Unconditional security at a low cost

By simulating four quantum key distribution (QKD) experiments and analyzing one decoy-state QKD experiment, we compare two data post-processing schemes based on security against individual attack by L\"{u}tkenhaus, and unconditional security analysis by Gottesman-Lo-L\"{u}tkenhaus-Preskill. Our results show that these two schemes yield close performances. Since the Holy Grail of QKD is its unconditional security, we conclude that one is better off considering unconditional security, rather than restricting to individual attacks.Comment: Accepted by International Conference on Quantum Foundation and Technology: Frontier and Future 2006 (ICQFT'06

Unconditionally Secure Bit Commitment

We describe a new classical bit commitment protocol based on cryptographic constraints imposed by special relativity. The protocol is unconditionally secure against classical or quantum attacks. It evades the no-go results of Mayers, Lo and Chau by requiring from Alice a sequence of communications, including a post-revelation verification, each of which is guaranteed to be independent of its predecessor.Comment: Typos corrected. Reference details added. To appear in Phys. Rev. Let

Deuteron Momentum Distribution in KD2HPO4

The momentum distribution in KD2PO4(DKDP) has been measured using neutron Compton scattering above and below the weakly first order paraelectric-ferroelectric phase transition(T=229K). There is very litte difference between the two distributions, and no sign of the coherence over two locations for the proton observed in the paraelectric phase, as in KH2PO4(KDP). We conclude that the tunnel splitting must be much less than 20mev. The width of the distribution indicates that the effective potential for DKDP is significantly softer than that for KDP. As electronic structure calculations indicate that the stiffness of the potential increases with the size of the coherent region locally undergoing soft mode fluctuations, we conclude that there is a mass dependent quantum coherence length in both systems.Comment: 6 pages 5 figure

Efficient Heralding of Photonic Qubits with Apllications to Device Independent Quantum Key Distribution

We present an efficient way of heralding photonic qubit signals using linear optics devices. First we show that one can obtain asymptotically perfect heralding and unit success probability with growing resources. Second, we show that even using finite resources, we can improve qualitatively and quantitatively over earlier heralding results. In the latte r scenario, we can obtain perfect heralded photonic qubits while maintaining a finite success probability. We demonstrate the advantage of our heralding scheme by predicting key rates for device independent quantum key distribution, taking imperfections of sources and detectors into account

Optimal ratio between phase basis and bit basis in QKD

In the original BB84 protocol, the bit basis and the phase basis are used with equal probability. Lo et al (J. of Cryptology, 18, 133-165 (2005)) proposed to modify the ratio between the two bases by increasing the final key generation rate. However, the optimum ratio has not been derived. In this letter, in order to examine this problem, the ratio between the two bases is optimized for exponential constraints given Eve's information distinguishability and the final error probability

Postponement of dark-count effects in practical quantum key-distribution by two-way post-processing

The influence of imperfections on achievable secret-key generation rates of quantum key distribution protocols is investigated. As examples of relevant imperfections, we consider tagging of Alice's qubits and dark counts at Bob's detectors, while we focus on a powerful eavesdropping strategy which takes full advantage of tagged signals. It is demonstrated that error correction and privacy amplification based on a combination of a two-way classical communication protocol and asymmetric Calderbank-Shor-Steane codes may significantly postpone the disastrous influence of dark counts. As a result, the distances are increased considerably over which a secret key can be distributed in optical fibres reliably. Results are presented for the four-state, the six-state, and the decoy-state protocols.Comment: Fully revised version (12 pages and 8 figures). Improved figures and discussion added. To appear in Eur. Phys. J.

Quantum Kolmogorov Complexity and Quantum Key Distribution

We discuss the Bennett-Brassard 1984 (BB84) quantum key distribution protocol in the light of quantum algorithmic information. While Shannon's information theory needs a probability to define a notion of information, algorithmic information theory does not need it and can assign a notion of information to an individual object. The program length necessary to describe an object, Kolmogorov complexity, plays the most fundamental role in the theory. In the context of algorithmic information theory, we formulate a security criterion for the quantum key distribution by using the quantum Kolmogorov complexity that was recently defined by Vit\'anyi. We show that a simple BB84 protocol indeed distribute a binary sequence between Alice and Bob that looks almost random for Eve with a probability exponentially close to 1.Comment: typos correcte

Experimental quantum tossing of a single coin

The cryptographic protocol of coin tossing consists of two parties, Alice and Bob, that do not trust each other, but want to generate a random bit. If the parties use a classical communication channel and have unlimited computational resources, one of them can always cheat perfectly. Here we analyze in detail how the performance of a quantum coin tossing experiment should be compared to classical protocols, taking into account the inevitable experimental imperfections. We then report an all-optical fiber experiment in which a single coin is tossed whose randomness is higher than achievable by any classical protocol and present some easily realisable cheating strategies by Alice and Bob.Comment: 13 page

Security of practical private randomness generation

Measurements on entangled quantum systems necessarily yield outcomes that are intrinsically unpredictable if they violate a Bell inequality. This property can be used to generate certified randomness in a device-independent way, i.e., without making detailed assumptions about the internal working of the quantum devices used to generate the random numbers. Furthermore these numbers are also private, i.e., they appear random not only to the user, but also to any adversary that might possess a perfect description of the devices. Since this process requires a small initial random seed, one usually speaks of device-independent randomness expansion. The purpose of this paper is twofold. First, we point out that in most real, practical situations, where the concept of device-independence is used as a protection against unintentional flaws or failures of the quantum apparatuses, it is sufficient to show that the generated string is random with respect to an adversary that holds only classical-side information, i.e., proving randomness against quantum-side information is not necessary. Furthermore, the initial random seed does not need to be private with respect to the adversary, provided that it is generated in a way that is independent from the measured systems. The devices, though, will generate cryptographically-secure randomness that cannot be predicted by the adversary and thus one can, given access to free public randomness, talk about private randomness generation. The theoretical tools to quantify the generated randomness according to these criteria were already introduced in [S. Pironio et al, Nature 464, 1021 (2010)], but the final results were improperly formulated. The second aim of this paper is to correct this inaccurate formulation and therefore lay out a precise theoretical framework for practical device-independent randomness expansion.Comment: 18 pages. v3: important changes: the present version focuses on security against classical side-information and a discussion about the significance of these results has been added. v4: minor changes. v5: small typos correcte