Security of EPR-based Quantum Cryptography against Incoherent Symmetric Attacks

We investigate a new strategy for incoherent eavesdropping in Ekert's entanglement based quantum key distribution protocol. We show that under certain assumptions of symmetry the effectiveness of this strategy reduces to that of the original single qubit protocol of Bennett and Brassard

Optimal ratio between phase basis and bit basis in QKD

In the original BB84 protocol, the bit basis and the phase basis are used with equal probability. Lo et al (J. of Cryptology, 18, 133-165 (2005)) proposed to modify the ratio between the two bases by increasing the final key generation rate. However, the optimum ratio has not been derived. In this letter, in order to examine this problem, the ratio between the two bases is optimized for exponential constraints given Eve's information distinguishability and the final error probability

Limitations of entropic inequalities for detecting nonclassicality in the postselected Bell causal structure

Classical and quantum physics impose different constraints on the joint probability distributions of observed variables in a causal structure. These differences mean that certain correlations can be certified as non-classical, which has both foundational and practical importance. Rather than working with the probability distribution itself, it can instead be convenient to work with the entropies of the observed variables. In the Bell causal structure with two inputs and outputs per party, a technique that uses entropic inequalities is known that can always identify non-classical correlations. Here we consider the analogue of this technique in the generalization of this scenario to more outcomes. We identify a family of non-classical correlations in the Bell scenario with two inputs and three outputs per party whose non-classicality cannot be detected through the direct analogue of the previous technique. We also show that use of Tsallis entropy instead of Shannon entropy does not help in this case. Furthermore, we give evidence that natural extensions of the technique also do not help. More precisely, our evidence suggests that even if we allow the observed correlations to be post-processed according to a natural class of non-classicality non-generating operations, entropic inequalities for either the Shannon or Tsallis entropies cannot detect the non-classicality, and hence that entropic inequalities are generally not sufficient to detect non-classicality in the Bell causal structure. In addition, for the bipartite Bell scenario with two inputs and three outputs we find the vertex description of the polytope of non-signalling distributions that satisfy all of the CHSH-type inequalities, which is one of the main regions of investigation in this work.Comment: 14+7 pages, 3 figures, v2: new results added and parts of the text restructured, v3: version accepted for publication (title differs from published version due to editorial convention

Bilocal versus non-bilocal correlations in entanglement swapping experiments

Entanglement swapping is a process by which two initially independent quantum systems can become entangled and generate nonlocal correlations. To characterize such correlations, we compare them to those predicted by bilocal models, where systems that are initially independent are described by uncorrelated states. We extend in this paper the analysis of bilocal correlations initiated in [Phys. Rev. Lett. 104, 170401 (2010)]. In particular, we derive new Bell-type inequalities based on the bilocality assumption in different scenarios, we study their possible quantum violations, and analyze their resistance to experimental imperfections. The bilocality assumption, being stronger than Bell's standard local causality assumption, lowers the requirements for the demonstration of quantumness in entanglement swapping experiments

An information-theoretic security proof for QKD protocols

We present a new technique for proving the security of quantum key distribution (QKD) protocols. It is based on direct information-theoretic arguments and thus also applies if no equivalent entanglement purification scheme can be found. Using this technique, we investigate a general class of QKD protocols with one-way classical post-processing. We show that, in order to analyze the full security of these protocols, it suffices to consider collective attacks. Indeed, we give new lower and upper bounds on the secret-key rate which only involve entropies of two-qubit density operators and which are thus easy to compute. As an illustration of our results, we analyze the BB84, the six-state, and the B92 protocol with one-way error correction and privacy amplification. Surprisingly, the performance of these protocols is increased if one of the parties adds noise to the measurement data before the error correction. In particular, this additional noise makes the protocols more robust against noise in the quantum channel.Comment: 18 pages, 3 figure

Secrecy extraction from no-signalling correlations

Quantum cryptography shows that one can guarantee the secrecy of correlation on the sole basis of the laws of physics, that is without limiting the computational power of the eavesdropper. The usual security proofs suppose that the authorized partners, Alice and Bob, have a perfect knowledge and control of their quantum systems and devices; for instance, they must be sure that the logical bits have been encoded in true qubits, and not in higher-dimensional systems. In this paper, we present an approach that circumvents this strong assumption. We define protocols, both for the case of bits and for generic $d$-dimensional outcomes, in which the security is guaranteed by the very structure of the Alice-Bob correlations, under the no-signalling condition. The idea is that, if the correlations cannot be produced by shared randomness, then Eve has poor knowledge of Alice's and Bob's symbols. The present study assumes, on the one hand that the eavesdropper Eve performs only individual attacks (this is a limitation to be removed in further work), on the other hand that Eve can distribute any correlation compatible with the no-signalling condition (in this sense her power is greater than what quantum physics allows). Under these assumptions, we prove that the protocols defined here allow extracting secrecy from noisy correlations, when these correlations violate a Bell-type inequality by a sufficiently large amount. The region, in which secrecy extraction is possible, extends within the region of correlations achievable by measurements on entangled quantum states.Comment: 23 pages, 4 figure

Key distillation from quantum channels using two-way communication protocols

We provide a general formalism to characterize the cryptographic properties of quantum channels in the realistic scenario where the two honest parties employ prepare and measure protocols and the known two-way communication reconciliation techniques. We obtain a necessary and sufficient condition to distill a secret key using this type of schemes for Pauli qubit channels and generalized Pauli channels in higher dimension. Our results can be applied to standard protocols such as BB84 or six-state, giving a critical error rate of 20% and 27.6%, respectively. We explore several possibilities to enlarge these bounds, without any improvement. These results suggest that there may exist weakly entangling channels useless for key distribution using prepare and measure schemes.Comment: 21 page

Universally Composable Quantum Multi-Party Computation

The Universal Composability model (UC) by Canetti (FOCS 2001) allows for secure composition of arbitrary protocols. We present a quantum version of the UC model which enjoys the same compositionality guarantees. We prove that in this model statistically secure oblivious transfer protocols can be constructed from commitments. Furthermore, we show that every statistically classically UC secure protocol is also statistically quantum UC secure. Such implications are not known for other quantum security definitions. As a corollary, we get that quantum UC secure protocols for general multi-party computation can be constructed from commitments