Xin Sun,Quanlong Wang,Feifei He

DOI: https://doi.org/10.1007/s10773-020-04604-z

2020-10-06

International Journal of Theoretical Physics

Abstract:Bit commitment is a cryptographic task in which Alice commits a bit to Bob such that she cannot change the value of the bit after her commitment and Bob cannot learn the value of the bit before Alice opens her commitment. In this paper, we propose a quantum bit commitment (QBC) protocol which is arbitrarily concealing and practically binding. Compared to other arbitrarily concealing and practically binding QBC protocols, ours is more efficient. Neither multi-particle entanglement nor long-term quantum memory is used in our protocol, which makes it implementable by the current technology.

physics, multidisciplinary

Giacomo Mauro D'Ariano,Dennis Kretschmann,Dirk Schlingemann,Reinhard F. Werner

DOI: https://doi.org/10.1103/PhysRevA.76.032328

2007-10-15

Abstract:Bit commitment protocols whose security is based on the laws of quantum mechanics alone are generally held to be impossible. In this paper we give a strengthened and explicit proof of this result. We extend its scope to a much larger variety of protocols, which may have an arbitrary number of rounds, in which both classical and quantum information is exchanged, and which may include aborts and resets. Moreover, we do not consider the receiver to be bound to a fixed "honest" strategy, so that "anonymous state protocols", which were recently suggested as a possible way to beat the known no-go results are also covered. We show that any concealing protocol allows the sender to find a cheating strategy, which is universal in the sense that it works against any strategy of the receiver. Moreover, if the concealing property holds only approximately, the cheat goes undetected with a high probability, which we explicitly estimate. The proof uses an explicit formalization of general two party protocols, which is applicable to more general situations, and a new estimate about the continuity of the Stinespring dilation of a general quantum channel. The result also provides a natural characterization of protocols that fall outside the standard setting of unlimited available technology, and thus may allow secure bit commitment. We present a new such protocol whose security, perhaps surprisingly, relies on decoherence in the receiver's lab.

Quantum Physics

André Chailloux,Iordanis Kerenidis

DOI: https://doi.org/10.48550/arXiv.1102.1678

2011-02-09

Abstract:Bit commitment is a fundamental cryptographic primitive with numerous applications. Quantum information allows for bit commitment schemes in the information theoretic setting where no dishonest party can perfectly cheat. The previously best-known quantum protocol by Ambainis achieved a cheating probability of at most 3/4[Amb01]. On the other hand, Kitaev showed that no quantum protocol can have cheating probability less than 1/sqrt{2} [Kit03] (his lower bound on coin flipping can be easily extended to bit commitment). Closing this gap has since been an important and open question. In this paper, we provide the optimal bound for quantum bit commitment. We first show a lower bound of approximately 0.739, improving Kitaev's lower bound. We then present an optimal quantum bit commitment protocol which has cheating probability arbitrarily close to 0.739. More precisely, we show how to use any weak coin flipping protocol with cheating probability 1/2 + eps in order to achieve a quantum bit commitment protocol with cheating probability 0.739 + O(eps). We then use the optimal quantum weak coin flipping protocol described by Mochon[Moc07]. To stress the fact that our protocol uses quantum effects beyond the weak coin flip, we show that any classical bit commitment protocol with access to perfect weak (or strong) coin flipping has cheating probability at least 3/4.

Quantum Physics

Guang Ping He,Z. D. Wang

DOI: https://doi.org/10.48550/arXiv.0804.3531

2008-04-22

Abstract:The relationship between the quantum bit commitment (QBC) and quantum seal (QS) is studied. It is elaborated that QBC and QS are not equivalent, but QS protocols satisfying a stronger unconditional security requirement can lead to an unconditionally secure QBC. In this sense, QS is strictly stronger than QBC in security requirements. Based on an earlier proposal on sealing a single bit, a feasible QBC protocol is also put forward, which is secure in practice even if the cheater has a strong quantum computational power.

Quantum Physics

B Yu,ZW Zhou,J Li,GC Guo

DOI: https://doi.org/10.1117/12.483024

2002-01-01

Abstract:Although Mayers, Lo and Chau successfully showed that unconditionally secure quantum bit commitment (QBC) is impossible, we present a secure QBC protocol which is quite different from the model used in their proofs. If Alice wants to commit a bit b, she first encodes b into a series of classical bit strings of the same length. The requirement is that the modulo 2 sum of all bits in every bit string equals to b. Then Alice uses quantum one-way function to produce quantum states which are corresponding to the encoded classical bit strings and will be sent to Bob as evidence. The quantum one-way function used here is just that was successfully applied in Gottesman and Chuang's quantum digital signatures. When it comes to the unveilingtime, Alice only sends the bit strings to Bob. Finally, Bob generates quantum states form the bit strings by the same quantum one-way function and uses controlled-swap circuit to check whether the quantum states are identical with the evidence.

T. Lunghi,J. Kaniewski,F. Bussieres,R. Houlmann,M. Tomamichel,A. Kent,N. Gisin,S. Wehner,H. Zbinden

DOI: https://doi.org/10.1103/PhysRevLett.111.180504

2013-07-19

Abstract:Bit commitment is a fundamental cryptographic primitive in which Bob wishes to commit a secret bit to Alice. Perfectly secure bit commitment has been proven impossible through asynchronous exchange of classical and quantum information. Perfect security is however possible by restraining the exchange of classical and quantum information to suitably chosen relativistic constraints. This requires Alice (and Bob) to split into two remote agents performing space-like separated classical communication, and in one agent exchanging quantum bits with the other party. The duration of the commitment is given by the distance between the two remote agents. The original protocol requires the quantum communication to happen at a precise location and time with respect to the classical communication. We show how the protocol can be modified to relax this constraint such that the quantum part of the protocol can be performed at any time before the actual commitment, making it much more practical. Finally, we present an experimental demonstration of this protocol realized with a commercial quantum key distribution system and with synchronized classical agents located in Geneva and Singapore, yielding a commitment time of 15 ms. Our work includes a complete security analysis, accounting for experimental imperfections (multi-photon emission, transmission loss, detector inefficiency and dark counts) and finite statistics.

Quantum Physics

R. W. Spekkens,T. Rudolph

DOI: https://doi.org/10.1103/PhysRevA.65.012310

2002-11-14

Abstract:Although it is impossible for a bit commitment protocol to be both arbitrarily concealing and arbitrarily binding, it is possible for it to be both partially concealing and partially binding. This means that Bob cannot, prior to the beginning of the unveiling phase, find out everything about the bit committed, and Alice cannot, through actions taken after the end of the commitment phase, unveil whatever bit she desires. We determine upper bounds on the degrees of concealment and bindingness that can be achieved simultaneously in any bit commitment protocol, although it is unknown whether these can be saturated. We do, however, determine the maxima of these quantities in a restricted class of bit commitment protocols, namely those wherein all the systems that play a role in the commitment phase are supplied by Alice. We show that these maxima can be achieved using a protocol that requires Alice to prepare a pair of systems in an entangled state, submit one of the pair to Bob at the commitment phase, and the other at the unveiling phase. Finally, we determine the form of the trade-off that exists between the degree of concealment and the degree of bindingness given various assumptions about the purity and dimensionality of the states used in the protocol.

Quantum Physics

Ya-Qi Song,Li Yang

DOI: https://doi.org/10.48550/arXiv.1807.01602

2018-07-03

Abstract:We propose a framework of bit commitment protocol using a comparison scheme and present a compound comparison scheme based on counterfactual cryptography. Finally, we propose a counterfactual quantum bit commitment protocol. In security analysis, we give the proper security parameters for counterfactual quantum bit commitment and prove that intercept attack and intercept/resend attack are ineffective attack for our protocol. In addition, we explain that counterfactual quantum bit commitment protocol cannot be attacked with no-go theorem attack by current technology.

Quantum Physics

Horace P. Yuen

DOI: https://doi.org/10.48550/arXiv.quant-ph/0305143

2004-01-15

Abstract:It is shown how the evidence state space in quantum bit commitment may be made to depend on the bit value 0 or 1 with split entangled pairs. As a consequence, one can obtain a protocol that is perfectly concealing, but is also $\epsilon$-binding because the bit-value dependent evidence space prevents the committing party from cheating by means of a local transformation that is independent of the part of evidence state space that has never been in his possession.

Quantum Physics

Chi-Yee Cheung

DOI: https://doi.org/10.48550/arXiv.quant-ph/0603154

2006-03-28

Abstract:Using unstable particles which decay by emitting neutrinos, we propose a quantum bit commitment protocol that is humanly impossible to break. Neutrinos carry away quantum information, but their interaction with matter is so weak that it would take an astronomically-sized machine just to catch them, not to mention performing controlled unitary operations on them. As a result quantum information is lost, and cheating is not possible even if the participants had access to the most powerful quantum computers that could ever be built. Therefore, for all practical purposes, our new protocol is as good as unconditionally secure.

Quantum Physics

Horace P. Yuen

DOI: https://doi.org/10.48550/arXiv.1212.0938

2012-12-05

Abstract:This article describes a quantum bit commitment protocol, QBC1, based on entanglement destruction via forced measurements and proves its unconditional security.

Quantum Physics

Guang-Ping He

DOI: https://doi.org/10.48550/arXiv.quant-ph/0303107

2003-08-16

Abstract:Based on the fact that the entanglement can not be created locally, we proposed a quantum bit commitment protocol, in which entangled states and quantum algorithms is used. The bit is not encoded with the form of the quantum states, and delaying the measurement is required. Therefore the protocol will not be denied by the Mayers-Lo-Chau no-go theorem, and unconditional security is achieved.

Quantum Physics

Arindam Mitra

DOI: https://doi.org/10.48550/arXiv.physics/0007089

2001-02-06

Abstract:Mayers, Lo and Chau proved unconditionally secure quantum bit commitment is impossible. It is shown that their proof is valid only for a particular model of quantum bit commitment encoding, in general it does not hold good. A different model of unconditionally secure quantum bit commitment - both entanglement and disentanglement-based - is presented. Even cheating can be legally proved with some legal evidences. Unconditionally secure quantum bit commitment can be established on the top of unconditionally secure quantum coin tossing, which is also claimed to be two-way impossible.

General Physics

Yang Liu,Yuan Cao,Marcos Curty,Sheng-Kai Liao,Jian Wang,Ke Cui,Yu-Huai Li,Ze-Hong Lin,Qi-Chao Sun,Dong-Dong Li,Hong-Fei Zhang,Yong Zhao,Teng-Yun Chen,Cheng-Zhi Peng,Qiang Zhang,Adan Cabello,Jian-Wei Pan

DOI: https://doi.org/10.1103/physrevlett.112.010504

IF: 8.6

2014-01-01

Physical Review Letters

Abstract:Quantum physics allows for unconditionally secure communication between parties that trust each other. However, when the parties do not trust each other such as in the bit commitment scenario, quantum physics is not enough to guarantee security unless extra assumptions are made. Unconditionally secure bit commitment only becomes feasible when quantum physics is combined with relativistic causality constraints. Here we experimentally implement a quantum bit commitment protocol with relativistic constraints that offers unconditional security. The commitment is made through quantum measurements in two quantum key distribution systems in which the results are transmitted via free-space optical communication to two agents separated with more than 20 km. The security of the protocol relies on the properties of quantum information and relativity theory. In each run of the experiment, a bit is successfully committed with less than 5.68×10(-2) cheating probability. This demonstrates the experimental feasibility of quantum communication with relativistic constraints.

Adrian Kent

DOI: https://doi.org/10.1103/PhysRevLett.90.237901

2003-06-05

Abstract:A bit string commitment protocol securely commits $N$ classical bits in such a way that the recipient can extract only $M<N$ bits of information about the string. Classical reasoning might suggest that bit string commitment implies bit commitment and hence, given the Mayers-Lo-Chau theorem, that non-relativistic quantum bit string commitment is impossible. Not so: there exist non-relativistic quantum bit string commitment protocols, with security parameters $\epsilon$ and $M$, that allow $A$ to commit $N = N(M, \epsilon)$ bits to $B$ so that $A$'s probability of successfully cheating when revealing any bit and $B$'s probability of extracting more than $N'=N-M$ bits of information about the $N$ bit string before revelation are both less than $\epsilon$. With a slightly weakened but still restrictive definition of security against $A$, $N$ can be taken to be $O(\exp (C N'))$ for a positive constant $C$. I briefly discuss possible applications.

Quantum Physics,Cryptography and Security

Ya-Qi Song,Li Yang

DOI: https://doi.org/10.48550/arXiv.1709.08490

2017-09-22

Abstract:We present a new quantum bit commitment (QBC) protocol based on counterfactual quantum cryptography. We analyze the security of this protocol, find that it can resist the attack presented by QBC's no-go theorem. Our protocol is simple, and probably give a new way of constructing QBC protocol.

Quantum Physics,Cryptography and Security

Esther Hänggi,Jürg Wullschleger

DOI: https://doi.org/10.1007/978-3-642-19571-6_28

2011-04-26

Abstract:Coin flipping is a cryptographic primitive for which strictly better protocols exist if the players are not only allowed to exchange classical, but also quantum messages. During the past few years, several results have appeared which give a tight bound on the range of implementable unconditionally secure coin flips, both in the classical as well as in the quantum setting and for both weak as well as strong coin flipping. But the picture is still incomplete: in the quantum setting, all results consider only protocols with perfect correctness, and in the classical setting tight bounds for strong coin flipping are still missing. We give a general definition of coin flipping which unifies the notion of strong and weak coin flipping (it contains both of them as special cases) and allows the honest players to abort with a certain probability. We give tight bounds on the achievable range of parameters both in the classical and in the quantum setting.

Quantum Physics,Cryptography and Security

Guang Ping He

DOI: https://doi.org/10.1088/1751-8113/44/44/445305

2012-06-29

Abstract:For more than a decade, it was believed that unconditionally secure quantum bit commitment (QBC) is impossible. But basing on a previously proposed quantum key distribution scheme using orthogonal states, here we build a QBC protocol in which the density matrices of the quantum states encoding the commitment do not satisfy a crucial condition on which the no-go proofs of QBC are based. Thus the no-go proofs could be evaded. Our protocol is fault-tolerant and very feasible with currently available technology. It reopens the venue for other "post-cold-war" multi-party cryptographic protocols, e.g., quantum bit string commitment and quantum strong coin tossing with an arbitrarily small bias. This result also has a strong influence on the Clifton-Bub-Halvorson theorem which suggests that quantum theory could be characterized in terms of information-theoretic constraints.

Quantum Physics

GUANG PING HE

DOI: https://doi.org/10.1142/s0219749906002079

2006-08-01

International Journal of Quantum Information

Abstract:Though it was proven that secure quantum sealing of a single classical bit is impossible in principle, here we propose an unconditionally secure quantum sealing protocol which seals a classical bit string. Any reader can obtain each bit of the sealed string with an arbitrarily small error rate, while reading the string is detectable. The protocol is simple and easy to implement. The possibility of using this protocol to seal a single bit in practice is also briefly discussed.

physics, particles & fields,quantum science & technology, mathematical,computer science, theory & methods

Guang Ping He

DOI: https://doi.org/10.1016/j.rinp.2023.106398

2023-07-23

Abstract:Quantum coin flipping (QCF) is an essential primitive for quantum cryptography. Unconditionally secure strong QCF with an arbitrarily small bias was widely believed to be impossible. But basing on a problem which cannot be solved without quantum algorithm, here we propose such a QCF protocol, and show how it manages to evade all existing no-go proofs on QCF.

Quantum Physics