(Quantum) Min-Entropy Resources

We model (interactive) resources that provide Alice with a string $X$ and a guarantee that any Eve interacting with her interface of the resource obtains a (quantum) system $E$ such that the conditional (smooth) min-entropy of $X$ given $E$ is lower bounded by some $k$. This (abstract) resource specification encompasses any setting that results in the honest players holding such a string (or aborting). For example, it could be constructed from, e.g., noisy channels, quantum key distribution (QKD), or a violation of Bell inequalities, which all may be used to derive bounds on the min-entropy of $X$. As a first application, we use this min-entropy resource to modularize key distribution (KD) schemes by dividing them in two parts, which may be analyzed separately. In the first part, a KD protocol constructs a min-entropy resource given the (physical) resources available in the specific setting considered. In the second, it distills secret key from the min-entropy resource---i.e., it constructs a secret key resource. We prove security for a generic key distillation protocol that may use any min-entropy resource. Since the notion of resource construction is composable---security of a composed protocol follows from the security of its parts--- this reduces proving security of a KD protocol (e.g., QKD) to proving that it constructs a min-entropy resource. As a second application, we provide a composable security proof for the recent Fehr-Salvail protocol [EUROCRYPT 2017] that authenticates classical messages with a quantum message authentication code (Q-MAC), and recycles all the key upon successfully verifying the authenticity of the message. This protocol uses (and recycles) a non-uniform key, which we model as consuming and constructing a min-entropy resource.

[1]  Umesh Vazirani,et al.  Fully device-independent quantum key distribution. , 2012, 1210.1810.

[2]  Adam D. Smith,et al.  Leftover Hashing Against Quantum Side Information , 2011, IEEE Transactions on Information Theory.

[3]  L. Hardy Reformulating and Reconstructing Quantum Theory , 2011, 1104.2066.

[4]  V. Scarani,et al.  The security of practical quantum key distribution , 2008, 0802.4155.

[5]  Larry Carter,et al.  New Hash Functions and Their Use in Authentication and Set Equality , 1981, J. Comput. Syst. Sci..

[6]  Adrian Kent,et al.  No signaling and quantum key distribution. , 2004, Physical review letters.

[7]  V. Scarani,et al.  Device-independent quantum key distribution secure against collective attacks , 2009, 0903.4460.

[8]  I. Chuang,et al.  Quantum Computation and Quantum Information: Introduction to the Tenth Anniversary Edition , 2010 .

[9]  Marco Tomamichel,et al.  Duality Between Smooth Min- and Max-Entropies , 2009, IEEE Transactions on Information Theory.

[10]  Marco Tomamichel,et al.  Tight finite-key analysis for quantum cryptography , 2011, Nature Communications.

[11]  Gilles Brassard,et al.  Quantum cryptography: Public key distribution and coin tossing , 2014, Theor. Comput. Sci..

[12]  Robert König,et al.  Universally Composable Privacy Amplification Against Quantum Adversaries , 2004, TCC.

[13]  Ueli Maurer,et al.  Secret key agreement by public discussion , 1993 .

[14]  Gus Gutoski On a measure of distance for quantum strategies , 2010, 1008.4636.

[15]  Ueli Maurer,et al.  Constructive Cryptography - A New Paradigm for Security Definitions and Proofs , 2011, TOSCA.

[16]  Robert König,et al.  The Operational Meaning of Min- and Max-Entropy , 2008, IEEE Transactions on Information Theory.

[17]  Serge Fehr,et al.  Randomness Extraction Via delta -Biased Masking in the Presence of a Quantum Attacker , 2007, TCC.

[18]  Christopher Portmann,et al.  Key Recycling in Authentication , 2012, IEEE Transactions on Information Theory.

[19]  Ueli Maurer,et al.  Causal Boxes: Quantum Information-Processing Systems Closed Under Composition , 2015, IEEE Transactions on Information Theory.

[20]  Rudolf Ahlswede,et al.  Common randomness in information theory and cryptography - I: Secret sharing , 1993, IEEE Trans. Inf. Theory.

[21]  G. D’Ariano,et al.  Theoretical framework for quantum networks , 2009, 0904.4483.

[22]  Ueli Maurer,et al.  From Indifferentiability to Constructive Cryptography (and Back) , 2016, TCC.

[23]  Volkher B. Scholz,et al.  Quantum-proof multi-source randomness extractors in the Markov model , 2015, TQC.

[24]  Marco Tomamichel,et al.  A largely self-contained and complete security proof for quantum key distribution , 2015, 1506.08458.

[25]  Renato Renner,et al.  Cryptographic security of quantum key distribution , 2014, ArXiv.

[26]  Lidia del Rio,et al.  Resource theories of knowledge , 2015, 1511.08818.

[27]  Douglas R. Stinson,et al.  Universal hashing and authentication codes , 1991, Des. Codes Cryptogr..

[28]  Serge Fehr,et al.  Quantum Authentication and Encryption with Key Recycling , 2016, IACR Cryptol. ePrint Arch..

[29]  Severin Winkler,et al.  Impossibility of growing quantum bit commitments. , 2011, Physical review letters.

[30]  Renato Renner,et al.  Security of quantum key distribution , 2005, Ausgezeichnete Informatikdissertationen.

[31]  Ueli Maurer,et al.  Generalized privacy amplification , 1994, Proceedings of 1994 IEEE International Symposium on Information Theory.

[32]  Renato Renner,et al.  Simple and Tight Bounds for Information Reconciliation and Privacy Amplification , 2005, ASIACRYPT.

[33]  L. Hardy Quantum theory with bold operator tensors , 2015, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[34]  Anindya De,et al.  Trevisan's Extractor in the Presence of Quantum Side Information , 2009, SIAM J. Comput..

[35]  John Watrous,et al.  The Theory of Quantum Information , 2018 .

[36]  L. Hardy The operator tensor formulation of quantum theory , 2012, Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences.

[37]  Ueli Maurer,et al.  Abstract Cryptography , 2011, ICS.

[38]  Gilles Brassard,et al.  Quantum Cryptography II: How to re-use a one-time pad safely even if P=NP , 2014, Natural Computing.

[39]  M. Hayashi,et al.  Concise and tight security analysis of the Bennett–Brassard 1984 protocol with finite key lengths , 2011, 1107.0589.

[40]  Thomas Vidick,et al.  Simple and tight device-independent security proofs , 2016, SIAM J. Comput..

[41]  Gus Gutoski,et al.  Toward a general theory of quantum games , 2006, STOC '07.

[42]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.