论文信息 - Quantum bit string commitment.

Quantum bit string commitment.

A bit string commitment protocol securely commits N classical bits so that the recipient can extract only M<N bits of information about the string. Classical reasoning suggests that bit string commitment implies bit commitment and hence, given the Mayers-Lo-Chau theorem, that nonrelativistic quantum bit string commitment is impossible. Not so: there exist nonrelativistic quantum bit string commitment protocols, with security parameters epsilon and M, that allow A to commit N=N(M,epsilon) bits to B so that A's probability of successfully cheating when revealing any bit and B's probability of extracting more than N'=N-M bits of information about the N bit string before revelation are both less than epsilon. With a restrictive definition of security against A, N can be taken to be O(exp(CN')) for a positive constant C. I briefly discuss possible applications.

Adrian Kent

[1] David Chaum,et al. Advances in Cryptology: Proceedings Of Crypto 83 , 2012 .

[2] Alexander Semenovich Holevo. Statistical problems in quantum physics , 1973 .

[3] Adrian Kent,et al. Unconditionally Secure Bit Commitment , 1998, quant-ph/9810068.

[4] Jørn Justesen,et al. Class of constructive asymptotically good algebraic codes , 1972, IEEE Trans. Inf. Theory.

[5] R. Cleve,et al. Quantum fingerprinting. , 2001, Physical review letters.

[6] Hoi-Kwong Lo,et al. Is Quantum Bit Commitment Really Possible? , 1996, ArXiv.

[7] W. Fischer,et al. Sphere Packings, Lattices and Groups , 1990 .

[8] Dominic Mayers. Unconditionally secure quantum bit commitment is impossible , 1997 .

[9] T. Toffoli,et al. Proceedings of the fourth workshop on Physics and computation , 1998 .

[10] Adrian Kent,et al. Impossibility of unconditionally secure commitment of a certified classical bit , 2000 .

[11] Thomas C. Hales. Sphere packings, I , 1997, Discret. Comput. Geom..