Quantum to Classical Randomness Extractors

Similar documents
Classical and Quantum Channel Simulations

Quantum Technologies for Cryptography

Quantum Bilinear Optimisation

Entropy Accumulation in Device-independent Protocols

Transmitting and Hiding Quantum Information

Quantum rate distortion, reverse Shannon theorems, and source-channel separation

ACENTRAL goal of information theory is the (quantitative)

ASPECIAL case of the general key agreement scenario defined

Converse bounds for private communication over quantum channels

Tutorial: Device-independent random number generation. Roger Colbeck University of York

Information-theoretic Secrecy A Cryptographic Perspective

Introduction to Quantum Key Distribution

Quantum Information Theory and Cryptography

Practical quantum-key. key- distribution post-processing

Minentropy and its Variations for Cryptography

Uncertainty relations for multiple measurements with applications

arxiv:quant-ph/ v2 11 Jan 2006

Entropy in Classical and Quantum Information Theory

arxiv:quant-ph/ v2 11 Jan 2006

A semi-device-independent framework based on natural physical assumptions

Quantum Key Distribution. The Starting Point

Lecture 2: Quantum bit commitment and authentication

Asymptotic Analysis of a Three State Quantum Cryptographic Protocol

Quantum Error Correcting Codes and Quantum Cryptography. Peter Shor M.I.T. Cambridge, MA 02139

Privacy Amplification in the Isolated Qubits Model

A Lower Bound on the Key Length of Information-Theoretic Forward-Secure Storage Schemes

Cryptography CS 555. Topic 25: Quantum Crpytography. CS555 Topic 25 1

Strong converse theorems using Rényi entropies

Entropic Formulation of Heisenberg s Measurement-Disturbance Relation

Multivariate trace inequalities. David Sutter, Mario Berta, Marco Tomamichel

Belief propagation decoding of quantum channels by passing quantum messages

A Genetic Algorithm to Analyze the Security of Quantum Cryptographic Protocols

Efficient achievability for quantum protocols using decoupling theorems

On Composite Quantum Hypothesis Testing

Randomness Extraction via δ-biased Masking in the Presence of a Quantum Attacker

arxiv: v2 [quant-ph] 17 Nov 2016

Security Issues Associated With Error Correction And Privacy Amplification In Quantum Key Distribution

Optimal bounds for quantum bit commitment

Ping Pong Protocol & Auto-compensation

Quantum Hadamard channels (II)

Device Independent Randomness Extraction for Arbitrarily Weak Min-Entropy Source

Contents. ID Quantique SA Tel: Chemin de la Marbrerie 3 Fax : Carouge

Lecture 3: Randomness in Computation

Quantum Sphere-Packing Bounds and Moderate Deviation Analysis for Classical-Quantum Channels

Non-Malleable Extractors with Shorter Seeds and Their Applications

EXPONENTIAL SEPARATION FOR ONE-WAY QUANTUM COMMUNICATION COMPLEXITY, WITH APPLICATIONS TO CRYPTOGRAPHY

Extractors and the Leftover Hash Lemma

On Perfect and Adaptive Security in Exposure-Resilient Cryptography. Yevgeniy Dodis, New York University Amit Sahai, Princeton Adam Smith, MIT

Verification of quantum computation

Lecture 18: Quantum Information Theory and Holevo s Bound

BOSTON UNIVERSITY GRADUATE SCHOOL OF ARTS AND SCIENCES AN IMPROVED ROBUST FUZZY EXTRACTOR

Noisy Diffie-Hellman protocols

Statistical Security Conditions for Two-Party Secure Function Evaluation

Bound Information: The Classical Analog to Bound Quantum Entanglement

Efficient Protocols Achieving the Commitment Capacity of Noisy Correlations

Separating Sources for Encryption and Secret Sharing

Quantum Supremacy and its Applications

Security of Quantum Key Distribution with Imperfect Devices

Cryptography In the Bounded Quantum-Storage Model

Security Implications of Quantum Technologies

Secure Identification and QKD in the Bounded-Quantum-Storage Model

Simple extractors via crypto pseudo-random generators

How many rounds can Random Selection handle?

Lecture 3: Lower bound on statistically secure encryption, extractors

Quantum Correlations as Necessary Precondition for Secure Communication

Cryptography: The Landscape, Fundamental Primitives, and Security. David Brumley Carnegie Mellon University

Lecture 21: Quantum communication complexity

T Cryptography: Special Topics. February 24 th, Fuzzy Extractors: Generating Strong Keys From Noisy Data.

Realization of B92 QKD protocol using id3100 Clavis 2 system

Uniformly Additive Entropic Formulas

Information-theoretic treatment of tripartite systems and quantum channels. Patrick Coles Carnegie Mellon University Pittsburgh, PA USA

arxiv:quant-ph/ v1 13 Jan 2003

COS598D Lecture 3 Pseudorandom generators from one-way functions

Bit-Commitment and Coin Flipping in a Device-Independent Setting

Device-independent Quantum Key Distribution and Randomness Generation. Stefano Pironio Université Libre de Bruxelles

On the Security of Hash Functions Employing Blockcipher Post-processing

Fundamental rate-loss tradeoff for optical quantum key distribution

Challenges in Quantum Information Science. Umesh V. Vazirani U. C. Berkeley

Constant-Round Oblivious Transfer in the Bounded Storage Model

The Complexity of the Matroid-Greedoid Partition Problem

Why is Deep Random suitable for cryptology

Chapter 2 : Perfectly-Secret Encryption

Untrusted quantum devices. Yaoyun Shi University of Michigan updated Feb. 1, 2014

arxiv: v2 [quant-ph] 17 Feb 2015

Randomness in nonlocal games between mistrustful players

arxiv: v1 [quant-ph] 3 Jan 2008

9. Distance measures. 9.1 Classical information measures. Head Tail. How similar/close are two probability distributions? Trace distance.

A Hierarchy of Information Quantities for Finite Block Length Analysis of Quantum Tasks

Secret Sharing CPT, Version 3

Fang Song. Joint work with Sean Hallgren and Adam Smith. Computer Science and Engineering Penn State University

Sending Quantum Information with Zero Capacity Channels

Inaccessible Entropy and its Applications. 1 Review: Psedorandom Generators from One-Way Functions

Outline. Computer Science 418. Number of Keys in the Sum. More on Perfect Secrecy, One-Time Pad, Entropy. Mike Jacobson. Week 3

1 Cryptographic hash functions

Near-Optimal Secret Sharing and Error Correcting Codes in AC 0

Single-shot security for one-time memories in the isolated qubits model

Exponential separation for one-way quantum communication complexity, with applications to cryptography

An Introduction to Quantum Computation and Quantum Information

Lecture Notes. Quantum Cryptography Week 4: From imperfect information to (near) perfect security

Shift Cipher. For 0 i 25, the ith plaintext character is. E.g. k = 3

Transcription:

Quantum to Classical Randomness Extractors Mario Berta, Omar Fawzi, Stephanie Wehner - Full version preprint available at arxiv: 1111.2026v3 08/23/2012 - CRYPTO University of California, Santa Barbara

Outline (Classical to Classical) Randomness Extractors

Outline (Classical to Classical) Randomness Extractors Main Contribution: Quantum to Classical Randomness Extractors

Outline (Classical to Classical) Randomness Extractors Main Contribution: Quantum to Classical Randomness Extractors Application: Security in the oisy-storage Model

Outline (Classical to Classical) Randomness Extractors Main Contribution: Quantum to Classical Randomness Extractors Application: Security in the oisy-storage Model Entropic Uncertainty Relations with Quantum Side Information

Outline (Classical to Classical) Randomness Extractors Main Contribution: Quantum to Classical Randomness Extractors Application: Security in the oisy-storage Model Entropic Uncertainty Relations with Quantum Side Information Conclusions / Open Problems

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q Ex: Pr[ 1 = 0] = 1 2 + 1, Pr[ 2 = 0] = 1 2 + 2,...

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q Ex: Pr[ 1 = 0] = 1 2 + 1, Pr[ 2 = 0] = 1 2 + 2,... Function: f( = 1,..., q )=M

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q Ex: Pr[ 1 = 0] = 1 2 + 1, Pr[ 2 = 0] = 1 2 + 2,... Function: f( = 1,..., q )=M Ex: Pr[ i = 0] = 2 3 Pr[ i = 1] = 1 3 M = f( 1 2 3 )= 1 + 2 + 3 mod 2 Pr[M = 0] 0.52

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q Ex: Pr[ 1 = 0] = 1 2 + 1, Pr[ 2 = 0] = 1 2 + 2,... Function: f( = 1,..., q )=M Ex: Pr[ i = 0] = 2 3 Pr[ i = 1] = 1 3 M = f( 1 2 3 )= 1 + 2 + 3 mod 2 Pr[M = 0] 0.52 Only minimal guarantee about the randomness of the source, high minentropy: H min () P = log max. n P (n) = log p guess () P

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q Ex: Pr[ 1 = 0] = 1 2 + 1, Pr[ 2 = 0] = 1 2 + 2,... Function: f( = 1,..., q )=M Ex: Pr[ i = 0] = 2 3 Pr[ i = 1] = 1 3 M = f( 1 2 3 )= 1 + 2 + 3 mod 2 Pr[M = 0] 0.52 Only minimal guarantee about the randomness of the source, high minentropy: H min () P = log max. n P (n) = log p guess () P ot possible to obtain randomness using a deterministic function, invest a small amount of perfect randomness: f Seed M = f ()

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q Ex: Pr[ 1 = 0] = 1 2 + 1, Pr[ 2 = 0] = 1 2 + 2,... Function: f( = 1,..., q )=M Ex: Pr[ i = 0] = 2 3 Pr[ i = 1] = 1 3 M = f( 1 2 3 )= 1 + 2 + 3 mod 2 Pr[M = 0] 0.52 Only minimal guarantee about the randomness of the source, high minentropy: H min () P = log max. n P (n) = log p guess () P ot possible to obtain randomness using a deterministic function, invest a small amount of perfect randomness: f Seed Lost randomness? Strong extractors: (M,) are jointly uniform. M = f ()

Classical to Classical (CC)-Randomness Extractors (I) Given an (unknown) weak source of classical randomness, how to convert it into uniformly random bits? Source = 1, 2,..., q Ex: Pr[ 1 = 0] = 1 2 + 1, Pr[ 2 = 0] = 1 2 + 2,... Function: f( = 1,..., q )=M Ex: Pr[ i = 0] = 2 3 Pr[ i = 1] = 1 3 M = f( 1 2 3 )= 1 + 2 + 3 mod 2 Pr[M = 0] 0.52 Only minimal guarantee about the randomness of the source, high minentropy: H min () P = log max. n P (n) = log p guess () P ot possible to obtain randomness using a deterministic function, invest a small amount of perfect randomness: f Seed Lost randomness? Strong extractors: (M,) are jointly uniform. Applications in information theory, cryptography and computational complexity theory [1,2]. M = f () [1] isan and Zuckerman, JCSS 52:43, 1996 [2] Vadhan, http://people.seas.harvard.edu/~salil/pseudorandomness/

Classical to Classical (CC)-Randomness Extractors (II) eal with prior knowledge (trivial for classical side information [3]), in general problematic for quantum side information [4]! Source described by classical-quantum (cq)- state: E = X n p n nihn n E. [3] König and Terhal, IEEE TIT 54:749, 2008 [4] Gavinsky et al., STOC, 2007

Classical to Classical (CC)-Randomness Extractors (II) eal with prior knowledge (trivial for classical side information [3]), in general problematic for quantum side information [4]! Source described by classical-quantum (cq)- state: E = X n p n nihn n E. f Mix iscard M E E k ME E = X n id p n nihn n E id M M Ek 1 apple " kxk 1 =tr[ p X X] [3] König and Terhal, IEEE TIT 54:749, 2008 [4] Gavinsky et al., STOC, 2007

Classical to Classical (CC)-Randomness Extractors (II) eal with prior knowledge (trivial for classical side information [3]), in general problematic for quantum side information [4]! Source described by classical-quantum (cq)- state: E = X n p n nihn n E. f Mix iscard M E E k ME E = X n id p n nihn n E id M M Ek 1 apple " kxk 1 =tr[ p X X] Guarantee about conditional min-entropy of the source: H min ( E) = log p guess ( E). [3] König and Terhal, IEEE TIT 54:749, 2008 [4] Gavinsky et al., STOC, 2007

Classical to Classical (CC)-Randomness Extractors (II) eal with prior knowledge (trivial for classical side information [3]), in general problematic for quantum side information [4]! Source described by classical-quantum (cq)- state: E = X n p n nihn n E. f Mix iscard M E E k ME E = X n id p n nihn n E id M M Ek 1 apple " kxk 1 =tr[ p X X] Guarantee about conditional min-entropy of the source: H min ( E) = log p guess ( E). Ex: Two-universal hashing / privacy amplification [5]. For all cq-states E with, we have for M =2 k " 2. id M H min ( E) k k ME M Ek 1 apple " Strong (k, ") extractor (against quantum side information), = O(). [3] König and Terhal, IEEE TIT 54:749, 2008 [4] Gavinsky et al., STOC, 2007 [5] Renner, Ph Thesis, ETHZ, 2005

Quantum to Classical (QC)-Randomness Extractors - efinition (I) Motivation: How to get weak randomness at first? How much randomness can be gained from a quantum source?

Quantum to Classical (QC)-Randomness Extractors - efinition (I) Motivation: How to get weak randomness at first? How much randomness can be gained from a quantum source? E E Measure M Mix id M Measurement iscard k ME id M M Ek 1 apple " M E

Quantum to Classical (QC)-Randomness Extractors - efinition (I) Motivation: How to get weak randomness at first? How much randomness can be gained from a quantum source? E E Measure M Mix id M Measurement iscard k ME id M M Ek 1 apple " M E Idea: Same setup as in the classical case (no control of the source)! Only guarantee about the conditional min-entropy [6]: X H min ( E) = log max E! 0 F ( 0, (id E! 0)( E )) i 0 = 1 p n=1 F (, )=k p p k 2 1 ni ni 0 [6] König et al., IEEE TIT 55:4674, 2009

Quantum to Classical (QC)-Randomness Extractors - efinition (I) Motivation: How to get weak randomness at first? How much randomness can be gained from a quantum source? E E Measure M Mix id M Measurement iscard k ME id M M Ek 1 apple " M E Idea: Same setup as in the classical case (no control of the source)! Only guarantee about the conditional min-entropy [6]: X H min ( E) = log max E! 0 F ( 0, (id E! 0)( E )) i 0 = 1 p Can get negative for entangled input states, in fact for MES: H min ( E) = log. [6] König et al., IEEE TIT 55:4674, 2009 n=1 F (, )=k p p k 2 1 ni ni 0

Quantum to Classical (QC)-Randomness Extractors - efinition (II) Mix Meas. (M, \M ) isc. M

Quantum to Classical (QC)-Randomness Extractors - efinition (II) Mix Meas. (M, \M ) isc. M U d!m (.) = X m2m,j2 \M hmj (.) mji mihm M

Quantum to Classical (QC)-Randomness Extractors - efinition (II) Mix Meas. (M, \M ) isc. M U d!m (.) = X m2m,j2 \M hmj (.) mji mihm M efinition: A set of unitaries {U 1,...,U } defines a strong (k, ") qc-extractor (against quantum side information) if for any state E with H min ( E) k, k 1 X!M (U i E U i ) iihi i=1 id M M Ek 1 apple ".

Quantum to Classical (QC)-Randomness Extractors - efinition (II) Mix Meas. (M, \M ) isc. M U d!m (.) = X m2m,j2 \M hmj (.) mji mihm M efinition: A set of unitaries {U 1,...,U } defines a strong (k, ") qc-extractor (against quantum side information) if for any state E with H min ( E) k, k 1 X!M (U i E U i ) iihi i=1 id M M Ek 1 apple ". Without side information, this corresponds to -metric uncertainty relations [7]. " [7] Fawzi et al., STOC, 2011

Quantum to Classical (QC)-Randomness Extractors - efinition (II) Mix Meas. (M, \M ) isc. M U d!m (.) = X m2m,j2 \M hmj (.) mji mihm M efinition: A set of unitaries {U 1,...,U } defines a strong (k, ") qc-extractor (against quantum side information) if for any state E with H min ( E) k, k 1 X!M (U i E U i ) iihi i=1 Without side information, this corresponds to -metric uncertainty relations [7]. Fully quantum versions of this: decoupling theorems (quantum coding theory) [8], quantum state randomization [9], quantum extractors [10]: quantum to quantum (qq)-randomness extractors! id M M Ek 1 apple ". " M [7] Fawzi et al., STOC, 2011 [8] upuis, Ph Thesis, McGill, 2009 [9] Hayden et al., CMP 250:371, 2004 [10] Ben-Aroya et al., TOC 6:47, 2010

Quantum to Classical (QC)-Randomness Extractors - Parameters Mix Meas. (M, \M ) isc. M U i Probabilistic construction (random unitaries).

Quantum to Classical (QC)-Randomness Extractors - Parameters Mix Meas. (M, \M ) isc. M U i Output size: M =min{, 2 k 4 } Seed size: = M log " 4 Probabilistic construction (random unitaries).

Quantum to Classical (QC)-Randomness Extractors - Parameters Mix Meas. (M, \M ) isc. M U i Output size: M =min{, 2 k 4 } Seed size: = M log " 4 Converse bounds. Probabilistic construction (random unitaries).

Quantum to Classical (QC)-Randomness Extractors - Parameters Mix Meas. (M, \M ) isc. M U i Output size: M =min{, 2 k 4 } Seed size: = M log " 4 Converse bounds. Probabilistic construction (random unitaries). Output size:, where (smooth entropies [5,11]). Seed size: " 1 M apple 2 k " 2 k " = H min( E) " = max H min( E) 2B " ( ) [5] Renner, Ph Thesis, ETHZ, 2005 [11] Tomamichel, Ph Thesis ETHZ, 2012

Quantum to Classical (QC)-Randomness Extractors - Parameters Mix Meas. (M, \M ) isc. M U i Output size: M =min{, 2 k 4 } Seed size: = M log " 4 Converse bounds. Probabilistic construction (random unitaries). Output size:, where (smooth entropies [5,11]). Seed size: " 1 M apple 2 k " 2 k " = H min( E) " = max H min( E) 2B " ( ) Huge gap! We know that our proof technique can only yield " 2 min{ 2 k 1,M/4} [12]. [5] Renner, Ph Thesis, ETHZ, 2005 [11] Tomamichel, Ph Thesis ETHZ, 2012 [12] Fawzi, Ph Thesis, McGill, 2012

Quantum to Classical (QC)-Randomness Extractors - Parameters Mix Meas. (M, \M ) isc. M U i Output size: M =min{, 2 k 4 } Seed size: = M log " 4 Converse bounds. Probabilistic construction (random unitaries). Output size:, where (smooth entropies [5,11]). Seed size: " 1 M apple 2 k " 2 k " = H min( E) " = max H min( E) 2B " ( ) Find explicit constructions! Huge gap! We know that our proof technique can only yield " 2 min{ 2 k 1,M/4} [12]. [5] Renner, Ph Thesis, ETHZ, 2005 [11] Tomamichel, Ph Thesis ETHZ, 2012 [12] Fawzi, Ph Thesis, McGill, 2012

Quantum to Classical (QC)-Randomness Extractors - Explicit Constructions Mix Meas. (M, \M ) isc. M U i

Quantum to Classical (QC)-Randomness Extractors - Explicit Constructions Mix Meas. (M, \M ) isc. M U i (Almost) unitary two-designs reproduce second moment of random unitaries [8,13]: M =min{, 2 k 2 } = O( 4 ) [8] upuis, Ph Thesis, McGill, 2009 [13] Szehr et al., arxiv:1109.4348v1

Quantum to Classical (QC)-Randomness Extractors - Explicit Constructions Mix Meas. (M, \M ) isc. M U i (Almost) unitary two-designs reproduce second moment of random unitaries [8,13]: M =min{, 2 k 2 } = O( 4 ) Set of unitaries defined by a full set of mutually unbiased bases together with two-wise independent permutations: M =min{, 2 k 2 } = ( + 1) 2 [8] upuis, Ph Thesis, McGill, 2009 [13] Szehr et al., arxiv:1109.4348v1

Quantum to Classical (QC)-Randomness Extractors - Explicit Constructions Mix Meas. (M, \M ) isc. M U i (Almost) unitary two-designs reproduce second moment of random unitaries [8,13]: M =min{, 2 k 2 } = O( 4 ) Set of unitaries defined by a full set of mutually unbiased bases together with two-wise independent permutations: M =min{, 2 k 2 } = ( + 1) 2 Bitwise qc-extractors! Let =2 n,m =2 m. Set of unitaries defined by a full set of mutually unbiased bases for each qubit, { X, Y, Z} n, together with two-wise independent permutations: M = O( log 3 1 " 4 ) min{1, 2 k } = ( 1) 3 log [8] upuis, Ph Thesis, McGill, 2009 [13] Szehr et al., arxiv:1109.4348v1

Application: Two-Party Cryptography Example: secure function evaluation. x y f f(x,y)

Application: Two-Party Cryptography Example: secure function evaluation.?????? x y f Should not learn y f(x,y) Should not learn x

Application: Two-Party Cryptography Example: secure function evaluation.?????? x y f Should not learn y ot possible to solve without assumptions [17]. f(x,y) Should not learn x [17] Lo, PRA 56:1154, 1997

Application: Two-Party Cryptography Example: secure function evaluation.?????? x y f f(x,y) Should not learn x Should not learn y ot possible to solve without assumptions [17]. Classical assumptions are typically computational assumptions (e.g. factoring is hard). [17] Lo, PRA 56:1154, 1997

Application: Two-Party Cryptography Example: secure function evaluation.?????? x y f Should not learn y ot possible to solve without assumptions [17]. f(x,y) Should not learn x Classical assumptions are typically computational assumptions (e.g. factoring is hard). Physical assumption: bounded quantum storage [18], secure function evaluation becomes possible [19]. [17] Lo, PRA 56:1154, 1997 [18] amgård et al., CRYPTO, 2007 [19] König et al., IEEE TIT 58:1962, 2012

Application: Security in the oisy- Storage Model [20] What the adversary can do: computationally all powerful, unlimited classical storage, actions are instantaneous, BUT noisy (bounded) quantum storage. [20] Wehner et al., PRL 100:220502, 2008

Application: Security in the oisy- Storage Model [20] What the adversary can do: computationally all powerful, unlimited classical storage, actions are instantaneous, BUT noisy (bounded) quantum storage. [20] Wehner et al., PRL 100:220502, 2008

Application: Security in the oisy- Storage Model [20] What the adversary can do: computationally all powerful, unlimited classical storage, actions are instantaneous, BUT noisy (bounded) quantum storage. Basic idea: protocol will have have waiting times, in which noisy storage must be used! [20] Wehner et al., PRL 100:220502, 2008

Application: Security in the oisy- Storage Model [20] What the adversary can do: computationally all powerful, unlimited classical storage, actions are instantaneous, BUT noisy (bounded) quantum storage. Basic idea: protocol will have have waiting times, in which noisy storage must be used! Implement task weak string erasure (sufficient [21]). Using bitwise qc-randomness extractors, we can link security to the entanglement fidelity (quantum capacity) of the noisy quantum storage (improves [19,22])! [20] Wehner et al., PRL 100:220502, 2008 [21] Kilian, STOC, 1998 [19] König et al., IEEE TIT 58:1962, 2012 [22] B. et al., IEEE ISIT, 2012

Entropic Uncertainty Relations with Quantum Side Information Review article [14]. Given a quantum state these relations usually take the form (where H(K ) = 1 X H(K i = i) const(k). i=1 {K 1,...,K } H(.) and a set of measurements denotes e.g. the Shannon entropy): [14] Wehner and Winter., JP 12:025009, 2010

Entropic Uncertainty Relations with Quantum Side Information Review article [14]. Given a quantum state these relations usually take the form (where H(K ) = 1 {K 1,...,K } H(.) and a set of measurements denotes e.g. the Shannon entropy): Idea of [15]: add quantum side information! Start with a bipartite quantum state and a set of measurements {K 1,...,K } on A: H(K E)= 1 here H(A) = tr[ A log A ], the von eumann entropy, and its conditional version H(A B) = H(AB) X H(K i = i) const(k). i=1 X H(K i E = i) const(k)+h(a E), i=1 H(B) (which can get negative for entangled input states!). AE [14] Wehner and Winter., JP 12:025009, 2010 [15] B. et al., P 6:659, 2010

Entropic Uncertainty Relations with Quantum Side Information Review article [14]. Given a quantum state these relations usually take the form (where H(K ) = 1 {K 1,...,K } H(.) and a set of measurements denotes e.g. the Shannon entropy): Idea of [15]: add quantum side information! Start with a bipartite quantum state and a set of measurements {K 1,...,K } on A: H(K E)= 1 here H(A) = tr[ A log A ], the von eumann entropy, and its conditional version H(A B) = H(AB) X H(K i = i) const(k). i=1 X H(K i E = i) const(k)+h(a E), i=1 H(B) (which can get negative for entangled input states!). QC-extractors (against quantum side information) give entropic uncertainty relations with quantum side information! Entropic uncertainty relations with quantum side information together with ccextractors give qc-extractors (against quantum side information) [16]! AE [14] Wehner and Winter., JP 12:025009, 2010 [15] B. et al., P 6:659, 2010 [16] B./Wehner/Coles, unpublished

Conclusions / Open Problems efinition of quantum to classical (qc)-randomness extractors. Probabilistic and explicit constructions as well as converse bounds. Security in the noisy-storage model linked to the quantum capacity. Close relation to entropic uncertainty relations with quantum side information.

Conclusions / Open Problems efinition of quantum to classical (qc)-randomness extractors. Probabilistic and explicit constructions as well as converse bounds. Security in the noisy-storage model linked to the quantum capacity. Close relation to entropic uncertainty relations with quantum side information. Relation between qq-, qc-, and cc-extractors?

Conclusions / Open Problems efinition of quantum to classical (qc)-randomness extractors. Probabilistic and explicit constructions as well as converse bounds. Security in the noisy-storage model linked to the quantum capacity. Close relation to entropic uncertainty relations with quantum side information. Relation between qq-, qc-, and cc-extractors? Seed length:. We believe that at least = polylog() might be possible (cf. cc-extractors against quantum side information [23]). However, our proof technique can only yield " 2 min{ 2 k 1,M/4}[12]. " 1 apple apple M log " 4 [23] Ve et al., arxiv:0912.5514v3 [12] Fawzi, Ph Thesis, McGill, 2012

Conclusions / Open Problems efinition of quantum to classical (qc)-randomness extractors. Probabilistic and explicit constructions as well as converse bounds. Security in the noisy-storage model linked to the quantum capacity. Close relation to entropic uncertainty relations with quantum side information. Relation between qq-, qc-, and cc-extractors? Seed length:. We believe that at least = polylog() might be possible (cf. cc-extractors against quantum side information [23]). However, our proof technique can only yield " 2 min{ 2 k 1,M/4}[12]. " 1 apple apple M log " 4 Bitwise qc-randomness extractor for { X, Z} n (BB84) encoding? Improve bound for { X, Y, Z} n (six-state) encoding for large n? [23] Ve et al., arxiv:0912.5514v3 [12] Fawzi, Ph Thesis, McGill, 2012

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback