QCRYPT 2012 – 2nd Annual Conference on Quantum Cryptography

Scientific program

Focus tutorial

Invited Talks

Public Lecture


Google Calendar LogoStay up to date:
you can see the schedule in Google Calendar or add it to your agenda [ical].

Monday (10th September)

08:30 Registration
09:30 Keynote: QKD widened and deepened
Masahide Sasaki
      Video icon Video
10:30 Coffee Break
11:00 Invited Talk: Certifiable quantum dice
Or, universally composable randomness expansion

Thomas Vidick
Arrow Abstract   PDF icon Slides Video icon Video

Randomness is a fundamental resource in modern cryptography. The generation of uniformly random bits using quantum mechanics, while still experimentally challenging, is straightforward from a purely theoretical point of view. Nevertheless, for cryptographic applications it is often crucial to ensure that the random bits generated are completely secure and uncorrelated with any potential “adversary”. For instance, one may imagine that the manufacturer of the randomness-generation device introduced “backdoor entanglement” between the device and her own lab, thereby potentially gaining access to the “random” bits generated.

In this talk I will address the question of generating certifiable, fully secure random bits. I will describe a simple protocol that stretches an initial (log n)-bit random string into n random bits. The bits generated are secure, i.e. appear uniformly random from the point of view of any (quantum) adversary, based only on the verification of a simple statistical test based on the CHSH inequality. No assumptions on the randomness-generating device are made other than that is is formed of two components that do not signal to each other. These results strengthen and extend previous work by Colbeck (2009), who first introduced the task of device-independent randomness expansion, and Pironio et al. (Nature 2010), who gave the first rigorous analysis in the non-adversarial setting.

The proof of security of our protocol relies on a technique, the “quantum reconstruction paradigm”, previously introduced in the analysis of the task of randomness extraction in connection with privacy amplification. I will introduce that technique and show how it is applied to the setting of randomness expansion.

Based on joint work with Umesh Vazirani, arXiv:1111.6054.

11:50 Quantum to classical randomness extractors
Mario Berta, Omar Fawzi, and Stephanie Wehner
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

The goal of randomness extraction is to distill (almost) perfect randomness from a weak source of randomness. When the source yields a classical string X, many extractor constructions are known. Yet, when considering a physical randomness source, X is itself ultimately the result of a measurement on an underlying quantum system. When characterizing the power of a source to supply randomness it is hence a natural question to ask, how much classical randomness we can extract from a quantum system. To tackle this question we here take on the study of quantum to classical randomness extractors (QC-extractors). We provide constructions of QC-extractors based on measurements in a full set of mutually unbiased bases (MUBs), and certain single qubit measurements. As the first application, we show that any QC-extractor gives rise to entropic uncertainty relations with respect to quantum side information. Such relations were previously only known for two measurements. As the second application, we resolve the central open question in the noisy-storage model [Wehner et al., PRL 100, 220502 (2008)] by linking security to the quantum capacity of the adversary’s storage device.

12:15 Quantum cryptography with local Bell tests
Charles Ci Wen Lim, Christopher Portmann, Marco Tomamichel, Renato Renner, and Nicolas Gisin
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

In this work, we propose the concept of self-testing QKD which is based on a novel local self-testing method. In particular, devices are tested locally independent of the quantum channel, that is, Alice and Bob perform Clauser-Horne-Shimony-Holt (CHSH) tests, an application of Bell's theorem on their own devices, independent of each other and the quantum channel. Note that because the quantum channel is not included in CHSH test, the channel loss cannot be used to open the detection loophole. The security assessment of the quantum channel follows the channel estimation technique of BB84 QKD protocol, i.e., checking for errors in the bases X and Z. Therefore, by deriving the relation between CHSH test and a recent security proof technique (the smooth version of entropic uncertainty relation), the finite-key security proof is obtained under minimal assumptions. Also, our result – a lower bound on the secret key rate – is intuitively related to the almost tight finite-key analysis of BB84 QKD protocol and it differs only by a term that is dependent on the CHSH value. Most importantly, we obtained secret key rates that are comparable to ones of BB84 QKD protocol.

12:40 Lunch
14:00 Invited Talk: Quantum Money from Hidden Subspaces
Paul Christiano
Arrow Abstract   PDF iconKeynote icon Slides
PDF Keynote
Video icon Video

Forty years ago, Wiesner pointed out that quantum mechanics raises the striking possibility of money that cannot be counterfeited according to the laws of physics. We propose the first quantum money scheme that is (1) public-key, meaning that anyone can verify a banknote as genuine, not only the bank that printed it, and (2) cryptographically secure, under a “classical” hardness assumption that has nothing to do with quantum money. Our scheme is based on hidden subspaces, encoded as the zero-sets of random multivariate polynomials. A main technical advance is to show that the “black-box” version of our scheme, where the polynomials are replaced by classical oracles, is unconditionally secure. Even in Wiesner's original setting – quantum money that can only be verified by the bank – we are able to use our techniques to patch a major security hole in Wiesner's scheme. We give the first private-key quantum money scheme that allows unlimited verifications and that remains unconditionally secure, even if the counterfeiter can interact adaptively with the bank. Our money scheme is simpler than previous public-key quantum money schemes, including a knot-based scheme of Farhi et al. The verifier needs to perform only two tests, one in the standard basis and one in the Hadamard basis – matching the original intuition for quantum money, based on the existence of complementary observables.

Based on joint work with Scott Aaronson.

14:50 Memory attacks on device-independent quantum cryptography
Jonathan Barrett, Roger Colbeck, and Adrian Kent
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

Device-independent quantum cryptographic schemes aim to guarantee security to users based only on the output statistics of any components used, and without the need to verify their internal functionality. Since this would protect users against untrustworthy or incompetent manufacturers, sabotage or device degradation, this idea has excited much interest, and many device-independent schemes have been proposed. Here we identify a critical weakness of device-independent quantum cryptographic protocols that rely on public communication between secure laboratories. Untrusted devices may record their inputs and outputs and reveal information about them via publicly discussed outputs during later runs. Reusing devices thus compromises the security of a protocol and risks leaking secret data. Possible defences include securely destroying or isolating used devices. However, these are costly and often impractical. We briefly consider other possible defences available in scenarios where device reuse is restricted.

15:15 Coffee Break
15:45 A quantum key distribution system immune to detector attacks
Allison Rubenok, Joshua Slater, Philip Chan, Itzel Lucio-Martinez, and Wolfgang Tittel
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

Quantum cryptography promises the distribution of cryptographic keys secured by fundamental laws of quantum physics. However, results in quantum hacking have demonstrated that the information theoretic security of quantum cryptography protocols does not guarantee security for actual implementations. Most notable are attacks against the vulnerabilities of single photon detectors [1-4]. In this talk we will report the first proof-of-principle demonstration of a new protocol that removes the threat of any such attack [5]. We demonstrated the protocol over 80 km of spooled fibre as well as across different locations within the city of Calgary [6], confirming this protocol as a realistic approach to secure communication and demonstrating the possibility for controlled two-photon interference in a real-world environment, which is a remaining obstacle to realizing quantum repeaters and quantum networks.

[1] Lamas-Linares, A., Kurtsiefer, C. Breaking a quantum key distribution system through a timing side channel, Opt. Express 15 (15), 9388-9393 (2007).
[2] Zhao, Y., Fung, C.-H. F., Qi, B., Chen, C. & Lo, H.-K. Quantum Hacking: Experimental demonstration of time-shift attack against practical quantum key distribution systems. Phys. Rev. A 78, 042333 (2008).
[3] Lydersen, L., Wiechers, C., Wittmann, C., Elser, D., Skaar, J. & Makarov, V. Hacking commercial quantum cryptography systems by tailored bright illumination. Nature Photonics 4, 686–689 (2010).
[4] Lydersen, L., Wiechers, C., Wittmann, C., Elser, D., Skaar, J. & Makarov, V. Thermal blinding of gated detectors in quantum cryptography. Opt. Express 18 (26), 27938-27954 (2010).
[5] Lo, H.-K., Curty, M. & Qi, B. Measurement-device-independent quantum key distribution. Phys. Rev. Lett. 108, 130503 (2012).
[6] Rubenok, A., Slater, J. A., Chan, P., Lucio-Martinez, I., & Tittel, W. Proof-of-principle field test of quantum key distribution immune to detector attacks. arXiv:1204.0738v1 (2012).

16:10 Security of continuous-variable quantum key distribution against general attacks
Anthony Leverrier, Raúl García-Patrón, Renato Renner, and Nicolas Cerf
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

We prove that Gaussian continuous-variable quantum key distribution protocols, using a Gaussian distribution of coherent or squeezed states and homodyne or heterodyne measurement, are secure against arbitrary attacks.

Our proof exploits the specific symmetries in phase-space of Gaussian QKD protocols to prove that once a simple test over the measurement outcomes succeeds, the global state shared between Alice and Bob is well decribed by assigning a low dimensional Hilbert space to each mode. Then one can use the postselection technique introduced by Christandl, Koenig and Renner for discrete-variable protocols to conclude.

Our result greatly improves over previous ones using either a de Finetti theorem or an entropic uncertainty principle which could not be applied to prove the security of protocols in realistic experimental implementations.

16:35 Infrared NbN superconducting single-photon detector for quantum cryptography and quantum information processing
Alexander Korneev, Alexander Divochy, Yury Vachtomin, Konstantin Smirnov, and Gregory Goltsman
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

We present the overview of our recent results in research and development of superconducting single-photon detector (SSPD) practical applications such as quantum cryptography. By optimization of fabrication process and usage of high-quality silicon wafers with SiO2 layer acting as a microcavity we managed to reach up to 35.6% detection efficiency at 1500 nm wavelength. Also we extended its wavelength range beyond 1800 nm by the usage of the fluoride ZBLAN fibres.

17:00 Reception

Tuesday (11th September)

09:00 Focus Tutorial: Authentication
Ueli Maurer
    PDF icon Slides Video icon Video
10:30 Coffee Break
11:00 Invited Talk: Solid-state quantum memories for quantum repeaters
Nuala Timoney
Arrow Abstract   PDF icon Slides Video icon Video

The maximal transmission distance of optical quantum communication is reaching a hard limit imposed by the intrinsic loss of the transmission medium, e.g. optical fibre. A quantum repeater promises to push that limit towards much longer, potentially intercontinental distances. Its implementation relies on the development of efficient and long-lived quantum memories that can store and retrieve the quantum properties of light. Sources of photonic entanglement, tailored for quantum memories, are also necessary and represent a challenging experimental task.

I will review the efforts of our group towards the realization of quantum memories based on rare-earth-ion doped crystals (REIC) as well as a matching source of photon pair. This approach has recently allowed us to demonstrate several features that are of great importance for quantum repeaters, and for quantum networks in general.

After a brief introduction, I will show how we have successfully entangled two neodymium-doped crystals in a heralded fashion. I will then show how polarization qubits encoded in true single photons can be stored in such crystals, despite their intrinsic birefringence and polarization-dependant absorption. I will finally present an on-demand quantum memory exploiting the long hyperfine coherence time of europium ions to store light for up to 8 ms. Our results highlight the great potential of REIC for quantum repeaters.

11:50 Frequency-multiplexed photon storage and read-out on demand using an atomic frequency comb-based quantum memory
Neil Sinclair, Erhan Saglamyurek, Hassan Mallahzadeh, Joshua A. Slater, Jeongwan Jin, Daniel Oblak, Mathew George, Raimund Ricken, Wolfgang Sohler, and Wolfgang Tittel
Arrow Abstract   PDF icon Slides Video icon Video

The ability to send quantum information encoded in photons over large distances is hampered by the unavoidable loss in the communication channel. In classical communication, channel-loss is alleviated by amplifying the information carrier, however, due to the no-cloning theorem for quantum states, this approach is not viable for quantum communication channels. Instead long-distance quantum communication can be enabled by quantum-repeaters, which serve to distribute entanglement over the entire channel by means of entanglement swapping between subdivision of the channel [1]. In order to synchronize the process of entanglement swapping between adjacent subdivisions, quantum repeaters must incorporate quantum memories [2]. A quantum memory is a device that has the ability to (reversibly) map quantum states between photons and atoms [3]. In most of the quantum repeater architectures proposed to date, it is required that quantum memories feature recall on demand. Other desirable attributes of a quantum memory are high fidelity and efficiency, long storage times, and the possibility to simultaneously store multiple carriers of quantum information, i.e. record multiple photonic modes. The combination of a quantum state storage protocol based on an atomic frequency comb (AFC) [4] with rare-earth-ion doped crystals cooled to cryogenic temperatures as storage materials [5] has been shown to meet many of these requirements. In particular, it is well suited for storage of temporally multiplexed photons [6,7]. Yet, despite first proof-of-principle demonstrations [8], recalling the quantum information at a desired time (i.e. read-out on demand) with broadband, single-photon-level pulses remains an outstanding challenge. Fortunately, the AFC protocol allows not only for multimode storage in the time domain, but also in the frequency domain.

Here, we will present the first experimental demonstration of frequency-multiplexed storage of attenuated laser pulses followed by read-out on demand in the frequency domain, pointing to a quantum repeater architecture based on frequency multiplexing. Our work is based on the AFC protocol and employs a Tm-doped LiNbO3 waveguide cooled to 4 K [9,10]. Using a serrodyne sideband chirping technique we prepare several frequency-combs in the atomic absorption spectrum. Each section of AFC is a few 100 MHz wide and since we vary the comb-tooth spacing in each section we prepare them with different storage times on the order of 20-150 ns. After the AFC preparation, we send a probe pulse, which is modulated to contain several frequency components that correspond to the centre frequencies of the AFC sections. The mean photon number in each mode is set to be around one. As the probe pulse is mapped to our quantum memory the different frequency modes are mapped to different sections of the AFC and thus recalled at different times. The recalled pulses pass through a frequency filter with a bandwidth matching a single frequency mode. Before frequency filtering we are able to impart again a frequency shift on the recalled pulses, which can hence be set to pass the spectral filter. This constitutes recall on demand of a particular frequency mode. Our multimode quantum memory is highly flexible and can be set to recall all modes at the same time, and adapted to broader or narrower frequency modes. In addition it has been shown to faithfully store time bin qubits in pure and entangled states and preserve all degrees of freedom of the photonic wavefunction [9,11].

Finally, we will argue that, in view of a quantum repeater, our approach based on a multimode memory with read-out on demand in the frequency domain is equivalent to temporal multiplexing and read-out on demand in the temporal domain. This overcomes one further obstacle to building quantum repeaters using rare-earth-ion doped crystals as memory devices.

[1] H.-J. Briegel, et al., Phys. Rev. Lett., 81, 5932 (1998)
[2] N. Sangouard, et al., Rev. Mod. Phys., 83(1), 33 (2011)
[3] A. I. Lvovsky, B. C. Sanders, and W. Tittel, Nat. Photon, 3(12), 706 (2009)
[4] M. Afzelius, et al., Phys. Rev. A, 79(5), 052329 (2009)
[5] W. Tittel, et al., Laser & Photonics Rev., 4(2), 244 (2010)
[6] I. Usmani, et al., Nat Commun, 1 (2010)
[7] M. Bonarota, J.-L. Le Gouët, and T. Chanelière, New J. of Phys., 13(1), 013013 (2011)
[8] M. Afzelius, et al., Phys. Rev. Lett., 104, 040503 (2010)
[9] E. Saglamyurek, et al., Nature, 469(7331), 512 (2011)
[10] N. Sinclair, et al., J. of Luminescence, 130(9), 1586 (2010)
[11] E. Saglamyurek, et al., Phys. Rev. Lett., 108, 083602 (2012)

12:15 1 Mbps coherent one-way QKD with dense wavelength division multiplexing and hardware key distillation
Nino Walenta, Andreas Burg, Jeremy Constantin, Nicolas Gisin, Olivier Guinnard, Raphael Houlmann, Charles Ci Wen Lim, Tommaso Lunghi, and Hugo Zbinden
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

We present the latest results obtained with a quantum cryptography prototype based on a coherent-one way quantum key distribution (QKD) scheme. To support its continuous high rate secret key generation we developed different low-noise single photon detectors for telecom wavelength based on a sine gating and low-pass-filtering technique, as well as a negative feedback APD in an active hold-off circuit. A newly developed hardware distillation engine allows for continuous operation of secret key distribution up to 1 Mbps. We also present results of our system in a DWDM (dense wavelength-division multiplexing) configuration where only one single fiber is needed to interconnect Alice' and Bob's systems. The final prototype is fully compatible to serve a high-speed encryption device developed in parallel which provides encrypted communication of up to 100 Gbps.

12:40 Lunch
14:00 Invited Talk: Quantum cryptography in Minkowski space
Adrian Kent
Arrow Abstract   PDF icon Slides Video icon Video

Quantum theory and the relativistic no-signalling principle both give ways of controlling information, in the sense that someone who creates information somewhere in space-time can rely on strict limits both on how much information another party can extract and on where they can obtain it. An increasingly long list of interesting cryptographic applications exploit the power of the no-signalling principle as well as the properties of quantum information. I describe recent work in this area, including secure protocols for bit commitment, quantum tagging (quantum position authentication) and new intrinsically relativistic cryptographic tasks.

14:50 Secure bit commitment from relativistic constraints
Jędrzej Kaniewski, Marco Tomamichel, Esther Hänggi, and Stephanie Wehner
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

We investigate two-party cryptographic protocols that are secure under assumptions motivated by physics, namely relativistic assumptions (no-signalling) and quantum mechanics. In particular, we discuss split models, i.e. models in which certain parties are not allowed to communicate during certain phases of the protocol, for the purpose of bit commitment. We find the minimal splits that are necessary to evade the Mayers-Lo-Chau no-go argument and present protocols that achieve security in these split models.

Furthermore, we introduce the notion of local versus global commands, a subtle issue that arises when the split committer is required to delegate agents to perform the open phase separately, without communication. We argue that classical protocols are insecure in the global command model, even when the committer is split. On the other hand, we provide a rigorous security proof in the global command model for a quantum protocol proposed by Kent. The proof employs two fundamental principles of modern physics, the no-signalling property of relativity and the uncertainty principle of quantum mechanics.

15:15 Coffee Break
15:45 Poster Session (List)
18:30 Public Lecture: Rise of the Quantum Age (More info | Register)
Gilles Brassard
Arrow Abstract     Video icon Video

This public talk will be set at an elementary level and no prior knowledge of quantum mechanics will be assumed. Please register if you plan to attend.

Quantum mechanics is perhaps the most profound revolution ever to occur in our understanding of Nature. While born with last century, it appeared for many decades to be just a game, played by physicists strictly for the sake of advancing pure knowledge, without any impact on everyday life. And then, quantum mechanics gave birth to the transistor, and society was transformed forever. The physicists’ “game” ushered in the Information Age, which is the signature of the 20th century, just as the 19th century was the Machine Age. But we are poised to experience a second quantum revolution in which the full power of the quantum world will be unleashed in ways never before thought possible, transmitting and processing information with unconditionally secure communication and computers powerful beyond imagination. Indeed, the 21st century will go down in history as the Quantum Age.

About the speaker:
Professor of computer science and Canada Research Chair at the Université de Montréal, Gilles Brassard laid the foundations of quantum cryptography at a time when only a handful of people worldwide were interested in quantum information science. He is among the inventors of quantum teleportation, which is universally recognized as a fundamental keystone of the discipline. Editor-in-Chief for Journal of Cryptology from 1991 until 1997, he is the author of three books that have been translated into eight languages. He is a Fellow of the Academy of Science of the Royal Society of Canada, of the Canadian Institute for Advanced Research and of the International Association for Cryptologic Research. Among his many awards, we note the Prix Marie-Victorin, the Rank Prize in Opto-Electronics, the NSERC Gerhard Herzberg Canada Gold Medal for Science and Engineering and the Killam Prize for natural sciences. Foreign member of the Academia Europaea, he was awarded a honorary doctorate by the ETH in Zürich.

Wednesday (12th September)

09:00 Focus Tutorial: Optics
Gregor Weihs
    PDF icon Slides Video icon Video
10:30 Coffee Break
11:00 Invited Talk: Probing the reality of quantum state
Manas Kumar Patra
Arrow Abstract   PDF icon Slides Video icon Video

Is the quantum state real – a property of the system it is assigned to? Or does it represent only our (incomplete) knowledge of the system? It is possible that the second alternative – the epistemic character of the quantum state – comes about because quantum mechanics is obtained by some statistical averaging over a “complete” theory of nature. Such models are often called “hidden variable” models, because the true variables describing the system, the ontic state, are not accessible.

Recently Pusey, Barrett and Rudolph [1] showed that, assuming the natural assumption of “preparation independence”, epistemic models of the quantum state are in contradiction with the predictions of quantum theory. “Preparation independence” means that independent preparations of systems correspond to a joint distribution (over the ontic states) is the product of individual distributions.

Here we adopt a different approach. We show that, assuming both a form of continuity and separability (a weak form of preparation independence), epistemic interpretations of the quantum state are in contradiction with quantum theory. We also discuss some implications of “hidden-variable” models for cryptography.

We then describe a simple high-precision experiment optics experiment that tests some of the predictions of continuous and separable epistemic models. The experiment is particularly simple. It involves attenuated coherent states in time bins of dimension up to 80 propagating in optical fibres. Our experimental results are in agreement with the predictions of quantum theory and provide strong constraints on possible epistemic extensions of quantum mechanics. These results are reported in [2].

[1] M. F. Pusey, J. Barrett, and T. Rudolph, On the reality of the quantum state, Nature Physics, 2309, (2012).
[2] M. K. Patra, L. Olislager, F. Duport, J. Safioui, S. Pironio and S. Massar, Experimentally probing the reality of the quantum state, submitted (2012)

11:50 Security proof of the unbalanced phase-encoded BB84 protocol
Agnes Ferenczi, Varun Narasimhachar, and Norbert Lutkenhaus
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

In optical implementations of the phase-encoded BB84 protocol, the bit information is usually encoded in the phase of two consecutive photon pulses generated in a Mach-Zehnder interferometer. In the actual experimental realization, the loss in the arms of the Mach-Zehnder interferometer is not balanced, for example because only one arm contains a lossy phase modulator. Therefore, the amplitudes of the pulses is not balanced, and the structure of the signals and measurements no longer corresponds to the (balanced) ideal BB84 protocol. Hence, the BB84 security analysis no longer applies in this scenario.

We provide a security proof of the unbalanced phase-encoded BB84. The resulting key rate turns out to be lower than the key rate of the ideal BB84 protocol. Therefore, in order to guarantee security, the loss due to the phase modulator cannot be ignored.

12:15 Air to ground quantum key distribution
Sebastian Nauerth, Florian Moll, Markus Rau, Christian Fuchs, Joachim Horwath, and Harald Weinfurter
Arrow Abstract PDF icon Extended abstract  

The range of quantum key distribution (QKD) systems is known to be limited to a few hundreds of km due to the attenuation of the channel and the finite signal to noise ratio of available detectors. Satellite based systems, however, could provide efficient links for global scale QKD. While both classical satellite downlinks and long range terrestrial free-space QKD were shown successfully, a quantum key exchange with a rapidly moving platform is still missing. Here we report on the first experimental demonstration of a BB84 QKD transmission from an airplane at a speed of 290 km/h to ground. Our system uses attenuated laser pulses with a mean photon number of μ = 0.5 and polarization encoding. Over a distance of 20 km a stable link was achieved for 10 min yielding a sifted key rate of 145 bits/s with a quantum bit error rate (QBER) of 4.8 %.

12:40 Conference photo (Follow Charlie)
19:00 Conference Dinner
Venue: Emerald Pavilion, Siloso Beach, Sentosa Island
20:30 After Dinner Talk
Charles Bennett
Venue: Emerald Pavilion, Siloso Beach, Sentosa Island
21:00 Rump Session
Chair: Valerio Scarani
Venue: Emerald Pavilion, Siloso Beach, Sentosa Island

Thursday (13th September)

09:00 Focus Tutorial: Cryptographic primitives
Juerg Wullschleger
    PDF icon Slides Video icon Video
10:30 Coffee Break
11:00 Complete insecurity of quantum protocols for classical two-party computation
Harry Buhrman, Matthias Christandl, and Christian Schaffner
Arrow Abstract PDF icon Extended abstract PDF iconKeynote icon Slides
PDF Keynote
Video icon Video

A fundamental task in modern cryptography is the joint computation of a function which has two inputs, one from Alice and one from Bob, such that neither of the two can learn more about the other's input than what is implied by the value of the function. In this work we show that any quantum protocol for the computation of a classical deterministic function that outputs the result to both parties (two-sided computation) and that is secure against a cheating Bob can be completely broken by a cheating Alice. Whereas it is known that quantum protocols for this task cannot be completely secure, our result implies that security for one party implies complete insecurity for the other. Our findings stand in stark contrast to recent protocols for weak coin tossing, and highlight the limits of cryptography within quantum mechanics. We remark that our conclusions remain valid, even if security is only required to be approximate.

11:25 A min-entropy uncertainty relation for finite size cryptography
Nelly Ng, Mario Berta, and Stephanie Wehner
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

Apart from their foundational signicance, entropic uncertainty relations play a central role in proving the security of quantum cryptographic protocols. Of particular interest are thereby relations in terms of the smooth min-entropy for BB84 and six-state encodings. Previously, strong uncertainty relations were obtained which are valid in the limit of large block lengths. Here, we prove a new uncertainty relation in terms of the smooth min-entropy that is only marginally less strong, but has the crucial property that it can be applied to rather small block lengths. This paves the way for a practical implementation of many cryptographic protocols. As part of our proof we show tight uncertainty relations for a family of Renyi entropies that may be of independent interest.

11:50 Superposition attacks on cryptographic protocols
Ivan Damgård, Jesper Buus Nielsen, Jakob Funder, and Louis Salvail
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

Attacks on cryptographic protocols are usually modeled by allowing an adversary to ask queries to an oracle. Security is then defined by requiring that as long as the queries satisfy some constraint, there is some problem the adversary cannot solve, such as compute a certain piece of information. Even if the protocol is quantum, the queries are typically classical, such as a choice of subset of players to corrupt. In this paper, we introduce a fundamentally new model of quantum attacks on protocols, where the adversary is allowed to ask several classical queries in quantum superposition. This is a strictly stronger attack than the standard one, and we consider the security of several primitives in this model. We show that a secret-sharing scheme that is secure with threshold t in the standard model is secure against superposition attacks if and only if the threshold is lowered to t/2. This holds for all classical as well as a large class of quantum secret sharing schemes. We then consider zero-knowledge and first show that known protocols are not, in general, secure in our model by designing a superposition attack on the well-known zero-knowledge protocol for graph isomorphism. We then use our secret-sharing result to design zero-knowledge proofs for all of NP in the common reference string model. While our protocol is classical, it is sound against a cheating unbounded quantum prover and computational zero-knowledge even if the verifier is allowed a superposition attack. Finally, we consider multiparty computation and give a characterization of a class of protocols that can be shown secure, though not necessarily with efficient simulation. We show that this class contains non-trivial protocols that cannot be shown secure by running a classical simulator in superposition.

12:15 Quantum key distribution in the classical authenticated key exchange framework
Michele Mosca, Douglas Stebila, and Berkant Ustaoglu
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

Key establishment is a crucial primitive for building secure channels: in a multi-party setting, it allows two parties using only public authenticated communication to establish a secret session key which can be used to encrypt messages. But if the session key is compromised, the confidentiality of encrypted messages is typically compromised as well. Without quantum mechanics, key establishment can only be done under the assumption that some computational problem is hard. Since digital communication can be easily eavesdropped and recorded, it is important to consider the secrecy of information anticipating future algorithmic and computational discoveries which could break the secrecy of past keys, violating the secrecy of the confidential channel.

Quantum key distribution (QKD) can be used generate secret keys that are secure against any future algorithmic or computational improvements. QKD protocols still require authentication of classical communication, however, which is most easily achieved using computationally secure digital signature schemes. It is generally considered folklore that QKD when used with computationally secure authentication is still secure against an unbounded adversary, provided the adversary did not break the authentication during the run of the protocol.

We describe a security model for quantum key distribution based on traditional classical authenticated key exchange (AKE) security models. Using our model, we characterize the long-term security of the BB84 QKD protocol with computationally secure authentication against an eventually unbounded adversary. By basing our model on traditional AKE models, we can more readily compare the relative merits of various forms of QKD and existing classical AKE protocols. This comparison illustrates in which types of adversarial environments different quantum and classical key agreement protocols can be secure.

12:40 Lunch
14:00 Invited Talk: Randomness and quantum non-locality
Toni Acin
    PDF icon Slides Video icon Video
14:50 High speed quantum key distribution for Smart City distances with data multiplexing
Iris Choi, Ketaki Patel, James Dynes, Andrew Sharpe, Alexander Dixon, Zhiliang Yuan, Richard Penty, and Andrew Shields
Arrow Abstract PDF icon Extended abstract  

To maintain a sustainable urban development, many metropolitan areas have adopted the ‘Smart City’ model. It is a strategic concept where a city provides its inhabitants the availability of knowledge communication by means of Information and Communication Technologies (ICTs). As the Smart City model relies heavily on information transfer, information security is of utmost importance. Quantum Key Distribution (QKD) is an unique technology for providing encryption keys between remote parties with a directly quantifiable security; therefore it would be highly desirable to combine QKD with classical information transfer in a Smart community. QKD in the presence of classical data traffic has been demonstrated, however the secure key rates and transfer distances are far too low for broadband applications over Smart City distances (typically ranging from 30 km to 80 km). For example, a conferencing video would usually require 256 kbit/s secure key for one time pad encryption. The low quantum key transfer rate is primarily limited by the low single photon detection rate. With the novel self-differencing technique, GHz gating of the single photon detectors is possible, therefore allowing high speed quantum keys to be created for high bandwidth applications. Here in this paper, we present the first QKD system demonstration with sufficient secure key rate for one time pad encryption of video conferencing applications over metropolitan fibre distances. Secure keys in presence of error free classical data are demonstrated for distances up to 90 km. This demonstration is the first step towards enabling utmost secure data exchange for Smart City distances. We anticipate such demonstration will increase the level of confidence towards ICT infrastructures.

15:15 Coffee Break
16:00 Industry Session

Friday (14th September)

09:00 Focus Tutorial: Smooth min/max entropies
Marco Tomamichel
    PDF icon Slides Video icon Video
10:30 Coffee Break
11:00 Invited Talk: Quantum Steering: Experiments and Applications
Devin Smith
Arrow Abstract   PDF icon Slides Video icon Video

Quantum steering allows two parties to verify shared entanglement even if one measurement device is untrusted, as well as convincing an unbelieving party of the existence of entanglement. I will discuss quantum steering in the contexts of recent experiments [1,2,3] steering the polarization degree of freedom for single photons. The historical context as well as modern motivation for steering will be covered, as well as the similarities and differences in the various recent experiments.

Our own work [1], demonstrating quantum steering with high efficiency (62%) in two measurement bases, will be discussed in detail, including the technical challenges in certifying the results due to measurement imperfections of various types. We ultimately demonstrate a violation of some 48 standard deviations of the steering inequality most relevant to applications, which also happens to be the one most difficult to violate. The efficiency demonstrated in this experiment (62%) is half again as high as the previous world record for detection efficiency for an experiment in this context.

I will conclude with our current research project – to implement semi-device-independent quantum key distribution [4], with security guaranteed by a steering inequality. This lies in the gap between current QKD implementations and the ultimate security given by device-independent QKD, and, in practical situations, requires a detection efficiency some 10% higher again than our previous result, which should be achievable given the advances made since that result was published.

1. DH Smith, G Gillett et al., Nat. Commun. 3:625 (2012)
2. AJ Bennet et al., Phys. Rev. X 2, 031003 (2012)
3. B Wittmann, S Ramelow et al., New J. Phys. 14, 053030 (2012)
4. C Branciard et al., Phys. Rev. A 85, 010301(R) (2012)

11:50 Improving the maximum transmission distance of continuous-variable quantum key distribution using a noiseless amplifier
Rémi Blandino, Anthony Leverrier, Marco Barbieri, Jean Etesse, Philippe Grangier, and Rosa Tualle-Brouri
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

We show that the maximum transmission distance of continuous-variable quantum key distribution in presence of a Gaussian noisy lossy channel can be arbitrarily increased using a heralded noiseless linear amplifier. We explicitly consider a protocol using amplitude and phase modulated coherent states with reverse reconciliation. Assuming that the secret key rate drops to zero for a line transmittance Tlim, we find that a noiseless amplifier with amplitude gain g can improve this value to Tlim/g2, corresponding to an increase in distance proportional to log g.

Best student paper award, chosen by the Program Committee

Experimental demonstration of continuous-variable quantum key distribution over 80 km of standard telecom fiber
Paul Jouguet, Sébastien Kunz-Jacques, Anthony Leverrier, Philippe Grangier, and Eleni Diamanti
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

We demonstrate for the first time that long-distance quantum key distribution can be achieved with continuous variables, using only standard telecommunication components. Furthermore, we obtain a positive secret key rate over long distances even when taking into account finite-size effects. These results correspond to a practical implementation guaranteeing the strongest level of security achievable with QKD and show that continuous-variable quantum key distribution is a technology of choice for near-future secure quantum communications.

12:40 Continuous variable quantum key distribution: finite-key analysis of composable security against coherent attacks
Fabian Furrer, Torsten Franz, Mario Berta, Volkher Scholz, Marco Tomamichel, and Reinhard Werner
Arrow Abstract PDF icon Extended abstract PDF icon Slides Video icon Video

We provide a security analysis for continuous variable quantum key distribution protocols based on the transmission of two-mode squeezed vacuum states measured via homodyne detection. We employ a version of the entropic uncertainty relation for smooth entropies to give a lower bound on the number of secret bits which can be extracted from a finite number of runs of the protocol. This bound is valid under general coherent attacks, and gives rise to keys which are composably secure. For comparison, we also give a lower bound valid under the assumption of collective attacks. For both scenarios, we find positive key rates using experimental parameters reachable today.

13:05 Lunch


  • A Decoupling Approach to the Holevo-Schumacher-Westmoreland Theorem
    Frédéric Dupuis, Oleg Szehr and Marco Tomamichel
  • A high speed quantum random number generator based on the quantum fluctuations of the vacuum
    Thomas Symul, Syed Assad and Ping Koy Lam
  • A Protocol of the Quantum Relay using Quantum Group Secret Sharing
    Takashi Suzuki, Akihisa Tomita and Atsushi Okamoto
  • Adversarial multipartite entanglement verification in realistic conditions
    Anna Pappa, André Chailloux, Thomas Lawson and Stephanie Wehner
  • Alternative Schemes for Measurement-Device-Independent Quantum Key Distribution
    Xiongfeng Ma and Mohsen Razavi
  • Ancilla-Driven Universal Blind Quantum Computation
    Takahiro Sueki, Takeshi Koshiba and Tomoyuki Morimae
  • Balanced homodyne detection as a coherent mode selector for quantum communications in WDM environment
    Rupesh Kumar, Hao Qin and Romain Alléaume
  • Breaking up the quantum detector control attack
    Luis A. Lizama-Perez, J. Mauricio Lopez, Eduardo De Carlos Lopez and Salvador E. Venegas-Andraca
  • Characterization of Min-Entropy Using Physical Constraints - Compatibility between Quantum Steering and the No-Signaling
    Joonwoo Bae
  • Concise and Tight Security Analysis of the Bennett-Brassard 1984 Protocol with Finite Key Lengths
    Masahito Hayashi and Toyohiro Tsurumaru
  • Continuous-Variable QKD with Discrete Modulations and Post-Selections
    Tsubasa Ichikawa, Yoshifumi Koike, Kazuhiro Murayama and Takuya Hirano
  • Countermeasure against tailored bright illumination attack for DPS-QKD
    T. Honjo, M. Fujiwara, K.Shimizu, K. Tamaki, S. Miki and T. Yam
  • Device Independent Quantum Key Distribution with Reused Devices
    Matthew McKague and Lana Sheridan
  • Dynamics of an entangled coherent state over an amplitude damping channel
    Abderrahim El Allati and Yassine Hassouni
  • Efficient QKD Postprocessing Algorithms
    Christoph Pacher, Gottfried Lechner, Christopher Portmann, Oliver Maurhart and Momtchil Peev
  • Enhanced Private Communication with Concatenated Quantum Polar Codes
    Laszlo Gyongyosi and Sandor Imre
  • Entanglement-based quantum key distribution with the efficient BB84 over two 8-km free-space channels
    Yuan Cao, Hao Liang, Juan Yin, Hai-Lin Yong, Fei Zhou and Yu-Pi
  • Estimation of phase errors without the Gaussian approximation and improvement of the secure key rate of BB84 protocol
    Kenta Sakakibara, Ryutaroh Matsumoto and Tomohiko Uyematsu
  • Experimental demonstration of quantum private queries in a real-world environment
    Philip Chan, Itzel Lucio-Martinez, Xiaofan Mo, Christoph Simon and Wolfgang Tittel
  • Extremely-weak avalanche discrimination for gated avalanche photodiode
    Abdessattar Bouzid, Min-Soo Lee, Min Ki Woo, Il Young Kim, Sang-Wook Han and Sung Moon
  • Fast real-time random numbers from vacuum fluctuations
    T. Symul, S. M. Assad and P. K. Lam
  • Fine-grained lower limit of quantum uncertainty in the presence of quantum memory
    Tanumoy Pramanik, Priyanka Chowdhury and Archan Majumdr
  • Finite-key security analysis of a simple and efficient one-way quantum cryptography system
    Charles Ci Wen Lim, Nino Walenta and Hugo Zbinden
  • Four-Wave Mixing: Photon Statistics and the Impact on a Co-Propagating Quantum Signal
    Álvaro Almeida, Nuno Silva, Paulo André and Armando Pinto
  • Free Space Quantum Communication using Continuous Polarization Variables
    Bettina Heim, Christian Peuntinger, Christoffer Wittmann, Christoph Marquardt and Gerd Leuchs
  • Gigahertz quantum key distribution over 260 km of standard telecom fiber
    Shuang Wang, Jing-Zheng Huang, Wei Chen, Jun-Fu Guo and Zhen-Qi
  • Gigahertz-Clocked Single-Photon Detector with Tunable Gate-Frequency
    Y. Zhang, T. S. Yu, M. T. Liu and H. C. Lim
  • Hardy's paradox in a device-independent scenario
    Law Yun Zhi, Rafael Rabelo and Valerio Scarani
  • Hefei Metropolitan Quantum Communication Network 2011
    Tengyun Chen, Xiao Jiang, Lei Zhou, Shibiao Tang, Bo Zhao, Jian Wang, Lei Ju, Luokan Chen, Hongfei Zhang, Ke Cui, Yang Liu, Liujun Wang, Qing Chen, Sibo Feng, Yong Zhao, Chengzhi Peng, Zengbing Chen and Jianwei Pan
  • Implementation of extractors and privacy amplification
    Zhen Zhang, Myung Gi Lee and Xiongfeng Ma
  • Improved Reconciliation Efficiency with Channel Coding for Quantum Key Distribution
    Patcharapong Treeviriyanupab, Paramin Sangwongngam and Keattisak Sripimanwat
  • Improving the Performance of Continuous-Variable Quantum Key Distribution: Study of Practical Imperfections and High-Performance Reconciliation
    Paul Jouguet, Sebastien Kunz-Jacques, Anthony Leverrier and Eleni Diamanti
  • Local simulation of singlet statistics for restricted set of measurement
    Ashutosh Rai, MD. Rajjak Gazi, Manik Banik and Subhadipa Das
  • More Efficient Implementations of CASCADE
    Mustafa Toyran and Thomas B. Pedersen
  • Multiplexing QKD systems in Conventional Optical Networks
    A. Ciurana, V. Martin, J. Martínez-Mateo, A. Poppe, M. Soto, N. Walenta and H. Zbinden
  • Multisetting Bell inequalities for N spins-1 avoiding KS contradiction
    Arijit Dutta, Marcin Wieśniak and Marek Żukowski
  • Near Real-Time Prediction of the optimal pair production rate for entanglement-based QKD
    Catherine Holloway, John Doucette, Jean-Philippe Bourgoin, Christopher Erven and Thomas Jennewein
  • On the Mathematical Limits of Quantum Communication over Superactivated Quantum Channels
    Laszlo Gyongyosi and Sandor Imre
  • Passive decoy state source for quantum key distribution
    Fei Zhou, Hai-Ling Yong, Yuan Cao, Juan Yin and Ji-Gang Ren
  • Polaractivation of Private Classical Capacity of Non-Private Quantum Channels
    Laszlo Gyongyosi and Sandor Imre
  • Polarization Shift Keying for free space QKD : effect of noise on reliability of the QKD protocols
    Ram Soorat and Ashok Vudayagiri
  • Precise evaluation of leaked information with universal2 privacy amplification in the presence of quantum attacker
    Masahito Hayashi
  • Private Communication over Quantum Relay Channels Using Quantum Polar Codes and Superactivation-assistance
    Laszlo Gyongyosi and Sandor Imre
  • QKD software architecture and system integration with classical communication infrastructure
    Oliver Maurhart, Christoph Pacher, Andreas Happe, Thomas Lorunser, Cristina Tamas, Andreas Poppe and Momtchil Peev
  • Quantum repeaters and quantum key distribution: the impact of entanglement distillation on the secret key rate
    Sylvia Bratzik, Silvestre Abruzzo, Hermann Kampermann and Dagmar Bruß
  • Quantum security analysis via smoothing of Renyi entropy of order 2
    Masahito Hayashi
  • Quantum wiretap channel with non-uniform random number
    Masahito Hayashi
  • Robust Self Testing Pure Entangled States
    Matthew McKague, Tzyh Haur Yang and Valerio Scarani
  • Second generation, miniaturized, low noise 1550nm single photon detector
    Gerhard Humer and Momtchil Peev
  • Security of distributed-phase-reference quantum key distribution
    Tobias Moroder, Marcos Curty, Charles Ci Wen Lim, Le Phuc Thinh, Hugo Zbinden and Nicolas Gisin
  • Security proof of the unbalanced phase-encoded BB84 protocol
    Agnes Ferenczi, Varun Narasimhachar and Norbert Lutkenhaus
  • Security proof of two-way quantum key distribution protocols with partial device independence
    Normand Beaudry, Marco Lucamarini, Stefano Mancini and Renato Renner
  • Semi-device-independent QKD based on BB84 and a CHSH-type estimation
    Erik Woodhead, Charles Ci Wen Lim and Stefano Pironio
  • Sharing quantum and classical secret
    Anne Marin and Damian Markham
  • Spin Entanglement and Non-locality of Multifermion Systems. Nontransitivity of Spin Entanglement.
    Marsel Arifullin and Vitaly Berdinskiy
  • Technological developments towards a Canadian quantum encryption and science satellite - QEYSSAT
    Jean-Philippe Bourgoin, Brendon Higgins, Nikolay Gigov, Evan Meyer-Scott, Zhizhong Yan, Thomas Jennewein, Jean-François Lavigne, Vincent Roy, Pascal Deladurantaye and André Fougères
  • The effects of reduced "free will" on Bell-based randomness expansion
    Le Phuc Thinh, Dax Enshan Koh, Michael J.W. Hall, Setiawan, James E. Pope, Chiara Marletto, Alastair Kay, Valerio Scarani and Artur Ekert
  • The link between entropic uncertainty and non-locality
    Marco Tomamichel and Esther Haenggi
  • The positive effect of imperfect intensity modulator on the practical security of quantum key distribution system
    Jing-Zheng Huang, Shuang Wang, Hong-Wei Li and Zheng-Fu Han
  • Timing synchronization with photon pairs for QKD
    Thomas Lorünser, Andreas Happe, Momtchil Peev, Florian Hipp, Damian Melniczuk, Pattama Cummon and Andreas Poppe
  • Towards Wrocław Quantum Network – industrial telecom testing and deployment of quantum cryptographic systems in a metropolitan network
    M. Jacak, M. Donderowicz, J. Jacak, W. Donderowicz, J. Gruber, I. Jóźwiak, L. Jacak and W. Jacak
  • Two-Frequency Hong-Ou-Mandel Interference: Experimental Proposal
    M. T. Liu and H. C. Lim
Best poster award, chosen by popular vote
medalUncertainty relations from simple entropic properties
Patrick Coles, Roger Colbeck, Li Yu and Michael Zwolak
  • Unconditional security of Gaussian post-selected continuous variable quantum key distribution
    N. Walk, T. Symul, P. K. Lam and T. C. Ralph
  • Unconditionally secure communication protocol based on superdense coding – development of non-local entanglement based quantum communication concepts
    M. Jacak, W. Donderowicz, J. Jacak, J. Gruber, I. Jóźwiak, L. Jacak and W. Jacak

QCrypt 2012 Mascot – Entangled Noodles Sheep