Cryptography in the Bounded-Quantum-Storage Model

SIAM Journal on Computing (Impact Factor: 0.74). 01/2008; 37(6):1865-1890. DOI: 10.1137/060651343
Source: DBLP


We initiate the study of two-party cryptographic primitives with unconditional security, assuming that the adversary's quantum memory is of bounded size. We show that oblivious transfer and bit commitment can be implemented in this model using protocols where honest parties need no quantum memory, whereas an adversarial player needs quantum memory of size at least $n/2$ in order to break the protocol, where $n$ is the number of qubits transmitted. This is in sharp contrast to the classical bounded-memory model, where we can only tolerate adversaries with memory of size quadratic in honest players' memory size. Our protocols are efficient and noninteractive and can be implemented using today's technology. On the technical side, a new entropic uncertainty relation involving min-entropy is established.

Download full-text


Available from: Ivan Damgård, Sep 29, 2015
15 Reads
  • Source
    • "However, the assumption of noisy and bounded storage comes in here to give a sufficiently high min-entropy which is crucial for the security proof. For simplicity in further proofs, we also introduce a simpler version, considering only bounded storage, which is a simple consequence of the chain rule and monotonicity of the min-entropy [12] [27]. "
    [Show abstract] [Hide abstract]
    ABSTRACT: Fundamental primitives such as bit commitment and oblivious transfer serve as building blocks for many other two-party protocols. Hence, the secure implementation of such primitives is important in modern cryptography. Here we present a bit commitment protocol that is secure as long as the attacker's quantum memory device is imperfect. The latter assumption is known as the noisy-storage model. We experimentally executed this protocol by performing measurements on polarization-entangled photon pairs. Our work includes a full security analysis, accounting for all experimental error rates and finite size effects. This demonstrates the feasibility of two-party protocols in this model using real-world quantum devices. Finally, we provide a general analysis of our bit commitment protocol for a range of experimental parameters.
    Nature Communications 12/2012; 3:1326. DOI:10.1038/ncomms2268 · 11.47 Impact Factor
  • Source
    • "This approach to defining approximate security has been well established in the context of arXiv:1108.5571v2 [quant-ph] 30 Aug 2011 cryptography, and more recently extended to the case of quantum key distribution [13] and other quantum cryptographic primitives secure in the bounded and the noisy storage models [14] [15]. The security parameter of our proposed UBQC protocol using states generated by the remote blind single qubit preparation protocol is then shown to exponentially approach zero with N (the number of coherent states), without making any assumption on the adversary's capabilities. "
    [Show abstract] [Hide abstract]
    ABSTRACT: The recently proposed Universal Blind Quantum Computation (UBQC) protocol allows a client to perform an arbitrary quantum computation on a remote server such that perfect privacy is guaranteed if the client is capable of producing random separable single qubit states. While from a theoretical point of view, this arguably constitutes the lowest possible quantum requirement, from a pragmatic point of view, generation of random single qubits which can be sent along long distances without loss is quite challenging and can never be achieved perfectly. In analogy to the concept of approximate security developed for other cryptographic protocols, we introduce here the concept of approximate blindness for UBQC, allowing us to characterize the robustness of the protocol to possible imperfections. Following this, we present a remote blind single qubit preparation protocol, by which a client with access to realistic quantum devices (such as coherent laser light) can in a delegated fashion prepare quantum states arbitrarily close to perfect random single qubit states. We finally prove that access to coherent states is sufficient to efficiently achieve approximate blindness with arbitrary small security parameter.
    Physical Review Letters 08/2011; 108(20). DOI:10.1103/PhysRevLett.108.200502 · 7.51 Impact Factor
  • Source
    • "Such a test could, for example, be used by manufacturers to certify the quality of a source creating BB84-states [3] and to proof to a skeptical audience that their devices fulfill the desired specifications. Sources of BB84-states are widely used in quantum cryptography, including quantum key distribution and bit commitment or oblivious transfer secure in the bounded/noisy storage model [12] [27]. Moreover, recent security proofs for quantum key distribution [5] [51] [52] are based on uncertainty relations of the form (2). The overlap of the source enters there as the crucial parameter determining the secrecy of the resulting key — in particular, there is no need to do tomography of the produced states. "
    [Show abstract] [Hide abstract]
    ABSTRACT: Two of the most intriguing features of quantum physics are the uncertainty principle and the occurrence of non-local correlations. The uncertainty principle states that there exist pairs of non-compatible measurements on quantum systems such that their outcomes cannot be simultaneously predicted by any observer. On the other hand, non-local correlations of measurement outcomes at different locations cannot be explained by classical physics, but appear in quantum mechanics in the presence of entanglement. Here, we show that these two essential properties of quantum mechanics are quantitatively related. Namely, we provide an entropic uncertainty relation that gives a lower bound on the uncertainty of the binary outcomes of two measurements in terms of the maximum Clauser-Horne-Shimony-Holt value that can be achieved using the same measurements. We discuss an application of this uncertainty relation to certify a quantum source using untrusted devices. Bibtex entry for this abstract Preferred format for this abstract (see Preferences) Find Similar Abstracts: Use: Authors Title Keywords (in text query field) Abstract Text Return: Query Results Return items starting with number Query Form Database: Astronomy Physics arXiv e-prints
Show more