Abstract
Mistrustful cryptography includes important tasks like bit commitment, oblivious transfer, coin flipping, secure computations, position authentication, digital signatures and secure unforgeable tokens. Practical quantum implementations presently use photonic setups. In many such implementations, Alice sends photon pulses encoding quantum states and Bob chooses measurements on these states. In practice, Bob generally uses single photon threshold detectors, which cannot distinguish the number of photons in detected pulses. Also, losses and other imperfections require Bob to report the detected pulses. Thus, malicious Alice can send and track multiphoton pulses and thereby gain information about Bob's measurement choices, violating the protocols' security. Here, we provide a theoretical framework for analysing such multiphoton attacks, and present known and new attacks. We illustrate the power of these attacks with an experiment, and study their application to earlier experimental demonstrations of mistrustful quantum cryptography. We analyse countermeasures based on selective reporting and prove them inadequate. We also discuss side-channel attacks where Alice controls further degrees of freedom or sends other physical systems.
Highlights
Quantum cryptography promises that cryptographic tasks can be implemented with provable security, assuming only the validity of quantum theory
We discuss side-channel attacks in mistrustful quantum cryptography, where Alice controls degrees of freedom not previously agreed with Bob
If Alice sends Bob a pulse of k photons encoding a state ρ, with k ∈ {0, 1, 2} chosen by Alice and unknown to Bob, the only probabilistic reporting strategy that guarantees to Bob that Alice cannot obtain any information about β from his message m is the trivial strategy, Eq (21)
Summary
Quantum cryptography promises that cryptographic tasks can be implemented with provable security, assuming only the validity of quantum theory. We discuss side-channel attacks in mistrustful quantum cryptography, where Alice controls degrees of freedom not previously agreed with Bob. We discuss possible countermeasures against multiphoton and side-channel attacks, including the use of photon-number-resolving detectors, measurement-device-independent protocols, fully deviceindependent protocols, the use of teleportation to filter received pulses, and using near-perfect sources and nearideal detectors. We discuss possible countermeasures against multiphoton and side-channel attacks, including the use of photon-number-resolving detectors, measurement-device-independent protocols, fully deviceindependent protocols, the use of teleportation to filter received pulses, and using near-perfect sources and nearideal detectors All of these options either fail to guarantee security or are practically challenging; our analyses suggest that the last is the most promising option at present and that teleportation could provide a good solution in the future
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
