Generalized Entropies

We study an entropy measure for quantum systems that generalizes the von Neumann entropy as well as its classical counterpart, the Gibbs or Shannon entropy. The entropy measure is based on hypothesis testing and has an elegant formulation as a semidefinite program, a type of convex optimization. After establishing a few basic properties, we prove upper and lower bounds in terms of the smooth entropies, a family of entropy measures that is used to characterize a wide range of operational quantities. From the formulation as a semidefinite program, we also prove a result on decomposition of hypothesis tests, which leads to a chain rule for the entropy.Comment: 21 page

A de Finetti representation for finite symmetric quantum states

Consider a symmetric quantum state on an n-fold product space, that is, the state is invariant under permutations of the n subsystems. We show that, conditioned on the outcomes of an informationally complete measurement applied to a number of subsystems, the state in the remaining subsystems is close to having product form. This immediately generalizes the so-called de Finetti representation to the case of finite symmetric quantum states.Comment: 22 pages, LaTe

Unconditional privacy over channels which cannot convey quantum information

By sending systems in specially prepared quantum states, two parties can communicate without an eavesdropper being able to listen. The technique, called quantum cryptography, enables one to verify that the state of the quantum system has not been tampered with, and thus one can obtain privacy regardless of the power of the eavesdropper. All previous protocols relied on the ability to faithfully send quantum states. In fact, until recently, they could all be reduced to a single protocol where security is ensured though sharing maximally entangled states. Here we show this need not be the case -- one can obtain verifiable privacy even through some channels which cannot be used to reliably send quantum states.Comment: Related to quant-ph/0608195 and for a more general audienc

An All-But-One Entropic Uncertainty Relation, and Application to Password-based Identification

Entropic uncertainty relations are quantitative characterizations of Heisenberg's uncertainty principle, which make use of an entropy measure to quantify uncertainty. In quantum cryptography, they are often used as convenient tools in security proofs. We propose a new entropic uncertainty relation. It is the first such uncertainty relation that lower bounds the uncertainty in the measurement outcome for all but one choice for the measurement from an arbitrarily large (but specifically chosen) set of possible measurements, and, at the same time, uses the min-entropy as entropy measure, rather than the Shannon entropy. This makes it especially suited for quantum cryptography. As application, we propose a new quantum identification scheme in the bounded quantum storage model. It makes use of our new uncertainty relation at the core of its security proof. In contrast to the original quantum identification scheme proposed by Damg{\aa}rd et al., our new scheme also offers some security in case the bounded quantum storage assumption fails hold. Specifically, our scheme remains secure against an adversary that has unbounded storage capabilities but is restricted to non-adaptive single-qubit operations. The scheme by Damg{\aa}rd et al., on the other hand, completely breaks down under such an attack.Comment: 33 pages, v

A measure of majorisation emerging from single-shot statistical mechanics

The use of the von Neumann entropy in formulating the laws of thermodynamics has recently been challenged. It is associated with the average work whereas the work guaranteed to be extracted in any single run of an experiment is the more interesting quantity in general. We show that an expression that quantifies majorisation determines the optimal guaranteed work. We argue it should therefore be the central quantity of statistical mechanics, rather than the von Neumann entropy. In the limit of many identical and independent subsystems (asymptotic i.i.d) the von Neumann entropy expressions are recovered but in the non-equilbrium regime the optimal guaranteed work can be radically different to the optimal average. Moreover our measure of majorisation governs which evolutions can be realized via thermal interactions, whereas the nondecrease of the von Neumann entropy is not sufficiently restrictive. Our results are inspired by single-shot information theory.Comment: 54 pages (15+39), 9 figures. Changed title / changed presentation, same main results / added minor result on pure bipartite state entanglement (appendix G) / near to published versio

Noisy pre-processing facilitating a photonic realisation of device-independent quantum key distribution

Device-independent quantum key distribution provides security even when the equipment used to communicate over the quantum channel is largely uncharacterized. An experimental demonstration of device-independent quantum key distribution is however challenging. A central obstacle in photonic implementations is that the global detection efficiency, i.e., the probability that the signals sent over the quantum channel are successfully received, must be above a certain threshold. We here propose a method to significantly relax this threshold, while maintaining provable device-independent security. This is achieved with a protocol that adds artificial noise, which cannot be known or controlled by an adversary, to the initial measurement data (the raw key). Focusing on a realistic photonic setup using a source based on spontaneous parametric down conversion, we give explicit bounds on the minimal required global detection efficiency.Comment: 5+16 pages, 4 figure

Decoupling with unitary approximate two-designs

Consider a bipartite system, of which one subsystem, A, undergoes a physical evolution separated from the other subsystem, R. One may ask under which conditions this evolution destroys all initial correlations between the subsystems A and R, i.e. decouples the subsystems. A quantitative answer to this question is provided by decoupling theorems, which have been developed recently in the area of quantum information theory. This paper builds on preceding work, which shows that decoupling is achieved if the evolution on A consists of a typical unitary, chosen with respect to the Haar measure, followed by a process that adds sufficient decoherence. Here, we prove a generalized decoupling theorem for the case where the unitary is chosen from an approximate two-design. A main implication of this result is that decoupling is physical, in the sense that it occurs already for short sequences of random two-body interactions, which can be modeled as efficient circuits. Our decoupling result is independent of the dimension of the R system, which shows that approximate 2-designs are appropriate for decoupling even if the dimension of this system is large.Comment: Published versio

Multi-Prover Commitments Against Non-Signaling Attacks

We reconsider the concept of multi-prover commitments, as introduced in the late eighties in the seminal work by Ben-Or et al. As was recently shown by Cr\'{e}peau et al., the security of known two-prover commitment schemes not only relies on the explicit assumption that the provers cannot communicate, but also depends on their information processing capabilities. For instance, there exist schemes that are secure against classical provers but insecure if the provers have quantum information processing capabilities, and there are schemes that resist such quantum attacks but become insecure when considering general so-called non-signaling provers, which are restricted solely by the requirement that no communication takes place. This poses the natural question whether there exists a two-prover commitment scheme that is secure under the sole assumption that no communication takes place; no such scheme is known. In this work, we give strong evidence for a negative answer: we show that any single-round two-prover commitment scheme can be broken by a non-signaling attack. Our negative result is as bad as it can get: for any candidate scheme that is (almost) perfectly hiding, there exists a strategy that allows the dishonest provers to open a commitment to an arbitrary bit (almost) as successfully as the honest provers can open an honestly prepared commitment, i.e., with probability (almost) 1 in case of a perfectly sound scheme. In the case of multi-round schemes, our impossibility result is restricted to perfectly hiding schemes. On the positive side, we show that the impossibility result can be circumvented by considering three provers instead: there exists a three-prover commitment scheme that is secure against arbitrary non-signaling attacks