Jędrzej Kaniewski

Experimental Bit Commitment Based on Quantum Communication and Special Relativity

Bit commitment is a fundamental cryptographic primitive in which Bob wishes to commit a secret bit to Alice. Perfectly secure bit commitment between two mistrustful parties is impossible through asynchronous exchange of quantum information. Perfect security is however possible when Alice and Bob split into several agents exchanging classical and quantum information at times and locations suitably chosen to satisfy specific relativistic constraints. Here we report on an implementation of a bit commitment protocol using quantum communication and special relativity. Our protocol is based on [A. Kent, Phys. Rev. Lett. 109, 130501 (2012)] and has the advantage that it is practically feasible with arbitrary large separations between the agents in order to maximize the commitment time. By positioning agents in Geneva and Singapore, we obtain a commitment time of 15 ms. A security analysis considering experimental imperfections and finite statistics is presented.

A monogamy-of-entanglement game with applications to device-independent quantum cryptography

We consider a game in which two separate laboratories collaborate to prepare a quantum system and are then asked to guess the outcome of a measurement performed by a third party in a random basis on that system. Intuitively, by the uncertainty principle and the monogamy of entanglement, the probability that both players simultaneously succeed in guessing the outcome correctly is bounded. We are interested in the question of how the success probability scales when many such games are performed in parallel. We show that any strategy that maximizes the probability to win every game individually is also optimal for the parallel repetition of the game. Our result implies that the optimal guessing probability can be achieved without the use of entanglement. We explore several applications of this result. Firstly, we show that it implies security for standard BB84 quantum key distribution when the receiving party uses fully untrusted measurement devices, i.e. we show that BB84 is one-sided device independent. Secondly, we show how our result can be used to prove security of a one-round position-verification scheme. Finally, we generalize a well-known uncertainty relation for the guessing probability to quantum side information.

Equivalence of wave–particle duality to entropic uncertainty

Interferometers capture a basic mystery of quantum mechanics: a single particle can exhibit wave behaviour, yet that wave behaviour disappears when one tries to determine the particles path inside the interferometer. This idea has been formulated quantitatively as an inequality, for example, by Englert and Jaeger, Shimony and Vaidman, which upper bounds the sum of the interference visibility and the path distinguishability. Such wave-particle duality relations (WPDRs) are often thought to be conceptually inequivalent to Heisenbergs uncertainty principle, although this has been debated. Here we show that WPDRs correspond precisely to a modern formulation of the uncertainty principle in terms of entropies, namely, the min- and max-entropies. This observation unifies two fundamental concepts in quantum mechanics. Furthermore, it leads to a robust framework for deriving novel WPDRs by applying entropic uncertainty relations to interferometric models. As an illustration, we derive a novel relation that captures the coherence in a quantum beam splitter.

Secure Bit Commitment From Relativistic Constraints

We investigate two-party cryptographic protocols that are secure under assumptions motivated by physics, namely special relativity and quantum mechanics. In particular, we discuss the security of bit commitment in the so-called split models, i.e., models in which at least one of the parties is not allowed to communicate during certain phases of the protocol. We find the minimal splits that are necessary to evade the Mayers-Lo-Chau no-go argument and present protocols that achieve security in these split models. Furthermore, we introduce the notion of local versus global command, a subtle issue that arises when the split committer is required to delegate noncommunicating agents to open the commitment. We argue that classical protocols are insecure under global command in the split model we consider. On the other hand, we provide a rigorous security proof in the global command model for Kents quantum protocol . The proof employs two fundamental principles of modern physics, the no-signaling property of relativity and the uncertainty principle of quantum mechanics.

Device-independent two-party cryptography secure against sequential attacks

The goal of two-party cryptography is to enable two parties, Alice and Bob, to solve common tasks without the need for mutual trust. Examples of such tasks are private access to a database, and secure identification. Quantum communication enables security for all of these problems in the noisy-storage model by sending more signals than the adversary can store in a certain time frame. Here, we initiate the study of device-independent (DI) protocols for two-party cryptography in the noisy-storage model. Specifically, we present a relatively easy to implement protocol for a cryptographic building block known as weak string erasure and prove its security even if the devices used in the protocol are prepared by the dishonest party. DI two-party cryptography is made challenging by the fact that Alice and Bob do not trust each other, which requires new techniques to establish security. We fully analyse the case of memoryless devices (for which sequential attacks are optimal) and the case of sequential attacks for arbitrary devices. The key ingredient of the proof, which might be of independent interest, is an explicit (and tight) relation between the violation of the Clauser–Horne–Shimony–Holt inequality observed by Alice and Bob and uncertainty generated by Alice against Bob who is forced to measure his system before finding out Alices setting (guessing with postmeasurement information). In particular, we show that security is possible for arbitrarily small violation.

One-Sided Device Independent QKD and Position-Based Cryptography from Monogamy Games

A serious concern with quantum key distribution (QKD) schemes is that, when under attack, the quantum devices in a real-life implementation may behave differently than modeled in the security proof. This can lead to real-life attacks against provably secure QKD schemes.

Query Complexity in Expectation

We study the query complexity of computing a function \(f:\{0,1\}^n\rightarrow \mathbb {R}_+\) in expectation. This requires the algorithm on input \(x\) to output a nonnegative random variable whose expectation equals \(f(x)\), using as few queries to the input \(x\) as possible. We exactly characterize both the randomized and the quantum query complexity by two polynomial degrees, the nonnegative literal degree and the sum-of-squares degree, respectively. We observe that the quantum complexity can be unboundedly smaller than the classical complexity for some functions, but can be at most polynomially smaller for Boolean functions. These query complexities relate to (and are motivated by) the extension complexity of polytopes. The linear extension complexity of a polytope is characterized by the randomized communication complexity of computing its slack matrix in expectation, and the semidefinite (psd) extension complexity is characterized by the analogous quantum model. Since query complexity can be used to upper bound communication complexity of related functions, we can derive some upper bounds on psd extension complexity by constructing efficient quantum query algorithms. As an example we give an exponentially-close entrywise approximation of the slack matrix of the perfect matching polytope with psd-rank only \(2^{n^{1/2+\varepsilon }}\). Finally, we show randomized and quantum query complexity in expectation corresponds to the Sherali-Adams and Lasserre hierarchies, respectively.

A universal test for gravitational decoherence

experiment Our method is fully general and can in principle be used to measure the decoherence of any physical process. Figure 1 illustrates the general procedure. We create an entangled pair, and use half of this entangled pair to probe the unknown decoherence process. To estimate Dec(A|E) we will make use of the fact that in QM entanglement is monogamous, or more generally when considering theories beyond QM that no-signalling correlations are monogamous. This allow us to make statements about the correlations between A and E, even though we can only perform measurements on A and B. A test that allows us to bound Dec(A|E) from observations made on A and B alone is given by a Bell inequality [31, 32]. For the purpose of illustration, we consider creating an entangled state ΦAA′ and perform a test based on the CHSH inequaltity [33] (see Figure 1). We emphasize that our methods are fully general and could be used in conjunction with other inequalities and higher dimensional entangled states. As an easy warmup, let us first again consider what happens in quantum mechanics. For now, we assume that the measurement devices have no memory. That is, the experiment behaves the same in each round, independent on the previous measurements. It is relatively straight forward to obtain an upper bound on Dec(A|E) by extending techniques from quantum key distribution (QKD) [23]. In essence, we maximize Dec(A|E) over all states that are consistent with the observed CHSH correlator β (see Figure 1). This maximization problem is simplified by the inherent symmetries of the CHSH inequality, allowing us to reduce this optimization problem to consider only states that are diagonal in the Bell basis. We proceed to establish properties of min and max entropies for Bell diagonal states, leading to an upper 5 Figures for the main article of the decoherence paper C. Pfister J. Kaniewski Sunday 1 March, 2015, 23:38Quantum mechanics and the theory of gravity are presently not compatible. A particular question is whether gravity causes decoherence. Several models for gravitational decoherence have been proposed, not all of which can be described quantum mechanically. Since quantum mechanics may need to be modified, one may question the use of quantum mechanics as a calculational tool to draw conclusions from the data of experiments concerning gravity. Here we propose a general method to estimate gravitational decoherence in an experiment that allows us to draw conclusions in any physical theory where the no-signalling principle holds, even if quantum mechanics needs to be modified. As an example, we propose a concrete experiment using optomechanics. Our work raises the interesting question whether other properties of nature could similarly be established from experimental observations alone—that is, without already having a rather well-formed theory of nature to make sense of experimental data.

Analytic and Nearly Optimal Self-Testing Bounds for the Clauser-Horne-Shimony-Holt and Mermin Inequalities.

Self-testing refers to the phenomenon that certain extremal quantum correlations (almost) uniquely identify the quantum system under consideration. For instance, observing the maximal violation of the Clauser-Horne-Shimony-Holt (CHSH) inequality certifies that the two parties share a singlet. While self-testing results are known for several classes of states, in many cases they are only applicable if the observed statistics are almost perfect, which makes them unsuitable for practical applications. Practically relevant self-testing bounds are much less common and moreover they all result from a single numerical method (with one exception which we discuss in detail). In this work we present a new technique for proving analytic self-testing bounds of practically relevant robustness. We obtain improved bounds for the case of self-testing the singlet using the CHSH inequality (in particular we show that nontrivial fidelity with the singlet can be achieved as long as the violation exceeds β^{*}=(16+14sqrt[2])/17≈2.11). In the case of self-testing the tripartite Greenberger-Horne-Zeilinger state using the Mermin inequality, we derive a bound which not only improves on previously known results but turns out to be tight. We discuss other scenarios to which our technique can be immediately applied.

Device-independence for two-party cryptography and position verification

Quantum communication has demonstrated its usefulness for quantum cryptography far beyond quantum key distribution. One domain is two-party cryptography, whose goal is to allow two parties who may not trust each other to solve joint tasks. Another interesting application is position-based cryptography whose goal is to use the geographical location of an entity as its only identifying credential. Unfortunately, security of these protocols is not possible against an all powerful adversary. However, if we impose some realistic physical constraints on the adversary, there exist protocols for which security can be proven, but these so far relied on the knowledge of the quantum operations performed during the protocols. In this work we improve the device-independent security proofs of Kaniewski and Wehner [New J. Phys. 18, 055004 (2016)NJOPFM1367-263010.1088/1367-2630/18/5/055004] for two-party cryptography (with memoryless devices) and we add a security proof for device-independent position verification (also memoryless devices) under different physical constraints on the adversary. We assess the quality of the devices by observing a Bell violation, and, as for Kaniewski and Wehner [New J. Phys. 18, 055004 (2016)NJOPFM1367-263010.1088/1367-2630/18/5/055004], security can be attained for any violation of the Clauser-Holt-Shimony-Horne inequality.