Mathematical Programming

, Volume 156, Issue 1–2, pp 581–613 | Cite as

A search for quantum coin-flipping protocols using optimization techniques

  • Ashwin Nayak
  • Jamie SikoraEmail author
  • Levent Tunçel
Full Length Paper Series A


Coin-flipping is a cryptographic task in which two physically separated, mistrustful parties wish to generate a fair coin-flip by communicating with each other. Chailloux and Kerenidis (2009) designed quantum protocols that guarantee coin-flips with near optimal bias away from uniform, even when one party deviates arbitrarily from the protocol. The probability of any outcome in these protocols is provably at most \(\tfrac{1}{\sqrt{2}} + \delta \) for any given \(\delta > 0\). However, no explicit description of these protocols is known; in fact, the smallest bias achieved by known explicit protocols is \(1/4\) (Ambainis 2001). We take a computational optimization approach, based mostly on convex optimization, to the search for simple and explicit quantum strong coin-flipping protocols. We present a search algorithm to identify protocols with low bias within a natural class, protocols based on bit-commitment (Nayak and Shor in Phys Rev A 67(1):012304, 2003). The techniques we develop enable a computational search for protocols given by a mesh over the corresponding parameter space. We conduct searches for four-round and six-round protocols with bias below \(0.2499\) each of varying dimension which include the best known explicit protocol (with bias \(1/4\)). After checking over \(10^{16}\) protocols, a task which would be infeasible using semidefinite programming alone, we conjecture that the smallest achievable bias within the family of protocols we consider is \(1/4\).


Semidefinite programming Quantum coin-flipping  Computational optimization 

Mathematics Subject Classification

90-08 Computational methods 90C22 Semidefinite programming 81P68 Quantum computation and quantum cryptography 



We thank Andrew Childs, Michele Mosca, Peter Høyer, and John Watrous for their comments and suggestions. A.N.’s research was supported in part by NSERC Canada, CIFAR, an ERA (Ontario), QuantumWorks, and MITACS. A part of this work was completed at Perimeter Institute for Theoretical Physics. Perimeter Institute is supported in part by the Government of Canada through Industry Canada and by the Province of Ontario through MRI. J.S.’s research is supported by NSERC Canada, MITACS, ERA (Ontario), ANR Project ANR-09-JCJC-0067-01, and ERC Project QCC 306537. L.T.’s research is supported in part by Discovery Grants from NSERC. Research at the Centre for Quantum Technologies at the National University of Singapore is partially funded by the Singapore Ministry of Education and the National Research Foundation, also through the Tier 3 Grant “Random numbers from quantum processes,” (MOE2012-T3-1-009).

Supplementary material

10107_2015_909_MOESM1_ESM.pdf (689 kb)
Supplementary material 1 (pdf 689 KB)


  1. 1.
    Aharonov, D., Chailloux, A., Ganz, M., Kerenidis, I., Magnin, L.: A simpler proof of existence of quantum weak coin flipping with arbitrarily small bias (2013). ManuscriptGoogle Scholar
  2. 2.
    Aharonov, D., Ta-Shma, A., Vazirani, U., Yao, A.C.C.: Quantum bit escrow. In: Proceedings of 32nd Annual ACM Symposium on the Theory of Computing, 705–714. ACM (2000). doi: 10.1145/335305.335404
  3. 3.
    Ambainis, A.: A new protocol and lower bounds for quantum coin flipping. In: Proceedings of 33rd Annual ACM Symposium on the Theory of Computing, 134–142. ACM (2001). doi: 10.1109/FOCS.2004.13
  4. 4.
    Bennett, C., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, 175–179. IEEE Computer Society (1984)Google Scholar
  5. 5.
    Bernstein, E., Vazirani, U.V.: Quantum complexity theory. SIAM J. Comput. 26(5), 1411–1473 (1997)CrossRefMathSciNetzbMATHGoogle Scholar
  6. 6.
    Blum, M.: Coin flipping by telephone. In: Gersho, A. (ed.) Advances in Cryptology: A Report on CRYPTO 81, CRYPTO 81, IEEE Workshop on Communications Security, Santa Barbara, California, USA, August 24–26, 1981, pp. 11–15. U. C. Santa Barbara, Department of Electrical and Computer Engineering, ECE Report No. 82–04, 1982 (1981)Google Scholar
  7. 7.
    Chailloux, A., Kerenidis, I.: Optimal quantum strong coin flipping. In: Proceedings of 50th IEEE Symposium on Foundations of Computer Science, 527–533. IEEE Computer Society (2009)Google Scholar
  8. 8.
    Chailloux, A., Kerenidis, I.: Optimal bounds for quantum bit commitment. In: Proceedings of the 52nd Annual IEEE Symposium on Foundations of Computer Science, 354–362. IEEE Computer Society Press (2011). doi: 10.1109/FOCS.2011.42
  9. 9.
    Gutoski, G., Watrous, J.: Toward a general theory of quantum games. In: Proceedings of the Thirty-Ninth Annual ACM Symposium on Theory of Computing, pp. 565–574. ACM, New York, NY, USA (2007)Google Scholar
  10. 10.
    Kerenidis, I., Nayak, A.: Weak coin flipping with small bias. Inf. Process. Lett. 89(3), 131–135 (2004). doi: 10.1016/j.ipl.2003.07.007 CrossRefMathSciNetzbMATHGoogle Scholar
  11. 11.
    Kitaev, A.: Quantum coin-flipping (2002). Unpublished result. Talk in the 6th Annual workshop on Quantum Information Processing, QIP 2003 Berkeley. CA, USA, December 2002Google Scholar
  12. 12.
    Lo, H.K., Chau, H.F.: Is quantum bit commitment really possible? Phys. Rev. Lett. 78(17), 3410–3413 (1997). doi: 10.1103/PhysRevLett.78.3410 CrossRefGoogle Scholar
  13. 13.
    Lo, H.K., Chau, H.F.: Unconditional security of quantum key distribution over arbitrarily long distances. Science 283, 2050–2056 (1999)CrossRefGoogle Scholar
  14. 14.
    Mayers, D.: Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Lett. 78(17), 3414–3417 (1997). doi: 10.1103/PhysRevLett.78.3414 CrossRefGoogle Scholar
  15. 15.
    Mayers, D.: Unconditional security in quantum cryptography. J. ACM 48(3), 351–406 (2001)CrossRefMathSciNetGoogle Scholar
  16. 16.
    Mochon, C.: A large family of quantum weak coin-flipping protocols. Phys. Rev. A 72(2), 022341 (2005). doi: 10.1103/PhysRevA.72.022341 CrossRefGoogle Scholar
  17. 17.
    Mochon, C.: Quantum weak coin flipping with arbitrarily small bias. Available as arXiv:quant-ph/0711.4114 (2007)
  18. 18.
    Molina, A., Vidick, T., Watrous, J.: Optimal counterfeiting attacks and generalizations for Wiesner’s quantum money. In: Proceedings of the 7th Conference on Theory of Quantum Computation, Communication, and Cryptography, pp. 45–64 (2012)Google Scholar
  19. 19.
    Nayak, A., Shor, P.W.: On bit-commitment based quantum coin flipping. Phys. Rev. A 67(1), 012304 (2003). doi: 10.1103/PhysRevA.67.012304 CrossRefGoogle Scholar
  20. 20.
    Nielsen, M., Chuang, I.L.: Quantum Computation and Quantum Information. Cambridge University Press, New York, USA (2000)zbMATHGoogle Scholar
  21. 21.
    Preskill, J., Shor, P.W.: Simple proof of security of the BB84 quantum key distribution protocol. Phys. Rev. Lett. 85(2), 441–444 (2000)CrossRefGoogle Scholar
  22. 22.
    Shor, P.W.: Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)CrossRefMathSciNetzbMATHGoogle Scholar
  23. 23.
    Spekkens, R.W., Rudolph, T.: Degrees of concealment and bindingness in quantum bit commitment protocols. Phys. Rev. A 65, 012310 (2001). doi: 10.1103/PhysRevA.65.012310 CrossRefGoogle Scholar
  24. 24.
    Sturm, J.F.: Using SeDuMi 1.02, a MATLAB toolbox for optimization over symmetric cones. Optim. Methods Softw. 11, 625–653 (1999)CrossRefMathSciNetGoogle Scholar
  25. 25.
    Sturm, J.F.: Implementation of interior point methods for mixed semidefinite and second order cone optimization problems. Optim. Methods Softw. 17(6), 1105–1154 (2002)CrossRefMathSciNetzbMATHGoogle Scholar
  26. 26.
    Tunçel, L., Wolkowicz, H.: Strong duality and minimal representations for cone optimization. Comput. Optim. Appl. 1–30 (2012). doi: 10.1007/s10589-012-9480-0
  27. 27.
    Wiesner, S.: Conjugate coding. SIGACT News 15(1), 78–88 (1983). doi: 10.1145/1008908.1008920 CrossRefGoogle Scholar
  28. 28.
    Wolkowicz, H., Saigal, R., Vandenberghe, L.: Handbook of Semidefinite Programming. Kluwer Academic Publishers (2000)Google Scholar
  29. 29.
    Yao, A.C.C.: Some complexity questions related to distributive computing. In: Proceedings of the Eleventh Annual ACM Symposium on Theory of Computing, STOC ’79, pp. 209–213. ACM, New York, USA (1979). doi: 10.1145/800135.804414
  30. 30.
    Yao, A.C.C.: Quantum circuit complexity. In: Proceedings of the 34th Annual IEEE Symposium on Foundations of Computer Science, pp. 352–361. IEEE Computer Society Press, Los Alamitos, CA, USA (1993)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg and Mathematical Optimization Society 2015

Authors and Affiliations

  1. 1.Department of Combinatorics and Optimization, and Institute for Quantum ComputingUniversity of WaterlooWaterlooCanada
  2. 2.Centre for Quantum TechnologiesNational University of SingaporeSingaporeSingapore
  3. 3.MajuLab CNRS-UNS-NUS-NTU International Joint Research UnitUMISingaporeSingapore
  4. 4.Department of Combinatorics and OptimizationUniversity of WaterlooWaterlooCanada

Personalised recommendations