Weak approximate unitary designs and applications to quantum encryption

Unitary t-designs are the bread and butter of quantum information theory and beyond. An important issue in practice is that of efficiently constructing good approximations of such unitary t-designs. Building on results by Aubrun (Comm. Math. Phys. 2009), we prove that sampling dtpoly(t,logd,1/ϵ) unitaries from an exact t-design provides with positive probability an ϵ-approximate t-design, if the error is measured in one-to-one norm distance of the corresponding t-twirling channels. As an application, we give a partially derandomized construction of a quantum encryption scheme that has roughly the same key size and security as the quantum one-time pad, but possesses the additional property of being non-malleable against adversaries without quantum side information

Constraints on Multipartite Quantum Entropies

The von Neumann entropy plays a vital role in quantum information theory. As the Shannon entropydoes in classical information theory, the von Neumann entropy determines the capacities of quan-tum channels. Quantum entropies of composite quantum systems are important for future quantumnetwork communication their characterization is related to the so calledquantum marginal problem.Furthermore, they play a role in quantum thermodynamics. In this thesis the set of quantum entropiesof multipartite quantum systems is the main object of interest. The problem of characterizing this setis not new – however, progress has been sparse, indicating that the problem may be considered hardand that new methods might be needed. Here, a variety of different and complementary aprroachesare taken.First, I look at global properties. It is known that the von Neumann entropy region – just likeits classical counterpart – forms aconvex cone. I describe the symmetries of this cone and highlightgeometric similarities and differences to the classical entropy cone.In a different approach, I utilize thelocalgeometric properties ofextremal raysof a cone. I showthat quantum states whose entropy lies on such an extremal ray of the quantum entropy cone have avery simple structure.As the set of all quantum states is very complicated, I look at a simple subset calledstabilizerstates. I improve on previously known results by showing that under a technical condition on the localdimension, entropies of stabilizer states respect an additional class of information inequalities that isvalid for random variables from linear codes.In a last approach I find a representation-theoretic formulation of the classical marginal problemsimplifying the comparison with its quantum mechanical counterpart. This novel correspondenceyields a simplified formulation of the group characterization of classical entropies (IEEE Trans. Inf.Theory, 48(7):1992–1995, 2002) in purely combinatorial terms

Disentanglement cost of quantum states.

We show that the minimal rate of noise needed to catalytically erase the entanglement in a bipartite quantum state is given by the regularized relative entropy of entanglement. This offers a solution to the central open question raised in [Groisman et al., Phys. Rev. A 72, 032317 (2005)PLRAAN1050-294710.1103/PhysRevA.72.032317] and complements their main result that the minimal rate of noise needed to erase all correlations is given by the quantum mutual information. We extend our discussion to the tripartite setting where we show that an asymptotic rate of noise given by the regularized relative entropy of recovery is sufficient to catalytically transform the state to a locally recoverable version of the state

Coarse-Graining Can Beat the Rotating Wave Approximation in Quantum Markovian Master Equations

We present a first-principles derivation of the Markovian semi-group master equation without invoking the rotating wave approximation (RWA). Instead we use a time coarse-graining approach which leaves us with a free timescale parameter, which we can optimize. Comparing this approach to the standard RWA-based Markovian master equation, we find that significantly better agreement is possible using the coarse-graining approach, for a three-level model coupled to a bath of oscillators, whose exact dynamics we can solve for at zero temperature. The model has the important feature that the RWA has a non-trivial effect on the dynamics of the populations. We show that the two different master equations can exhibit strong qualitative differences for the population of the energy eigenstates even for such a simple model. The RWA-based master equation misses an important feature which the coarse-graining based scheme does not. By optimizing the coarse-graining timescale the latter scheme can be made to approach the exact solution much more closely than the RWA-based master equation

Can you sign a quantum state?

Cryptography with quantum states exhibits a number of surprising and counterintuitive features. In a 2002 work, Barnum et al. argued informally that these strange features should imply that digital signatures for quantum states are impossible (Barnum et al., FOCS 2002). In this work, we perform the first rigorous study of the problem of signing quantum states. We first show that the intuition of Barnum et al. was correct, by proving an impossibility result which rules out even very weak forms of signing quantum states. Essentially, we show that any non-trivial combination of correctness and security requirements results in negligible security. This rules out all quantum signature schemes except those which simply measure the state and then sign the outcome using a classical scheme. In other words, only classical signature schemes exist. We then show a positive result: it is possible to sign quantum states, provided that they are also encrypted with the public key of the intended recipient. Following classical nomenclature, we call this notion quantum signcryption. Classically, signcryption is only interesting if it provides superior efficiency to simultaneous encryption and signing. Our results imply that, quantumly, it is far more interesting: by the laws of quantum mechanics, it is the only signing method available. We develop security definitions for quantum signcryption, ranging from a simple one-time two-user setting, to a chosen-ciphertext-secure many-time multi-user setting. We also give secure constructions based on post-quantum public-key primitives. Along the way, we show that a natural hybrid method of combining classical and quantum schemes can be used to "upgrade" a secure classical scheme to the fully-quantum setting, in a wide range of cryptographic settings including signcryption, authenticated encryption, and chosen-ciphertext security

Quantum non-malleability and authentication

Abstract: In encryption, non-malleability is a highly desirable property: it ensures that adversaries cannot manipulate the plaintext by acting on the ciphertext. Ambainis et al. gave a definition of non-malleability for the encryption of quantum data. In this work, we show that this definition is too weak, as it allows adversaries to ``inject'' plaintexts of their choice into the ciphertext. We give a new definition of quantum non-malleability which resolves this problem. Our definition is expressed in terms of entropic quantities, considers stronger adversaries, and does not assume secrecy. Rather, we prove that quantum non-malleability implies secrecy; this is in stark contrast to the classical setting, where the two properties are completely independent. For unitary schemes, our notion of non-malleability is equivalent to encryption with a two-design (and hence also to the definition of Ambainis et al.). Our techniques also yield new results regarding the closely-related task of quantum authentication. We show that ``total authentication'' (a notion recently proposed by Garg et al.) can be satisfied with two-designs, a significant improvement over their eight-design-based construction. We also show that, under a mild adaptation of the rejection procedure, both total authentication and our notion of non-malleability yield quantum authentication as defined by Dupuis et al

Conditional decoupling of quantum information

Insights from quantum information theory show that correlation measures based on quantum entropy are fundamental tools that reveal the entanglement structure of multipartite states. In that spirit, Groisman, Popescu, and Winter [Phys. Rev. A 72, 032317 (2005)PLRAAN1050-294710.1103/PhysRevA.72.032317] showed that the quantum mutual information I(A;B) quantifies the minimal rate of noise needed to erase the correlations in a bipartite state of quantum systems AB. Here, we investigate correlations in tripartite systems ABE. In particular, we are interested in the minimal rate of noise needed to apply to the systems AE in order to erase the correlations between A and B given the information in system E, in such a way that there is only negligible disturbance on the marginal BE. We present two such models of conditional decoupling, called deconstruction and conditional erasure cost of tripartite states ABE. Our main result is that both are equal to the conditional quantum mutual information I(A;B|E) - establishing it as an operational measure for tripartite quantum correlations

Non-malleability for quantum public-key encryption

Non-malleability is an important security property for public-key encryption (PKE). Its significance is due to the fundamental unachievability of integrity and authenticity guarantees in this setting, rendering it the strongest integrity-like property achievable using only PKE, without digital signatures. In this work, we generalize this notion to the setting of quantum public-key encryption. Overcoming the notorious "recording barrier" known from generalizing other integrity-like security notions to quantum encryption, we generalize one of the equivalent classical definitions, comparison-based non-malleability, and show how it can be fulfilled. In addition, we explore one-time non-malleability notions for symmetric-key encryption from the literature by defining plaintext and ciphertext variants and by characterizing their relation