Carl A. Miller
Yaoyun Shi
ABSTRACT
Randomness is a vital resource for modern day information processing, especially for cryptography. A wide range of applications critically rely on abundant, high quality random numbers generated securely. Here we show how to expand a random seed at an exponential rate without trusting the underlying quantum devices. Our approach is secure against the most general adversaries, and has the following new features: tolerating a constant level of implementation imprecision, requiring only a unit size quantum memory per device component for the honest implementation, and allowing a large natural class of constructions. In conjunct with a recent work by Chung, Shi and Wu (QIP 2014), it leads to robust unbounded expansion using just 2 multi-part devices. It can also be adapted for distributing cryptographic keys securely. The proof begins with a known protocol and proceeds by showing that the Renyi divergence of the outputs of the protocol (for a specific bounding operator) decreases linearly as the protocol iterates. At the heart of the proof are a new uncertainty principle on quantum measurements, and a method for simulating trusted measurements with untrusted devices. A full version of this paper containing additional results developed after the conference submission is available as arXiv:1402.0489.
Supplemental Material
- J. Barrett, R. Colbeck, and A. Kent. Unconditionally secure device-independent quantum key distribution with only two devices. Phys. Rev. A, 86:062326, Dec 2012.Google Scholar
Cross Ref
- J. Barrett, R. Colbeck, and A. Kent. Memory attacks on device-independent quantum cryptography. Phys. Rev. Lett., 110:010503, Jan 2013.Google ScholarCross Ref
- J. Barrett, L. Hardy, and A. Kent. No signaling and quantum key distribution. Phys. Rev. Lett., 95:010503, Jun 2005.Google ScholarCross Ref
- C. Bennett and G. Brassard. Quantum cryptography: public key distribution and coin tossing. Proceedings of the IEEE International Conference on Computers Systems and Signal Processing, 11:175--179, 1984.Google Scholar
- E. Biham, M. Boyer, P. O. Boykin, T. Mor, and V. Roychowdhury. A proof of the security of quantum key distribution. Journal of Cryptology: the journal of the International Association for Cryptologic Research, 19(4):381--439, Oct. 2006.Google Scholar
- K.-M. Chung, X. Wu, and Y. Shi. Physical randomness extractors. arXiv:1402.4797, 2014.Google Scholar
- R. Colbeck. Quantum And Relativistic Protocols For Secure Multi-Party Computation. PhD thesis, University of Cambridge, 2006.Google Scholar
- R. Colbeck and A. Kent. Private randomness expansion with untrusted devices. Journal of Physics A: Mathematical and Theoretical, 44(9):095305, 2011.Google ScholarCross Ref
- R. Colbeck and R. Renner. Free randomness can be amplified. Nature Physics, 8:450--454, 2012.Google ScholarCross Ref
- M. Coudron, T. Vidick, and H. Yuen. Robust randomness amplifiers: Upper and lower bounds. In P. Raghavendra, S. Raskhodnikova, K. Jansen, and J. D. P. Rolim, editors, Approximation, Randomization, and Combinatorial Optimization. Algorithms and Techniques - 16th International Workshop, APPROX 2013, and 17th International Workshop, RANDOM 2013, Berkeley, CA, USA, August 21-23, 2013. Proceedings, volume 8096 of Lecture Notes in Computer Science, pages 468--483. Springer, 2013.Google Scholar
- M. Coudron and H. Yuen. Infinite randomness expansion and amplification with a constant number of devices. arXiv:1310.6755.Google Scholar
- A. De, C. Portmann, T. Vidick, and R. Renner. Trevisan's extractor in the presence of quantum side information. SIAM J. Comput, 41(4):915--940, 2012.Google ScholarCross Ref
- D.-L. Deng and L.-M. Duan. Fault-tolerant quantum random-number generator certified by majorana fermions. Phys. Rev. A, 88:012323, Jul 2013.Google ScholarCross Ref
- F. Dupuis, O. Fawzi, and S. Wehner. Entanglement sampling and applications, May 06 2013. arxiv:1305.1316.Google Scholar
- A. K. Ekert. Quantum cryptography based on Bell's theorem. Phys. Rev. Lett., 67:661--663, Aug 1991.Google ScholarCross Ref
- S. Fehr, R. Gelles, and C. Schaffner. Security and composability of randomness expansion from Bell inequalities. Phys. Rev. A, 87:012335, Jan 2013.Google ScholarCross Ref
- D. Greenberger, M. Horne, and A. Zeilinger. Going beyond Bell's theorem. In M. Kafatos, editor, Bell's Theorem, Quantum Theory, and Conceptions of the Universe, pages 69--72. Kluwer, Dordrecht, 1989.Google Scholar
- Z. Gutterman, B. Pinkas, and T. Reinman. Analysis of the linux random number generator. In Proceedings of the 2006 IEEE Symposium on Security and Privacy, SP '06, pages 371--385,Washington, DC, USA, 2006. IEEE Computer Society. Google ScholarDigital Library
- N. Heninger, Z. Durumeric, E. Wustrow, and J. A. Halderman. Mining your Ps and Qs: Detection of widespread weak keys in network devices. In Proceedings of the 21st USENIX Security Symposium, 2012. Google ScholarDigital Library
- V. Jaksic, Y. Ogata, Y. Pautrat, and C.-A. Pillet. Entropic fluctuations in quantum statistical mechanics. an introduction. Quantum Theory from Small to Large Scales: Lecture Notes of the Les Houches Summer School, 95, Aug. 2010.Google Scholar
- H.-K. Lo and H. F. Chau. Unconditional security of quantum key distribution over arbitrarily long distances. Science, 283(5410):2050--2056, 1999.Google ScholarCross Ref
- D. Mayers. Unconditional security in quantum cryptography. J. ACM, 48(3):351--406, 2001. Google ScholarDigital Library
- D. Mayers and A. Yao. Quantum cryptography with imperfect apparatus. In Proc. 39th FOCS, pages 503--509, 1998. Google ScholarDigital Library
- M. McKague. Self-testing graph states. arXiv:1010.1989, 2010.Google Scholar
- C. A. Miller and Y. Shi. Robust protocols for securely expanding randomness and distributing keys using untrusted quantum devices. arXiv:1402.0489.Google Scholar
- C. A. Miller and Y. Shi. Optimal robust self-testing by binary nonlocal XOR games. In S. Severini and F. G. S. L. Brandão, editors, 8th Conference on the Theory of Quantum Computation, Communication and Cryptography, TQC 2013, May 21-23, 2013, Guelph, Canada, volume 22 of LIPIcs, pages 254--262. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2013. Full version: arXiv:1207.1819.Google Scholar
- M. Müller-Lennert, F. Dupuis, O. Szehr, S. Fehr, and M. Tomamichel. On quantum Rényi entropies: a new definition and some properties, June 26 2013. arXiv:1306.3142. Comment: several conjectures are resolved; see also arXiv:1306.5358 and arXiv:1306.5920.Google Scholar
- C. Nayak, S. H. Simon, A. Stern, M. Freedman, and S. Das Sarma. Non-abelian anyons and topological quantum computation. Rev. Mod. Phys., 80:1083--1159, Sep 2008.Google ScholarCross Ref
- M. Pawłowski, T. Paterek, D. Kaszlikowski, V. Scarani, A. Winter, and M. Zukowski. Information causality as a physical principle. Nature, 461:1101--1104, 10 2009.Google ScholarCross Ref
- N. Perlroth, J. Larson, and S. Shane. N. S. A. able to foil basic safeguards of privacy on web. The New York Times, September 5, 2013.Google Scholar
- S. Pironio, A. Acín, S. Massar, A. Boyer de la Giroday, D. N. Matsukevich, P. Maunz, S. Olmschenk, D. Hayes, L. Luo, T. A. Manning, and C. Monroe. Random numbers certified by Bell's theorem. Nature, 464:1021--1024, 2010.Google ScholarCross Ref
- S. Pironio and S. Massar. Security of practical private randomness generation. Phys. Rev. A, 87:012336, Jan 2013.Google ScholarCross Ref
- B. W. Reichardt, F. Unger, and U. Vazirani. Classical command of quantum systems. Nature, 496:456--460, April 2013.Google ScholarCross Ref
- T. Ristenpart and S. Yilek. When good randomness goes bad: Virtual machine reset vulnerabilities and hedging deployed cryptography. In NDSS. The Internet Society, 2010.Google Scholar
- P. W. Shor and J. Preskill. Simple proof of security of BB84 quantum key distribution protocol. Phys. Rev. Lett., 85:441--444, 2000.Google ScholarCross Ref
- M. Tomamichel, R. Colbeck, and R. Renner. A fully quantum asymptotic equipartition property. IEEE Transactions on Information Theory, 55(12):5840--5847, 2009. Google ScholarDigital Library
- M. Tomamichel and R. Renner. Uncertainty relation for smooth entropies. Physical Review Letters, 106:110506, 2011.Google ScholarCross Ref
- L. Trevisan. Extractors and pseudorandom generators. J. ACM, 48(4):860--879, July 2001. Google ScholarDigital Library
- U. Vazirani and T. Vidick. Fully device independent quantum key distribution. In Proceedings of The 5th Innovations in Theoretical Computer Science (ITCS), 2014. arXiv:1210.1810v2. Google ScholarDigital Library
- U. V. Vazirani and T. Vidick. Certifiable quantum dice: or, true random number generation secure against quantum adversaries. In H. J. Karloff and T. Pitassi, editors, Proceedings of the 44th Symposium on Theory of Computing Conference, STOC 2012, New York, NY, USA, May 19 - 22, 2012, pages 61--76. ACM, 2012. Google ScholarDigital Library
- M. M. Wilde, A. Winter, and D. Yang. Strong converse for the classical capacity of entanglement-breaking channels. arXiv:1306.1586, 2013.Google Scholar
Index Terms
- Robust protocols for securely expanding randomness and distributing keys using untrusted quantum devices
Recommendations
Robust Protocols for Securely Expanding Randomness and Distributing Keys Using Untrusted Quantum Devices
Randomness is a vital resource for modern-day information processing, especially for cryptography. A wide range of applications critically rely on abundant, high-quality random numbers generated securely. Here, we show how to expand a random seed at an ...
A New Randomness Extraction Paradigm for Hybrid Encryption
Proceedings of the 28th Annual International Conference on Advances in Cryptology - EUROCRYPT 2009 - Volume 5479We present a new approach to the design of IND-CCA2 secure hybrid encryption schemes in the standard model. Our approach provides an efficient generic transformation from 1-universal to 2-universal hash proof systems. The transformation involves a ...
Bit-oriented quantum public-key encryption based on quantum perfect encryption
A bit-oriented quantum public-key encryption scheme is presented. We use Boolean functions as private-key and randomly changed pairs of quantum state and classical string as public-keys. Following the concept of quantum perfect encryption, we prepare ...
Comments