1,208 research outputs found
Deuteron Momentum Distribution in KD2HPO4
The momentum distribution in KD2PO4(DKDP) has been measured using neutron
Compton scattering above and below the weakly first order
paraelectric-ferroelectric phase transition(T=229K). There is very litte
difference between the two distributions, and no sign of the coherence over two
locations for the proton observed in the paraelectric phase, as in KH2PO4(KDP).
We conclude that the tunnel splitting must be much less than 20mev. The width
of the distribution indicates that the effective potential for DKDP is
significantly softer than that for KDP. As electronic structure calculations
indicate that the stiffness of the potential increases with the size of the
coherent region locally undergoing soft mode fluctuations, we conclude that
there is a mass dependent quantum coherence length in both systems.Comment: 6 pages 5 figure
Effects of detector efficiency mismatch on security of quantum cryptosystems
We suggest a type of attack on quantum cryptosystems that exploits variations
in detector efficiency as a function of a control parameter accessible to an
eavesdropper. With gated single-photon detectors, this control parameter can be
the timing of the incoming pulse. When the eavesdropper sends short pulses
using the appropriate timing so that the two gated detectors in Bob's setup
have different efficiencies, the security of quantum key distribution can be
compromised. Specifically, we show for the Bennett-Brassard 1984 (BB84)
protocol that if the efficiency mismatch between 0 and 1 detectors for some
value of the control parameter gets large enough (roughly 15:1 or larger), Eve
can construct a successful faked-states attack causing a quantum bit error rate
lower than 11%. We also derive a general security bound as a function of the
detector sensitivity mismatch for the BB84 protocol. Experimental data for two
different detectors are presented, and protection measures against this attack
are discussed.Comment: v3: identical to the journal version. However, after publication we
have discovered that Eq. 11 is incorrect: the available bit rate after
privacy amplification is reduced even in the case (QBER)=0 [see Quant. Inf.
Comp. 7, 73 (2007)
Security Trade-offs in Ancilla-Free Quantum Bit Commitment in the Presence of Superselection Rules
Security trade-offs have been established for one-way bit commitment in
quant-ph/0106019. We study this trade-off in two superselection settings. We
show that for an `abelian' superselection rule (exemplified by particle
conservation) the standard trade-off between sealing and binding properties
still holds. For the non-abelian case (exemplified by angular momentum
conservation) the security trade-off can be more subtle, which we illustrate by
showing that if the bit-commitment is forced to be ancilla-free an
asymptotically secure quantum bit commitment is possible.Comment: 7 pages Latex; v2 has 8 pages and additional references and
clarifications, this paper is to appear in the New Journal of Physic
Is Quantum Bit Commitment Really Possible?
We show that all proposed quantum bit commitment schemes are insecure because
the sender, Alice, can almost always cheat successfully by using an
Einstein-Podolsky-Rosen type of attack and delaying her measurement until she
opens her commitment.Comment: Major revisions to include a more extensive introduction and an
example of bit commitment. Overlap with independent work by Mayers
acknowledged. More recent works by Mayers, by Lo and Chau and by Lo are also
noted. Accepted for publication in Phys. Rev. Let
Unconditionally secure quantum bit commitment is impossible
The claim of quantum cryptography has always been that it can provide
protocols that are unconditionally secure, that is, for which the security does
not depend on any restriction on the time, space or technology available to the
cheaters. We show that this claim does not hold for any quantum bit commitment
protocol. Since many cryptographic tasks use bit commitment as a basic
primitive, this result implies a severe setback for quantum cryptography. The
model used encompasses all reasonable implementations of quantum bit commitment
protocols in which the participants have not met before, including those that
make use of the theory of special relativity.Comment: 4 pages, revtex. Journal version replacing the version published in
the proceedings of PhysComp96. This is a significantly improved version which
emphasis the generality of the resul
Multi-Prover Commitments Against Non-Signaling Attacks
We reconsider the concept of multi-prover commitments, as introduced in the
late eighties in the seminal work by Ben-Or et al. As was recently shown by
Cr\'{e}peau et al., the security of known two-prover commitment schemes not
only relies on the explicit assumption that the provers cannot communicate, but
also depends on their information processing capabilities. For instance, there
exist schemes that are secure against classical provers but insecure if the
provers have quantum information processing capabilities, and there are schemes
that resist such quantum attacks but become insecure when considering general
so-called non-signaling provers, which are restricted solely by the requirement
that no communication takes place.
This poses the natural question whether there exists a two-prover commitment
scheme that is secure under the sole assumption that no communication takes
place; no such scheme is known.
In this work, we give strong evidence for a negative answer: we show that any
single-round two-prover commitment scheme can be broken by a non-signaling
attack. Our negative result is as bad as it can get: for any candidate scheme
that is (almost) perfectly hiding, there exists a strategy that allows the
dishonest provers to open a commitment to an arbitrary bit (almost) as
successfully as the honest provers can open an honestly prepared commitment,
i.e., with probability (almost) 1 in case of a perfectly sound scheme. In the
case of multi-round schemes, our impossibility result is restricted to
perfectly hiding schemes.
On the positive side, we show that the impossibility result can be
circumvented by considering three provers instead: there exists a three-prover
commitment scheme that is secure against arbitrary non-signaling attacks
Quantum Kolmogorov Complexity and Quantum Key Distribution
We discuss the Bennett-Brassard 1984 (BB84) quantum key distribution protocol
in the light of quantum algorithmic information. While Shannon's information
theory needs a probability to define a notion of information, algorithmic
information theory does not need it and can assign a notion of information to
an individual object. The program length necessary to describe an object,
Kolmogorov complexity, plays the most fundamental role in the theory. In the
context of algorithmic information theory, we formulate a security criterion
for the quantum key distribution by using the quantum Kolmogorov complexity
that was recently defined by Vit\'anyi. We show that a simple BB84 protocol
indeed distribute a binary sequence between Alice and Bob that looks almost
random for Eve with a probability exponentially close to 1.Comment: typos correcte
Practical Quantum Bit Commitment Protocol
A quantum protocol for bit commitment the security of which is based on
technological limitations on nondemolition measurements and long-term quantum
memory is presented.Comment: Quantum Inf. Process. (2011
- …