Showing papers on "Alice and Bob published in 2014"

One-way Einstein-Podolsky-Rosen Steering

Abstract: Einstein-Podolsky-Rosen steering is a form of quantum nonlocality exhibiting an inherent asymmetry between the observers, Alice and Bob. A natural question is then whether there exist entangled states which are one-way steerable, that is, Alice can steer Bob's state, but it is impossible for Bob to steer the state of Alice. So far, such a phenomenon has been demonstrated for continuous variable systems, but with a strong restriction on allowed measurements, namely, considering only Gaussian measurements. Here we present a simple class of entangled two-qubit states which are one-way steerable, considering arbitrary projective measurements. This shows that the nonlocal properties of entangled states can be fundamentally asymmetrical.

Position-Based Quantum Cryptography: Impossibility and Constructions

Abstract: In this work, we study position-based cryptography in the quantum setting. The aim is to use the geographical position of a party as its only credential. On the negative side, we show that if adversaries are allowed to share an arbitrarily large entangled quantum state, the task of secure position-verification is impossible. To this end, we prove the following very general result. Assume that Alice and Bob hold respectively subsystems $A$ and $B$ of a (possibly) unknown quantum state $|\psi\rangle \in {\cal H}_A \otimes {\cal H}_B$. Their goal is to calculate and share a new state $|\varphi\rangle = U|\psi\rangle$, where $U$ is a fixed unitary operation. The question that we ask is how many rounds of mutual communication are needed. It is easy to achieve such a task using two rounds of classical communication, whereas, in general, it is impossible with no communication at all. Surprisingly, in case Alice and Bob share enough entanglement to start with and we allow an arbitrarily small failure probability,...

Delayed error verification in quantum key distribution

Abstract: Quantum key distribution (QKD) provides an unconditional secure key generation method between two distant legitimate parties Alice and Bob based on the fundamental properties of quantum mechanics, in the presence of an eavesdropper Eve. Since key reconciliation cannot always assure that the reconciled keys between Alice and Bob are identical, error verification is an important step in QKD. In this paper, we propose a scheme of delayed error verification using extra keys gained by privacy amplification with an arbitrarily small failure probability. The proposed scheme simplifies the post-processing procedure in QKD, which can be applied in practical QKD systems.

Privacy-preserving distance computation and proximity testing on earth, done right

Abstract: In recent years, the availability of GPS-enabled smartphones have made location-based services extremely popular. A multitude of applications rely on location information to provide a wide range of services. Location information is, however, extremely sensitive and can be easily abused. In this paper, we introduce the first protocols for secure computation of distance and for proximity testing over a sphere. Our secure distance protocols allow two parties, Alice and Bob, to determine their mutual distance without disclosing any additional information about their location. Through our secure proximity testing protocols, Alice only learns if Bob is in close proximity, i.e., within some arbitrary distance. An important difference between our protocols and existing techniques is that our protocols are the first not to require parties to privately negotiate a common map. Our protocols rely on three different representations of Earth, which provide different trade-offs between accuracy and performance. We show, via experiments on a prototype implementation, that our protocols are practical on resource-constrained smartphone devices. Our distance computation protocols runs in 54 to 78 ms on a commodity Android smartphone. Similarly, our proximity tests require between 1.2 s and 2.8 s on the same platform. The imprecision introduced by our protocols is very small, i.e., between 0.1% and 2% on average, depending on the distance.

The quantum cryptographic switch

Abstract: We illustrate the principle of a cryptographic switch for a quantum scenario, in which a third party (Charlie) can control to a continuously varying degree the amount of information the receiver (Bob) receives, after the sender (Alice) has sent her information through a quantum channel. Suppose Charlie transmits a Bell state to Alice and Bob. Alice uses dense coding to transmit two bits to Bob. Only if the 2-bit information corresponding to the choice of the Bell state is made available by Charlie to Bob can the latter recover Alice's information. By varying the amount of information Charlie gives, he can continuously alter the information recovered by Bob. The performance of the protocol as subjected to the squeezed generalized amplitude damping channel is considered. We also present a number of practical situations where a cryptographic switch would be of use.

Quantum dialogue without information leakage based on the entanglement swapping between any two Bell states and the shared secret Bell state

Abstract: In order to avoid the risk of information leakage during the information mutual transmission between two authorized participants, i.e. Alice and Bob, a quantum dialogue protocol based on the entanglement swapping between any two Bell states and the shared secret Bell state is proposed. The proposed protocol integrates the ideas of block transmission, two-step transmission and unitary operation encoding together using the Bell states as the information carriers. Besides the entanglement swapping between any two Bell states, a shared secret Bell state is also used to overcome the information leakage problem, which not only makes Bob aware of the prepared initial state but also is used for Bob's encoding and entanglement swapping. Security analysis shows that the proposed protocol can resist the general active attacks from an outside eavesdropper Eve. Moreover, the relation between the maximal amount of information Eve can gain and the detection probability is derived.

A Parallel Repetition Theorem for Entangled Two-Player One-Round Games under Product Distributions

Abstract: We show a parallel repetition theorem for the entangled value omega*(G) of any two-player one-round game G where the questions (x, y) in X x Y to Alice and Bob are drawn from a product distribution on X x Y. We show that for the k-fold product G^k of the game G (which represents the game G played in parallel k times independently) omega*(G^k) = (1 - (1 - omega*(G))^3)^Omega(k / log(|A|*|B|)) where A and B represent the sets from which the answers of Alice and Bob are drawn. The arguments we use are information theoretic and are broadly on similar lines as that of Raz [1995] and Holenstein [2007] for classical games. The additional quantum ingredients we need, to deal with entangled games, are inspired by the work of Jain, Radhakrishnan, and Sen [2008], where quantum information theoretic arguments were used to achieve message compression in quantum communication protocols.

Secure communication via quantum illumination

Abstract: In the quantum illumination protocol for secure communication, Alice prepares entangled signal and idler beams via spontaneous parametric downconversion. She sends the signal beam to Bob, while retaining the idler. Bob imposes message modulation on the beam he receives from Alice, amplifies it, and sends it back to her. Alice then decodes Bob's information by making a joint quantum measurement on the light she has retained and the light she has received from him. The basic performance analysis for this protocol--which demonstrates its immunity to passive eavesdropping, in which Eve can only listen to Alice and Bob's transmissions--is reviewed, along with the results of its first proof-of-principle experiment. Further analysis is then presented, showing that secure data rates in excess of 1 Gbps may be possible over 20-km-long fiber links with technology that is available or under development. Finally, an initial scheme for thwarting active eavesdropping, in which Eve injects her own light into Bob's terminal, is proposed and analyzed.

Verifiable Delegated Set Intersection Operations on Outsourced Encrypted Data.

Abstract: We initiate the study of the following problem: Suppose Alice and Bob would like to outsource their encrypted private data sets to the cloud, and they also want to conduct the set intersection operation on their plaintext data sets. The straightforward solution for them is to download their outsourced cipher texts, decrypt the cipher texts locally, and then execute a commodity two-party set intersection protocol. Unfortunately, this solution is not practical. We therefore motivate and introduce the novel notion of Verifiable Delegated Set Intersection on outsourced encrypted data (VDSI). The basic idea is to delegate the set intersection operation to the cloud, while (i) not giving the decryption capability to the cloud, and (ii) being able to hold the misbehaving cloud accountable. We formalize security properties of VDSI and present a construction. In our solution, the computational and communication costs on the users are linear to the size of the intersection set, meaning that the efficiency is optimal up to a constant factor.

Parallel Repetition of Entangled Games with Exponential Decay via the Superposed Information Cost

Abstract: In a two-player game, two cooperating but non communicating players, Alice and Bob, receive inputs taken from a probability distribution Each of them produces an output and they win the game if they satisfy some predicate on their inputs/outputs The entangled value ω *(G) of a game G is the maximum probability that Alice and Bob can win the game if they are allowed to share an entangled state prior to receiving their inputs

Tripartite counterfactual quantum cryptography

Abstract: We show how two distrustful parties, ``Bob'' and ``Charlie,'' can share a secret key with the help of a mutually trusted ``Alice'' counterfactually; that is, with no information-carrying particles traveling between any of the three.

Keyless Authentication in a Noisy Model

Abstract: We study a keyless authentication problem in a new noisy model, where there is a discrete memoryless channel (DMC) $W_{1}$ from sender Alice to receiver Bob and a DMC $W_{2}$ from adversary Oscar to Bob. In addition, there is an insecure noiseless channel between Alice and Bob. Under this model, we characterize the condition under which an authentication from Alice to Bob is possible. We also construct a secure authentication protocol that has an authentication rate approaching infinity. Finally, we prove that the authentication capacity of a noninteractive authentication over binary symmetric channels is exactly 1. This is an interesting result as Shannon capacity of channel $W_{1}$ is strictly less than 1 while the noiseless channel is completely unreliable.

Combinatorial solutions providing improved security for the generalized Russian cards problem

Abstract: We present the first formal mathematical presentation of the generalized Russian cards problem, and provide rigorous security definitions that capture both basic and extended versions of weak and perfect security notions. In the generalized Russian cards problem, three players, Alice, Bob, and Cathy, are dealt a deck of $$n$$ cards, each given $$a$$ , $$b$$ , and $$c$$ cards, respectively. The goal is for Alice and Bob to learn each other's hands via public communication, without Cathy learning the fate of any particular card. The basic idea is that Alice announces a set of possible hands she might hold, and Bob, using knowledge of his own hand, should be able to learn Alice's cards from this announcement, but Cathy should not. Using a combinatorial approach, we are able to give a nice characterization of informative strategies (i.e., strategies allowing Bob to learn Alice's hand), having optimal communication complexity, namely the set of possible hands Alice announces must be equivalent to a large set of $$t-(n, a, 1)$$ -designs, where $$t=a-c$$ . We also provide some interesting necessary conditions for certain types of deals to be simultaneously informative and secure. That is, for deals satisfying $$c = a-d$$ for some $$d \ge 2$$ , where $$b \ge d-1$$ and the strategy is assumed to satisfy a strong version of security (namely perfect $$(d-1)$$ -security), we show that $$a = d+1$$ and hence $$c=1$$ . We also give a precise characterization of informative and perfectly $$(d-1)$$ -secure deals of the form $$(d+1, b, 1)$$ satisfying $$b \ge d-1$$ involving $$d-(n, d+1, 1)$$ -designs.

P2OFE: Privacy-Preserving Optimistic Fair Exchange of Digital Signatures

Abstract: How to sign an electronic contract online between two parties (say Alice and Bob) in a fair manner is an interesting problem, and has been studied for a long time Optimistic Fair Exchange (OFE) is an efficient solution to this problem, in which a semi-trusted third party named arbitrator is called in to resolve a dispute if there is one during an exchange between Alice and Bob Recently, several extensions of OFE, such as Ambiguous OFE (AOFE) and Perfect AOFE (PAOFE), have been proposed to protect the privacy of the exchanging parties These variants prevent any outsider including the arbitrator from telling which parties are involved in the exchange of signatures before the exchange completes

Deterministic secure quantum communication and authentication protocol based on three-particle W state and quantum one-time pad

Abstract: Three-particle W states are used as decoy photons, and the eavesdropping detection rate reaches 63 %. The positions of decoy photons in information sequence are encoded with identity string ID of the legitimate users. Authentication is implemented by using previously shared identity string. State 丨φ^- ） is used as the carrier. One photon of 丨φ^-） is sent to Bob; and Bob obtains a random key by measuring photons with bases dominated by ID. The bases information is secret to others except Alice and Bob. Both the eavesdropping detection based on three-particle W state and the secret ID ensure the security of the protocol. Unitary operations are not used.

The oblivious transfer capacity of the wiretapped binary erasure channel

Abstract: We consider oblivious transfer between Alice and Bob in the presence of an eavesdropper Eve when there is a broadcast channel from Alice to Bob and Eve. In addition to the secrecy constraints of Alice and Bob, Eve should not learn the private data of Alice and Bob. When the broadcast channel consists of two independent binary erasure channels, we derive the oblivious transfer capacity for both 2-privacy (where the eavesdropper may collude with either party) and 1-privacy (where there are no collusions).

Measurement-device-independent quantum key distribution with a passive decoy-state method

Abstract: Measurement-device-independent quantum key distribution (MDI-QKD) can remove all detector loopholes. When it is combined with the decoy-state method, the final key is unconditionally secure, even if Alice and Bob do not have strict single-photon sources. However, active modulation of source intensity, which is used to generate the decoy state, may leave side channels and leak additional information to Eve. In this paper, we consider the MDI-QKD with a passive decoy state, in which both Alice and Bob send pulses to an untrusted third party, Charlie. Then, in order to estimate the key generation rate, we derive two tight formulas to estimate the lower bound of the yield and the upper bound of the error rate that both Alice and Bob send a single-photon pulse to Charlie. Furthermore, the statistical fluctuation due to the finite length of data is also taken into account based on the standard statistical analysis.

Direct quantum communication with almost invisible photons

Abstract: We propose a protocol for direct quantum communication between two parties (Alice and Bob) which is achieved by controlling the phase of the signal photon. Without imperfection and noise, Alice's two detectors always click with unit probability according to Bob's different decisions. The probability of detecting a photon in the transmission channel can be controlled and can be made arbitrarily small by increasing the resources.

LDPC Code Design Aspects for Physical-Layer Key Reconciliation

Abstract: In this work, we investigate a physical-layer key reconciliation protocol for a reciprocal, flat fading channel between two legitimate users. We consider the scenario when the n bits of the secret key are measured independently by Alice and Bob without a transmission over the channel. Due to reciprocity, the generated keys are identical except for noise at both ends. We assume Gaussian noise and ignore non-ideal behavior of circuitry and alike. Redundancy information required to reconciliate the key is transmitted from one legitimate user to the other. LDPC codes are employed for the reconciliation procedure. The main focus of this work lies in designing the code structure through density evolution for a multi-edge-type description.

Amplifying Privacy in Privacy Amplification

Abstract: We study the classical problem of privacy amplification, where two parties Alice and Bob share a weak secret X of min-entropy k, and wish to agree on secret key R of length m over a public communication channel completely controlled by a computationally unbounded attacker Eve

Two-Step Efficient Quantum Dialogue with Three-Particle Entangled W State

Abstract: This paper we proposed an efficient quantum dialogue scheme by using three-particle entangled W state. In this scheme, the legitimate user Alice and Bob can exchange their secret messages with the help of unitary operations, and each W state can carry two bits of secret messages. Almost all the emitted particle can be used to carry the secret message besides the decoy photons, the intrinsic efficiency for qubits approaches the value 100 %. By joining the decoy particle checking technique and the step-transmitting idea to ensure the safety and reliability of communication.

RCCA-Secure Multi-use Bidirectional Proxy Re-encryption with Master Secret Security

Abstract: Bidirectional proxy re-encryption allows ciphertext transformation between Alice and Bob via a semi-trusted proxy, who however cannot obtain the corresponding plaintext. Due to this special property, bidirectional proxy re-encryption has become a flexible tool in many dynamic environments, such as publish subscribe systems, group communication, and cloud computing. Nonetheless, how to design a secure and efficient bidirectional proxy re-encryption is still challenging. In this paper, we propose a novel bidirectional proxy re-encryption scheme that holds the following nice properties: 1) constant ciphertext size no matter how many times the transformation performed; 2) master secret security in the random oracle model, i.e., Alice (resp. Bob) colluding with the proxy cannot obtain Bob’s (resp. Alice’s) private key; 3) Replayable chosen ciphertext (RCCA) security in the random oracle model. To the best of our knowledge, our proposal is the first bidirectional proxy re-encryption scheme that holds the above three properties simultaneously.

Quantum Key Distribution without sending a Quantum Signal

Abstract: Quantum Key Distribution is a quantum communication technique in which random numbers are encoded on quantum systems, usually photons, and sent from one party, Alice, to another, Bob. Using the data sent via the quantum signals, supplemented by classical communication, it is possible for Alice and Bob to share an unconditionally secure secret key. This is not possible if only classical signals are sent. Whilst this last statement is a long standing result from quantum information theory it turns out only to be true in a non-relativistic setting. If relativistic quantum field theory is considered we show it is possible to distribute an unconditionally secure secret key without sending a quantum signal, instead harnessing the intrinsic entanglement between different regions of space time. The protocol is practical in free space given horizon technology and might be testable in principle in the near term using microwave technology.

A new operational interpretation of relative entropy and trace distance between quantum states

Abstract: In this paper we present a new operational interpretation of relative-entropy between quantum states in the form of the following protocol. P: Alice gets to know the eigen-decomposition of a quantum state $\rho$. Bob gets to know the eigen-decomposition of a quantum state $\sigma$. Both Alice and Bob know $c= S(\rho || \sigma)$, the relative entropy between $\rho$ and $\sigma$ and an error parameter $\epsilon$. Alice and Bob use shared entanglement and after communication of $O((c +1)/\epsilon^4)$ bits from Alice to Bob, Bob ends up with a quantum state $\rho'$ such that $F(\rho, \rho') \geq 1 - \epsilon$, where $F$ represents fidelity. This result can be considered as a non-commutative generalization of a result due to Braverman and Rao [2011] where they considered the special case when $\rho$ and $\sigma$ are classical probability distributions. We use protocol P to obtain an alternate proof of a direct-sum result for entanglement assisted quantum one-way communication complexity for all relations, which was first shown by Jain, Radhakrishnan and Sen [2005, 2008]. We also present a variant of protocol in which Bob has some side information about the state with Alice. We show that in such a case, the amount of communication can be further reduced, based on the side information that Bob has. Our second result provides a new operational meaning to trace distance between quantum states in the form of a protocol which can be viewed as a quantum analogue of the classical correlated-sampling protocol, which is widely used, for example by Holenstein [2007] in his proof of a parallel-repetition theorem for two-player one-round games. Recently Dinur, Steurer and Vidick [2013] have shown another version of a quantum correlated sampling protocol different from our protocol, and used it in their proof of a parallel-repetition theorem for two-prover one-round entangled projection games.

Choosing, Agreeing, and Eliminating in Communication Complexity

Abstract: We consider several questions inspired by the direct-sum problem in (two-party) communication complexity. In all questions, there are k fixed Boolean functions f 1,?,f k and each of Alice and Bob has k inputs, x 1,?,x k and y 1,?,y k , respectively. In the eliminate problem, Alice and Bob should output a vector ?1,?,? k such that f i (x i , y i ) ? ? i for at least one i (i.e., their goal is to eliminate one of the 2 k output vectors); in the choose problem, Alice and Bob should return (i, f i (x i , y i )), for some i (i.e., they choose one instance to solve), and in the agree problem they should return f i (x i , y i ), for some i (i.e., if all the k Boolean values agree then this must be the output). The question, in each of the three cases, is whether one can do better than solving one (say, the first) instance. We study these three problems and prove various positive and negative results. In particular, we prove that the randomized communication complexity of eliminate, of k instances of the same function f, is characterized by the randomized communication complexity of solving one instance of f.

Exploring the tractability border in epistemic tasks

Abstract: We analyse the computational complexity of comparing informational structures. Intuitively, we study the complexity of deciding queries such as the following: Is Alice’s epistemic information strictly coarser than Bob’s? Do Alice and Bob have the same knowledge about each other’s knowledge? Is it possible to manipulate Alice in a way that she will have the same beliefs as Bob? The results show that these problems lie on both sides of the border between tractability (P) and intractability (NP-hard). In particular, we investigate the impact of assuming information structures to be partition-based (rather than arbitrary relational structures) on the complexity of various problems. We focus on the tractability of concrete epistemic tasks and not on epistemic logics describing them.

Private interactive communication across an adversarial channel

Abstract: Consider two parties Alice and Bob, who hold private inputs x and y, and wish to compute a function f(x, y) privately in the information theoretic sense; that is, each party should learn nothing beyond f(x, y). However, the communication channel available to them is noisy. This means that the channel can introduce errors in the transmission between the two parties. Moreover, the channel is adversarial in the sense that it knows the protocol that Alice and Bob are running, and maliciously introduces errors to disrupt the communication, subject to some bound on the total number of errors. A fundamental question in this setting is to design a protocol that remains private in the presence of large number of errors. If Alice and Bob are only interested in computing f(x, y) correctly, and not privately, then quite robust protocols are known that can tolerate a constant fraction of errors. However, none of these solutions is applicable in the setting of privacy, as they inherently leak information about the parties' inputs. This leads to the question whether we can simultaneously achieve privacy and error-resilience against a constant fraction of errors. We show that privacy and error-resilience are contradictory goals. In particular, we show that for every constant c > 0, there exists a function f which is privately computable in the error-less setting, but for which no private and correct protocol is resilient against a c-fraction of errors. The same impossibility holds also for sub-constant noise rate, e.g., when c is exponentially small (as a function of the input size).

What can be computed without communications

Abstract: The main objective of this paper is to provide illustrative examples of distributed computing problems for which it is possible to design tight lower bounds for quantum algorithms without having to manipulate concepts from quantum mechanics, at all. As a case study, we address the following class of 2-player problems. Alice (resp., Bob) receives a boolean x (resp., y) as input, and must return a boolean a (resp., b) as output. A game between Alice and Bob is defined by a pair (?, f) of boolean functions. The objective of Alice and Bob playing game (?, f) is, for every pair (x, y) of inputs, to output values a and b, respectively, satisfying ?(a, b) = f(x, y), in absence of any communication between the two players, but in presence of shared resources. The ability of the two players to solve the game then depends on the type of resources they share. It is known that, for the so-called CHSH game, i.e., for the game a ? b = x ? y, the ability for the players to use entangled quantum bits (qubits) helps. We show that, apart from the CHSH game, quantum correlations do not help, in the sense that, for every game not equivalent to the CHSH game, there exists a classical protocol (using shared randomness) whose probability of success is at least as large as the one of any protocol using quantum resources. This result holds for both worst case and average case analysis. It is achieved by considering a model stronger than quantum correlations, the non-signaling model, which subsumes quantum mechanics, but is far easier to handle.

Apply current exponential de Finetti theorem to realistic quantum key distribution

Abstract: In the realistic quantum key distribution (QKD), Alice and Bob respectively get a quantum state from an unknown channel, whose dimension may be unknown. However, while discussing the security, sometime we need to know exact dimension, since current exponential de Finetti theorem, crucial to the information-theoretical security proof, is deeply related with the dimension and can only be applied to finite dimensional case. Here we address this problem in detail. We show that if POVM elements corresponding to Alice and Bob's measured results can be well described in a finite dimensional subspace with sufficiently small error, then dimensions of Alice and Bob's states can be almost regarded as finite. Since the security is well defined by the smooth entropy, which is continuous with the density matrix, the small error of state actually means small change of security. Then the security of unknown-dimensional system can be solved. Finally we prove that for heterodyne detection continuous variable QKD and differential phase shift QKD, the collective attack is optimal under the infinite key size case.

Additional Constructions to Solve the Generalized Russian Cards Problem using Combinatorial Designs

Abstract: In the generalized Russian cards problem, we have a card deck $X$ of $n$ cards and three participants, Alice, Bob, and Cathy, dealt $a$, $b$, and $c$ cards, respectively. Once the cards are dealt, Alice and Bob wish to privately communicate their hands to each other via public announcements, without the advantage of a shared secret or public key infrastructure. Cathy, for her part, should remain ignorant of all but her own cards after Alice and Bob have made their announcements. Notions for Cathy's ignorance in the literature range from Cathy not learning the fate of any individual card with certainty ( weak $1$-security ) to not gaining any probabilistic advantage in guessing the fate of some set of $\delta$ cards ( perfect $\delta$-security ). As we demonstrate in this work, the generalized Russian cards problem has close ties to the field of combinatorial designs, on which we rely heavily, particularly for perfect security notions. Our main result establishes an equivalence between perfectly $\delta$-secure strategies and $(c+\delta)$-designs on $n$ points with block size $a$, when announcements are chosen uniformly at random from the set of possible announcements. We also provide construction methods and example solutions, including a construction that yields perfect $1$-security against Cathy when $c=2$. Drawing on our equivalence results, we are able to use a known combinatorial design to construct a strategy with $a=8$, $b=13$, and $c=3$ that is perfectly $2$-secure. Finally, we consider a variant of the problem that yields solutions that are easy to construct and optimal with respect to both the number of announcements and level of security achieved. Moreover, this is the first method obtaining weak $\delta$-security that allows Alice to hold an arbitrary number of cards and Cathy to hold a set of $c = \lfloor \frac{a-\delta}{2} \rfloor$ cards. Alternatively, the construction yields solutions for arbitrary $\delta$, $c$ and any $a \geq \delta + 2c$.