19 research outputs found
Unconditional Security of Single-Photon Differential Phase Shift Quantum Key Distribution
In this Letter, we prove the unconditional security of single-photon
differential phase shift quantum key distribution (DPS-QKD) protocol, based on
the conversion to an equivalent entanglement-based protocol. We estimate the
upper bound of the phase error rate from the bit error rate, and show that
DPS-QKD can generate unconditionally secure key when the bit error rate is not
greater than 4.12%. This proof is the first step to the unconditional security
proof of coherent state DPS-QKD.Comment: 5 pages, 2 figures; shorten the length, improve clarity, and correct
typos; accepted for publication in Physical Review Letter
Optimal ratio between phase basis and bit basis in QKD
In the original BB84 protocol, the bit basis and the phase basis are used
with equal probability. Lo et al (J. of Cryptology, 18, 133-165 (2005))
proposed to modify the ratio between the two bases by increasing the final key
generation rate. However, the optimum ratio has not been derived. In this
letter, in order to examine this problem, the ratio between the two bases is
optimized for exponential constraints given Eve's information
distinguishability and the final error probability
A simple proof of the unconditional security of quantum key distribution
Quantum key distribution is the most well-known application of quantum
cryptography. Previous proposed proofs of security of quantum key distribution
contain various technical subtleties. Here, a conceptually simpler proof of
security of quantum key distribution is presented. The new insight is the
invariance of the error rate of a teleportation channel: We show that the error
rate of a teleportation channel is independent of the signals being
transmitted. This is because the non-trivial error patterns are permuted under
teleportation. This new insight is combined with the recently proposed quantum
to classical reduction theorem. Our result shows that assuming that Alice and
Bob have fault-tolerant quantum computers, quantum key distribution can be made
unconditionally secure over arbitrarily long distances even against the most
general type of eavesdropping attacks and in the presence of all types of
noises.Comment: 13 pages, extended abstract. Comments will be appreciate
Unconditionally Secure Bit Commitment
We describe a new classical bit commitment protocol based on cryptographic
constraints imposed by special relativity. The protocol is unconditionally
secure against classical or quantum attacks. It evades the no-go results of
Mayers, Lo and Chau by requiring from Alice a sequence of communications,
including a post-revelation verification, each of which is guaranteed to be
independent of its predecessor.Comment: Typos corrected. Reference details added. To appear in Phys. Rev.
Let
Security of practical private randomness generation
Measurements on entangled quantum systems necessarily yield outcomes that are
intrinsically unpredictable if they violate a Bell inequality. This property
can be used to generate certified randomness in a device-independent way, i.e.,
without making detailed assumptions about the internal working of the quantum
devices used to generate the random numbers. Furthermore these numbers are also
private, i.e., they appear random not only to the user, but also to any
adversary that might possess a perfect description of the devices. Since this
process requires a small initial random seed, one usually speaks of
device-independent randomness expansion.
The purpose of this paper is twofold. First, we point out that in most real,
practical situations, where the concept of device-independence is used as a
protection against unintentional flaws or failures of the quantum apparatuses,
it is sufficient to show that the generated string is random with respect to an
adversary that holds only classical-side information, i.e., proving randomness
against quantum-side information is not necessary. Furthermore, the initial
random seed does not need to be private with respect to the adversary, provided
that it is generated in a way that is independent from the measured systems.
The devices, though, will generate cryptographically-secure randomness that
cannot be predicted by the adversary and thus one can, given access to free
public randomness, talk about private randomness generation.
The theoretical tools to quantify the generated randomness according to these
criteria were already introduced in [S. Pironio et al, Nature 464, 1021
(2010)], but the final results were improperly formulated. The second aim of
this paper is to correct this inaccurate formulation and therefore lay out a
precise theoretical framework for practical device-independent randomness
expansion.Comment: 18 pages. v3: important changes: the present version focuses on
security against classical side-information and a discussion about the
significance of these results has been added. v4: minor changes. v5: small
typos correcte
Universally Composable Quantum Multi-Party Computation
The Universal Composability model (UC) by Canetti (FOCS 2001) allows for
secure composition of arbitrary protocols. We present a quantum version of the
UC model which enjoys the same compositionality guarantees. We prove that in
this model statistically secure oblivious transfer protocols can be constructed
from commitments. Furthermore, we show that every statistically classically UC
secure protocol is also statistically quantum UC secure. Such implications are
not known for other quantum security definitions. As a corollary, we get that
quantum UC secure protocols for general multi-party computation can be
constructed from commitments
Physical Underpinnings of Privacy
One of the remarkable features of quantum mechanics is the ability to ensure
secrecy. Private states embody this effect, as they are precisely those
multipartite quantum states from which two parties can produce a shared secret
that cannot in any circumstance be correlated to an external system. Naturally,
these play an important role in quantum key distribution (QKD) and quantum
information theory. However, a general distillation method has heretofore been
missing. Inspired by Koashi's complementary control scenario (arXiv:0704.3661v1
[quant-ph]), we give a new definition of private states in terms of one party's
potential knowledge of two complementary measurements made on the other and use
this to construct a general method of private state distillation using quantum
error-correcting codes. The procedure achieves the same key rate as recent,
more information-theoretic approaches while demonstrating the physical
principles underlying privacy of the key. Additionally, the same approach can
be used to establish the hashing inequality for entanglement distillation, as
well as the direct quantum coding theorem.Comment: 12.5 page
One-way quantum key distribution: Simple upper bound on the secret key rate
We present a simple method to obtain an upper bound on the achievable secret
key rate in quantum key distribution (QKD) protocols that use only
unidirectional classical communication during the public-discussion phase. This
method is based on a necessary precondition for one-way secret key
distillation; the legitimate users need to prove that there exists no quantum
state having a symmetric extension that is compatible with the available
measurements results. The main advantage of the obtained upper bound is that it
can be formulated as a semidefinite program, which can be efficiently solved.
We illustrate our results by analysing two well-known qubit-based QKD
protocols: the four-state protocol and the six-state protocol. Recent results
by Renner et al., Phys. Rev. A 72, 012332 (2005), also show that the given
precondition is only necessary but not sufficient for unidirectional secret key
distillation.Comment: 11 pages, 1 figur
Quantum key distribution with delayed privacy amplification and its application to security proof of a two-way deterministic protocol
Privacy amplification (PA) is an essential post-processing step in quantum
key distribution (QKD) for removing any information an eavesdropper may have on
the final secret key. In this paper, we consider delaying PA of the final key
after its use in one-time pad encryption and prove its security. We prove that
the security and the key generation rate are not affected by delaying PA.
Delaying PA has two applications: it serves as a tool for significantly
simplifying the security proof of QKD with a two-way quantum channel, and also
it is useful in QKD networks with trusted relays. To illustrate the power of
the delayed PA idea, we use it to prove the security of a qubit-based two-way
deterministic QKD protocol which uses four states and four encoding operations.Comment: 11 pages, 3 figure
Phase encoding schemes for measurement device independent quantum key distribution and basis-dependent flaw
In this paper, we study the unconditional security of the so-called
measurement device independent quantum key distribution (MDIQKD) with the
basis-dependent flaw in the context of phase encoding schemes. We propose two
schemes for the phase encoding, the first one employs a phase locking technique
with the use of non-phase-randomized coherent pulses, and the second one uses
conversion of standard BB84 phase encoding pulses into polarization modes. We
prove the unconditional security of these schemes and we also simulate the key
generation rate based on simple device models that accommodate imperfections.
Our simulation results show the feasibility of these schemes with current
technologies and highlight the importance of the state preparation with good
fidelity between the density matrices in the two bases. Since the
basis-dependent flaw is a problem not only for MDIQKD but also for standard
QKD, our work highlights the importance of an accurate signal source in
practical QKD systems.
Note: We include the erratum of this paper in Appendix C. The correction does
not affect the validity of the main conclusions reported in the paper, which is
the importance of the state preparation in MDIQKD and the fact that our schemes
can generate the key with the practical channel mode that we have assumed.Comment: We include the erratum of this paper in Appendix C. The correction
does not affect the validity of the main conclusions reported in the pape