Device-independent randomness extraction for arbitrarily weak min-entropy source

Expansion and amplification of weak randomness plays a crucial role in many security protocols. Using quantum devices, such procedure is possible even without trusting the devices used, by utilizing correlations between outcomes of parts of the devices. We show here how to extract random bits with an arbitrarily low bias from a single arbitrarily weak min-entropy source in a device independent setting. To do this we use Mermin devices that exhibit super-classical correlations. Number of devices used scales polynomially in the length of the random sequence $n$. Our protocol is robust, it can tolerate devices that malfunction with a probability dropping polynomially in $n$ at the cost of a minor increase of the number of devices used.Comment: 5 pages + 3 pages supplementary materia

Weak randomness completely trounces the security of QKD

In usual security proofs of quantum protocols the adversary (Eve) is expected to have full control over any quantum communication between any communicating parties (Alice and Bob). Eve is also expected to have full access to an authenticated classical channel between Alice and Bob. Unconditional security against any attack by Eve can be proved even in the realistic setting of device and channel imperfection. In this Letter we show that the security of QKD protocols is ruined if one allows Eve to possess a very limited access to the random sources used by Alice. Such knowledge should always be expected in realistic experimental conditions via different side channels

Non-malleable encryption of quantum information

We introduce the notion of "non-malleability" of a quantum state encryption scheme (in dimension d): in addition to the requirement that an adversary cannot learn information about the state, here we demand that no controlled modification of the encrypted state can be effected. We show that such a scheme is equivalent to a "unitary 2-design" [Dankert et al.], as opposed to normal encryption which is a unitary 1-design. Our other main results include a new proof of the lower bound of (d^2-1)^2+1 on the number of unitaries in a 2-design [Gross et al.], which lends itself to a generalization to approximate 2-design. Furthermore, while in prime power dimension there is a unitary 2-design with =< d^5 elements, we show that there are always approximate 2-designs with O(epsilon^{-2} d^4 log d) elements.Comment: 8 pages. Title changed in v2, a couple of mistakes corrected, the results are essentially unchanged; accepted for publication at J Math Phy

Purification and correlated measurements of bipartite mixed states

We prove that all purifications of a non-factorable state (i.e., the state which cannot be expressed in a form $\rho_{AB}=\rho_A\otimes\rho_B$) are entangled. We also show that for any bipartite state there exists a pair of measurements which are correlated on this state if and only if the state is non-factorable.Comment: 4 revtex pages, to appear in Phys. Rev.

Optimality of private quantum channels

We addressed the question of optimality of private quantum channels. We have shown that the Shannon entropy of the classical key necessary to securely transfer the quantum information is lower bounded by the entropy exchange of the private quantum channel $\cal E$ and von Neumann entropy of the ciphertext state $\varrho^{(0)}$. Based on these bounds we have shown that decomposition of private quantum channels into orthogonal unitaries (if exists) is optimizing the entropy. For non-ancillary single qubit PQC we have derived the optimal entropy for arbitrary set of plaintexts. In particular, we have shown that except when the (closure of the) set of plaintexts contains all states, one bit key is sufficient. We characterized and analyzed all the possible single qubit private quantum channels for arbitrary set of plaintexts. For the set of plaintexts consisting of all qubit states we have characterized all possible approximate private quantum channels and we have derived the relation between the security parameter and the corresponding minimal entropy.Comment: no commen

Quantum key distribution and cryptography: a survey

I will try to partially answer, based on a review on recent work, the following question: Can QKD and more generally quantum information be useful to cover some practical security requirements in current (and future) IT infrastructures ? I will in particular cover the following topics - practical performances of QKD - QKD network deployment - SECOQC project - Capabilities of QKD as a cryptographic primitive - comparative advantage with other solution, in order to cover practical security requirements - Quantum information and Side-channels - QKD security assurance - Thoughts about "real" Post-Quantum Cryptograph