Approaches to Practical Quantum Cryptography

Abstract

There are various practical obstacles in quantum cryptography. These include the problems that arise in implementing quantum cryptographic protocols with current and near-term technology, and those that come with the development and security analysis of new protocols. In this work, we examine a few of these obstacles and, for each one, we highlight an approach that aims to mitigate it.

We start by examining the setting of device-independence, with oblivious transfer in the bounded-quantum-storage-model as the primitive of interest. The typical approach to enabling device-independence is the use of a Bell-inequality violation, which requires a strict non-communication assumption that is practically difficult to enforce. We develop and analyze the security of a device-independent oblivious transfer protocol that replaces the Bell-inequality violation approach with a computational assumption, thereby relaxing the non-communication assumption.

Our second topic examines the problem of noise in a quantum money scheme. We show how to achieve noise-tolerance in the public-key setting. Our scheme can be seen as a generalization of the [AC12] scheme: a valid banknote is now a subspace state possibly affected by noise, and verification is performed by using classical oracles to check for membership in "larger spaces." Additionally, a banknote in our scheme is minted by preparing conjugate coding states and applying a unitary.

For our last topic, we consider the general task of proving security against a specious adversary, which is the quantum analogue of the classical semi-honest adversary. A useful feature of specious adversaries is that security against them can guarantee security against stronger adversaries [DNS12]. This motivates the search for a canonical specious adversary, where proving security against such an adversary guarantees security against the entire class of specious adversaries. Within a restricted setting, we define a particular specious adversary and show that it satisfies our definition of canonical.