Reexamination of quantum bit commitment: The possible and the impossible

Bit commitment protocols whose security is based on the laws of quantum mechanics alone are generally held to be impossible. We give a strengthened and explicit proof of this result. We extend its scope to a much larger variety of protocols, which may have an arbitrary number of rounds, in which both classical and quantum information is exchanged, and which may include aborts and resets. Moreover, we do not consider the receiver to be bound to a fixed 'honest' strategy, so that 'anonymous state protocols', which were recently suggested as a possible way to beat the known no-go results, are also covered. We show that any concealing protocol allows the sender to find a cheating strategy, which is universal in the sense that it works against any strategy of the receiver. Moreover, if the concealing property holds only approximately, the cheat goes undetected with a high probability, which we explicitly estimate. The proof uses an explicit formalization of general two-party protocols, which is applicable to more general situations, and an estimate about the continuity of the Stinespring dilation of a general quantum channel. The result also provides a natural characterization of protocols that fall outside the standard setting of unlimitedmore » available technology and thus may allow secure bit commitment. We present such a protocol whose security, perhaps surprisingly, relies on decoherence in the receiver's laboratory.« less

[1]  M. Reed Methods of Modern Mathematical Physics. I: Functional Analysis , 1972 .

[2]  A. D. Wyner,et al.  The wire-tap channel , 1975, The Bell System Technical Journal.

[3]  A. Uhlmann The "transition probability" in the state space of a ∗-algebra , 1976 .

[4]  O. Bratteli Operator Algebras And Quantum Statistical Mechanics , 1979 .

[5]  Manuel Blum,et al.  Coin flipping by telephone a protocol for solving impossible problems , 1983, SIGA.

[6]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[7]  Joe Kilian,et al.  Achieving oblivious transfer using weakened security assumptions , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[8]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[9]  Gilles Brassard,et al.  Practical Quantum Oblivious Transfer , 1991, CRYPTO.

[10]  Ekert,et al.  Quantum cryptography based on Bell's theorem. , 1991, Physical review letters.

[11]  C. Crépeau,et al.  A quantum bit commitment scheme provably unbreakable by both parties , 1993, Proceedings of 1993 IEEE 34th Annual Foundations of Computer Science.

[12]  Artur Ekert,et al.  Information Gain in Quantum Eavesdropping , 1994 .

[13]  Claude Crépeau,et al.  Quantum Oblivious Transfer , 1994 .

[14]  Andrew Chi-Chih Yao,et al.  Security of quantum protocols against coherent measurements , 1995, STOC '95.

[15]  Shai Halevi,et al.  Efficient Commitment Schemes with Bounded Sender and Unbounded Receiver , 1995, Journal of Cryptology.

[16]  Hoi-Kwong Lo,et al.  Is Quantum Bit Commitment Really Possible? , 1996, ArXiv.

[17]  Claude Crépeau,et al.  Efficient Cryptographic Protocols Based on Noisy Channels , 1997, EUROCRYPT.

[18]  Dominic Mayers Unconditionally secure quantum bit commitment is impossible , 1997 .

[19]  M. Horodecki,et al.  General teleportation channel, singlet fraction and quasi-distillation , 1998, quant-ph/9807091.

[20]  Claude Crépeau,et al.  Oblivious transfer with a memory-bounded receiver , 1998, Proceedings 39th Annual Symposium on Foundations of Computer Science (Cat. No.98CB36280).

[21]  Louis Salvail,et al.  Quantum Bit Commitment from a Physical Assumption , 1998, CRYPTO.

[22]  Adrian Kent,et al.  Unconditionally Secure Bit Commitment , 1998, quant-ph/9810068.

[23]  Ivan Damgård,et al.  On the (Im)possibility of Basing Oblivious Transfer and Bit Commitment on Weakened Security Assumptions , 1998, EUROCRYPT.

[24]  I. Chuang,et al.  Quantum Computation and Quantum Information: Bibliography , 2010 .

[25]  Andris Ambainis,et al.  Private quantum channels , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[26]  T. Rudolph,et al.  Degrees of concealment and bindingness in quantum bit commitment protocols , 2001, quant-ph/0106019.

[27]  Wade Trappe,et al.  Introduction to Cryptography with Coding Theory , 2002 .

[28]  M. Nielsen A simple formula for the average gate fidelity of a quantum dynamical operation [rapid communication] , 2002, quant-ph/0205035.

[29]  M. Ruskai,et al.  Entanglement Breaking Channels , 2003, quant-ph/0302031.

[30]  M. Keyl Fundamentals of quantum information theory , 2002, quant-ph/0202122.

[31]  Adrian Kent Quantum bit string commitment. , 2003, Physical review letters.

[32]  V. Paulsen Completely Bounded Maps and Operator Algebras , 2003 .

[33]  Hideki Imai,et al.  Commitment Capacity of Discrete Memoryless Channels , 2003, IMACC.

[34]  SELF ORGANIZATION IN THE LOW TEMPERATURE REGION OF A SPIN GLASS MODEL , 2003 .

[35]  V. Paulsen Completely Bounded Maps and Operator Algebras: Contents , 2003 .

[36]  Adrian Kent,et al.  Cheat sensitive quantum bit commitment. , 1999, Physical review letters.

[37]  A. Winter,et al.  Randomizing Quantum States: Constructions and Applications , 2003, quant-ph/0307104.

[38]  M. Raginsky,et al.  Operational distance and fidelity for quantum channels , 2004, quant-ph/0408159.

[39]  J. Preskill,et al.  Superselection rules and quantum protocols , 2003, quant-ph/0310088.

[40]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[41]  N. Langford,et al.  Distance measures to compare real and ideal quantum processes (14 pages) , 2004, quant-ph/0408063.

[42]  Wade Trappe,et al.  Introduction to Cryptography with Coding Theory (2nd Edition) , 2005 .

[43]  Ivan Damgård,et al.  Cryptography in the bounded quantum-storage model , 2005, IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security, 2005..

[44]  Adrian Kent,et al.  Secure Classical Bit Commitment Using Fixed Capacity Communication Channels , 1999, Journal of Cryptology.

[45]  Gilles Brassard,et al.  Quantum Cryptography , 2005, Encyclopedia of Cryptography and Security.

[46]  R. Oliveira,et al.  Quantum bit commitment with misaligned reference frames , 2006 .

[47]  P. Hayden,et al.  Security of quantum bit string commitment depends on the information measure. , 2006, Physical review letters.

[48]  Dennis Kretschmann,et al.  The Information-Disturbance Tradeoff and the Continuity of Stinespring's Representation , 2008, IEEE Transactions on Information Theory.