A search for quantum coin-flipping protocols using optimization techniques

Coin-flipping is a cryptographic task in which two physically separated, mistrustful parties wish to generate a fair coin-flip by communicating with each other. Chailloux and Kerenidis (2009) designed quantum protocols that guarantee coin-flips with near optimal bias away from uniform, even when one party deviates arbitrarily from the protocol. The probability of any outcome in these protocols is provably at most $$\tfrac{1}{\sqrt{2}} + \delta $$12+δ for any given $$\delta > 0$$δ>0. However, no explicit description of these protocols is known; in fact, the smallest bias achieved by known explicit protocols is $$1/4$$1/4 (Ambainis 2001). We take a computational optimization approach, based mostly on convex optimization, to the search for simple and explicit quantum strong coin-flipping protocols. We present a search algorithm to identify protocols with low bias within a natural class, protocols based on bit-commitment (Nayak and Shor in Phys Rev A 67(1):012304, 2003). The techniques we develop enable a computational search for protocols given by a mesh over the corresponding parameter space. We conduct searches for four-round and six-round protocols with bias below $$0.2499$$0.2499 each of varying dimension which include the best known explicit protocol (with bias $$1/4$$1/4). After checking over $$10^{16}$$1016 protocols, a task which would be infeasible using semidefinite programming alone, we conjecture that the smallest achievable bias within the family of protocols we consider is $$1/4$$1/4.

[1]  T. Rudolph,et al.  Degrees of concealment and bindingness in quantum bit commitment protocols , 2001, quant-ph/0106019.

[2]  Andris Ambainis,et al.  Lower bound for a class of weak quantum coin flipping protocols , 2002, quant-ph/0204063.

[3]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[4]  Jeroen van de Graaf,et al.  Cryptographic Distinguishability Measures for Quantum-Mechanical States , 1997, IEEE Trans. Inf. Theory.

[5]  C. Mochon Large family of quantum weak coin-flipping protocols , 2005, quant-ph/0502068.

[6]  Umesh V. Vazirani,et al.  Quantum complexity theory , 1993, STOC.

[7]  Iordanis Kerenidis,et al.  Optimal Bounds for Quantum Bit Commitment , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[8]  Gus Gutoski,et al.  Toward a general theory of quantum games , 2006, STOC '07.

[9]  Yurii Nesterov,et al.  Interior-point polynomial algorithms in convex programming , 1994, Siam studies in applied mathematics.

[10]  Henry Wolkowicz,et al.  Strong duality and minimal representations for cone optimization , 2012, Computational Optimization and Applications.

[11]  Dominic Mayers Unconditionally secure quantum bit commitment is impossible , 1997 .

[12]  Salil P. Vadhan An Unconditional Study of Computational Zero Knowledge , 2004, FOCS.

[13]  Andrew Chi-Chih Yao,et al.  Some complexity questions related to distributive computing(Preliminary Report) , 1979, STOC.

[14]  Yevgeniy Dodis,et al.  Multiparty quantum coin flipping , 2004 .

[15]  Jos F. Sturm,et al.  Implementation of interior point methods for mixed semidefinite and second order cone optimization problems , 2002, Optim. Methods Softw..

[16]  Iordanis Kerenidis,et al.  Optimal Quantum Strong Coin Flipping , 2009, 2009 50th Annual IEEE Symposium on Foundations of Computer Science.

[17]  Donald Goldfarb,et al.  Second-order cone programming , 2003, Math. Program..

[18]  Thierry Paul,et al.  Quantum computation and quantum information , 2007, Mathematical Structures in Computer Science.

[19]  Abel Molina,et al.  Optimal Counterfeiting Attacks and Generalizations for Wiesner's Quantum Money , 2012, TQC.

[20]  Andris Ambainis,et al.  A new protocol and lower bounds for quantum coin flipping , 2001, STOC '01.

[21]  C. Mochon Quantum weak coin flipping with arbitrarily small bias , 2007, 0711.4114.

[22]  Carlos Mochon Quantum weak coin-flipping with bias of 0.192 , 2004, 45th Annual IEEE Symposium on Foundations of Computer Science.

[23]  H. F. Chau,et al.  Why quantum bit commitment and ideal quantum coin tossing are impossible , 1997 .

[24]  Gilles Brassard,et al.  Quantum cryptography: Public key distribution and coin tossing , 2014, Theor. Comput. Sci..

[25]  Dominic Mayers,et al.  Unconditional security in quantum cryptography , 1998, JACM.

[26]  Manuel Blum,et al.  Coin Flipping by Telephone. , 1981, CRYPTO 1981.

[27]  Ashwin Nayak,et al.  Bit-commitment-based quantum coin flipping , 2002, quant-ph/0206123.

[28]  Jos F. Sturm,et al.  A Matlab toolbox for optimization over symmetric cones , 1999 .

[29]  Henry Wolkowicz,et al.  Handbook of Semidefinite Programming , 2000 .

[30]  Iordanis Kerenidis,et al.  Weak coin flipping with small bias , 2002, Inf. Process. Lett..

[31]  Andrew Chi-Chih Yao,et al.  Quantum Circuit Complexity , 1993, FOCS.

[32]  Stephen Wiesner,et al.  Conjugate coding , 1983, SIGA.

[33]  Iordanis Kerenidis,et al.  A Simpler Proof of the Existence of Quantum Weak Coin Flipping with Arbitrarily Small Bias , 2014, SIAM J. Comput..

[34]  Lo,et al.  Unconditional security of quantum key distribution over arbitrarily long distances , 1999, Science.

[35]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[36]  Hoi-Kwong Lo,et al.  Is Quantum Bit Commitment Really Possible? , 1996, ArXiv.

[37]  Andrew Chi-Chih Yao,et al.  Quantum bit escrow , 2000, STOC '00.

[38]  Hans D. Mittelmann,et al.  An independent benchmarking of SDP and SOCP solvers , 2003, Math. Program..