1,363 research outputs found
Coin Tossing is Strictly Weaker Than Bit Commitment
We define cryptographic assumptions applicable to two mistrustful parties who
each control two or more separate secure sites between which special relativity
guarantees a time lapse in communication. We show that, under these
assumptions, unconditionally secure coin tossing can be carried out by
exchanges of classical information. We show also, following Mayers, Lo and
Chau, that unconditionally secure bit commitment cannot be carried out by
finitely many exchanges of classical or quantum information. Finally we show
that, under standard cryptographic assumptions, coin tossing is strictly weaker
than bit commitment. That is, no secure classical or quantum bit commitment
protocol can be built from a finite number of invocations of a secure coin
tossing black box together with finitely many additional information exchanges.Comment: Final version; to appear in Phys. Rev. Let
Effects of detector efficiency mismatch on security of quantum cryptosystems
We suggest a type of attack on quantum cryptosystems that exploits variations
in detector efficiency as a function of a control parameter accessible to an
eavesdropper. With gated single-photon detectors, this control parameter can be
the timing of the incoming pulse. When the eavesdropper sends short pulses
using the appropriate timing so that the two gated detectors in Bob's setup
have different efficiencies, the security of quantum key distribution can be
compromised. Specifically, we show for the Bennett-Brassard 1984 (BB84)
protocol that if the efficiency mismatch between 0 and 1 detectors for some
value of the control parameter gets large enough (roughly 15:1 or larger), Eve
can construct a successful faked-states attack causing a quantum bit error rate
lower than 11%. We also derive a general security bound as a function of the
detector sensitivity mismatch for the BB84 protocol. Experimental data for two
different detectors are presented, and protection measures against this attack
are discussed.Comment: v3: identical to the journal version. However, after publication we
have discovered that Eq. 11 is incorrect: the available bit rate after
privacy amplification is reduced even in the case (QBER)=0 [see Quant. Inf.
Comp. 7, 73 (2007)
Unconditionally Secure Key Distribution Based on Two Nonorthogonal States
We prove the unconditional security of the Bennett 1992 protocol, by using a
reduction to an entanglement distillation protocol initiated by a local
filtering process. The bit errors and the phase errors are correlated after the
filtering, and we can bound the amount of phase errors from the observed bit
errors by an estimation method involving nonorthogonal measurements. The angle
between the two states shows a trade-off between accuracy of the estimation and
robustness to noises.Comment: 5 pages, 1 figur
Deuteron Momentum Distribution in KD2HPO4
The momentum distribution in KD2PO4(DKDP) has been measured using neutron
Compton scattering above and below the weakly first order
paraelectric-ferroelectric phase transition(T=229K). There is very litte
difference between the two distributions, and no sign of the coherence over two
locations for the proton observed in the paraelectric phase, as in KH2PO4(KDP).
We conclude that the tunnel splitting must be much less than 20mev. The width
of the distribution indicates that the effective potential for DKDP is
significantly softer than that for KDP. As electronic structure calculations
indicate that the stiffness of the potential increases with the size of the
coherent region locally undergoing soft mode fluctuations, we conclude that
there is a mass dependent quantum coherence length in both systems.Comment: 6 pages 5 figure
Security Trade-offs in Ancilla-Free Quantum Bit Commitment in the Presence of Superselection Rules
Security trade-offs have been established for one-way bit commitment in
quant-ph/0106019. We study this trade-off in two superselection settings. We
show that for an `abelian' superselection rule (exemplified by particle
conservation) the standard trade-off between sealing and binding properties
still holds. For the non-abelian case (exemplified by angular momentum
conservation) the security trade-off can be more subtle, which we illustrate by
showing that if the bit-commitment is forced to be ancilla-free an
asymptotically secure quantum bit commitment is possible.Comment: 7 pages Latex; v2 has 8 pages and additional references and
clarifications, this paper is to appear in the New Journal of Physic
Optimal Bell tests do not require maximally entangled states
Any Bell test consists of a sequence of measurements on a quantum state in
space-like separated regions. Thus, a state is better than others for a Bell
test when, for the optimal measurements and the same number of trials, the
probability of existence of a local model for the observed outcomes is smaller.
The maximization over states and measurements defines the optimal nonlocality
proof. Numerical results show that the required optimal state does not have to
be maximally entangled.Comment: 1 figure, REVTEX
Quantum key distribution with 2-bit quantum codes
We propose a prepare-and-measure scheme for quantum key distribution with
2-bit quantum codes. The protocol is unconditionally secure under whatever type
of intercept-and-resend attack. Given the symmetric and independent errors to
the transmitted qubits, our scheme can tolerate a bit error rate up to 26% in
4-state protocol and 30% in 6-state protocol, respectively. These values are
higher than all currently known threshold values for prepare-and-measure
protocols. A specific realization with linear optics is given.Comment: Approved for publication in Physical Review Letter
General theory for decoy-state quantum key distribution with arbitrary number of intensities
We develop a general theory for quantum key distribution (QKD) in both the
forward error correction and the reverse error correction cases when the QKD
system is equipped with phase-randomized coherent light with arbitrary number
of decoy intensities. For this purpose, generalizing Wang's expansion, we
derive a convex expansion of the phase-randomized coherent state. We also
numerically check that the asymptotic key generation rates are almost saturated
when the number of decoy intensities is three.Comment: This manuscript has been revised extensivel
Unconditionally Secure Bit Commitment
We describe a new classical bit commitment protocol based on cryptographic
constraints imposed by special relativity. The protocol is unconditionally
secure against classical or quantum attacks. It evades the no-go results of
Mayers, Lo and Chau by requiring from Alice a sequence of communications,
including a post-revelation verification, each of which is guaranteed to be
independent of its predecessor.Comment: Typos corrected. Reference details added. To appear in Phys. Rev.
Let
- …