Poster Session 1

Abstract: Entanglement is an intriguing quantum phenomenon with crucial implications for both fundamental physics and technological applications, e.g., quantum key distribution (QKD). In this paper, we show that multipartite private states from which secret keys are directly accessible to trusted partners are genuinely multipartite entangled states. With application to secure Quantum Internet, we consider the most general setup of multipartite quantum process (channel) in a network setting: multiplex quantum channel with involved parties having one of the three possible roles-- that of only sender or receiver, or both sender and receiver. We derive divergence-based measures for entangling abilities of multipartite quantum channels. We describe an LOCC-assisted secret key agreement (SKA) protocol for generation or distillation of key (private random bits) among multiple trusted allies connected through a quantum multiplex channel secure against a quantum eavesdropper, of which measurement-device-independent QKD and SKA protocols over quantum network laced with key repeaters are particular instances. We are able to provide upper bounds on the non-asymptotic private capacities, maximum rate at which secret key can be distilled via finite uses of channels, and lower bounds on asymptotic capacities. These bounds are expressed in terms of the divergence-based entanglement measures of the channels. Some of these measures lead to strong converse bounds on the private capacities. Our upper bounds on the private capacities also are upper bound on the multipartite quantum capacities where goal is to distill Greenberger{Horne{Zeilinger (GHZ) state. Also, we are able to derive upper bound on the secret key bits that can be distilled via LOCC among trusted allies sharing finite copies of multipartite quantum states.

Abstract: Quantum key distribution (QKD) provides a way to share unconditional secure key between two remote parties, but the deviation between theory and practice will break the security of generated key. In this article, we evaluate the security of QKD with weak basis-choice flaw, in which the random bit used by Alice and Bob to determine their bases are weakly controlled by Eve. In fact, a tight and analytical bound is obtained to estimate the phase error for both single photon source and weak coherent source, then the key rate can be rapidly improved. And the key rate of QKD with biased bases is also considered, in which Alice and Bob distill key from two bases independently. Furthermore, by evaluating the security of QKD under wavelength attack, the performance of a commercial beam splitter is measured, and then the key rate is estimated, which is just slightly reduced with our method.

Abstract: Let $f: \mathbb{F}_2^n \rightarrow \mathbb{F}_2^n$ be a Boolean function with period $\vec s$. It is well-known that Simon's algorithm finds $\vec s$ in time polynomial in $n$ on quantum devices that are capable of performing error-correction. However, today's quantum devices are inherently noisy, too limited for error correction, and Simon's algorithm is not error-tolerant. We show that even noisy quantum period finding computations lead to speedups in comparison to purely classical computations. More precisely, we implemented Simon's quantum period finding circuit on the $15$-qubit quantum device IBM Q 16 Melbourne. Our experiments show that with a certain probability $\tau(n)$ we measure erroneous vectors that are not orthogonal to $\vec s$. We propose new, simple, but very effective smoothing techniques to classically mitigate physical noise effects such as e.g. IBM Q's bias towards the $0$-qubit. After smoothing, our noisy quantum device provides us a statistical distribution that we can easily transform into an LPN instance with parameters $n$ and $\tau(n)$. Hence, in the noisy case we may not hope to find periods in time polynomial in $n$. However, we still obtain quantum advantage even for large errors $\tau(n)$ close to $\frac 1 2$. Thus, period finding does not necessarily require full quantum error correction capability. keywords: Noise-tolerant Simon period finding, IBM Q 16, LPN algorithms, quantum advantage

Abstract: Quantum networks will allow to implement communication tasks beyond the reach of their classical counterparts. A pressing and necessary issue for the design of quantum network protocols is the quantification of the rates at which these tasks can be performed. Here, we propose a simple recipe that yields efficiently computable lower and upper bounds on the maximum achievable rates. For this we make use of the max-flow min-cut theorem and its generalization to multi-commodity flows to obtain linear programs. We exemplify our recipe deriving the linear programs for bipartite settings, settings where multiple pairs of users obtain entanglement in parallel as well as multipartite settings, covering almost all known situations. We also make use of a generalization of the concept of paths between user pairs in a network to Steiner trees spanning a group of users wishing to establish Greenberger-Horne-Zeilinger states.

Abstract: The use of quantum systems allows for new insights which promise to revolutionize information processing. Quantum cryptography, especially key distribution, has become one of the most prominent applications of quantum technology. However, this task still requires users to be capable of performing quantum operations, such as state preparation or measurements in multiple bases. A natural question, therefore, is can users' technological requirements be reduced? In this work, we experimentally demonstrate a novel quantum key distribution protocol where users are fully classical and quantum operations are only performed by an untrusted third party acting as a server. We derive an information theoretic proof of security for our protocol along with an experimental demonstration.

Abstract: Randomness is a fundamental feature of quantum mechanics, which is an invaluable resource for both classical and quantum technologies. Practical quantum random number generators (QRNG) usually need to trust their devices, but their security can be jeopardized in case of imperfections or malicious external actions. In this work, we present a robust implementation of a Semi-Device-Independent QRNG that guarantees both security and fast generation rates. The system works in a prepare and measure scenario where measurement and source are untrusted, but a bound on the energy of the prepared states is assumed. Our implementation exploits heterodyne detection, which offers increased generation rate and improved long-term stability compared to alternative measurement strategies. In particular, due to the tomographic properties of heterodyne measurement, we can compensate for fast phase fluctuations via post-processing, avoiding complex active phase stabilization systems. As a result, our scheme combines high security and speed with a simple setup featuring only commercial-off-the-shelf components, making it an attractive solution in many practical scenarios.

Abstract: Discrete-modulated continuous-variable quantum key distribution protocols are favorable due to the experimental simplicity and inherited properties of continuous-variable protocols. We provide a tight numerical key rate analysis of discrete-modulated continuous-variable quantum key distribution protocols in the asymptotic limit against collective attacks. As a specific example, we analyze the key rate of the quadrature phase-shift keying (QPSK) scheme in both the paranoid and realistic scenarios. When the detector noises are trusted, the QPSK scheme is expected to reach around 100 km with currently feasible experimental parameters. For both scenarios, we also investigate the performance of post-selection of data for the reverse reconciliation scheme and show that post-selection can provide improvements in the key rate as well as reducing the amount of data for post-processing.

Abstract: Randomness is one of the key ingredients to information processing in practice, especially for computation and cryptography. A vast number of applications critically rely on abundant, high-quality random numbers that are generated securely. In this work we introduce a variant of randomness extraction framework, named \emph{incoherent randomness extraction} (IRE), in the context of quantum coherence theory where free incoherent operations are employed. This cryptographic framework unveils a new perspective to the study of quantum coherence distillation (QCD) by an \emph{exact} one-shot connection, that is, the maximum number of secure random bits extractable from a single instance of \emph{unstructured} quantum state is precisely equal to the maximum number of coherent bits that can be distilled from the same state. This exact relation not only sharpens our understanding on the operational equivalence between randomness and coherence, but also enables us to derive tight second order expansions (estimation of the number of extractable random bits/distillable coherent bits to the order~$o(\sqrt{n})$ where $n$ is the number of the prepared source states) of both tasks in the independent and identically distributed setting. Remarkably, the incoherent operation classes that can empower coherence distillation for generic states all lead to the same second order expansions, indicating their operational equivalence for QCD as well as IRE in both asymptotic and large block length regimes. As a by-product, we showcase a proof of the strong converse property for IRE from its second order expansion, excluding a possible tradeoff between the insecurity threshold and the rate of extractable randomness of a protocol. This also contributes to an alternative strong converse proof for QCD due to their exact one-shot correspondence.

Abstract: Nonlocal games with synchronous correlations are a natural generalization of functions between two finite sets. In this work we examine analogues of Bell's inequalities for such correlations, and derive a synchronous device-independent quantum key distribution protocol. This protocol has the advantage of symmetry between the two users and self-testing while generating shared secret key without requiring a preshared secret. We show that, unlike general correlations and the CHSH inequality, there can be no quantum Bell violation among synchronous correlations with two measurement settings. However we exhibit explicit analogues of Bell's inequalities for synchronous correlations with three measurement settings and two outputs, provide an analogue of Tsirl'son's bound in this setting, and prove existence and rigidity of quantum correlations that saturate this bound. We conclude by posing a security assumption that bypasses the locality, or causality, loophole and examine the protocol's robustness against measurement error and depolarization noise.

Abstract: We present two different QRNG devices which allow to maximize the entropy extraction of a system and so the generation rate. The two devices use single-photon avalanche diode along (SPAD) with FPGA device. The first device, Randy, uses only one SPAD and with a post-processing based on the Peres algorithm [Y. Peres, Ann. Statist. 20, 590 (1992)], has a generation rate of 1.8 Mbit/s. The second device, LinoSPAD, which is a CMOS SPAD array based device and integrate also a time-to-digital converter (TDC) on its FPGA, has a final generation rate of 310 Mbit/s thanks to a improved post-processing procedure which also includes the Zhou-Bruck algorithm [H. Zhou and J. Bruck, arXiv:1209.0726 (2012)].

Abstract: We present a computer-verified formalization of the post-quantum security proof of the Fujisaki-Okamoto transform (as analyzed by Hövelmanns, Kiltz, Schäge, and Unruh, PKC 2020). The formalization is done in quantum relational Hoare logic and checked in the qrhl-tool (Unruh, POPL 2019).

Abstract: We implement 5 GHz clocked polarization-based simplified BB84 protocol. Secret keys can be distributed over 151.5 km of standard telecom fiber at a rate of 54.5 kbps. The high clock frequency might give rise to correlations between the pulses. We characterize the correlations in decoy intensity, polarization and in the phase between the pulses and discuss their impact on the security of the protocol.

Abstract: Losses in the physical transmission medium fundamentally limit the distance that quantum key distribution schemes can cover. By means of quantum repeaters, the reach of these schemes can be extended and chains of quantum repeaters could in principle cover arbitrarily long distances. Here, we first provide an efficient algorithm for completely characterizing the behaviour of a large class of repeater chain protocols. The algorithm determines the fidelity and generation time (waiting time) of the first generated entangled pair between the end nodes of a quantum repeater chain. It has polynomial runtime in the size of the support of the waiting time probability distribution. This runtime improves upon the exponential runtime of existing algorithms and allows us to analyze repeater chains of thousands of segments for some parameter regimes. Second, we use the algorithm for optimizing the achievable secret key rate. For this, we consider a family of repeater schemes generalizing the BDCZ scheme. In particular, the schemes incorporate a cut-off condition that enables to mitigate the effects of decoherence. We find that the use of the optimal cut-off extends the parameter regime for which secret key can be generated and moreover significantly increases the secret-key rate for a large range of parameters. Our algorithms thus serve as useful tools for the design and realization of long-distance quantum key distribution networks.

Abstract: We investigate estimation of fluctuating channels and its effect on security of continuous-variable quantum key distribution. We propose a novel estimation scheme which is based on the clusterization of the estimated transmittance data. We show that uncertainty about whether the transmittance is fixed or not results in a lower key rate. However, if the total number of measurements is large, one can obtain using our method a key rate similar to the non-fluctuating channel even for highly fluctuating channels. We also verify our theoretical assumptions using experimental data from an atmospheric quantum channel. Our method is therefore promising for secure quantum communication over strongly fluctuating turbulent atmospheric channels.

Abstract: Extending the functionality and overcoming the performance limitation under which QKD can operate requires either quantum repeaters or new security models. Investigating the latter option, we introduce the Quantum Computational Hybrid (QCH) security model, where we assume that computationally secure encryption may only be broken after a time much longer than the coherence time of available quantum memories. We propose an explicit d-dimensional key distribution protocol, that we call MUB-Quantum Computational Timelock (MUB-QCT) where one bit is encoded on a qudit state chosen among d + 1 mutually unbiased bases (MUBs). Short-term-secure encryption is used to share the basis information with legitimate users while keeping it unknown from Eve until after her quantum memory decoheres. This allows to reduce Eve’s optimal attack to an immediate measurement followed by post-measurement decoding. We demonstrate that MUB-QCT enables everlasting secure key distribution with input states containing up to O(\sqrt{d})photons. This leads to a series of important improvements when compared to QKD: on the functional side, the ability to operate securely between one sender and many receivers, whose implementation can moreover be untrusted ; significant performance increase, characterized by a O(\sqrt{d}) multiplication of key rates and an extension by 25km x log(d) of the attainable distance over fiber. Implementable with a large number of modes with current or near-term multimode photonics technologies, the MUB-QCT construction has the potential to provide a radical shift to the performance and practicality of quantum key distribution.

Abstract: Quantum memories are a fundamental of any global-scale quantum Internet, since these units are necessary for guaranteeing an optimal performance in a high-performance quantum networking scenario. The main problem of quantum memories is the low retrieval efficiency of the systems from the registers of the quantum memory. Here, we define a novel quantum memory called high-retrieval-efficiency (HRE) quantum memory for the quantum Internet. An HRE quantum memory unit integrates local unitary operations on its hardware level for the optimization of the readout procedure and utilizes the advanced techniques of quantum machine learning. The local unitaries of an HRE quantum memory achieve the optimization of the readout procedure in an unsupervised manner without the use of any labeled data or training sequences. The HRE quantum memory is a particularly convenient unit for the construction of a powerful, global-scale quantum Internet.

Abstract: Position verification is a cryptographic primitive aiming at securely certifying the location of a party in space. Informationally-secure PV was shown to be impossible through the existence of universal attacks both in the classical setting [Chandran et al., 2009] and in the quantum setting [Buhrman et al., 2014; Beigi and König,2011]. However, while classical attacks require the same amount of resources than the protocol, known universal quantum attacks make use of an exponential amount of entanglement through a technique known as Instantaneous Nonlocal Quantum Computation. In this paper, we characterize attacks to a "BB84-like" protocol already proposed in previous work [Kent et al., 2011], based on single photons polarized at an angle θ. We consider adversaries sharing maximally entangled pairs of qudits and find low-dimensional INQC attacks. We find exact attacks against some rational angles, including some sitting outside of the Clifford hierarchy (e.g. π/6), and show no θ allows to tolerate errors higher than ~0.5% against adversaries holding two ebits per protocol's qubit.

Abstract: We describe a protocol for generating random numbers based on the existence of quantum violations of a free version of Clauser-Horne-Shimony-Holt inequality for qutrit, namely CHSH-3. Our method uses semidefinite programming relaxations to compute such violations. In a standard setting the CHSH-3 inequality involves two separated qutrits and compatible measurement, that is, commuting with each other, yielding the known quantum bound of $1+\sqrt{11/3} \approx 2.9149$ . In our framework, $d$-dimensional quantum systems (qudits) where $d$ is not fixed {\it a priori}, and measurement operators possibly not compatible, are allowed. This loss of constraints yields a higher value of $4$ for the maximum expectation of CHSH-3, attained for $d=3 $ and non-commutative measurements for one party. Based on such upper bound on the violation of free CHSH-3, which appear to be a non-algebraic bound, we develop a random number generator with only one party. Our protocol generates a maximal entropy and its security is based, through self testing arguments, on the attainability of the maximal violation of the free CHSH-3 for quantum systems.

Abstract: Classical remote state preparation (RSPCC) is a primitive that allows an honest client to prepare a quantum state remotely with the help of an (untrustworthy) server using only a classical communication channel. With this primitive quantum protocols (such as secure delegation of quantum computations) become accessible to classical clients, by removing the need for a quantum channel. Since this cryptographic primitive’s main role is to be a building block within larger protocols, it is of utmost importance to examine its security under composition. In this work we present three results related to the composability of RSPCC protocols: 1. As our first main result, we show that no classical remote state preparation protocol RSPCC can be composable in the Abstract Cryptography framework [MR11], even when the distinguisher is computationally bounded. In other words, remote state preparation cannot be constructed with only a classical channel. 2. We further show that any classical-client delegated quantum computing protocol that uses the universal blind quantum computation (UBQC) protocol [BFK09] and a RSPCC protocol as a subroutine cannot be composable. 3. Upon relaxing the security requirement, we show that replacing the quantum channel of the UBQC protocol by the particular RSPCC protocol of [CCKW19] is secure in the game-based security framework.

Abstract: Reliable and efficient functioning of a quantum network depends on identifying and mitigating security risks originating from within and outside the network. We aim to construct a comprehensive framework for developing and assessing secure quantum networks. We articulate issues for making quantum networks secure in general, summarise the state of the art and identify priority directions for further investigation. Our analysis builds on the secure communication protocols developed for classical layered network architectures such as the open-systems interconnection (OSI) model and the transmission control protocol/internet protocol (TCP/IP) model. Our work will lead to the development of a hardware-independent framework for securing general quantum networks that allows developers to identify mandatory security mechanisms and incorporate additional security requirements of the clients during design of the networks.

Abstract: We propose a novel architecture of quantum-error-correction-based quantum repeaters that combines the techniques used in discrete and continuous variable quantum information. Specifically, we propose to encode the transmitted qubits in a concatenated code consisting of two levels. On the first level we use a continuous variable GKP code which encodes the qubit in a single bosonic mode. On the second level we use a small discrete variable code, encoding a logical qubit in as few as seven physical qubits. Such an architecture introduces two major novelties which allow us to make efficient use of resources. Firstly, our architecture makes use of two types of quantum repeaters: the simpler GKP repeaters that need to only be able to store and correct errors on a single GKP qubit and more powerful but more costly multi-qubit repeaters that additionally can correct errors on the higher level. We find that the combination of using the two types of repeaters enables us to achieve performance needed in practical scenarios with a significantly reduced cost with respect to an architecture based solely on multiqubit repeaters. Secondly the use of continuous variable GKP code on the lower level has the advantage of providing us with the information about the success probability of the specific GKP correction round. This analog information, unique to bosonic codes, provides significant boost in performance when used to correct second level errors in the multi-qubit repeaters.

Abstract: We develop a protocol that allows a pair of users to sift a secret key starting from shared variable-length Greenberger-Horne-Zeilinger (GHZ) states. It is an extension of the BBM’92 protocol which relies on measurements in the matching basis for entanglement witness. We then design an entanglement generation scheme over a quantum network that equips the quantum key generation protocol to achieve key rates that are independent of the distance between the two users. The key new insight in our protocol is to allow a repeater node to use n-qubit GHZ projective measurements that can fuse n successful entangled links, i.e., two-qubit entangled Bell pairs shared across network edges, incident at that node, into an n-qubit GHZ state shared by the far nodes of those edges. If we allow even 3-fusions at the nodes, we find by developing a connection to a modified version of the site-bond percolation problem that despite lossy (hence probabilistic) link-level entanglement generation, and probabilistic success of the fusion measurements at nodes, one can generate entanglement between end two parties at a rate that stays constant as the distance between them increases. This is not possible to attain with any (non-error-corrected) quantum networking protocol using Bell measurements alone.

Abstract: Entanglement distribution between very distant parties allows several interesting quantum-enabled protocols to be performed, in the fields of quantum communication, metrology and distributed computation. However, achieving this task over global distances (thousands of km) is very daunting, due to the exponential losses of light in optical fibres. The concept of a quantum repeater has been introduced to counter this problem. Such a device allows, using quantum memories and protocols based on entanglement swapping or quantum error correction, to connect several elementary links and enlarge the achievable distance. An alternative solution is represented by satellite-relayed free-space channels, that have already been proven to be feasible with current technology. Using a double downlink from a single satellite, however, the maximum distance between the ground stations is limited to {1500-2000} km, due to the additional losses encountered at low elevation angles. Through quantum repeaters, few of these satellite links can be chained together to reach global distances. In this work we propose and study a scheme in which entanglement sources and quantum repeaters are placed on board of satellites, orbiting around the Earth in the string of pearls configuration. This allows to connect two users on the ground via free-space optical links outside the atmosphere, achieving far superior distance-to-loss ratio with respect to the standard fibre-based implementation. In this way, a small number of intermediate nodes is enough to achieve entanglement distribution over global distances at a reasonable rate. The performance of this repeater chain is assessed in terms of the secret key rate achievable by the BB-84 cryptographic protocol, taking into account the most important sources of noise. We perform a comparison with other repeater chain architectures and show that our scheme is superior in almost every situation, achieving higher key rates, reliability and flexibility. These results have been obtained assuming reasonably conservative values of the parameters of the setup, such as the size of the optical elements and the efficiency of the quantum memories. The feasibility of the implementation in the mid-term future is analysed, based on recent developments in space-borne technology. We finally discuss some exemplary orbital configurations to connect several pairs of cities around the world with very small satellite constellations and estimate the cost of such an infrastructure. The integration of satellite-based links with ground repeater networks can be envisaged to represent the backbone of the future Quantum Internet. C. Liorni, H. Kampermann, D. Bruß, arXiv:2005.10146, 2020

Abstract: Space-based quantum key distribution (QKD) overcomes the limits of distance between terrestrial users caused by losses in optical fibre. Thus, it is the most promising method to establish a global scale QKD network. While the first QKD platform in the space - “the Micius satellite” – was a ground-breaking proof of principle demonstration, it is not a commercially favourable solution. We present our Cube-Sat payload design which has a more economically viable key-rate. The whole system is consisting of two parts, a 2U transmitter payload in Cube Satellite and an Optical Ground Station (OGS) working as receiver. The system is designed for polarisation based BB84/Decoy-State protocol with 100Mhz key transmission rate. In order to avoid the light pollution near the metropolitan centres and provide flexibility, we present our progress towards a mobile OGS which will be able to act as a receiver for the quantum signal.

Abstract: Satellite-based quantum communication is a promising approach for realizing globalscale quantum networks. However, due to atmospheric turbulence, achieving a highly efficient and stable spatial single-mode receiver, which is very important for daylight free-space quantum key distribution and more complex quantum information tasks involving quantum interference, is difficult. Here, we develop a spatial single-mode receiver with an adaptive optics (AO) system based on a modal version of the stochastic parallel gradient descent algorithm (M-SPGD) and conduct a field test of its performance over an 8 km urban terrestrial free-space channel. Our experimental results demonstrate the AO technology based on M-SPGD has a great boosting for single-mode receiver and is useful for large-scale quantum communication.

Abstract: All phase-encoded BB84 implementations have signal states with unbalanced amplitudes in practice. Thus, the original security analyses a priori do not apply to them. Previous security proofs use signal tagging of multi-photon pulses to recover the behaviour of regular BB84. This is overly conservative, as for unbalanced signals, the photon-number splitting attack does not leak full information to Eve. In this work, we exploit the flag-state squashing model to preserve some parts of the multi-photon generated private information in our analysis. Using a numerical proof technique, we obtain significantly higher key rates compared with previously published results in the low-loss regime. It turns out that the usual scenario of untrusted dark counts runs into conceptual difficulties in some parameter regime. Thus, we discuss the trusted dark count scenario in this paper as well. We also report a gain in key rates when part of the total loss is known to be induced by a trusted device. We highlight that all these key rate improvements can be achieved without modification of the experimental setup.

Abstract: We present a simple idealistic quantum entanglement based protocol for quantum random number generation allowing a trusted third party to publicly perform arbitrarily complex tests of randomness without any violation of the secrecy of the generated bit sequences. The protocol diminishes also an average time of the randomness testing (thus enabling arbitrary shortening of this time with increasing number of entangled qubits).

Abstract: Classical bits can be copied, but quantum bits, in general, cannot. As a result, there is interest in creating uncounterfeitable quantum money, in which a set of qubits can be spent as money but cannot be duplicated. To function as money, there must be a way to verify that a given state is a valid banknote and not a counterfeit. Many recent efforts have tried to allow public key verification, where any untrusted user, even a would-be counterfeiter, can verify the banknotes. However, despite many attempts, a secure construction of public-key quantum money has remained elusive. Here we introduce franchised quantum money, a new notion that is weaker than public key quantum money but brings us closer to realizing it. Franchised quantum money allows any untrusted user to verify banknotes using a unique secret key. Furthermore, we give a construction of franchised quantum money and prove security assuming the quantum hardness of the short-integer solution problem (SIS). This is the first construction of quantum money that allows an untrusted user to verify the banknotes, and which has a proof of security based on widespread assumptions. It is therefore an important step toward public key quantum money. Under franchised quantum money, untrusted users receive unique secret verification keys. With their key, a user can verify banknotes without the mint involved, but they cannot create counterfeit money that would fool another user. This is different from public key quantum money because the verification key may actually enable counterfeiting, but the only person that the counterfeiter can fool is themselves. Here is how franchised quantum money might be useful: consider a group of large corporations, mutually distrustful, that nevertheless want to make transactions with each other. Further, a trusted third party, the mint, will administer the money system. While the mint cannot make verification public-key, it can franchise the ability to verify banknotes to the group of untrusted corporations. The mint gives each corporation a unique secret verification key that allows them to verify banknotes from another corporation. Now what if one corporation decides to start using its key to copy money? Since each corporation gets a different key, any banknotes that the corporation produces will fail to verify when a different key is used. Therefore the dishonest corporation will not be able to fool anyone but themselves. Public key quantum money has eluded sophisticated attempts to construct it directly, so franchised quantum money is useful as a stepping stone. Although franchised quantum money is not public-key, it still enables verification without the mint involved, which is the main feature of interest for public key quantum money. Further, we give a construction of franchised quantum money with a proof of security based on widely-held assumptions about the SIS problem. Franchised quantum money offers greater security than existing constructions of quantum money, and brings us closer to public-key verification.

Abstract: Quantum communication in general helps deter potential eavesdropping in the course of transmission of bits to enable secure communication between two or more parties. In this paper, we propose a novel quasi-quantum secure direct communication scheme using non-maximally entangled states. The proposed scheme is simple to implement using existing techniques and significantly reduces the number of leaked bits. As a result long sequences or the whole sequence of data can be communicated at once before error checking for a potential eavesdropper. Also a cipher can be used in the protocol for retrieving the bits that are lost due to security. The qubit efficiency of the proposed protocol is found to be 40 %.

Abstract: Zhandry recently defined a new cryptographic object called quantum lightning, which has a number of useful applications, including a strong form of quantum money. Further, Zhandry proposed a construction of quantum lightning based on superpositions of low-rank matrices. The scheme is unusual, so it is difficult to analyze whether the scheme is secure and difficult to base the scheme’s security on any widespread computational assumptions. Instead, Zhandry proposed a new hardness assumption that, if true, could be used to prove security. While the new hardness assumption is plausible, it has not been rigorously analyzed. In this work, we analyze the hardness assumption to determine how, if at all, it can be justified. We show that Zhandry’s hardness assumption is in fact false, so the proof of security for Zhandry’s scheme does not hold. While the scheme itself has not been proven insecure, our analysis suggests an approach to developing attacks that might prove the scheme insecure.

Abstract: Heralded single photons with a wavelength of 780 nm were generated from 30-mm long PPKTP crystals. The spectral correlation was eliminated under narrow band-pass filtering, and Hong-Ou-Mandel interference between two heralded single-photon sources was demonstrated.

Abstract: The security of measurement device-independent quantum key distribution (MDI QKD) relies on a thorough characterization of one's optical source output, especially any noise in the state preparation process. Here, we provide an extension of the loss-tolerant protocol [Phys. Rev. A 90, 052314 (2014)], a leading proof technique for analyzing the security of QKD, to MDI QKD protocols that employ mixed signal states. We first reframe the core of the proof technique, noting its generalization to treat d-dimensional signal encodings. Concentrating on the qubit signal state case, we find that the mixed states can be interpreted as providing Alice and Bob with a virtual shield system they can employ to reduce Eve's knowledge of the secret key. We then introduce a simple semidefinite programming method for optimizing the virtual twisting operations they can perform on the shield system to yield a higher key rate, along with an example calculation of fundamentally achievable key rates in the case of random polarization modulation error.

Abstract: Device-independent quantum key distribution provides security even when the equipment used to communicate over the quantum channel is largely uncharacterized. An experimental demonstration of device-independent quantum key distribution is however challenging. A central obstacle in photonic implementations is that the global detection efficiency, i.e., the probability that the signals sent over the quantum channel are successfully received, must be above a certain threshold. We here propose a method to significantly relax this threshold, while maintaining provable device-independent security. This is achieved with a protocol that adds artificial noise, which cannot be known or controlled by an adversary, to the initial measurement data (the raw key). Focusing on a realistic photonic setup using a source based on spontaneous parametric down conversion, we give explicit bounds on the minimal required global detection efficiency.

Abstract: In this paper we consider the Liouville equation that describes the quantum non-unitary dynamics of quantum states in optical fiber.We consider particular case of thermalization aiming to applications related to various quantum information protocols; however the model can be generalized in various ways taking into account more features (external pump, nonlinear interactions, continuous spectra, free space propagation, etc.). In order to obtain the appropriate evolution models for states in the channel we use the SU(1,1) algebra formalism in the Liouville representation. Developed model is applied in cases of two different initial states as an example. The first is single- and multi-frequency-mode (e.g. wavelength-division-multiplexed) weak coherent states in quantum notation as rather simple but useful example. This particular example is of interest since weak coherent states are commonly used tool in various fields of optics, e.g. optical communication, quantum key distribution, etc. Results for coherent states are well agreed with classical theories however in order to highlight quantum features of developed theory we also consider the case of non-classical light, in particular Fock states. Considered implementation of model takes into account dichroism, retardance, thermalization, dispersion, decoherence in polarization domain. We derive expressions of evolved states, mean photon number and estimate the Stokes parameters as well as degree of polarization. Considered examples explicitly demonstrates all the features and effects of developed approach. Described approach allows to connect the information properties of quantum channels with its physical ones. In order to illustrate this statement we consider BB84 quantum key distribution protocol and investigate behavior of quantum bit error rate affected by considered physical phenomena in optical fiber.

Abstract: In this paper we present for the first time two possible techniques for deterministic two-step complete Bell state analyzer of optical (polarization) qubits using semi-demolition or entangled non-demolition measurements. Main difference to a prior studies in the field is that we do not use hyperentanglement or representation of the Bell states as concatenated Greenber–Horne–Zeilinger (C-GHZ) state to provide the discrimination. We demonstrate two different approaches for complete Bell state measurement based on different types of filtration. In entangled non-demolition measurement we allocate two pairs of the states from each other as the filtration process. The approach can be based on the utilization of cubic (Kerr) nonlinearity and auxiliary mode. In semi-demolition measurement two states are unambiguously discriminated and hence destroyed; however two other states passes the filter without modification. The measurement destroys the single photon subspace in every mode and preserves the superposition of zero and two photons. It can be realized with discrete photodetection based on microresonator with atoms. Such filtration can be considered as quadratic nonlinearity just as any measurement. The most significant about this approach is that we do not transform the initial states using any type of filtration based on different nonlinearities.

Abstract: Twin-field (TF) quantum key distribution (QKD) can overcome fundamental secret-key-rate bounds on point-to-point QKD links, allowing us to reach longer distances than ever before. Since its introduction, several practical TF-QKD variants have been proposed, and some of them have already been implemented experimentally. All of them assume that the users can emit weak coherent pulses with a continuous random phase, either to generate the key, or to prove its security. In practice, this assumption is often not satisfied, which could open up security loopholes in their implementations. Here, we propose and prove the security of a TF-QKD variant that relies exclusively on discrete phase randomisation, which is easier to achieve in practice. Remarkably, our results show that it can also provide higher secret-key rates than other variants.

Abstract: Here in this poster we present two new MET-LDPC codes designed for rates 0.02 and 0.01 with even higher efficiency: β = 99.2% and β = 98.7% , respectively. We will present simulation results to demonstrate their performance. The presented codes can be used by different reconciliation strategies to increase the distance of CV-QKD.

Abstract: Since 2004 AIT has developed a software suite for QKD post processing and key routing in trusted repeater networks. This software provides a set of building blocks to integrate sifting, error estimation, error correction, confirmation, privacy amplification and information-theoretically secure message authentication. Accompanying the QKD post-processing is the Quantum Point-to-Point Protocol (Q3P) node which enforces information-theoretically secure network peer-to-peer communication for classical applications. We already reported on the support for different DV and CV-QKD protocols, and high-performance error correction using GPUs for terrestrial QKD. Here we will discuss the following new capabilities of the software * a low dependency footprint for future use on satellites, * hibernation of QKD post-processing pipelines and switching between them for key establishment with different ground terminals and satellites, * CoAP interfaces to cover demands of the control and management plane in today’s network environment, and * the port to ARM/FPGA SoC boards. The CoAP interfaces allow rapid scripting of QKD modules or AIT QKD based applications with Python or even Bash. Utilities and tools, as well as a boilerplate setup for QKD module coding projects, also support the creation of new QKD post-processing modules or QKD based user applications. The AIT QKD software is bundled with management tools, partly GUI oriented. The software is available under different license options and AIT welcomes suggestions from academic groups or industry to co-operate.

Abstract: Quantum random number generators (QRNG) are a well-studied quantum resource for information and communication technologies. Offering the randomness derived from quantum mechanical principles, QRNGs will replace current technologies of pseudo random number generation. However, prices and form factors must come down, if this technology is to feed mobile or IoT devices in the future. We present a step in this direction by realizing a QRNG in the polymer-based photonic integration platform PolyBoard.

Abstract: Emerging quantum technologies, such as quantum key distribution, increase the demand for reliable tools that enable single-photon generation, manipulation and sensing on an increasingly large scale. In the framework of integrated photonics, these needs can be fulfilled by patterning highly stable photonic devices on monolithic silicon chips in CMOS compatible processes. In this work we show how advanced single-photon detection capabilities are achieved on a silicon chip, realizing a 4x4 array of waveguide-integrated superconducting nanowire single-photon detectors (SNSPDs). Our detectors are fabricated from highly uniform superconducting NbTiN thin films in a U-shape geometry atop of silicon nitride strip waveguides [1]. The nanophotonic circuitry is interfaced with scalable 3D polymeric out-of-plane fiber-to-chip couplers [2] featuring high broadband transmission in the telecom regime. In order to address each detector individually via a separate fiber-optic channel, we precisely align a 16-channel 2D fiber array to the 4x4 coupler matrix. We evaluate the performance of our waveguide-integrated SNSPD array in a cost-efficient closed-cycle cryostat at 3.5 K. We find dark count rates below 10 Hz combined with a superior system detection efficiency of up to 50 % at 30 MHz count rate for telecom-wavelength photons. In addition, we achieve 120 ps timing jitter with a simple two-stage room-temperature amplification approach. Our detector arrays pave the way for parallelized multi-channel single-photon detection and will therewith enable ultra-fast quantum key distribution. Furthermore, our approach allows for integrating sophisticated nanophotonic devices with waveguide-coupled single-photon detectors providing additional variability and functionality.

Abstract: The OPENQKD project is currently the largest QKD-focused initiative in Europe comprising of 38 partners. The project brings together a multidisciplinary team of the leading European telecommunication equipment manufacturers, end-users and critical infrastructure providers, network operators, QKD equipment providers, digital security professionals and scientists from 13 countries to reinforce Europe’s position at the forefront of quantum communication capabilities globally. We present here the first deployment results from selected testbeds, list the demonstration sites and associated use cases. We will also provide an overview of the QKD devices built for the project and a timetable for the future deployments.

Abstract: In this work, we provide a complete, unconditional, asymptotic security analysis of DMCVQKD with four or more states. We do not need the photon-number cut-off assumption required in previous proofs. We derive inequalities that relate the result of a suitably chosen finite-dimensional optimization to the key rate. We solve the optimization numerically and utilize uniform continuity bounds to derive tight key rate lower bounds. We find that the key rates are comparable to previous conditional security proofs with the cut-off assumption, and to those achieved by Gaussian-modulated CVQKD.

Abstract: A numerical approach for the calculation of QKD key rates allows a uniform framework to be applied to general QKD protocols. Based on our group's previous work, we would like to build a universal software platform that is fully modularized and user-friendly, where one can easily swap in and out different QKD protocol descriptions, channel simulation models or experimental data, backend numerical solvers, and parameter optimization algorithms. Our goal is to build an open-source platform that can be both useful for theorists testing new protocols as well as experimentalists looking for optimal parameters or analyzing their experimental data.

Abstract: To realize highly secure communication required for sensitive personal information, quantum key distribution (QKD) was applied to a video conference system for clinical use in a field trial. We demonstrated that the system provides a QKD secured environment for discussion and for sharing screens of patient cases among medical experts. The results indicated that our QKD system’s secure key rate is sufficient for a video conference in real time. This demonstrated that QKD is applicable to video conference systems for practical use.

Abstract: Continuous variable quantum key distribution (CV-QKD) uses shot-noise limited detection for measuring the quadratures of the signal sent by Alice over the quanutm channel. Typically, the signal transmission rate is limited by the bandwidth of the detection. One of the drawbacks of CV-QKD systems is low secure key generation rate at longer transmission distances. High bandwidth detectors—which allow higher signal transmission rates—cannot improve the key generation rate as these increase the electronic noise variance. Electronic noise variance in CV-QKD systems is considered as a trusted noise source and so theoretically, it does not have a great impact on the final key rate. However, from the practical point of view, there is impact on the performance of error correction codes—such as low density parity codes (LDPC). Increased electronic noise decreases the signalto-noise ratio (SNR). Constructing LDPC at lower SNR is a bottleneck for achieving long distance CV-QKD. Multi-mode signals can improve the SNR of CV-QKD system to a significant extent. In this work, we consider a multi-mode signal based CV-QKD system where signal modes are jointly measured in order to reduce the impact of electronic noise on the SNR.

Abstract: It is shown that imperfect joints of linear birefringent fibers in a fiber interferometer may result in an uncontrolled visibility drift under varying environmental conditions even with a standard phase matching device. As an example, a double Mach –Zehnder interferometer is considered, which is employed in schemes of quantum key distribution. Results of numerical simulation demonstrate the standard deviation of QBER, which is comparable to an average QBER.