Security and composability of randomness expansion from Bell inequalities

Fehr, Serge; Gelles, Ran; Schaffner, Christian

doi:10.1103/physreva.87.012335

Cited by 87 publications

(140 citation statements)

References 16 publications

Supporting

Mentioning

139

Contrasting

Order By: Relevance

“…Turning the intuition above into rigorous proofs turns out to be rather challenging. Classical security was proved in [Pironio et al, 2010], [Fehr et al, 2013], [Pironio and Massar, 2013], and in the later work [Coudron et al, 2013], which allowed a very broad class of nonlocal games. While useful, classical security does not guard against quantum adversaries, thus is inadequate as quantum computation is becoming a reality.…”

Section: The Problem and Its Motivationsmentioning

confidence: 99%

“…As the error parameters decrease at an exponential rate, they are dominated by the first set of errors. To decrease the number of devices used in unbounded expansion, a possibility (used, e.g., in [Fehr et al, 2013]) is to cross-feed the outputs of two devices (i.e., give the output of one device as the input to another, and then vice versa). But there is an apparent obstacle for proving security for such an approach: once a device produces output, this output is now correlated with the device itself.…”

Section: Argumentsmentioning

confidence: 99%

See 1 more Smart Citation

Robust Protocols for Securely Expanding Randomness and Distributing Keys Using Untrusted Quantum Devices

Miller

Shi

2016

J. ACM

View full text Add to dashboard Cite

Randomness is a vital resource for modern day information processing, especially for cryptography. A wide range of applications critically rely on abundant, high quality random numbers generated securely. Here we show how to expand a random seed at an exponential rate without trusting the underlying quantum devices. Our approach is secure against the most general adversaries, and has the following new features: cryptographic level of security, tolerating a constant level of imprecision in the devices, requiring only a unit size quantum memory per device component for the honest implementation, and allowing a large natural class of constructions for the protocol. In conjunct with a recent work by Chung, Shi and Wu, it also leads to robust unbounded expansion using just 2 multi-part devices. When adapted for distributing cryptographic keys, our method achieves, for the first time, exponential expansion combined with cryptographic security and noise tolerance. The proof proceeds by showing that the Rényi divergence of the outputs of the protocol (for a specific bounding operator) decreases linearly as the protocol iterates. At the heart of the proof are a new uncertainty principle on quantum measurements, and a method for simulating trusted measurements with untrusted devices.

show abstract

Section: The Problem and Its Motivationsmentioning

confidence: 99%

Section: Argumentsmentioning

confidence: 99%

Robust Protocols for Securely Expanding Randomness and Distributing Keys Using Untrusted Quantum Devices

Miller

Shi

2016

J. ACM

View full text Add to dashboard Cite

show abstract

“…Theorem: Let Pðk;ỹ;t;g;e j zÞ be the probability distribution of the variables generated during the protocol and the adversary's physical system e, z; and let P ideal ðk;ỹ;t;g;e j zÞ be the corresponding ideal distribution (11). The optimal probability of correctly guessing between the distributions P and P ideal satisfies…”

Section: Protocol Kmentioning

confidence: 99%

Full randomness from arbitrarily deterministic events

et al. 2013

View full text Add to dashboard Cite

Do completely unpredictable events exist? Classical physics excludes fundamental randomness. Although quantum theory makes probabilistic predictions, this does not imply that nature is random, as randomness should be certified without relying on the complete structure of the theory being used. Bell tests approach the question from this perspective. However, they require prior perfect randomness, falling into a circular reasoning. A Bell test that generates perfect random bits from bits possessing high-but less than perfectrandomness has recently been obtained. Yet, the main question remained open: does any initial randomness suffice to certify perfect randomness? Here we show that this is indeed the case. We provide a Bell test that uses arbitrarily imperfect random bits to produce bits that are, under the non-signalling principle assumption, perfectly random. This provides the first protocol attaining full randomness amplification. Our results have strong implications onto the debate of whether there exist events that are fully random.

show abstract

“…On the contrary, in Classe II, since Eve prepares the state, the inputs z must be generated with a process that is a priori guaranteed to be unknown to Eve. In other words, in these classes there is no randomness generation, but only randomness expansion -and, after a series of partial results [24,28,29], it has been proved that such expansion can in principle be unbounded [21]. The different adversarial classes discussed here are summarized in Table I.…”

Section: A Classes Of Adversarial Powermentioning

confidence: 99%

Quantum randomness extraction for various levels of characterization of the devices

Law

Thinh

Bancal

et al. 2014

J. Phys. A: Math. Theor.

128

131

View full text Add to dashboard Cite

The amount of intrinsic randomness that can be extracted from measurement on quantum systems depends on several factors: notably, the power given to the adversary and the level of characterization of the devices of the authorized partners. After presenting a systematic introduction to these notions, in this paper we work in the class of least adversarial power, which is relevant for assessing setups operated by trusted experimentalists, and compare three levels of characterization of the devices. Many recent studies have focused on the so-called "device-independent" level, in which a lower bound on the amount of intrinsic randomness can be certified without any characterization. The other extreme is the case when all the devices are fully characterized: this "tomographic" level has been known for a long time. We present for this case a systematic and efficient approach to quantifying the amount of intrinsic randomness, and show that setups involving ancillas (POVMs, pointer measurements) may not be interesting here, insofar as one may extract randomness from the ancilla rather than from the system under study. Finally, we study how much randomness can be obtained in presence of an intermediate level of characterization related to the task of "steering", in which Bob's device is fully characterized while Alice's is a black box. We obtain our results here by adapting the NPA hierarchy of semidefinite programs to the steering scenario.

show abstract

Security and composability of randomness expansion from Bell inequalities

Cited by 87 publications

References 16 publications

Robust Protocols for Securely Expanding Randomness and Distributing Keys Using Untrusted Quantum Devices

Robust Protocols for Securely Expanding Randomness and Distributing Keys Using Untrusted Quantum Devices

Full randomness from arbitrarily deterministic events

Quantum randomness extraction for various levels of characterization of the devices

Contact Info

Product

Resources

About