Results 1  10
of
113
Generalized privacy amplification
 IEEE Transactions on Information Theory
, 1995
"... Abstract This paper provides a general treatment of privacy amplification by public discussion, a concept introduced by Bennett, Brassard, and Robert for a special scenario. Privacy amplification is a process that allows two parties to distill a secret key from a common random variable about which ..."
Abstract

Cited by 331 (19 self)
 Add to MetaCart
Abstract This paper provides a general treatment of privacy amplification by public discussion, a concept introduced by Bennett, Brassard, and Robert for a special scenario. Privacy amplification is a process that allows two parties to distill a secret key from a common random variable about which an eavesdropper has partial information. The two parties generally know nothing about the eavesdropper’s information except that it satisfies a certain constraint. The results have applications to unconditionally secure secretkey agreement protocols and quantum cryptography, and they yield results on wiretap and broadcast channels for a considerably strengthened definition of secrecy capacity. Index Terms Cryptography, secretkey agreement, unconditional security, privacy amplification, wiretap channel, secrecy capacity, RCnyi entropy, universal hashing, quantum cryptography. I.
Experimental Quantum Cryptography
 Journal of Cryptology
, 1992
"... We describe results from an apparatus and protocol designed to implement quantum key distribution, by which two users, who share no secret information initially: 1) exchange a random quantum transmission, consisting of very faint flashes of polarized light; 2) by subsequent public discussion of the ..."
Abstract

Cited by 268 (20 self)
 Add to MetaCart
(Show Context)
We describe results from an apparatus and protocol designed to implement quantum key distribution, by which two users, who share no secret information initially: 1) exchange a random quantum transmission, consisting of very faint flashes of polarized light; 2) by subsequent public discussion of the sent and received versions of this transmission estimate the extent of eavesdropping that might have taken place on it, and finally 3) if this estimate is small enough, distill from the sent and received versions a smaller body of shared random information, which is certifiably secret in the sense that any third party's expected information on it is an exponentially small fraction of one bit. Because the system depends on the uncertainty principle of quantum physics, instead of usual mathematical assumptions such as the difficulty of factoring, it remains secure against an adversary with unlimited computing power. A preliminary version of this paper was presented at Eurocrypt '90, May 21 ...
Quantum cryptography
 Rev. Mod. Phys
, 2002
"... Quantum cryptography could well be the first application of quantum mechanics at the individual quanta level. The very fast progress in both theory and experiments over the recent years are reviewed, with emphasis on open questions and technological issues. Contents I ..."
Abstract

Cited by 182 (6 self)
 Add to MetaCart
Quantum cryptography could well be the first application of quantum mechanics at the individual quanta level. The very fast progress in both theory and experiments over the recent years are reviewed, with emphasis on open questions and technological issues. Contents I
Quantum mechanics as quantum information (and only a little more), Quantum Theory: Reconsideration of Foundations
, 2002
"... In this paper, I try once again to cause some goodnatured trouble. The issue remains, when will we ever stop burdening the taxpayer with conferences devoted to the quantum foundations? The suspicion is expressed that no end will be in sight until a means is found to reduce quantum theory to two or ..."
Abstract

Cited by 113 (8 self)
 Add to MetaCart
(Show Context)
In this paper, I try once again to cause some goodnatured trouble. The issue remains, when will we ever stop burdening the taxpayer with conferences devoted to the quantum foundations? The suspicion is expressed that no end will be in sight until a means is found to reduce quantum theory to two or three statements of crisp physical (rather than abstract, axiomatic) significance. In this regard, no tool appears better calibrated for a direct assault than quantum information theory. Far from a strained application of the latest fad to a timehonored problem, this method holds promise precisely because a large part—but not all—of the structure of quantum theory has always concerned information. It is just that the physics community needs reminding. This paper, though takingquantph/0106166 as its core, corrects one mistake and offers several observations beyond the previous version. In particular, I identify one element of quantum mechanics that I would not label a subjective term in the theory—it is the integer parameter D traditionally ascribed to a quantum system via its Hilbertspace dimension. 1
Quantum information theory
, 1998
"... We survey the field of quantum information theory. In particular, we discuss the fundamentals of the field, source coding, quantum errorcorrecting codes, capacities of quantum channels, measures of entanglement, and quantum cryptography. ..."
Abstract

Cited by 100 (3 self)
 Add to MetaCart
We survey the field of quantum information theory. In particular, we discuss the fundamentals of the field, source coding, quantum errorcorrecting codes, capacities of quantum channels, measures of entanglement, and quantum cryptography.
The Quantum Challenge to Structural Complexity Theory
, 1992
"... This is a nontechnical survey paper of recent quantummechanical discoveries that challenge generally accepted complexitytheoretic versions of the ChurchTuring thesis. In particular, building on pionering work of David Deutsch and Richard Jozsa, we construct an oracle relative to which there exi ..."
Abstract

Cited by 56 (5 self)
 Add to MetaCart
This is a nontechnical survey paper of recent quantummechanical discoveries that challenge generally accepted complexitytheoretic versions of the ChurchTuring thesis. In particular, building on pionering work of David Deutsch and Richard Jozsa, we construct an oracle relative to which there exists a set that can be recognized in Quantum Polynomial Time (QP), yet any Turing machine that recognizes it would require exponential time even if allowed to be probabilistic, provided that errors are not tolerated. In particular, QP 6` ZPP relative to this oracle. Furthermore, there are cryptographic tasks that are demonstrably impossible to implement with unlimited computing power probabilistic interactive Turing machines, yet they can be implemented even in practice by quantum mechanical apparatus. 1 Deutsch's Quantum Computer In a bold paper published in the Proceedings of the Royal Society, David Deutsch put forth in 1985 the quantum computer [7] (see also [8]). Even though this may c...
Do we really understand quantum mechanics? Strange correlations, paradoxes, and theorems
 Am. J. Phys
, 2001
"... This article presents a general discussion of several aspects of our present understanding of quantum mechanics. The emphasis is put on the very special correlations that this theory makes possible: they are forbidden by very general arguments based on realism and local causality. In fact, these cor ..."
Abstract

Cited by 54 (1 self)
 Add to MetaCart
(Show Context)
This article presents a general discussion of several aspects of our present understanding of quantum mechanics. The emphasis is put on the very special correlations that this theory makes possible: they are forbidden by very general arguments based on realism and local causality. In fact, these correlations are completely impossible in any circumstance, except the very special situations designed by physicists especially to observe these purely quantum effects. Another general point that is emphasized is the necessity for the theory to predict the emergence of a single result in a single realization of an experiment. For this purpose, orthodox quantum mechanics introduces a special postulate: the reduction of the state vector, which comes in addition to the Schrödinger evolution postulate. Nevertheless, the presence in parallel of two evolution processes of the same object (the state vector) may be a potential source for conflicts; various attitudes that are possible
Quantum Key Distribution and String Oblivious Transfer on Noisy Channels, Los Alamos preprint archive quantph/9606003
 Advances in Cryptology: Proceeding of Crypto ’96, Lecture Notes in Computer Science
"... Abstract. We prove the unconditional security of a quantum key distribution (QKD) protocol on a noisy channel against the most general attack allowed by quantum physics. We use the fact that in a previous paper we have reduced the proof of the unconditionally security of this QKD protocol to a proof ..."
Abstract

Cited by 52 (9 self)
 Add to MetaCart
(Show Context)
Abstract. We prove the unconditional security of a quantum key distribution (QKD) protocol on a noisy channel against the most general attack allowed by quantum physics. We use the fact that in a previous paper we have reduced the proof of the unconditionally security of this QKD protocol to a proof that a corresponding Quantum String Oblivious Transfer (StringQOT) protocol would be unconditionally secure against Bob if implemented on top of an unconditionally secure bit commitment scheme. We prove a lemma that extends a security proof given by Yao for a (one bit) QOT protocol to this StringQOT protocol. This result and the reduction mentioned above implies the unconditional security of our QKD protocol despite our previous proof that unconditionally secure bit commitment schemes are impossible. 1
Informationtheoretically secret key generation for fading wireless channels
 IEEE TRANS ON INFORMATION FORENSICS AND SECURITY
, 2010
"... The multipathrich wireless environment associated with typical wireless usage scenarios is characterized by a fading channel response that is timevarying, locationsensitive, and uniquely shared by a given transmitter–receiver pair. The complexity associated with a richly scattering environment i ..."
Abstract

Cited by 51 (2 self)
 Add to MetaCart
(Show Context)
The multipathrich wireless environment associated with typical wireless usage scenarios is characterized by a fading channel response that is timevarying, locationsensitive, and uniquely shared by a given transmitter–receiver pair. The complexity associated with a richly scattering environment implies that the shortterm fading process is inherently hard to predict and best modeled stochastically, with rapid decorrelation properties in space, time, and frequency. In this paper, we demonstrate how the channel state between a wireless transmitter and receiver can be used as the basis for building practical secret key generation protocols between two entities. We begin by presenting a scheme based on level crossings of the fading process, which is wellsuited for the Rayleigh and Rician fading models associated with a richly scattering environment. Our level crossing algorithm is simple, and incorporates a selfauthenticating mechanism to prevent adversarial manipulation of message exchanges during the protocol. Since the level crossing algorithm is best suited for fading processes that exhibit symmetry in their underlying distribution, we present a second and more powerful approach that is suited for more general channel state distributions. This second approach is motivated by observations from quantizing jointly Gaussian processes, but exploits empirical measurements to set quantization boundaries and a heuristic log likelihood ratio estimate to achieve an improved secret key generation rate. We validate both proposed protocols through experimentations using a customized 802.11a platform, and show for the typical WiFi channel that reliable secret key establishment can be accomplished at rates on the order of 10 b/s.