up to errors on a few positions. This task makes no sense classically: it would correspond to certifying that a given bitstring was generated according to some desired probability distribution. However, in the quantum case, this is possible if one has access to a prover who can supply a purification of the mixed state. In this work, we introduce the concept of mixed-state certification, and we show that a natural sampling protocol offers secure certification in the presence of a possibly dishonest prover: if the verifier accepts then he can be almost certain that the state in question has been correctly prepared, up to a small number of errors. We then apply this result to two-party quantum coin-tossing. Given that strong coin tossing is impossible, it is natural to ask "how close can we get". This question has been well studied and is nowadays well understood from the perspective of the bias of individual coin tosses. We approach and answer this question from a different---and somewhat orthogonal---perspective, where we do not look at individual coin tosses but at the global entropy instead. We show how two distrusting parties can produce a common high-entropy source, where the entropy is an arbitrarily small fraction below the maximum (except with negligible probability)

On the joint security of signature and encryption schemes under randomness reuse: efficiency and security amplification

Lecture Notes in Computer Science, 7341We extend the work of Bellare, Boldyreva and Staddon on the systematic analysis of randomness reuse to construct multi-recipient encryption schemes to the case where randomness is reused across different cryptographic primitives. We find that through the additional binding introduced through randomness reuse, one can actually obtain a security amplification with respect to the standard black-box compositions, and achieve a stronger level of security. We introduce stronger notions of security for encryption and signatures, where challenge messages can depend in a restricted way on the random coins used in encryption, and show that two variants of the KEM/DEM paradigm give rise to encryption schemes that meet this enhanced notion of security. We obtain the most efficient signcryption scheme to date that is secure against insider attackers without random oracles.(undefined

Hypofractionated image-guided breath-hold SABR (Stereotactic Ablative Body Radiotherapy) of liver metastases - clinical results

Purpose: Stereotactic Ablative Body Radiotherapy (SABR) is a non-invasive therapy option for inoperable liver oligometastases. Outcome and toxicity were retrospectively evaluated in a single-institution patient cohort who had undergone ultrasound-guided breath-hold SABR. Patients and methods: 19 patients with liver metastases of various primary tumors consecutively treated with SABR (image-guidance with stereotactic ultrasound in combination with computer-controlled breath-hold) were analysed regarding overall-survival (OS), progression-free-survival (PFS), progression pattern, local control (LC), acute and late toxicity. Results: PTV (planning target volume)-size was 108 +/- 109cm(3) (median 67.4 cm(3)). BED2 (Biologically effective dose in 2 Gy fraction) was 83.3 +/- 26.2 Gy (median 78 Gy). Median follow-up and median OS were 12 months. Actuarial 2-year-OS-rate was 31%. Median PFS was 4 months, actuarial 1-year-PFS-rate was 20%. Site of first progression was predominantly distant. Regression of irradiated lesions was observed in 84% (median time to detection of regression was 2 months). Actuarial 6-month-LC-rate was 92%, 1- and 2-years-LC-rate 57%, respectively. BED2 influenced LC. When a cut-off of BED2 = 78 Gy was used, the higher BED2 values resulted in improved local control with a statistical trend to significance (p = 0.0999). Larger PTV-sizes, inversely correlated with applied dose, resulted in lower local control, also with a trend to significance (p-value = 0.08) when a volume cut-off of 67 cm(3) was used. No local relapse was observed at PTV-sizes < 67 cm(3) and BED2 > 78 Gy. No acute clinical toxicity > degrees 2 was observed. Late toxicity was also <= degrees 2 with the exception of one gastrointestinal bleeding-episode 1 year post-SABR. A statistically significant elevation in the acute phase was observed for alkaline-phosphatase; in the chronic phase for alkaline-phosphatase, bilirubine, cholinesterase and C-reactive protein. Conclusions: A trend to statistically significant correlation of local progression was observed for BED2 and PTV-size. Dose-levels BED2 > 78 Gy cannot be reached in large lesions constituting a significant fraction of this series. Image-guided SABR (igSABR) is therefore an effective non-invasive treatment modality with low toxicity in patients with small inoperable liver metastases

Non-malleable encryption: simpler, shorter, stronger

In a seminal paper, Dolev et al. [15] introduced the notion of non-malleable encryption (NM-CPA). This notion is very intriguing since it suffices for many applications of chosen-ciphertext secure encryption (IND-CCA), and, yet, can be generically built from semantically secure (IND-CPA) encryption, as was shown in the seminal works by Pass et al. [29] and by Choi et al. [9], the latter of which provided a black-box construction. In this paper we investigate three questions related to NM-CPA security: 1. Can the rate of the construction by Choi et al. of NM-CPA from IND-CPA be improved? 2. Is it possible to achieve multi-bit NM-CPA security more efficiently from a single-bit NM-CPA scheme than from IND-CPA? 3. Is there a notion stronger than NM-CPA that has natural applications and can be achieved from IND-CPA security? We answer all three questions in the positive. First, we improve the rate in the scheme of Choi et al. by a factor O(λ), where λ is the security parameter. Still, encrypting a message of size O(λ) would require ciphertext and keys of size O(λ2) times that of the IND-CPA scheme, even in our improved scheme. Therefore, we show a more efficient domain extension technique for building a λ-bit NM-CPA scheme from a single-bit NM-CPA scheme with keys and ciphertext of size O(λ) times that of the NM-CPA one-bit scheme. To achieve our goal, we define and construct a novel type of continuous non-malleable code (NMC), called secret-state NMC, as we show that standard continuous NMCs are not enough for the natural “encode-then-encrypt-bit-by-bit” approach to work. Finally, we introduce a new security notion for public-key encryption that we dub non-malleability under (chosen-ciphertext) self-destruct attacks (NM-SDA). After showing that NM-SDA is a strict strengthening of NM-CPA and allows for more applications, we nevertheless show that both of our results—(faster) construction from IND-CPA and domain extension from one-bit scheme—also hold for our stronger NM-SDA security. In particular, the notions of IND-CPA, NM-CPA, and NM-SDA security are all equivalent, lying (plausibly, strictly?) below IND-CCA securit

Deterministic generation of an on-demand Fock state

We theoretically study the deterministic generation of photon Fock states on-demand using a protocol based on a Jaynes Cummings quantum random walk which includes damping. We then show how each of the steps of this protocol can be implemented in a low temperature solid-state quantum system with a Nitrogen-Vacancy centre in a nano-diamond coupled to a nearby high-Q optical cavity. By controlling the coupling duration between the NV and the cavity via the application of a time dependent Stark shift, and by increasing the decay rate of the NV via stimulated emission depletion (STED) a Fock state with high photon number can be generated on-demand. Our setup can be integrated on a chip and can be accurately controlled.Comment: 13 pages, 9 figure

NIKA: A millimeter-wave kinetic inductance camera

Current generation millimeter wavelength detectors suffer from scaling limits imposed by complex cryogenic readout electronics. To circumvent this it is imperative to investigate technologies that intrinsically incorporate strong multiplexing. One possible solution is the kinetic inductance detector (KID). In order to assess the potential of this nascent technology, a prototype instrument optimized for the 2 mm atmospheric window was constructed. Known as the N\'eel IRAM KIDs Array (NIKA), it was recently tested at the Institute for Millimetric Radio Astronomy (IRAM) 30-meter telescope at Pico Veleta, Spain. The measurement resulted in the imaging of a number of sources, including planets, quasars, and galaxies. The images for Mars, radio star MWC349, quasar 3C345, and galaxy M87 are presented. From these results, the optical NEP was calculated to be around $1 \times 10^{-15}$ W$/$Hz$^{1/2}$. A factor of 10 improvement is expected to be readily feasible by improvements in the detector materials and reduction of performance-degrading spurious radiation.Comment: Accepted for publication in Astronomy & Astrophysic

Sideband Cooling Micromechanical Motion to the Quantum Ground State

The advent of laser cooling techniques revolutionized the study of many atomic-scale systems. This has fueled progress towards quantum computers by preparing trapped ions in their motional ground state, and generating new states of matter by achieving Bose-Einstein condensation of atomic vapors. Analogous cooling techniques provide a general and flexible method for preparing macroscopic objects in their motional ground state, bringing the powerful technology of micromechanics into the quantum regime. Cavity opto- or electro-mechanical systems achieve sideband cooling through the strong interaction between light and motion. However, entering the quantum regime, less than a single quantum of motion, has been elusive because sideband cooling has not sufficiently overwhelmed the coupling of mechanical systems to their hot environments. Here, we demonstrate sideband cooling of the motion of a micromechanical oscillator to the quantum ground state. Entering the quantum regime requires a large electromechanical interaction, which is achieved by embedding a micromechanical membrane into a superconducting microwave resonant circuit. In order to verify the cooling of the membrane motion into the quantum regime, we perform a near quantum-limited measurement of the microwave field, resolving this motion a factor of 5.1 from the Heisenberg limit. Furthermore, our device exhibits strong-coupling allowing coherent exchange of microwave photons and mechanical phonons. Simultaneously achieving strong coupling, ground state preparation and efficient measurement sets the stage for rapid advances in the control and detection of non-classical states of motion, possibly even testing quantum theory itself in the unexplored region of larger size and mass.Comment: 13 pages, 7 figure