Why quantum bit commitment and ideal quantum coin tossing are impossible.
From MaRDI portal
Publication:1586916
DOI10.1016/S0167-2789(98)00053-0zbMATH Open1040.81509arXivquant-ph/9711065OpenAlexW3121783526MaRDI QIDQ1586916FDOQ1586916
Authors: R. Smith 
Publication date: 20 November 2000
Published in: Physica D (Search for Journal in Brave)
Abstract: There had been well known claims of unconditionally secure quantum protocols for bit commitment. However, we, and independently Mayers, showed that all proposed quantum bit commitment schemes are, in principle, insecure because the sender, Alice, can almost always cheat successfully by using an Einstein-Podolsky-Rosen (EPR) type of attack and delaying her measurements. One might wonder if secure quantum bit commitment protocols exist at all. We answer this question by showing that the same type of attack by Alice will, in principle, break any bit commitment scheme. The cheating strategy generally requires a quantum computer. We emphasize the generality of this ``no-go theorem: Unconditionally secure bit commitment schemes based on quantum mechanics---fully quantum, classical or quantum but with measurements---are all ruled out by this result. Since bit commitment is a useful primitive for building up more sophisticated protocols such as zero-knowledge proofs, our results cast very serious doubt on the security of quantum cryptography in the so-called ``post-cold-war applications. We also show that ideal quantum coin tossing is impossible because of the EPR attack. This no-go theorem for ideal quantum coin tossing may help to shed some lights on the possibility of non-ideal protocols.
Full work available at URL: https://arxiv.org/abs/quant-ph/9711065
Recommendations
Cites Work
- Quantum cryptography based on Bell’s theorem
- Error Correcting Codes in Quantum Theory
- Experimental quantum cryptography.
- Title not available (Why is that?)
- Fidelity for Mixed Quantum States
- Quantum key distribution and string oblivious transfer in noisy channels
- Title not available (Why is that?)
- Title not available (Why is that?)
- Mathematical techniques for quantum communication theory
- Title not available (Why is that?)
Cited In (35)
- A short impossibility proof of quantum bit commitment
- A short review on quantum identity authentication protocols: how would Bob know that he is talking with Alice?
- QUANTUM BIT COMMITMENT WITH SECRET PARAMETERS
- Title not available (Why is that?)
- Quantum communication protocols using the vacuum
- On the round complexity of secure quantum computation
- Unconditionally secure quantum bit commitment based on the uncertainty principle
- Quantum dice rolling: a multi-outcome generalization of quantum coin flipping
- Resource requirements of private quantum channels and consequences for oblivious remote state preparation
- Cryptanalysis and improvement of ``Game theoretic security of quantum bit commitment
- The Unruh-DeWitt model and its joint interacting Hilbert space
- Weak coin flipping with small bias
- On the impossibility of non-static quantum bit commitment between two parties
- Remote preparation of arbitrary ensembles and quantum bit commitment
- Basing cryptographic protocols on tamper-evident seals
- Security of quantum bit string commitment depends on the information measure
- A broader view on the limitations of information processing and communication by nature
- New binding-concealing trade-offs for quantum string commitment
- Dilemma that cannot be resolved by biased quantum coin flipping
- Quantum computationally predicate-binding commitments with application in quantum zero-knowledge arguments for NP
- ON THE POWER OF QUANTUM TAMPER-PROOF DEVICES
- Cheat-sensitive coin flipping and quantum gambling
- Probabilistic versions of quantum private queries
- Optimization of coherent attacks in generalizations of the BB84 quantum bit commitment protocol
- Quantum entanglement
- Quantum bit escrow
- On local realism and commutativity
- Infeasibility of quantum cryptography without eavesdropping check
- A new protocol and lower bounds for quantum coin flipping
- Cryptanalysis and improvement of Wu–Cai–Wu–Zhang’s quantum private comparison protocol
- Implications of superstrong non-locality for cryptography
- Quantum Gambling
- General properties of quantum bit commitments (extended abstract)
- QUANTUM AUTHENTICATION USING ENTANGLED STATES
- Quantum state targeting
This page was built for publication: Why quantum bit commitment and ideal quantum coin tossing are impossible.
Report a bug (only for logged in users!)Click here to report a bug for this page (MaRDI item Q1586916)
