Foundations of Physics

, Volume 40, Issue 5, pp 494–531 | Cite as

Quantum Cryptography

  • Serge FehrEmail author


Quantum cryptography makes use of the quantum-mechanical behavior of nature for the design and analysis of cryptographic schemes. Optimally (but not always), quantum cryptography allows for the design of cryptographic schemes whose security is guaranteed solely by the laws of nature. This is in sharp contrast to standard cryptographic schemes, which can be broken in principle, i.e., when given sufficient computing power. From a theory point of view, quantum cryptography offers a beautiful interplay between the mathematics of adversarial behavior and quantum information theory. In this review article, we discuss the traditional application of quantum cryptography, quantum key distribution (QKD), from a modern perspective, and we discuss some recent developments in the context of quantum two-party cooperation (2PC). QKD allows two distant parties to communicate in a provably-secure way in the presence of an outside eavesdropper, whereas 2PC is concerned with protecting information against possibly malicious insiders. We show the basic idea of constructing quantum cryptographic schemes, but we also show some connections to quantum information theory as needed for the rigorous security analyses, and we discuss some of the relevant quantum-information-theoretic results.


Quantum cryptography Quantum information theory Hilbert space formalism Key distribution Secure cooperation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ambainis, A.: A new protocol and lower bounds for quantum coin flipping. J. Comput. Syst. Sci. 68(2), 398–416 (2004) zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Ambainis, A., Nayak, A., Ta-Shma, A., Vazirani, U.: Dense quantum coding and quantum finite automata. J. ACM 49(4), 496–511 (2002) CrossRefMathSciNetGoogle Scholar
  3. 3.
    Bell, J.S.: On the Einstein-Podolsky-Rosen paradox. Physics 1(3), 195–290 (1964) Google Scholar
  4. 4.
    Bennett, C.H.: Quantum cryptography using any two nonorthogonal states. Phys. Rev. Lett. 68(21), 3121–3124 (1992) zbMATHCrossRefMathSciNetADSGoogle Scholar
  5. 5.
    Bennett, C.H., Brassard, G.: Quantum cryptography and its application to provably secure key expansion, public-key distribution, and coin-tossing. In: IEEE International Symposium on Information Theory (ISIT), p. 91 (1983) Google Scholar
  6. 6.
    Bennett, C.H., Brassard, G.: Quantum cryptography: Public key distribution and coin tossing. In: IEEE International Conference on Computers, Systems, and Signal Processing, pp. 175–179 (1984) Google Scholar
  7. 7.
    Bennett, C.H., Brassard, G., Breidbart, S.: Quantum cryptography II: How to re-use a one-time pad safely even if P = NP. Unpublished Manuscript (1982) Google Scholar
  8. 8.
    Bennett, C.H., Brassard, G., Breidbart, S., Wiesner, S.: Quantum cryptography, or unforgeable subway tokens. In: CRYPTO 1982, pp. 267–275. Plenum, New York (1982) Google Scholar
  9. 9.
    Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.M.: Generalized privacy amplification. IEEE Trans. Inf. Theory 41, 1915–1923 (1995) CrossRefGoogle Scholar
  10. 10.
    Bennett, C.H., Brassard, G., Crépeau, C., Skubiszewska, M.-H.: Practical quantum oblivious transfer. In: CRYPTO 1991. Lecture Notes in Computer Science, vol. 576, pp. 351–366. Springer, Berlin (1991) Google Scholar
  11. 11.
    Bennett, C.H., Brassard, G., Mermin, N.D.: Quantum cryptography without Bell’s theorem. Phys. Rev. Lett. 68(5), 557–559 (1992) zbMATHCrossRefMathSciNetADSGoogle Scholar
  12. 12.
    Bennett, C.H., Brassard, G., Robert, J.-M.: How to reduce your enemy’s information. In: CRYPTO 1985. Lecture Notes in Computer Science, vol. 218, pp. 468–476. Springer, Berlin (1985) Google Scholar
  13. 13.
    Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM J. Comput. 17(2), 210–229 (1988) CrossRefMathSciNetGoogle Scholar
  14. 14.
    Biham, E., Boyer, M., Boykin, P.O., Mor, T., Roychowdhury, V.: A proof of the security of quantum key distribution. In: 32rd Annual ACM Symposium on Theory of Computing (STOC), pp. 715–724 (2000) Google Scholar
  15. 15.
    Bouman, N., Fehr, S.: Sampling in a quantum population, and applications. (2009)
  16. 16.
    Brassard, C., Crépeau, C.: Quantum bit commitment and coin tossing protocols. In: CRYPTO 1990. Lecture Notes in Computer Science, vol. 537, pp. 49–61. Springer, Berlin (1990) Google Scholar
  17. 17.
    Brassard, G.: Brief history of quantum cryptography: A personal perspective. In: IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security, pp. 19–23. IEEE, New York (2005) CrossRefGoogle Scholar
  18. 18.
    Brassard, G., Crépeau, C., Jozsa, R., Langlois, D.: A quantum bit commitment scheme provably unbreakable by both parties. In: 34th Annual IEEE Symposium on Foundations of Computer Science (FOCS), pp. 362–371 (1993) Google Scholar
  19. 19.
    Bruß, D.: Optimal eavesdropping in quantum cryptography with six states. Phys. Rev. Lett. 81(14), 3018–3021 (1998) CrossRefADSGoogle Scholar
  20. 20.
    Carter, J.L., Wegman, M.N.: Universal classes of hash functions. In: 9th Annual ACM Symposium on Theory of Computing (STOC), pp. 106–112 (1977) Google Scholar
  21. 21.
    Christandl, M., König, R., Renner, R.: Post-selection technique for quantum channels with applications to quantum cryptography. Phys. Rev. Lett. 101(2), 020504 (2009) CrossRefGoogle Scholar
  22. 22.
    Damgård, I.B., Fehr, S., Lunemann, C., Salvail, L., Schaffner, C.: Improving the Security of Quantum Protocols via Commit-and-Open. In: CRYPTO 2009. Lecture Notes in Computer Science, vol. 5677, pp. 408–427. Springer, Berlin (2009) CrossRefGoogle Scholar
  23. 23.
    Damgård, I.B., Fehr, S., Renner, R., Salvail, L., Schaffner, C.: A tight high-order entropic quantum uncertainty relation with applications. In: CRYPTO 2007. Lecture Notes in Computer Science, vol. 4622, pp. 360–378. Springer, Berlin (2007) CrossRefGoogle Scholar
  24. 24.
    Damgård, I.B., Fehr, S., Salvail, L., Schaffner, C.: Cryptography in the bounded quantum-storage model. In: 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS), pp. 449–458 (2005). Full version available at:
  25. 25.
    Damgård, I.B., Fehr, S., Salvail, L., Schaffner, C.: Secure identification and QKD in the bounded-quantum-storage model. In: CRYPTO 2007. Lecture Notes in Computer Science, vol. 4622, pp. 342–359. Springer, Berlin (2007) CrossRefGoogle Scholar
  26. 26.
    Damgård, I.B., Fehr, S., Salvail, L., Schaffner, C.: Cryptography in the bounded-quantum-storage model. SIAM J. Comput. 37(6), 1865–1890 (2008) CrossRefGoogle Scholar
  27. 27.
    Deutsch, D.: Uncertainty in quantum measurements. Phys. Rev. Lett. 50(9), 631–633 (1983) CrossRefMathSciNetADSGoogle Scholar
  28. 28.
    Einstein, A., Podolsky, B., Rosen, N.: Can quantum-mechanical description of physical reality be considered complete? Phys. Rev. 47(10), 777–780 (1935) zbMATHCrossRefADSGoogle Scholar
  29. 29.
    Ekert, A.K.: Quantum cryptography based on Bell’s theorem. Phys. Rev. Lett. 67(6), 661–663 (1991) zbMATHCrossRefMathSciNetADSGoogle Scholar
  30. 30.
    Even, S., Goldreich, O., Lempel, A.: A randomized protocol for signing contracts. In: CRYPTO 1982. Plenum, New York (1982) Google Scholar
  31. 31.
    Gisin, N., Ribordy, G., Tittel, W., Zbinden, H.: Quantum cryptography. Rev. Mod. Phys. 74, 145–195 (2002) CrossRefADSGoogle Scholar
  32. 32.
    Gottesman, D., Lo, H.-K.: Proof of security of quantum key distribution with two-way classical communications. IEEE Trans. Inf. Theory 49(2), 457–475 (2003). quant-ph/0105121 zbMATHCrossRefMathSciNetGoogle Scholar
  33. 33.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999) zbMATHCrossRefMathSciNetGoogle Scholar
  34. 34.
    Heisenberg, W.: Schwankungserscheinungen und quantenmechanik. Z. Phys. 40, 501–506 (1927) CrossRefADSGoogle Scholar
  35. 35.
    Hoeffding, W.: Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58(301), 13–30 (1963) zbMATHCrossRefMathSciNetGoogle Scholar
  36. 36.
    Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions. In: 21st Annual ACM Symposium on Theory of Computing (STOC), pp. 12–24 (1989) Google Scholar
  37. 37.
    Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer—efficiently. In: CRYPTO 2008. Lecture Notes in Computer Science, vol. 5157, pp. 572–591. Springer, Berlin (2008) CrossRefGoogle Scholar
  38. 38.
    Kilian, J.: Founding cryptography on oblivious transfer. In: 20th Annual ACM Symposium on Theory of Computing (STOC), pp. 20–31 (1988) Google Scholar
  39. 39.
    König, R., Renner, R., Bariska, A., Maurer, U.: Small accessible quantum information does not imply security. Phys. Rev. Lett. 98, 140502 (2007) CrossRefGoogle Scholar
  40. 40.
    König, R., Renner, R., Schaffner, C.: The operational meaning of min- and max-entropy. IEEE Trans. Inf. Theory 55(9), 4337–4347 (2009) CrossRefGoogle Scholar
  41. 41.
    Lo, H.-K.: Insecurity of quantum secure computations. Phys. Rev. A 56(2), 1154–1162 (1997) CrossRefADSGoogle Scholar
  42. 42.
    Lo, H.-K., Chau, H.F.: Is quantum bit commitment really possible? Phys. Rev. Lett. 78(17), 3410–3413 (1997) CrossRefADSGoogle Scholar
  43. 43.
    Lo, H.-K., Chau, H.F., Ardehali, M.: Efficient quantum key distribution scheme and a proof of its unconditional security. J. Cryptology 18(2), 133–165 (2005) zbMATHCrossRefMathSciNetGoogle Scholar
  44. 44.
    Maassen, H., Uffink, J.B.M.: Generalized entropic uncertainty relations. Phys. Rev. Lett. 60(12), 1103–1106 (1988) CrossRefMathSciNetADSGoogle Scholar
  45. 45.
    Mayers, D.: Quantum key distribution and string oblivious transfer in noisy channels. In: CRYPTO 1996. Lecture Notes in Computer Science, vol. 1109, pp. 343–357. Springer, Berlin (1996) Google Scholar
  46. 46.
    Mayers, D.: Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Lett. 78(17), 3414–3417 (1997) CrossRefADSGoogle Scholar
  47. 47.
    Mayers, D.: Unconditional security in quantum cryptography. J. ACM 48(3), 351–406 (2001) CrossRefMathSciNetGoogle Scholar
  48. 48.
    Rabin, M.: How to exchange secrets by oblivious transfer. Technical Report, Harvard Aiken Computation Lab (1981) Google Scholar
  49. 49.
    Renner, R.: Security of Quantum Key Distribution. Ph.D. Thesis, ETH Zürich (Switzerland), September 2005.
  50. 50.
    Renner, R.: Symmetry of large physical systems implies independence of subsystems. Nat. Phys. 3, 645–649 (2007) CrossRefGoogle Scholar
  51. 51.
    Renner, R., Gisin, N., Kraus, B.: An information-theoretic security proof for QKD protocols. Phys. Rev. Lett. A 72, 012332 (2005) ADSGoogle Scholar
  52. 52.
    Renner, R., König, R.: Universally composable privacy amplification against quantum adversaries. In: TCC 2005. Lecture Notes in Computer Science, vol. 3378, pp. 407–425. Springer, Berlin (2005) Google Scholar
  53. 53.
    Robertson, H.P.: The uncertainty principle. Phys. Rev. 34(1), 163–164 (1929) CrossRefADSGoogle Scholar
  54. 54.
    Schaffner, C., Terhal, B.M., Wehner, S.: Robust cryptography in the noisy-quantum-storage model. Quantum Inf. Comput. 9(11&12), 963–996 (2009) zbMATHGoogle Scholar
  55. 55.
    Schrödinger, E.: Zum Heisenbergschen Unschärfeprinzip. In: Sitzungsberichte der Preussischen Akademie der Wissenschaften, physikalisch-mathematische Klasse, pp. 296–303 (1930) Google Scholar
  56. 56.
    Shannon, C.E.: A mathematical theory of communication. Bell Syst. Tech. J. 27, 379–423 (1948) Also 623–656 zbMATHMathSciNetGoogle Scholar
  57. 57.
    Shor, P.W., Preskill, J.: Simple proof of security of the BB84 quantum key distribution protocol. Phys. Rev. Lett. 85(2), 441–444 (2000) CrossRefADSGoogle Scholar
  58. 58.
    Simmons, G.J.: Authentication theory/coding theory. In: CRYPTO 1984. Lecture Notes in Computer Science, vol. 196, pp. 411–431. Springer, Berlin (1984) Google Scholar
  59. 59.
    Wehner, S., Schaffner, C., Terhal, B.M.: Cryptography from noisy storage. Phys. Rev. Lett. 100(22), 220502 (2008) CrossRefADSGoogle Scholar
  60. 60.
    Wiesner, S.: Conjugate coding. SIGACT News 15(1), 78–88 (1983). Original manuscript written circa 1970 CrossRefGoogle Scholar
  61. 61.
    Yao, A.: Protocols for secure computations. In: 23rd Annual IEEE Symposium on Foundations of Computer Science (FOCS), pp. 160–164 (1982) Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2010

Authors and Affiliations

  1. 1.Centrum Wiskunde & Informatica (CWI)AmsterdamThe Netherlands

Personalised recommendations