Advances in Cryptology - CRYPTO 2009

Volume 5677 of the series Lecture Notes in Computer Science pp 408-427

Improving the Security of Quantum Protocols via Commit-and-Open

  • Ivan DamgårdAffiliated withLancaster UniversityDAIMI, Aarhus University
  • , Serge FehrAffiliated withLancaster UniversityCentrum Wiskunde & Informatica (CWI) Amsterdam
  • , Carolin LunemannAffiliated withLancaster UniversityDAIMI, Aarhus University
  • , Louis SalvailAffiliated withLancaster UniversityUniversité de Montréal (DIRO)
  • , Christian SchaffnerAffiliated withLancaster UniversityCentrum Wiskunde & Informatica (CWI) Amsterdam


We consider two-party quantum protocols starting with a transmission of some random BB84 qubits followed by classical messages. We show a general “compiler” improving the security of such protocols: if the original protocol is secure against an “almost honest” adversary, then the compiled protocol is secure against an arbitrary computationally bounded (quantum) adversary. The compilation preserves the number of qubits sent and the number of rounds up to a constant factor. The compiler also preserves security in the bounded-quantum-storage model (BQSM), so if the original protocol was BQSM-secure, the compiled protocol can only be broken by an adversary who has large quantum memory and large computing power. This is in contrast to known BQSM-secure protocols, where security breaks down completely if the adversary has larger quantum memory than expected. We show how our technique can be applied to quantum identification and oblivious transfer protocols.