Presentation is loading. Please wait.

Presentation is loading. Please wait.

Application of quantum universal composability theorem 1. Motivation : e.g. is QKD secure? 2. Tool : universal composability 3. Application 1: composability.

Published byKimberly Crawford Modified over 9 years ago

Similar presentations

Presentation on theme: "Application of quantum universal composability theorem 1. Motivation : e.g. is QKD secure? 2. Tool : universal composability 3. Application 1: composability."— Presentation transcript:

1 Application of quantum universal composability theorem 1. Motivation : e.g. is QKD secure? 2. Tool : universal composability 3. Application 1: composability of QKD 4. Application 2: composability of variants of quantum authentication + key recycling

2 Recitation session for the workshop 1. Motivation : e.g. is QKD secure? 2. Tool : universal composability 3. Application 1: composability of QKD 4. Application 2: composability of variants of quantum authentication + key recycling Unruh’s talk, Renner’s talk Unruh’s talk Unruh’s talk, Renner’s talk Oppenheim’s talk Easier talk since the audience are well acquainted with the subject Can work through a couple of examples in detail The results are actually complementary !  No surprise  Too repetitive for some  Too brief for others      Give me hints throughout the talk which case it is. No need to give the talk !

3 Application of quantum universal composability theorem 1. Motivation : e.g. is QKD secure? 2. Tool : universal composability 3. Application 1: composability of QKD 4. Application 2: composability of variants of quantum authentication + key recycling

4 Application of quantum universal composability theorem 1. Motivation : e.g. is QKD secure? 2. Tool : universal composability 3. Application 1: composability of QKD 4. Application 2: composability of variants of quantum authentication + key recycling Michael Ben-Or 2,3 Patrick Hayden 4 Michal Horedecki 3 Debbie Leung 3,4 Dominic Mayers 2,3,4 Jonathan Oppenheim 3 MB PH DM audience

5 QKD relies on authentication, auth uses a small key Motivation : key degradation in repeated QKD (Bennett & Smolin) Alice Bob Eve kBkB kAkA k ’Bk ’B k ’Ak ’A  consumed

6 Composability : What do we mean by “unconditional security of QKD”? QKD: Alice Bob kBkB kAkA kEkE QKD is “unconditionally secure” :  Eve’s strategy s.t. Pr(generate key) is non-negligible k  k A  k B k  random I (K E :K) negligible Eve - applicable only if Eve measures right after QKD to learn about k - not if she delays measurement

7 QKD: Alice Bob Eve k k UkUk Uk†Uk† Encryption: Composability : A more serious example Is “QKD + encryption” secure ??? More information may be gained from joint measurements (Peres,Wootters)

8 Unlocking accessible information by further classical communication DiVincenzo, (M) Horedecki, L, Smolin, Terhal 0303088, Hayden, L, Shor, Winter 0307104 Composability : A nightmare? UyxUyx meas  y  n  nfo on x :  O(log n) Waiting for y : extra info  y –  n  O(log n) = , length  y  For QKD, let x = key,  x = Eve’s state right after QKD. Let y = Eve’s classical info when key is used classically. Knowing “ I (k E :k) small” does not imply security of using the generated key in classical applications. y : extra classical info y meas UyxUyx x = n bits, y = O(log n) bits Advertise:Michal’s talk

9 Pre-conclusions : 1. Life can be bad -- be ultra paranoid (about composability) 2. QKD is composable, fortunately (BUT REMEMBER TO USE better security criterion e.g. singlet-fidelity... at least until  acc is “vindicated”, if at all.)

10 When is a crytographic primitive “safe-to-use”? Wait... used in what?

11 Universal Composability Michael Ben-Or & Dominic Mayers 02 Alternative model by Unruh & Mueller-Quade

12 Universal composability : general problem Protocol     nn How to define security of  i so that “reasonable composition” is secure ?  i : subprotocols

13 Notations:  : protocol Security definition of protocols should imply secure basic composition If  &   both “secure” then  is “secure” Composable security definition. Universal    : ideal task attempted by    : protocol calling  as subroutine, trying to perform (imperfectly)      ..... e.g.   = perfect encryption,   = perfect key distribution,  = QKD    or  = encryption with perfect key or QKD key.   Wanted : Security definition & security of composition: a pair of related concepts e.g. ,   

14 When is a protocol “secure”? If  is essentially indistinguishable from  ... as viewed by any adversary  when used in any application  Wanted: Universal composable security definition s.t.  If  &   both “secure” then  is “secure” Env “ E ” : controlling all adversarial attacks & input / output E  IN OUT z    z E ? z : output bit of E Partially ordered statistically reflects the difference between  

15 When is a protocol “secure”? If  is essentially indistinguishable from  ... as viewed by any adversary  when used in any application   IN OUT  E  S(  ) z z Env “ E ” : controlling all adversarial attacks & input / output   IN OUT E Wanted: Universal composable security definition s.t.  If  &   both “secure” then  is “secure” z : output bit of E statistically reflects the difference between  

16  IN OUT  E  S(  ) z z Env “ E ” : controlling all adversarial attacks & input / output   IN OUT E   -s.r.   if  E (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  . z : output bit of E statistically reflects the difference between   When is a protocol “secure”? Wanted: Universal composable security definition s.t.  If  &   both “secure” then  is “secure”

17 Universal composable security definition   -s.r.   if  E (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  . CLAIM: using the following will imply the basic composition If  &   both “secure” then  is “secure” If     - s.r.   and    -s.r.   then  (      ) -s.r.  .

18 Let  be a protocol calling subprotocol , trying to perform   If     - s.r.   and    -s.r.   then  (      ) -s.r.  . Proof: Universal composable security definition  secure basic composition  IN OUT E z  

19    -s.r.   Pr(z=0 |  )Pr(z=0 |   ) differ by    Universal composable security definition  secure basic composition Let  be a protocol calling subprotocol , trying to perform   If     - s.r.   and    -s.r.   then  (      ) -s.r.  . Proof:  IN OUT E z   EE  z  S(  ) E  EE

20 Pr(z=0 |  )Pr(z=0 |   ) Pr(z=0 |   )     -s.r.   differ by    Universal composable security definition  secure basic composition Let  be a protocol calling subprotocol , trying to perform   If     - s.r.   and    -s.r.   then  (      ) -s.r.  . Proof:  IN OUT E z      -s.r.   differ by     IN OUT z  S(  ) E  E    IN OUT z S(  ) S(    ) E  E  

21 S(    ) Pr(z=0 |  )Pr(z=0 |   ) Pr(z=0 |   )     -s.r.   differ by    Universal composable security definition  secure basic composition Let  be a protocol calling subprotocol , trying to perform   If     - s.r.   and    -s.r.   then  (      ) -s.r.  . Proof:  IN OUT E z      -s.r.   differ by     IN OUT z E  S(  ) S(  ) differ by     

22               Universal composability theorem : recursive basic composition Apply above to replace  i one by one from bottom to top. Universal composable security definition implies security of basic composition :  If     - s.r.   and    -s.r.   then  (      ) -s.r.  .   -s.r.   if  E (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  .

23               Universal composable security definition implies security of basic composition : If     - s.r.   and    -s.r.   then  (      ) -s.r.  .   -s.r.   if  E (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  . Universal composability theorem : recursive basic composition Apply above to replace  i one by one from bottom to top.

24            Universal composable security definition implies security of basic composition : If     - s.r.   and    -s.r.   then  (      ) -s.r.  .   -s.r.   if  E (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  . Universal composability theorem : recursive basic composition Apply above to replace  i one by one from bottom to top.

25            Universal composable security definition implies security of basic composition : If     - s.r.   and    -s.r.   then  (      ) -s.r.  .   -s.r.   if  E (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  . Universal composability theorem : recursive basic composition Apply above to replace  i one by one from bottom to top.

26          Universal composable security definition implies security of basic composition : If     - s.r.   and    -s.r.   then  (      ) -s.r.  .   -s.r.   if  E (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  . Universal composability theorem : recursive basic composition Apply above to replace  i one by one from bottom to top.

27 Universal composable security definition:   -s.r.   if  Env (applications  adversaries)  S(  ) s.t. | Pr( z=0 |  ) – Pr( z=0 |    S(  ) ) |  .  is secure if (i) each subprotocol satisfies universal composable security definition (ii) proper modular structure (e.g. tree) Universal composability theorem:       Punchlines

28 Application 1 : composability of QKD 1. Composable security definition for QKD 2. Relation between composable & usual security definition 3. Sufficient conditions for composable security defintion for QKD 2 & 3  QKD is composable 4. Corollary: slow key degradation in repeated QKD In the talk: privacy & uniformity condition only, omit equality condition. (See paper for full treatment.) Michael Ben-Or, Michal Horedecki, L, Dominic Mayers, Jonathan Oppenheim 02 Renner & Konig 04 : alternative proof for composability of QKD by showing composability of quantum privacy amplication Also : Christandl, Renner, & Ekert 04

29 Application 1: Composability of QKD (security of   ) Auth:  Ideal auth:   QKD:  Ideal KD :   QKD QKD   k,m E Eve z kk  QKD:   where   = composable authentication (e.g. Wegman-Carter 81)   s.r   if  is composable (thus consider the latter) Input : none Output : key k, key length m (random variable, m=0 means “fail” or “abort”) Best application for E : just accept k Adversary: Eve (who gets  k )

30 k,m Application 1: Composability of QKD (security of   ) Auth:  Ideal auth:   QKD:  Ideal KD :   QKD QKD   Ideal KD :   k,m E Eve zz kk  m Ideal KD: Contains a “perfect-key-generating-box” PKGB An adversary inputs “m” and an m-bit key k will be distributed. S(   ) : “Fake” QKD that interacts with Eve From fake QKD: discards key k’ & takes m & puts in PKGB in   Eve  k’  E  QKD k ’ S(   )

31 k,m Application 1: Composability of QKD (security of   ) Auth:  Ideal auth:   QKD:  Ideal KD :   QKD QKD   Ideal KD :   k”,m E Eve zz  k”  m Eve  k’  E  QKD k ’ S(   )  QKD =  m p m  m  m   m  m  k”:|k”|=m p k|m  k”  k”   k”    =  m p m  m  m    m   m =  k:|k|=m 2  m  k  k  tr 1  m QKD   -s.r.   if | Pr( z=0 |   ) – Pr( z=0 |   ) |  ||  QKD     || tr =  m p m ||  m    m || tr    E ’s state: composable security condition key & Eve’s state correlated key & Eve’s state uncorrelated

32 Application 1: Composability of QKD (security of   ) Auth:  Ideal auth:   QKD:  Ideal KD :    m  k:|k|=m p k|m  k  k   k   m =  k:|k|=m 2  m  k  k  tr 1  m QKD   -s.r.   if  m p m ||  m    m || tr    Sufficient conditions for composable security: 1. Usual security If  m p m  (K E :K | M=m)  , then,    (2 max(m)+2  )  2. Small Holevo info of Eve Let E m = {p k|m,  k } k:|k|=m If  m p m  ( E m )  , then,    (2 ln2  )  3. High singlet fidelity (if proof by EPP) Let  m be state of Alice & Bob,   m m-singlet state If  m p m F(  m,   m )  1 , then,      (assuming uniformity : p k|m  2  m ) Security : correlation indistinguishable from none equality + uniformity

33 QKD does provide a key that can be safely used in quantum / classical applications designed to use a perfect key !!! Bounds for Eve’s Holevo info or singlet fidelity may be tighter in the context of composability, compared to those for mutual info Proofs for sufficient conditions are relations between corelation measures Punchlines

34 QKD relies on authentication, auth use a small key Corollary : key degradation in repeated QKD Alice Bob Eve kBkB kAkA k ’Bk ’B k ’Ak ’A  consumed

35    ...         In particular, if     -s.r.       -s.r.   n rounds of repeated QKD is n(     ) secure Authentication  Ideal authentication:   QKD  Ideal key distribution:   Composable security of auth (using perfect key) known Composable security of QKD (using perfect auth) to be proved   Corollary : key degradation in repeated QKD

36 Composability of “Quantum Auth + key recycling” Patrick Hayden, L, Dominic Mayers 04 Oppenheim & Horodecki 03 : proof for secure key recycling via bounds on information theoretic quantities

37 Q enc : Ambainis, deWolf, Mosca, Tapp 00, Boykin, Roychowdhury 00, Hayden, L, Shor, Winter 03 Quantum encryption (Q enc ) UkUk Uk†Uk†  Encrypting quantum comm with classical key k. ,  k p k (U k  U k † ) =  m Key requirement : for m-qubit message 2m key bits if  entangled or exact encryption m+o(m) key bits if  pure & approx encryption

38 Quantum message authentication (QA) EkEk  QA : Barnum, Crepeau, Gottesman, Smith, Tapp 02 Authenticate quantum comm with classical key : Pr( pass &  ’ ) small pass / fail ’’ Dk†Dk† High fidelity between  &  ’ or the corresponding joint states if  entangled.

39 Result : QA  “key reuse if auth test passes (w/o privacy amplification)” is secure Eavesdropping a quantum state disturbs it. 1. QA always requires Q enc (BCGST 02) Can we eliminate this cost? 2. Add QA to Q enc, passing the auth test suggests no eavesdropping Can we recycle the key ? Prob(authentication passes and eavesdropped) negligible. Key recycling : intuitive (BBBW82) & obvious ? Hard to analyze joint attacks over different uses of the key. 2 interpretations of key recycling in QA specific scheme in BCGST02 Main ideas: 1. Redefine BCGST02 as BCGST02+KD 2. Show BCGST02+KD composable (exploiting special structures of BCGST02)

40 Composability of “BCGST02+KD” 1. Review BCGST02 2. “Equate” BCGST02 & TQA (auth by teleportation) 3. Prove composability of TQA+KD = composability of “ebits” For same token: 1. BCGST02’ for pure states using approx encryption for half the price. 2. Quantum composability of Wegman-Carter scheme

41 Scenario for BCGST02 Alice & Bob has : 1. Classical key 2. Insecure quantum channel 3. Forward classical channel (Alice → Bob) (WLOG authenticated) 4. No back comm (non interactive, e.g. quantum storage) We use 1 bit of back comm for key recycling – to tell Alice if auth passes. Still applies to quantum storage & not too interactive.

42 Shared keys x, z, y, t xxzzxxzz xx zz eyey CtCt D t,y zz xx xxzz’xxzz’ BCGST02: review pass/fail  time ═ bits | qubits insecure quantum channel if pass Alice Bob m-qubit message m-bit keys Q enc C t : q. code encoding m in (m+s) qubits e y : added syndrome t,y : s-bit key, s<<m Decode C t & meas syndrome y ’ Output : if y ≠ y ’, fail   0  0  else, pass  decrypted state Purity test (PT)  out =  ’   pass  pass   0  0    fail  fail 

43 Shared keys x, z, y, t xxzzxxzz xx zz eyey CtCt D t,y zz xx xxzz’xxzz’ BCGST02: review pass/fail  time ═ bits | qubits insecure quantum channel if pass Alice Bob m-qubit message m-bit keys Q enc C t : q. code encoding m in (m+s) qubits e y : added syndrome t,y : s-bit key, s<<m Decode C t & meas syndrome y ’ Output : if y ≠ y ’, fail   0  0  else, pass  decrypted state Purity test (PT)  out =  ’   pass  pass   0  0    fail  fail 

44 xxzzxxzz xx zz zz xx xxzz’xxzz’ pass/fail insecure q. channel + PT PT if pass Alice Bob if fail, Bob outputs nothing m-qubit message m-bit keys  out =  ’   pass  pass   0  0    fail  fail  Security (pure  for simplicity): Tr [  out  (   pass  pass  fail  fail  ) ]  ,  = 2 -(s-1) (m+s) / s. Shared keys x, z, y, t BCGST02: review

45 Teleportation BBCJPW 93  Alice  Bell k kk Bob   k  k kk kk Q enc   k  k

46 xxzzxxzz xx zz zz xx xxzz’xxzz’ pass/fail PT if pass Alice Bob if fail, Bob outputs nothing Shared keys x, z, y, t BCGST02: review

47 Reduction to teleportation with imperfect EPR pairs   TQA : zz xx xxzz’xxzz’ pass/fail PT if pass H Alice Bob Env sees no difference between BCGST02 & TQA   Bell x z same state Teleportation Perfect classical channel Alice’s local xxzzxxzz xx zz zz xx xxzz’xxzz’ pass/fail PT if pass Alice Bob if fail, Bob outputs nothing BCGST02: PT only makes max ent state.

48   TQA : zz xx xxzz’xxzz’ pass/fail PT if pass H Alice Bob   Bell x z Teleportation Perfect channel PT only makes max ent state. Reduction to teleportation with imperfect EPR pairs TQA  KD   CC  p p  ’  xz  xz   pass + p f  0  0   fail PT KD  Telep+KD  E QA   KD  TQA’  CC  p p  xz  xz   pass + p f  0  0   fail EPR KD  Telep+KD  E pass/fail S z z

49 Pr( z=0|BCGST02) = Pr( z=0|TQA) and | Pr( z=0|TQA)  Pr( z=0|QA  +KD  ) |  | Pr( z=0|PT)  Pr( z=0|EPR) |   1/4 Compos of PT

50 PT Composability of PT EPR from PT Ideal EPR :  pass/fail E  zz  PT = p acc  ABE  acc + p rej  0  0  AB  E  fail Tr [ P tr E (  PT ) ]   for P =  AB  acc +  AB  fail pass/fail E  PT  S  EPR = p acc  AB  E  acc + p rej  0  0  AB  E  fail | Pr( z=0|PT)  Pr( z=0|EPR) |  Tr|  PT  EPR |   1/4

51 Bonus materials: Lower bounds for QA & pure state authentication Q enc : ,  k p k (U k  U k † ) =  m key size  2m bits (Ambainis,deWolf, Mosca,Tapp 00 Boykin, Roychowdhury 00) APQ enc :  || (1/n) Σ k U k  U k †   m || tr ≤ ε key size  m + o(m) bits (Hayden, L, Shor, Winter 03) APQ enc  Remote state preparation ┊┊ Q enc  Teleportation Approx Pure state Can we replace Q enc in BCGST02 by APQ enc securely?

52 Teleportation kk k communicated to Bob after encoding Encryption   Bell k  encode Bob’s state as a random  k   kk k shared in advance k k Switching the communicated & the pre-shared communication cost in teleportation key size in encryption

53 Teleportation k communicated to Bob after encoding Encryption   Bell k  encode Bob’s state as a random  k  k shared in advance k k approx pure state UkUk  UkUk n qubits APQ enc :  || (1/n) Σ k U k  U k †   m || tr ≤ ε key size  m + o(m) bits (Hayden, L, Shor, Winter 03) Approx Pure state

54 Bennett, Hayden, L, Shor, Winter 03 Transmits n-qubit pure state known to Alice using n+o(n) cbits comm UkUk k = communication Encryption  encode Bob’s state as a random U k   UkUk k = key k k n qubits EE nonoblivious pure state Lo 99 k  approx pure state Remote State Preparation

55 Pure state authentication: reduction to RSP with imperfect EPR pairs  “  ” RSP QA : kk’kk’ pass/fail PT if pass H Alice Bob Env sees little differences  MM k approx same state RSP Perfect channel Alice’s local kkkk UkUk kk’kk’ pass/fail PT if pass Alice Bob if fail, Bob outputs nothing BCGST02 PURE,KNOWN : UkyUky UkyUky “ ” 

56 Conclusion Composability – gives a prescription for organizing our security proofs into components, each simple and well-defined. To achieve composable security, we find out what will make the proof work – it is a systematic method to select secure variations. QKD & BCGST02 work better than we thought. How do the difficulties disappear?

Download ppt "Application of quantum universal composability theorem 1. Motivation : e.g. is QKD secure? 2. Tool : universal composability 3. Application 1: composability."

Similar presentations

Quantum t-designs: t-wise independence in the quantum world Andris Ambainis, Joseph Emerson IQC, University of Waterloo.

Quantum t-designs: t-wise independence in the quantum world Andris Ambainis, Joseph Emerson IQC, University of Waterloo.
Detection of Algebraic Manipulation with Applications to Robust Secret Sharing and Fuzzy Extractors Ronald Cramer, Yevgeniy Dodis, Serge Fehr, Carles Padro,

Detection of Algebraic Manipulation with Applications to Robust Secret Sharing and Fuzzy Extractors Ronald Cramer, Yevgeniy Dodis, Serge Fehr, Carles Padro,
Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.
I NFORMATION CAUSALITY AND ITS TESTS FOR QUANTUM COMMUNICATIONS I- Ching Yu Host : Prof. Chi-Yee Cheung Collaborators: Prof. Feng-Li Lin (NTNU) Prof. Li-Yi.

I NFORMATION CAUSALITY AND ITS TESTS FOR QUANTUM COMMUNICATIONS I- Ching Yu Host : Prof. Chi-Yee Cheung Collaborators: Prof. Feng-Li Lin (NTNU) Prof. Li-Yi.
Christian Schaffner CWI Amsterdam, Netherlands Position-Based Quantum Cryptography: Impossibility and Constructions Seminar Eindhoven, Netherlands Wednesday,

Christian Schaffner CWI Amsterdam, Netherlands Position-Based Quantum Cryptography: Impossibility and Constructions Seminar Eindhoven, Netherlands Wednesday,
1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.

1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.
Quantum Cryptography ( EECS 598 Presentation) by Amit Marathe.

Quantum Cryptography ( EECS 598 Presentation) by Amit Marathe.
Foundations of Cryptography Lecture 5 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 5 Lecturer: Moni Naor.
Erasing correlations, destroying entanglement and other new challenges for quantum information theory Aram Harrow, Bristol Peter Shor, MIT quant-ph/0511219.

Erasing correlations, destroying entanglement and other new challenges for quantum information theory Aram Harrow, Bristol Peter Shor, MIT quant-ph/
Eran Omri, Bar-Ilan University Joint work with Amos Beimel and Ilan Orlov, BGU Ilan Orlov…!??!!

Eran Omri, Bar-Ilan University Joint work with Amos Beimel and Ilan Orlov, BGU Ilan Orlov…!??!!
NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.

NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.
Quantum information as high-dimensional geometry Patrick Hayden McGill University Perspectives in High Dimensions, Cleveland, August 2010.

Quantum information as high-dimensional geometry Patrick Hayden McGill University Perspectives in High Dimensions, Cleveland, August 2010.
Short course on quantum computing Andris Ambainis University of Latvia.

Short course on quantum computing Andris Ambainis University of Latvia.
Classical capacities of bidirectional channels Charles Bennett, IBM Aram Harrow, MIT/IBM, Debbie Leung, MSRI/IBM John Smolin,

Classical capacities of bidirectional channels Charles Bennett, IBM Aram Harrow, MIT/IBM, Debbie Leung, MSRI/IBM John Smolin,
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.

Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.

Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Quantum Key Distribution Yet another method of generating a key.

Quantum Key Distribution Yet another method of generating a key.
Superdense coding. How much classical information in n qubits? Observe that 2 n  1 complex numbers apparently needed to describe an arbitrary n -qubit.

Superdense coding. How much classical information in n qubits? Observe that 2 n  1 complex numbers apparently needed to describe an arbitrary n -qubit.
Universal Composability with Documented Ideal Protocols Dominic Mayers Caltech, USA.

Universal Composability with Documented Ideal Protocols Dominic Mayers Caltech, USA.

Similar presentations

Ads by Google