Abstract
In this chapter we consider the showcase of device-independent quantum cryptography and show how the security proof of device-independent cryptographic protocols can be performed via a reduction to IID. We introduce a general framework for obtaining proofs of device-independent security for a broad range of cryptographic tasks. For the sake of explicitness, we focus in this chapter on the task of device-independent quantum key distribution (DIQKD).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
This is crucial for experimental implementations of device-independent protocols. Our quantitive results have been applied to the analysis of the first experimental implementation of a protocol for randomness generation in the fully device-independent framework [5].
- 3.
From that point onward standard classical post-processing steps, e.g., error correction and privacy amplification, suffice to prove the security of the protocol; recall Sect. 4.2.3.
- 4.
The security proof presented in [20] is similar in spirit (but technically very different) to the one presented here. It bounds the total amount of smooth min-entropy generated in the protocol in a round-by-round fashion but the entropy accumulated in a single round is not the von Neumann entropy.
- 5.
In particular, in a setting with two distinct parties, Alice and Bob, communication is required to actually implement Protocol 11.1. We ignore this as it is not relevant for the analysis.
- 6.
See e.g. Fig. 11.4, where one can see that finite-size effects can play an important role up to even moderately large values of \(n\approx 10^{10}\).
- 7.
Consider for example a device in which the initial state \(\rho _{Q_{A_1}Q_{B_1}Q_{A_2}Q_{B_2}} = |\varPhi \rangle \langle \varPhi |_{Q_{A_1}Q_{B_2}}\otimes |\varPhi \rangle \langle \varPhi |_{Q_{A_2}Q_{B_1}}\), i.e., the systems over \(Q_{A_1}\) and \(Q_{B_2}\) are entangled. Thus, \(A_1\) and \(B_2\) may be correlated even given \(B_1X_1Y_1T_1\). In this case the Markov-chain conditions do not hold since the side-information \(B_2\) reveals information regarding the past output \(A_1\).
- 8.
A different model for the sequential process could have been one in which the initial quantum state itself includes the registers \(\textit{\textbf{X}}\) and \(\textit{\textbf{Y}}\) and the channel is defined such that a measurement is performed on those registers to get the inputs (and then use the device in the protocol). When starting with maximally mixed states over \(\textit{\textbf{X}}\textit{\textbf{Y}}\) the entire sequential process is exactly the same as the one described by our EAT channels. However, when coming to construct a min-tradeoff function with this (somewhat strange) alternative choice of channels, we see that the set \(\varSigma (p)\) can include states in which, e.g., \(X_i=0\) with probability 1 (since we need to consider all possible input states). In the context of Bell inequalities, this is similar to dropping the “free choice assumption”. Clearly, if this had been the case, the only min-tradeoff function one could construct is the constant function \(f_{\min }(p)=0\) for all p, which is trivial and useless.
- 9.
Formally, we will need to extend the function to all probability distributions p (even those with \(p(\perp )\ne 1-\gamma \)). We can extended the function in any way we wish, while keeping it convex and differentiable.
- 10.
We define the functions g and \(f_{min}\) only in the regime in which the protocol does not abort, i.e., \( p(1)/\gamma \ge 3/4\).
- 11.
Alternatively, one could replace \(p(1)/\gamma \) with \(p(1)/(p(0)+p(1))\), which is more meaningful, in the definition of the function g. However, since the \(\mathrm {d}f_{\min }/\mathrm {d}p(1)\) will affect the final smooth min-entropy bound, using \(p(1)/\gamma \) leads to better quantitive results.
- 12.
We assume that the value of \(T_i\) is exchanged over a classical authenticated channel to which the device D does not have access. In particular, Alice’s part of the device is independent from the value of \(T_i\) given \(X_i\).
- 13.
The point \(p_{\mathrm {cut}}\) can later be chosen such that the derived smooth entropy bounds are optimised.
- 14.
For any \(\omega _{\mathrm {exp}}\) there are many devices that fit this description; an explicit example can be found in Sect. 4.2.4.
- 15.
O denotes the classical information sent from Alice to Bob during error correction; see Sect. 4.2.2.
- 16.
This is why we made the distinction between \(B_i\) in the entropy accumulation protocol and \(\tilde{B}_i\) in the DIQKD protocol.
- 17.
- 18.
The second order term of the smooth min-entropy rate given in Lemma 11.8 scales with \(\gamma \), roughly, as \(1/\gamma \), while in Appendix C.2 the dependency is roughly \(1/\sqrt{\gamma }\). The modified analysis can be seen as a “patch” used to overcome the non-optimal dependency of the EAT given in Theorem 9.3 on the testing probability in the considered protocols. This issue was overcome in a more recent version of the EAT [26].
- 19.
This should not be dismissed as can be seen from the following state of affairs. [33] reports an advantage in terms of the min-entropy when considering the full statistics instead of merely the violation if the CHSH inequality. Comparing the bound on the min-entropy from the full statistics to the bound on the von Neumann entropy from the violation alone, both evaluated on the quantum states produced by the honest implementations, we find that it is still better to use the bound on the von Neumann entropy as we do here. Thus, to truly see if an advantage can be gained by considering the full statistics, one should aim to a direct bound on the von Neumann entropy.
References
Arnon-Friedman R, Renner R, Vidick T (2019) Simple and tight device-independent security proofs. SIAM J Comput 48(1):181–225
Ribeiro J, Murta G, Wehner S (2017) Fully device independent conference key agreement. arXiv:1708.00798
Kessler M, Arnon-Friedman R (2017) Device-independent randomness amplification and privatization. arXiv:1705.04148
Bamps C, Massar S, Pironio S (2017) Device-independent randomness generation with sublinear shared quantum resources. arXiv:1704.02130
Liu Y, Yuan X, Li M-H, Zhang W, Zhao Q, Zhong J, Cao Y, Li Y-H, Chen L-K, Li H et al. (2017) High speed self-testing quantum random number generation without detection loophole. In: Frontiers in optics, p FTh2E–1. Optical Society of America
Arnon-Friedman R, Dupuis F, Fawzi O, Renner R, Vidick T (2018) Practical device-independent quantum cryptography via entropy accumulation. Nat Commun 9(1):459
Acín A, Gisin N, Masanes L (2006) From Bell’s theorem to secure quantum key distribution. Phys Rev Lett 97(12):120405
Acín A, Massar S, Pironio S (2006) Efficient quantum key distribution secure against no-signalling eavesdroppers. New J Phys 8(8):126
Scarani V, Gisin N, Brunner N, Masanes L, Pino S, Acín A (2006) Secrecy extraction from no-signaling correlations. Phys Rev A 74(4):042339
Acín A, Brunner N, Gisin N, Massar S, Pironio S, Scarani V (2007) Device-independent security of quantum cryptography against collective attacks. Phys Rev Lett 98(23):230501
Masanes L (2009) Universally composable privacy amplification from causality constraints. Phys Rev Lett 102(14):140501
Pironio S, Acín A, Brunner N, Gisin N, Massar S, Scarani V (2009) Device-independent quantum key distribution secure against collective attacks. New J Phys 11(4):045021
Hänggi E, Renner R, Wolf S (2010) Efficient device-independent quantum key distribution. Advances in cryptology-EUROCRYPT 2010. Springer, Berlin, pp 216–234
Hänggi E, Renner R (2010) Device-independent quantum key distribution with commuting measurements. arXiv:1009.1833
Masanes L, Pironio S, Acín A (2011) Secure device-independent quantum key distribution with causally independent measurement devices. Nat Commun 2:238
Masanes L, Renner R, Christandl M, Winter A, Barrett J (2014) Full security of quantum key distribution from no-signaling constraints. IEEE Trans Inf Theory 60(8):4973–4986
Clauser JF, Horne MA, Shimony A, Holt RA (1969) Proposed experiment to test local hidden-variable theories. Phys Rev Lett 23(15):880
Reichardt BW, Unger F, Vazirani U (2013) Classical command of quantum systems. Nature 496(7446):456–460
Vazirani U, Vidick T (2014) Fully device-independent quantum key distribution. Phys Rev Lett 113(14):140501
Miller CA, Shi Y (2014) Robust protocols for securely expanding randomness and distributing keys using untrusted quantum devices. In: Proceedings of the 46th annual ACM symposium on theory of computing, pp 417–426. ACM
Tomamichel M (2015) Quantum information processing with finite resources: mathematical foundations, vol 5. Springer, Berlin
Dupuis F, Fawzi O, Renner R (2016) Entropy accumulation. arXiv:1607.01796
Scarani V, Renner R (2008) Quantum cryptography with finite resources: unconditional security bound for discrete-variable protocols with one-way postprocessing. Phys Rev Lett 100(20):200501
Scarani V, Renner R (2008) Security bounds for quantum cryptography with finite resources. Theory of quantum computation, communication, and cryptography. Springer, Berlin, pp 83–95
Tomamichel M, Schaffner C, Smith A, Renner R (2011) Leftover hashing against quantum side information. IEEE Trans Inf Theory 57(8):5524–5535
Dupuis F, Fawzi O (2019) Entropy accumulation with improved second-order term. IEEE Trans Inf Theory 65(11):7596–7612
Hensen B, Bernien H, Dréau A, Reiserer A, Kalb N, Blok M, Ruitenberg J, Vermeulen R, Schouten R, Abellán C et al (2015) Loophole-free Bell inequality violation using electron spins separated by 1.3 kilometres. Nature 526(7575):682–686
Shalm LK, Meyer-Scott E, Christensen BG, Bierhorst P, Wayne MA, Stevens MJ, Gerrits T, Glancy S, Hamel DR, Allman MS et al (2015) Strong loophole-free test of local realism. Phys Rev Lett 115(25):250402
Giustina M, Versteegh MA, Wengerowsky S, Handsteiner J, Hochrainer A, Phelan K, Steinlechner F, Kofler J, Larsson J-Å, Abellán C et al (2015) Significant-loophole-free test of Bell’s theorem with entangled photons. Phys Rev Lett 115(25):250401
Liu W-Z, Li M-H, Ragy S, Zhao S-R, Bai B, Liu Y, Brown PJ, Zhang J, Colbeck R, Fan J et al (2019) Device-independent randomness expansion against quantum side information. arXiv:1912.11159
Zhang Y, Fu H, Knill E (2020) Efficient randomness certification by quantum probability estimation. Phys Rev Res 2(1):013016
Zhang Y, Shalm LK, Bienfang JC, Stevens MJ, Mazurek MD, Nam SW, Abellán C, Amaya W, Mitchell MW, Fu H et al (2020) Experimental low-latency device-independent quantum randomness. Phys Rev Lett 124(1):010505
Nieto-Silleras O, Bamps C, Silman J, Pironio S (2018) Device-independent randomness generation from several bell estimators. New J Phys 20(2):023049
Devetak I, Winter A (2005) Distillation of secret key and entanglement from quantum states. In: Proceedings of the Royal Society of London A: mathematical, physical and engineering sciences, vol 461, pp 207–235. The Royal Society
Ho M, Sekatski P, Tan E-Z, Renner R, Bancal J-D, Sangouard N (2020) Noisy preprocessing facilitates a photonic realization of device-independent quantum key distribution. Phys Rev Lett 124(23):230502
Tan EY-Z, Lim CC-W, Renner R (2020) Advantage distillation for device-independent quantum key distribution. Phys Rev Lett 124(2):020502
Schwonnek R, Goh KT, Primaatmaja IW, Tan EY-Z, Wolf R, Scarani V, Lim CC-W (2020) Robust device-independent quantum key distribution. arXiv:2005.02691
Kaur E, Wilde MM, Winter A (2020) Fundamental limits on key rates in device-independent quantum key distribution. New J Phys 22(2):023039
Arnon-Friedman R, Leditzky F (2020) Upper bounds on device-independent quantum key distribution rates and a revised peres conjecture. arXiv:2005.12325
Christandl M, Ferrara R, Horodecki K (2020) Upper bounds on the rate in device-independent quantum key distribution. arXiv:2005.13511
Winczewski M, Das T, Horodecki K (2019) Upper bounds on secure key against non-signaling adversary via non-signaling squashed secrecy monotones. arXiv:1903.12154
Navascués M, Pironio S, Acín A (2008) A convergent hierarchy of semidefinite programs characterizing the set of quantum correlations. New J Phys 10(7):073013
Winick A, Lütkenhaus N, Coles PJ (2017) Reliable numerical key rates for quantum key distribution. arXiv:1710.05511
Wang Y, Primaatmaja IW, Lavie E, Varvitsiotis A, Lim CCW (2019) Characterising the correlations of prepare-and-measure quantum networks. npj Quantum Inf 5(1):1–6
Tan EY-Z, Schwonnek R, Goh KT, Primaatmaja IW, Lim CC-W (2019) Computing secure key rates for quantum key distribution with untrusted devices. arXiv:1908.11372
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
Copyright information
© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Arnon-Friedman, R. (2020). Showcase: Device-Independent Quantum Cryptography. In: Device-Independent Quantum Information Processing. Springer Theses. Springer, Cham. https://doi.org/10.1007/978-3-030-60231-4_11
Download citation
DOI: https://doi.org/10.1007/978-3-030-60231-4_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-60230-7
Online ISBN: 978-3-030-60231-4
eBook Packages: Physics and AstronomyPhysics and Astronomy (R0)