Xin Sun,Quanlong Wang,Feifei He

DOI: https://doi.org/10.1007/s10773-020-04604-z

2020-10-06

International Journal of Theoretical Physics

Abstract:Bit commitment is a cryptographic task in which Alice commits a bit to Bob such that she cannot change the value of the bit after her commitment and Bob cannot learn the value of the bit before Alice opens her commitment. In this paper, we propose a quantum bit commitment (QBC) protocol which is arbitrarily concealing and practically binding. Compared to other arbitrarily concealing and practically binding QBC protocols, ours is more efficient. Neither multi-particle entanglement nor long-term quantum memory is used in our protocol, which makes it implementable by the current technology.

physics, multidisciplinary

Yang Wei,Liusheng Huang,Qiyan Wang

2009-01-01

Abstract:Bit commitment is a fundamental primitive in secure multi-party computation. It plays an important role in constructions of more complicated multi-party protocols. A new model of bit commitment named three-party bit commitment is proposed in this paper, in which two provers jointly commit a bit to a verifier. The protocol of three-party bit commitment based on elliptic curve cryptography is also given. The scheme is in purely classical means, without restricted assumptions of the computing power imposed on any participant. Moreover, the scheme is proven to be of unconditional security and be immune to channel eavesdropping. The protocol can also be modified easily to realize bit string commitment scheme.

Dorit Aharonov,Amnon Ta-Shma,Umesh Vazirani,Andrew Yao

DOI: https://doi.org/10.1145/335305.335404

2000-01-01

Abstract:Unconditionally secure bit commitment and coin flipping are known to be impossible in the classical world. Bit commitment is known to be impossible also in the quantum world. We introduce a related new primitive - {\em quantum bit escrow}. In this primitive Alice commits to a bit $b$ to Bob. The commitment is {\em binding} in the sense that if Alice is asked to reveal the bit, Alice can not bias her commitment without having a good probability of being detected cheating. The commitment is {\em sealing} in the sense that if Bob learns information about the encoded bit, then if later on he is asked to prove he was playing honestly, he is detected cheating with a good probability. Rigorously proving the correctness of quantum cryptographic protocols has proved to be a difficult task. We develop techniques to prove quantitative statements about the binding and sealing properties of the quantum bit escrow protocol. A related primitive we construct is a quantum biased coin flipping protocol where no player can control the game, i.e., even an all-powerful cheating player must lose with some constant probability, which stands in sharp contrast to the classical world where such protocols are impossible.

Giacomo Mauro D'Ariano,Dennis Kretschmann,Dirk Schlingemann,Reinhard F. Werner

DOI: https://doi.org/10.1103/PhysRevA.76.032328

2007-10-15

Abstract:Bit commitment protocols whose security is based on the laws of quantum mechanics alone are generally held to be impossible. In this paper we give a strengthened and explicit proof of this result. We extend its scope to a much larger variety of protocols, which may have an arbitrary number of rounds, in which both classical and quantum information is exchanged, and which may include aborts and resets. Moreover, we do not consider the receiver to be bound to a fixed "honest" strategy, so that "anonymous state protocols", which were recently suggested as a possible way to beat the known no-go results are also covered. We show that any concealing protocol allows the sender to find a cheating strategy, which is universal in the sense that it works against any strategy of the receiver. Moreover, if the concealing property holds only approximately, the cheat goes undetected with a high probability, which we explicitly estimate. The proof uses an explicit formalization of general two party protocols, which is applicable to more general situations, and a new estimate about the continuity of the Stinespring dilation of a general quantum channel. The result also provides a natural characterization of protocols that fall outside the standard setting of unlimited available technology, and thus may allow secure bit commitment. We present a new such protocol whose security, perhaps surprisingly, relies on decoherence in the receiver's lab.

Quantum Physics

S. Arash Sheikholeslam,T. Aaron Gulliver

DOI: https://doi.org/10.48550/arXiv.1111.6311

2012-05-11

Abstract:In this paper, we introduce a new quantum bit commitment protocol which is practically secure against entanglement attacks. A general cheating strategy is discussed and shown to be practically ineffective against the proposed approach.

Quantum Physics

T. Lunghi,J. Kaniewski,F. Bussieres,R. Houlmann,M. Tomamichel,A. Kent,N. Gisin,S. Wehner,H. Zbinden

DOI: https://doi.org/10.1103/PhysRevLett.111.180504

2013-07-19

Abstract:Bit commitment is a fundamental cryptographic primitive in which Bob wishes to commit a secret bit to Alice. Perfectly secure bit commitment has been proven impossible through asynchronous exchange of classical and quantum information. Perfect security is however possible by restraining the exchange of classical and quantum information to suitably chosen relativistic constraints. This requires Alice (and Bob) to split into two remote agents performing space-like separated classical communication, and in one agent exchanging quantum bits with the other party. The duration of the commitment is given by the distance between the two remote agents. The original protocol requires the quantum communication to happen at a precise location and time with respect to the classical communication. We show how the protocol can be modified to relax this constraint such that the quantum part of the protocol can be performed at any time before the actual commitment, making it much more practical. Finally, we present an experimental demonstration of this protocol realized with a commercial quantum key distribution system and with synchronized classical agents located in Geneva and Singapore, yielding a commitment time of 15 ms. Our work includes a complete security analysis, accounting for experimental imperfections (multi-photon emission, transmission loss, detector inefficiency and dark counts) and finite statistics.

Quantum Physics

Ephanielle Verbanis,Anthony Martin,Raphaël Houlmann,Gianluca Boso,Félix Bussières,Hugo Zbinden

DOI: https://doi.org/10.1103/PhysRevLett.117.140506

2016-05-24

Abstract:Bit commitment is a fundamental cryptographic primitive in which a party wishes to commit a secret bit to another party. Perfect security between mistrustful parties is unfortunately impossible to achieve through the asynchronous exchange of classical and quantum messages. Perfect security can nonetheless be achieved if each party splits into two agents exchanging classical information at times and locations satisfying strict relativistic constraints. A relativistic multi-round protocol to achieve this was previously proposed and used to implement a 2~millisecond commitment time. Much longer durations were initially thought to be insecure, but recent theoretical progress showed that this is not so. In this letter, we report on the implementation of a 24-hour bit commitment based on timed high-speed optical communication and fast data processing only, with all agents located within the city of Geneva. This duration is more than six orders of magnitude longer than before, and we argue that it could be extended to one year and allow much more flexibility on the locations of the agents. Our implementation offers a practical and viable solution for use in applications such as digital signatures, secure voting and honesty-preserving auctions.

Quantum Physics

Guang-Ping He

DOI: https://doi.org/10.48550/arXiv.quant-ph/0303107

2003-08-16

Abstract:Based on the fact that the entanglement can not be created locally, we proposed a quantum bit commitment protocol, in which entangled states and quantum algorithms is used. The bit is not encoded with the form of the quantum states, and delaying the measurement is required. Therefore the protocol will not be denied by the Mayers-Lo-Chau no-go theorem, and unconditional security is achieved.

Quantum Physics

Horace P. Yuen

DOI: https://doi.org/10.48550/arXiv.1212.0938

2012-12-05

Abstract:This article describes a quantum bit commitment protocol, QBC1, based on entanglement destruction via forced measurements and proves its unconditional security.

Quantum Physics

Adrian Kent

DOI: https://doi.org/10.1103/PhysRevLett.90.237901

2003-06-05

Abstract:A bit string commitment protocol securely commits $N$ classical bits in such a way that the recipient can extract only $M<N$ bits of information about the string. Classical reasoning might suggest that bit string commitment implies bit commitment and hence, given the Mayers-Lo-Chau theorem, that non-relativistic quantum bit string commitment is impossible. Not so: there exist non-relativistic quantum bit string commitment protocols, with security parameters $\epsilon$ and $M$, that allow $A$ to commit $N = N(M, \epsilon)$ bits to $B$ so that $A$'s probability of successfully cheating when revealing any bit and $B$'s probability of extracting more than $N'=N-M$ bits of information about the $N$ bit string before revelation are both less than $\epsilon$. With a slightly weakened but still restrictive definition of security against $A$, $N$ can be taken to be $O(\exp (C N'))$ for a positive constant $C$. I briefly discuss possible applications.

Quantum Physics,Cryptography and Security

B Yu,ZW Zhou,J Li,GC Guo

DOI: https://doi.org/10.1117/12.483024

2002-01-01

Abstract:Although Mayers, Lo and Chau successfully showed that unconditionally secure quantum bit commitment (QBC) is impossible, we present a secure QBC protocol which is quite different from the model used in their proofs. If Alice wants to commit a bit b, she first encodes b into a series of classical bit strings of the same length. The requirement is that the modulo 2 sum of all bits in every bit string equals to b. Then Alice uses quantum one-way function to produce quantum states which are corresponding to the encoded classical bit strings and will be sent to Bob as evidence. The quantum one-way function used here is just that was successfully applied in Gottesman and Chuang's quantum digital signatures. When it comes to the unveilingtime, Alice only sends the bit strings to Bob. Finally, Bob generates quantum states form the bit strings by the same quantum one-way function and uses controlled-swap circuit to check whether the quantum states are identical with the evidence.

Mariana Gama,Paulo Mateus,André Souto

DOI: https://doi.org/10.3390/e22030272

IF: 2.738

2020-02-27

Entropy

Abstract:We propose an entanglement-based quantum bit string commitment protocol whose composability is proven in the random oracle model. This protocol has the additional property of preserving the privacy of the committed message. Even though this property is not resilient against man-in-the-middle attacks, this threat can be circumvented by considering that the parties communicate through an authenticated channel. The protocol remains secure and private (but not composable) if we realize the random oracles as physical unclonable functions (PUFs) in the so-called bad PUF model.

physics, multidisciplinary

Horace P. Yuen

DOI: https://doi.org/10.48550/arXiv.quant-ph/0305143

2004-01-15

Abstract:It is shown how the evidence state space in quantum bit commitment may be made to depend on the bit value 0 or 1 with split entangled pairs. As a consequence, one can obtain a protocol that is perfectly concealing, but is also $\epsilon$-binding because the bit-value dependent evidence space prevents the committing party from cheating by means of a local transformation that is independent of the part of evidence state space that has never been in his possession.

Quantum Physics

R. W. Spekkens,T. Rudolph

DOI: https://doi.org/10.1103/PhysRevA.65.012310

2002-11-14

Abstract:Although it is impossible for a bit commitment protocol to be both arbitrarily concealing and arbitrarily binding, it is possible for it to be both partially concealing and partially binding. This means that Bob cannot, prior to the beginning of the unveiling phase, find out everything about the bit committed, and Alice cannot, through actions taken after the end of the commitment phase, unveil whatever bit she desires. We determine upper bounds on the degrees of concealment and bindingness that can be achieved simultaneously in any bit commitment protocol, although it is unknown whether these can be saturated. We do, however, determine the maxima of these quantities in a restricted class of bit commitment protocols, namely those wherein all the systems that play a role in the commitment phase are supplied by Alice. We show that these maxima can be achieved using a protocol that requires Alice to prepare a pair of systems in an entangled state, submit one of the pair to Bob at the commitment phase, and the other at the unveiling phase. Finally, we determine the form of the trade-off that exists between the degree of concealment and the degree of bindingness given various assumptions about the purity and dimensionality of the states used in the protocol.

Quantum Physics

Yang Liu,Yuan Cao,Marcos Curty,Sheng-Kai Liao,Jian Wang,Ke Cui,Yu-Huai Li,Ze-Hong Lin,Qi-Chao Sun,Dong-Dong Li,Hong-Fei Zhang,Yong Zhao,Teng-Yun Chen,Cheng-Zhi Peng,Qiang Zhang,Adan Cabello,Jian-Wei Pan

DOI: https://doi.org/10.1103/physrevlett.112.010504

IF: 8.6

2014-01-01

Physical Review Letters

Abstract:Quantum physics allows for unconditionally secure communication between parties that trust each other. However, when the parties do not trust each other such as in the bit commitment scenario, quantum physics is not enough to guarantee security unless extra assumptions are made. Unconditionally secure bit commitment only becomes feasible when quantum physics is combined with relativistic causality constraints. Here we experimentally implement a quantum bit commitment protocol with relativistic constraints that offers unconditional security. The commitment is made through quantum measurements in two quantum key distribution systems in which the results are transmitted via free-space optical communication to two agents separated with more than 20 km. The security of the protocol relies on the properties of quantum information and relativity theory. In each run of the experiment, a bit is successfully committed with less than 5.68×10(-2) cheating probability. This demonstrates the experimental feasibility of quantum communication with relativistic constraints.

Chi-Yee Cheung

DOI: https://doi.org/10.48550/arXiv.quant-ph/0603154

2006-03-28

Abstract:Using unstable particles which decay by emitting neutrinos, we propose a quantum bit commitment protocol that is humanly impossible to break. Neutrinos carry away quantum information, but their interaction with matter is so weak that it would take an astronomically-sized machine just to catch them, not to mention performing controlled unitary operations on them. As a result quantum information is lost, and cheating is not possible even if the participants had access to the most powerful quantum computers that could ever be built. Therefore, for all practical purposes, our new protocol is as good as unconditionally secure.

Quantum Physics

Ya-Qi Song,Li Yang

DOI: https://doi.org/10.48550/arXiv.1807.01602

2018-07-03

Abstract:We propose a framework of bit commitment protocol using a comparison scheme and present a compound comparison scheme based on counterfactual cryptography. Finally, we propose a counterfactual quantum bit commitment protocol. In security analysis, we give the proper security parameters for counterfactual quantum bit commitment and prove that intercept attack and intercept/resend attack are ineffective attack for our protocol. In addition, we explain that counterfactual quantum bit commitment protocol cannot be attacked with no-go theorem attack by current technology.

Quantum Physics

Muhammad Nadeem

DOI: https://doi.org/10.48550/arXiv.1504.03316

2015-04-14

Abstract:We propose here a two-round relativistic bit commitment scheme where committer commits in the first round and then confirms his/her commitment in the second round. The scheme offers indefinite commitment time where both committer and receiver extract non-locally correlated measurement outcomes during the scheme that can be stored and revealed after arbitrarily long time. We show that the proposed scheme turns out to be a multiparty bit commitment scheme where both parties commit and reveal simultaneously. The multiparty generalization would have applications in business and secure multiparty computations such as managing joint bank account, holding joint shares in stock exchange and blind bidding. The same bit commitment scheme can also be used for the commitment of arbitrarily long classical bit strings. The scheme can be applied efficiently with existing technologies; entanglement is required only for time t=x/c where x is the special distance, can be as small as possible, between the committer and receiver.

Quantum Physics

Arindam Mitra

DOI: https://doi.org/10.48550/arXiv.physics/0007089

2001-02-06

Abstract:Mayers, Lo and Chau proved unconditionally secure quantum bit commitment is impossible. It is shown that their proof is valid only for a particular model of quantum bit commitment encoding, in general it does not hold good. A different model of unconditionally secure quantum bit commitment - both entanglement and disentanglement-based - is presented. Even cheating can be legally proved with some legal evidences. Unconditionally secure quantum bit commitment can be established on the top of unconditionally secure quantum coin tossing, which is also claimed to be two-way impossible.

General Physics

M. Orlandini,D. Dal Fiume,F. Frontera,S. Del Sordo,S. Piraino,A. Santangelo,A. Segreto,T. Oosterbroek,A.N. Parmar

DOI: https://doi.org/10.1016/S0920-5632%2898%2900200-X

1997-12-02

Abstract:We report on observations of the low-mass X-ray binary 4U1626-67 performed during the BeppoSAX Science Verification Phase. We present the broad-band 0.1-100 keV pulse averaged spectrum, that is well fit by a two-component function: a 0.27 +/- 0.02 keV blackbody and an absorbed power law with a photon index of 0.89 +/- 0.02. A very deep and narrow absorption feature at 38 keV, attributable to electron cyclotron resonance, is clearly visible in the broad-band spectrum. It corresponds to a neutron star magnetic field strength of 3.3 x 10^{12} G. The 4U1626-67 pulse profiles show a dramatic dependance on energy: the transition between the low energy (E<10 keV) "bi-horned" shape to the high-energy (E>10 keV) sinusoidal profile is clearly visible in our data. The modulation index shows a monotonic increase with energy.

Astrophysics