SlideShare una empresa de Scribd logo

Security of continuous variable quantum key distribution against general attacks

W
wtyru1989
Tecnología
1 de 17
Descargar para leer sin conexión
Security of continuous-variable quantum key distribution against general attacks arXiv: 1208.4920 Anthony Leverrier (ETH Zürich) with Raúl García-Patrón, Renato Renner and Nicolas J. Cerf QCRYPT 2012
Quantum Key Distribution with continuous variables What’s different? Alice encodes information on the quadratures (X , P) of the EM field Bob measures with an homodyne (interferometric) detection Grosshans et al., Nature 421 238 (2003) Features no need for single-photon counters compatible with WDM Bing Qi et al. NJP 12 103042 (2010) "Gaussian Quantum Information" C. Weedbrook et al, RMP 84 621 (2012) Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Many protocols Four Gaussian entangled protocols √ ∞ 1 Alice prepares N EPR pairs |Ψ = 1 − x2 n=0 x n |n, n 2 for each pair, she keeps one mode and sends the other one to Bob 3 Alice and Bob perform either homodyne or heterodyne detection homodyne = measuring X OR P heterodyne = measuring X AND P (with higher noise) Prepare and measure versions homodyne meas. for Alice ⇔ preparation of a squeezed state heterodyne meas. for Alice ⇔ preparation of a coherent state Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Description of the protocol A and B measure ρn with homodyne/hererodyne detection AB Alice obtains x = (x1 , x2 , · · · xn ) ∈ R n Bob obains y = (y1 , y2 , · · · , yn ) ∈ R n (Reverse) reconciliation: Bob sends some information to Alice who ˆ guesses y Privacy amplification: Alice and Bob apply some hash function and obtain (SA , SB ) plus some transcript C of all classical information QKD protocol: map E E : ρn −→ (SA , SB , C) AB Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Experimental implementations in fiber: Qi el al, PRA (2007), Lodewyck et al, PRA (2007), Fossier et al, NJP (2009), Xuan et al, Opt Exp (2009) · · · in free space: S. Tokunaga et al, CLEO (2007), D. Elser et al, NJP (2010), B. Heim et al, APL (2010) · · · with an entangled source T. Eberle et al, arXiv preprint (2011), L. Madsen et al, arXiv preprint (2011) Reliable technology field test during more than 6 months over around 20 km P. Jouguet et al. Opt Expr 20 14030 (2012) Long distance Current record: over 80 km! ⇒ see P. Jouguet’s talk on Friday! What about security? Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Security proofs for CV QKD (before 2012) OK · · · in the asymptotic limit de Finetti theorem for infinite-dimensional quantum systems ⇒ collective attacks are asymptotically optimal R.Renner, J.I. Cirac, PRL (2008) Gaussian attacks are asymptotically optimal among collective attacks R.García-Patrón, N.J. Cerf PRL (2006) M. Navascués, F. Grosshans, A. Acín PRL (2006) Problems de Finetti useless in practical settings: convergence is too slow parameter estimation is problematic for CVQKD (unbounded variables) Two solutions 1 Entropic uncertainty relation: Hmin (X |E) + Hmax (P|B) ≥ N log c(δ) F. Furrer et al, PRL 109 100502 (2012) ⇒ see Fabian’s talk on Friday! combining the postselection technique (M. Christandl et al, PRL 2009) with symmetries in phase space ⇒ this talk Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Security definition A protocol E is secure if it is undistinguishable from an ideal protocol F : ρn −→ (S, S, C): AB F outputs the same key S for Alice and Bob S is uniformly distributed over the set of keys and uncorrelated with Eve’s quantum state: 1 ρSE = |s1 , · · · , sk s1 , · · · , sk | ⊗ ρE . 2k For instance, F = S ◦ E where S replaces (SA , SB ) by a perfect key (S, S). -security: ||E − F || ≤ ⇒ the advantage in distinguishing E from F is less than . ||E − F|| := sup (E − F) ⊗ idK (ρABE ) 1 ρABE How to compute the diamond norm? If the maps are permutation invariant: postselection technique M. Christandl, R. König, R. Renner, PRL 2009 · · · but only for finite dimension Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
The postselection technique For protocol invariant under permutations: Theorem [Christandl et al.] 2 −1 ||E−F|| ≤ (n+1)d ||(E−F)⊗id(τHR )||1 where d = dim(HA ⊗ HB ) ≡ τHR is a purification of ⊗n τH = σH µ(σH ) ||(E − F) ⊗ id(τHR )||1 is exponentially small for protocols secure against collective attacks Security against collective attacks implies security against general attacks if the protocol is permutation invariant the dimension of HA ⊗ HB is finite Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Dealing with infinite dimension Two ideas 1 We prepend a test T to the protocol: if the test succeeds, Alice and Bob continue with the usual protocol otherwise they abort The goal of the test is to make sure that the state ρn contains not too AB many photons, i.e. is close to a finite dimensional state. 2 The permutation symmetry is not sufficient for the test: ⇒ we exploit symmetries in phase space specific to CV QKD. Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Sketch of the proof Some notations E0 : ρn → (SA , SB , C): the usual protocol, secure against collective AB attacks; and F0 := S ◦ E0 the ideal version a test T : ρN → ρn ⊗ {pass/fail} with N > n AB AB a projection P : (HA ⊗ HB )⊗n → (HA ⊗ HB )⊗n with HA := Span(|0 , · · · , |dA − 1 ); dim(HA ) = dA < ∞ HB := Span(|0 , · · · , |dB − 1 ); dim(HB ) = dB < ∞ the new protocol of interest: E := E0 ◦ T : ρN → (SA , SB , C) AB ||E − F || ≤ ||E0 PT − F0 PT || + ||E − E0 PT || + ||F − F0 PT || = ||E0 PT − F0 PT || + ||E0 ◦ (id − P) ◦ T || + ||F0 ◦ (id − P) ◦ T || ≤ ||E0 PT − F0 PT || + 2||(id − P) ◦ T || Postselection technique small for a "good" test Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
How to choose the test T ? Note: because Eve does not interact with Alice’s state, it is sufficient to apply the test on Bob’s state ρN . B Goal: find T such that ||(id − P) ◦ T || ≤ , i.e. Prob [passing the test] AND max mk ≥ dB ≤ k where mk is the result of a photon counting measurement of mode k of ρn . B Idea: photon counting ≈ energy measurement ≈ heterodyne detection T should be easy to implement: one measures m := N − n modes with heterodyne detection: results: z = (z1 , z2 , · · · , z2m ) given z, pass or fail Permutation symmetry is not sufficient In fact, even independence is not sufficient. Ex: ρN = σ ⊗N with σ = (1 − δ)|0 0| + δ|N N|. The probability of passing the test is large, but the projection will fail if δ = O(1/N). Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Transformations in phase space U ∼ U(n): group generated by phase shifts and beamsplitters = ⇒ act like orthogonal transformations in phase space. Action of phase shits and beamsplitters on n modes There exists U ∈ U(n): V = Re(U) and W = −Im(U) a → Ua; a† → U ∗ a† X V W X → P −W V P ⇒ U commutes with a heterodyne detection Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Symmetry in phase space For any linear passive transformation in phase space U (corresponding to a network of beamsplitters and phase shifts), there exists an orthogonal R transformation in 2N such that: One can assume that ∗ ρN is invariant under UA ⊗ UB AB UρN U † = ρN B B ∀U. ⇒ ρN B = n k =0 λk σk ≡ n 1 σk = n+k −1 |k1 · · · kN k1 · · · kN | k k1 +···+kN =k ρN is a mixture of generalized N-mode B Fock states ⇒ very unlikely to pass the test and fail the projection P R The vector (X, P) ∈ 2n is uniformly distributed on the sphere of radius ||X||2 + ||P||2 ⇒ concentration of measure on the sphere. Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
The test Bob computes: 2 2 2 Z := y2n+1 + y2n+2 + · · · + y2N If Z ≤ (N − n)Ztest , Alice and Bob continue otherwise, they abort Concentration of measure: 2 2 Prob [test succeeds] AND y1 + · · · + y2n ≥ n (Ztest + δ) ≤ Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
The test Bob computes: 2 2 2 Z := y2n+1 + y2n+2 + · · · + y2N If Z ≤ (N − n)Ztest , Alice and Bob continue otherwise, they abort Concentration of measure: 2 2 Prob [test succeeds] AND y1 + · · · + y2n ≥ n (Ztest + δ) ≤ Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Sketch of the proof n Prob [pass test] AND i=1 Xi2 + Pi2 ≥ C1 n ≤ test n Prob [pass test] AND i=1 ˆ ni ≥ C2 n ≤ test ˆ n Prob [pass test] AND max ni ≥ C3 log test ≤ test for some explicit constants C1 , C2 , C3 Putting all together n choose dA , dB = O log test postselection technique: if E0 is 0 -secure against collective attacks, then E is -secure against general attacks with O (log4 (n/ test )) = 02 +2 test . ok because one can take 0 = 2−cn . Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
Conclusion Summary We show that collective attacks are optimal for Gaussian protocols thanks to two ideas prepending an test to the usual protocol to truncate the Hilbert space permutation symmetry is not sufficient to prove security: one needs rotation invariance in phase space Open questions Our proof is somewhat suboptimal: first, we truncate, then we use the finite-dimensional postselection technique Can we generalize the technique for maps which are symmetric in phase space? Same question for de Finetti theorem (only partial results are known) Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks

Recomendados

Quantum key distribution with continuous variables at telecom wavelength
Quantum key distribution with continuous variables at telecom wavelengthQuantum key distribution with continuous variables at telecom wavelength
Quantum key distribution with continuous variables at telecom wavelength
wtyru1989
 
UCB 2012-02-28
UCB 2012-02-28UCB 2012-02-28
UCB 2012-02-28
FilipeCMaia
 
Rank awarealgs small11
Rank awarealgs small11Rank awarealgs small11
Rank awarealgs small11
Jules Esp
 
Iwsmbvs
IwsmbvsIwsmbvs
Iwsmbvs
Bob O'Hara
 
Dsp
DspDsp
Dsp
vskanimozhi061988
 
Sparsity and Compressed Sensing
Sparsity and Compressed SensingSparsity and Compressed Sensing
Sparsity and Compressed Sensing
Gabriel Peyré
 
Signal Processing Course : Compressed Sensing
Signal Processing Course : Compressed SensingSignal Processing Course : Compressed Sensing
Signal Processing Course : Compressed Sensing
Gabriel Peyré
 
PAWL - GPU meeting @ Warwick
PAWL - GPU meeting @ WarwickPAWL - GPU meeting @ Warwick
PAWL - GPU meeting @ Warwick
Pierre Jacob
 

Recomendados

Quantum key distribution with continuous variables at telecom wavelength
Quantum key distribution with continuous variables at telecom wavelengthQuantum key distribution with continuous variables at telecom wavelength
Quantum key distribution with continuous variables at telecom wavelength
wtyru1989
 
UCB 2012-02-28
UCB 2012-02-28UCB 2012-02-28
UCB 2012-02-28
FilipeCMaia
 
Rank awarealgs small11
Rank awarealgs small11Rank awarealgs small11
Rank awarealgs small11
Jules Esp
 
Iwsmbvs
IwsmbvsIwsmbvs
Iwsmbvs
Bob O'Hara
 
Dsp
DspDsp
Dsp
vskanimozhi061988
 
Sparsity and Compressed Sensing
Sparsity and Compressed SensingSparsity and Compressed Sensing
Sparsity and Compressed Sensing
Gabriel Peyré
 
Signal Processing Course : Compressed Sensing
Signal Processing Course : Compressed SensingSignal Processing Course : Compressed Sensing
Signal Processing Course : Compressed Sensing
Gabriel Peyré
 
PAWL - GPU meeting @ Warwick
PAWL - GPU meeting @ WarwickPAWL - GPU meeting @ Warwick
PAWL - GPU meeting @ Warwick
Pierre Jacob
 
Compressed Sensing and Tomography
Compressed Sensing and TomographyCompressed Sensing and Tomography
Compressed Sensing and Tomography
Gabriel Peyré
 
Cd Simon
Cd SimonCd Simon
Cd Simon
Manuel Mañas
 
Bayesian inversion of deterministic dynamic causal models
Bayesian inversion of deterministic dynamic causal modelsBayesian inversion of deterministic dynamic causal models
Bayesian inversion of deterministic dynamic causal models
khbrodersen
 
Second Order Perturbations During Inflation Beyond Slow-roll
Second Order Perturbations During Inflation Beyond Slow-rollSecond Order Perturbations During Inflation Beyond Slow-roll
Second Order Perturbations During Inflation Beyond Slow-roll
Ian Huston
 
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
avinokurov
 
Quantitative Propagation of Chaos for SGD in Wide Neural Networks
Quantitative Propagation of Chaos for SGD in Wide Neural NetworksQuantitative Propagation of Chaos for SGD in Wide Neural Networks
Quantitative Propagation of Chaos for SGD in Wide Neural Networks
Valentin De Bortoli
 
Guarding Terrains though the Lens of Parameterized Complexity
Guarding Terrains though the Lens of Parameterized ComplexityGuarding Terrains though the Lens of Parameterized Complexity
Guarding Terrains though the Lens of Parameterized Complexity
AkankshaAgrawal55
 
Wasserstein GAN
Wasserstein GANWasserstein GAN
Wasserstein GAN
Jinho Lee
 
A Novel Methodology for Designing Linear Phase IIR Filters
A Novel Methodology for Designing Linear Phase IIR FiltersA Novel Methodology for Designing Linear Phase IIR Filters
A Novel Methodology for Designing Linear Phase IIR Filters
IDES Editor
 
Fine Grained Complexity of Rainbow Coloring and its Variants
Fine Grained Complexity of Rainbow Coloring and its VariantsFine Grained Complexity of Rainbow Coloring and its Variants
Fine Grained Complexity of Rainbow Coloring and its Variants
AkankshaAgrawal55
 
Recent developments in control, power electronics and renewable energy by Dr ...
Recent developments in control, power electronics and renewable energy by Dr ...Recent developments in control, power electronics and renewable energy by Dr ...
Recent developments in control, power electronics and renewable energy by Dr ...
Qing-Chang Zhong
 
The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...
The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...
The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...
Yusuf Bhujwalla
 
Approximate Tree Kernels
Approximate Tree KernelsApproximate Tree Kernels
Approximate Tree Kernels
Niharjyoti Sarangi
 
A brief introduction to Hartree-Fock and TDDFT
A brief introduction to Hartree-Fock and TDDFTA brief introduction to Hartree-Fock and TDDFT
A brief introduction to Hartree-Fock and TDDFT
Jiahao Chen
 
Jylee probabilistic reasoning with bayesian networks
Jylee probabilistic reasoning with bayesian networksJylee probabilistic reasoning with bayesian networks
Jylee probabilistic reasoning with bayesian networks
Jungyeol
 
Tro07 sparse-solutions-talk
Tro07 sparse-solutions-talkTro07 sparse-solutions-talk
Tro07 sparse-solutions-talk
mpbchina
 
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
Advanced-Concepts-Team
 
Collier
CollierCollier
Collier
eric_gautier
 
Signal Processing Course : Sparse Regularization of Inverse Problems
Signal Processing Course : Sparse Regularization of Inverse ProblemsSignal Processing Course : Sparse Regularization of Inverse Problems
Signal Processing Course : Sparse Regularization of Inverse Problems
Gabriel Peyré
 
Jyokyo-kai-20120605
Jyokyo-kai-20120605Jyokyo-kai-20120605
Jyokyo-kai-20120605
ketanaka
 
Chapter 3 projection
Chapter 3 projectionChapter 3 projection
Chapter 3 projection
NBER
 
QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...
QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...
QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...
The Statistical and Applied Mathematical Sciences Institute
 

Más contenido relacionado

La actualidad más candente

Bayesian inversion of deterministic dynamic causal models
Bayesian inversion of deterministic dynamic causal modelsBayesian inversion of deterministic dynamic causal models
Bayesian inversion of deterministic dynamic causal models
khbrodersen
 
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
avinokurov
 
Guarding Terrains though the Lens of Parameterized Complexity
Guarding Terrains though the Lens of Parameterized ComplexityGuarding Terrains though the Lens of Parameterized Complexity
Guarding Terrains though the Lens of Parameterized Complexity
AkankshaAgrawal55
 
A Novel Methodology for Designing Linear Phase IIR Filters
A Novel Methodology for Designing Linear Phase IIR FiltersA Novel Methodology for Designing Linear Phase IIR Filters
A Novel Methodology for Designing Linear Phase IIR Filters
IDES Editor
 
Recent developments in control, power electronics and renewable energy by Dr ...
Recent developments in control, power electronics and renewable energy by Dr ...Recent developments in control, power electronics and renewable energy by Dr ...
Recent developments in control, power electronics and renewable energy by Dr ...
Qing-Chang Zhong
 
A brief introduction to Hartree-Fock and TDDFT
A brief introduction to Hartree-Fock and TDDFTA brief introduction to Hartree-Fock and TDDFT
A brief introduction to Hartree-Fock and TDDFT
Jiahao Chen
 
Jylee probabilistic reasoning with bayesian networks
Jylee probabilistic reasoning with bayesian networksJylee probabilistic reasoning with bayesian networks
Jylee probabilistic reasoning with bayesian networks
Jungyeol
 
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
Advanced-Concepts-Team
 
Jyokyo-kai-20120605
Jyokyo-kai-20120605Jyokyo-kai-20120605
Jyokyo-kai-20120605
ketanaka
 

La actualidad más candente (20)

Compressed Sensing and Tomography
Compressed Sensing and TomographyCompressed Sensing and Tomography
Compressed Sensing and Tomography
 
Cd Simon
Cd SimonCd Simon
Cd Simon
 
Bayesian inversion of deterministic dynamic causal models
Bayesian inversion of deterministic dynamic causal modelsBayesian inversion of deterministic dynamic causal models
Bayesian inversion of deterministic dynamic causal models
 
Second Order Perturbations During Inflation Beyond Slow-roll
Second Order Perturbations During Inflation Beyond Slow-rollSecond Order Perturbations During Inflation Beyond Slow-roll
Second Order Perturbations During Inflation Beyond Slow-roll
 
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
Theoretical and computational aspects of the SVM, EBCM, and PMM methods in li...
 
Quantitative Propagation of Chaos for SGD in Wide Neural Networks
Quantitative Propagation of Chaos for SGD in Wide Neural NetworksQuantitative Propagation of Chaos for SGD in Wide Neural Networks
Quantitative Propagation of Chaos for SGD in Wide Neural Networks
 
Guarding Terrains though the Lens of Parameterized Complexity
Guarding Terrains though the Lens of Parameterized ComplexityGuarding Terrains though the Lens of Parameterized Complexity
Guarding Terrains though the Lens of Parameterized Complexity
 
Wasserstein GAN
Wasserstein GANWasserstein GAN
Wasserstein GAN
 
A Novel Methodology for Designing Linear Phase IIR Filters
A Novel Methodology for Designing Linear Phase IIR FiltersA Novel Methodology for Designing Linear Phase IIR Filters
A Novel Methodology for Designing Linear Phase IIR Filters
 
Fine Grained Complexity of Rainbow Coloring and its Variants
Fine Grained Complexity of Rainbow Coloring and its VariantsFine Grained Complexity of Rainbow Coloring and its Variants
Fine Grained Complexity of Rainbow Coloring and its Variants
 
Recent developments in control, power electronics and renewable energy by Dr ...
Recent developments in control, power electronics and renewable energy by Dr ...Recent developments in control, power electronics and renewable energy by Dr ...
Recent developments in control, power electronics and renewable energy by Dr ...
 
The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...
The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...
The Impact of Smoothness on Model Class Selection in Nonlinear System Identif...
 
Approximate Tree Kernels
Approximate Tree KernelsApproximate Tree Kernels
Approximate Tree Kernels
 
A brief introduction to Hartree-Fock and TDDFT
A brief introduction to Hartree-Fock and TDDFTA brief introduction to Hartree-Fock and TDDFT
A brief introduction to Hartree-Fock and TDDFT
 
Jylee probabilistic reasoning with bayesian networks
Jylee probabilistic reasoning with bayesian networksJylee probabilistic reasoning with bayesian networks
Jylee probabilistic reasoning with bayesian networks
 
Tro07 sparse-solutions-talk
Tro07 sparse-solutions-talkTro07 sparse-solutions-talk
Tro07 sparse-solutions-talk
 
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
DPPs everywhere: repulsive point processes for Monte Carlo integration, signa...
 
Collier
CollierCollier
Collier
 
Signal Processing Course : Sparse Regularization of Inverse Problems
Signal Processing Course : Sparse Regularization of Inverse ProblemsSignal Processing Course : Sparse Regularization of Inverse Problems
Signal Processing Course : Sparse Regularization of Inverse Problems
 
Jyokyo-kai-20120605
Jyokyo-kai-20120605Jyokyo-kai-20120605
Jyokyo-kai-20120605
 

Similar a Security of continuous variable quantum key distribution against general attacks

Chapter 3 projection
Chapter 3 projectionChapter 3 projection
Chapter 3 projection
NBER
 
Topological Inference via Meshing
Topological Inference via MeshingTopological Inference via Meshing
Topological Inference via Meshing
Don Sheehy
 
從 VAE 走向深度學習新理論
從 VAE 走向深度學習新理論從 VAE 走向深度學習新理論
從 VAE 走向深度學習新理論
岳華 杜
 
Slides: Hypothesis testing, information divergence and computational geometry
Slides: Hypothesis testing, information divergence and computational geometrySlides: Hypothesis testing, information divergence and computational geometry
Slides: Hypothesis testing, information divergence and computational geometry
Frank Nielsen
 
CommunicationComplexity1_jieren
CommunicationComplexity1_jierenCommunicationComplexity1_jieren
CommunicationComplexity1_jieren
jie ren
 

Similar a Security of continuous variable quantum key distribution against general attacks (20)

Chapter 3 projection
Chapter 3 projectionChapter 3 projection
Chapter 3 projection
 
QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...
QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...
QMC Program: Trends and Advances in Monte Carlo Sampling Algorithms Workshop,...
 
Threshold network models
Threshold network modelsThreshold network models
Threshold network models
 
QMC: Operator Splitting Workshop, Compactness Estimates for Nonlinear PDEs - ...
QMC: Operator Splitting Workshop, Compactness Estimates for Nonlinear PDEs - ...QMC: Operator Splitting Workshop, Compactness Estimates for Nonlinear PDEs - ...
QMC: Operator Splitting Workshop, Compactness Estimates for Nonlinear PDEs - ...
 
MCQMC 2020 talk: Importance Sampling for a Robust and Efficient Multilevel Mo...
MCQMC 2020 talk: Importance Sampling for a Robust and Efficient Multilevel Mo...MCQMC 2020 talk: Importance Sampling for a Robust and Efficient Multilevel Mo...
MCQMC 2020 talk: Importance Sampling for a Robust and Efficient Multilevel Mo...
 
ABC based on Wasserstein distances
ABC based on Wasserstein distancesABC based on Wasserstein distances
ABC based on Wasserstein distances
 
Introduction to Formal Argumentation Theory
Introduction to Formal Argumentation TheoryIntroduction to Formal Argumentation Theory
Introduction to Formal Argumentation Theory
 
Slides: A glance at information-geometric signal processing
Slides: A glance at information-geometric signal processingSlides: A glance at information-geometric signal processing
Slides: A glance at information-geometric signal processing
 
Topological Inference via Meshing
Topological Inference via MeshingTopological Inference via Meshing
Topological Inference via Meshing
 
Richard Everitt's slides
Richard Everitt's slidesRichard Everitt's slides
Richard Everitt's slides
 
從 VAE 走向深度學習新理論
從 VAE 走向深度學習新理論從 VAE 走向深度學習新理論
從 VAE 走向深度學習新理論
 
Testing for mixtures by seeking components
Testing for mixtures by seeking componentsTesting for mixtures by seeking components
Testing for mixtures by seeking components
 
ABC with Wasserstein distances
ABC with Wasserstein distancesABC with Wasserstein distances
ABC with Wasserstein distances
 
Patch Matching with Polynomial Exponential Families and Projective Divergences
Patch Matching with Polynomial Exponential Families and Projective DivergencesPatch Matching with Polynomial Exponential Families and Projective Divergences
Patch Matching with Polynomial Exponential Families and Projective Divergences
 
Slides: Hypothesis testing, information divergence and computational geometry
Slides: Hypothesis testing, information divergence and computational geometrySlides: Hypothesis testing, information divergence and computational geometry
Slides: Hypothesis testing, information divergence and computational geometry
 
Multiple estimators for Monte Carlo approximations
Multiple estimators for Monte Carlo approximationsMultiple estimators for Monte Carlo approximations
Multiple estimators for Monte Carlo approximations
 
the ABC of ABC
the ABC of ABCthe ABC of ABC
the ABC of ABC
 
Clustering Based Approach Extracting Collocations
Clustering Based Approach Extracting CollocationsClustering Based Approach Extracting Collocations
Clustering Based Approach Extracting Collocations
 
CommunicationComplexity1_jieren
CommunicationComplexity1_jierenCommunicationComplexity1_jieren
CommunicationComplexity1_jieren
 
[KHBM] Application of network analysis based on cortical thickness to obsessi...
[KHBM] Application of network analysis based on cortical thickness to obsessi...[KHBM] Application of network analysis based on cortical thickness to obsessi...
[KHBM] Application of network analysis based on cortical thickness to obsessi...
 

Más de wtyru1989

Gaussian discord imperial
Gaussian discord imperialGaussian discord imperial
Gaussian discord imperial
wtyru1989
 
Entropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problemEntropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problem
wtyru1989
 
Manipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglementManipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglement
wtyru1989
 
The gaussian minimum entropy conjecture
The gaussian minimum entropy conjectureThe gaussian minimum entropy conjecture
The gaussian minimum entropy conjecture
wtyru1989
 
The security of quantum cryptography
The security of quantum cryptographyThe security of quantum cryptography
The security of quantum cryptography
wtyru1989
 
Entanglement of formation
Entanglement of formationEntanglement of formation
Entanglement of formation
wtyru1989
 
Bound entanglement is not rare
Bound entanglement is not rareBound entanglement is not rare
Bound entanglement is not rare
wtyru1989
 
Continuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applicationsContinuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applications
wtyru1989
 
Relative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglementRelative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglement
wtyru1989
 
Towards a one shot entanglement theory
Towards a one shot entanglement theoryTowards a one shot entanglement theory
Towards a one shot entanglement theory
wtyru1989
 
Postselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkdPostselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkd
wtyru1989
 
Qkd and de finetti theorem
Qkd and de finetti theoremQkd and de finetti theorem
Qkd and de finetti theorem
wtyru1989
 
Lattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codesLattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codes
wtyru1989
 

Más de wtyru1989 (20)

Quantum optical measurement
Quantum optical measurementQuantum optical measurement
Quantum optical measurement
 
Gaussian discord imperial
Gaussian discord imperialGaussian discord imperial
Gaussian discord imperial
 
Entropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problemEntropic characteristics of quantum channels and the additivity problem
Entropic characteristics of quantum channels and the additivity problem
 
Manipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglementManipulating continuous variable photonic entanglement
Manipulating continuous variable photonic entanglement
 
The gaussian minimum entropy conjecture
The gaussian minimum entropy conjectureThe gaussian minimum entropy conjecture
The gaussian minimum entropy conjecture
 
The security of quantum cryptography
The security of quantum cryptographyThe security of quantum cryptography
The security of quantum cryptography
 
Entanglement of formation
Entanglement of formationEntanglement of formation
Entanglement of formation
 
Bound entanglement is not rare
Bound entanglement is not rareBound entanglement is not rare
Bound entanglement is not rare
 
Continuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applicationsContinuous variable quantum entanglement and its applications
Continuous variable quantum entanglement and its applications
 
Relative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglementRelative entropy and_squahed_entanglement
Relative entropy and_squahed_entanglement
 
Lect12 photodiode detectors
Lect12 photodiode detectorsLect12 photodiode detectors
Lect12 photodiode detectors
 
Towards a one shot entanglement theory
Towards a one shot entanglement theoryTowards a one shot entanglement theory
Towards a one shot entanglement theory
 
Postselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkdPostselection technique for quantum channels and applications for qkd
Postselection technique for quantum channels and applications for qkd
 
Encrypting with entanglement matthias christandl
Encrypting with entanglement matthias christandlEncrypting with entanglement matthias christandl
Encrypting with entanglement matthias christandl
 
Qkd and de finetti theorem
Qkd and de finetti theoremQkd and de finetti theorem
Qkd and de finetti theorem
 
Dic rd theory_quantization_07
Dic rd theory_quantization_07Dic rd theory_quantization_07
Dic rd theory_quantization_07
 
Lattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codesLattices, sphere packings, spherical codes
Lattices, sphere packings, spherical codes
 
Em method
Em methodEm method
Em method
 
标量量化
标量量化标量量化
标量量化
 
Fully understanding cmrr taiwan-2012
Fully understanding cmrr taiwan-2012Fully understanding cmrr taiwan-2012
Fully understanding cmrr taiwan-2012
 

Último

TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 

Último (20)

Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 

Security of continuous variable quantum key distribution against general attacks

  • 1. Security of continuous-variable quantum key distribution against general attacks arXiv: 1208.4920 Anthony Leverrier (ETH Zürich) with Raúl García-Patrón, Renato Renner and Nicolas J. Cerf QCRYPT 2012
  • 2. Quantum Key Distribution with continuous variables What’s different? Alice encodes information on the quadratures (X , P) of the EM field Bob measures with an homodyne (interferometric) detection Grosshans et al., Nature 421 238 (2003) Features no need for single-photon counters compatible with WDM Bing Qi et al. NJP 12 103042 (2010) "Gaussian Quantum Information" C. Weedbrook et al, RMP 84 621 (2012) Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 3. Many protocols Four Gaussian entangled protocols √ ∞ 1 Alice prepares N EPR pairs |Ψ = 1 − x2 n=0 x n |n, n 2 for each pair, she keeps one mode and sends the other one to Bob 3 Alice and Bob perform either homodyne or heterodyne detection homodyne = measuring X OR P heterodyne = measuring X AND P (with higher noise) Prepare and measure versions homodyne meas. for Alice ⇔ preparation of a squeezed state heterodyne meas. for Alice ⇔ preparation of a coherent state Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 4. Description of the protocol A and B measure ρn with homodyne/hererodyne detection AB Alice obtains x = (x1 , x2 , · · · xn ) ∈ R n Bob obains y = (y1 , y2 , · · · , yn ) ∈ R n (Reverse) reconciliation: Bob sends some information to Alice who ˆ guesses y Privacy amplification: Alice and Bob apply some hash function and obtain (SA , SB ) plus some transcript C of all classical information QKD protocol: map E E : ρn −→ (SA , SB , C) AB Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 5. Experimental implementations in fiber: Qi el al, PRA (2007), Lodewyck et al, PRA (2007), Fossier et al, NJP (2009), Xuan et al, Opt Exp (2009) · · · in free space: S. Tokunaga et al, CLEO (2007), D. Elser et al, NJP (2010), B. Heim et al, APL (2010) · · · with an entangled source T. Eberle et al, arXiv preprint (2011), L. Madsen et al, arXiv preprint (2011) Reliable technology field test during more than 6 months over around 20 km P. Jouguet et al. Opt Expr 20 14030 (2012) Long distance Current record: over 80 km! ⇒ see P. Jouguet’s talk on Friday! What about security? Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 6. Security proofs for CV QKD (before 2012) OK · · · in the asymptotic limit de Finetti theorem for infinite-dimensional quantum systems ⇒ collective attacks are asymptotically optimal R.Renner, J.I. Cirac, PRL (2008) Gaussian attacks are asymptotically optimal among collective attacks R.García-Patrón, N.J. Cerf PRL (2006) M. Navascués, F. Grosshans, A. Acín PRL (2006) Problems de Finetti useless in practical settings: convergence is too slow parameter estimation is problematic for CVQKD (unbounded variables) Two solutions 1 Entropic uncertainty relation: Hmin (X |E) + Hmax (P|B) ≥ N log c(δ) F. Furrer et al, PRL 109 100502 (2012) ⇒ see Fabian’s talk on Friday! combining the postselection technique (M. Christandl et al, PRL 2009) with symmetries in phase space ⇒ this talk Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 7. Security definition A protocol E is secure if it is undistinguishable from an ideal protocol F : ρn −→ (S, S, C): AB F outputs the same key S for Alice and Bob S is uniformly distributed over the set of keys and uncorrelated with Eve’s quantum state: 1 ρSE = |s1 , · · · , sk s1 , · · · , sk | ⊗ ρE . 2k For instance, F = S ◦ E where S replaces (SA , SB ) by a perfect key (S, S). -security: ||E − F || ≤ ⇒ the advantage in distinguishing E from F is less than . ||E − F|| := sup (E − F) ⊗ idK (ρABE ) 1 ρABE How to compute the diamond norm? If the maps are permutation invariant: postselection technique M. Christandl, R. König, R. Renner, PRL 2009 · · · but only for finite dimension Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 8. The postselection technique For protocol invariant under permutations: Theorem [Christandl et al.] 2 −1 ||E−F|| ≤ (n+1)d ||(E−F)⊗id(τHR )||1 where d = dim(HA ⊗ HB ) ≡ τHR is a purification of ⊗n τH = σH µ(σH ) ||(E − F) ⊗ id(τHR )||1 is exponentially small for protocols secure against collective attacks Security against collective attacks implies security against general attacks if the protocol is permutation invariant the dimension of HA ⊗ HB is finite Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 9. Dealing with infinite dimension Two ideas 1 We prepend a test T to the protocol: if the test succeeds, Alice and Bob continue with the usual protocol otherwise they abort The goal of the test is to make sure that the state ρn contains not too AB many photons, i.e. is close to a finite dimensional state. 2 The permutation symmetry is not sufficient for the test: ⇒ we exploit symmetries in phase space specific to CV QKD. Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 10. Sketch of the proof Some notations E0 : ρn → (SA , SB , C): the usual protocol, secure against collective AB attacks; and F0 := S ◦ E0 the ideal version a test T : ρN → ρn ⊗ {pass/fail} with N > n AB AB a projection P : (HA ⊗ HB )⊗n → (HA ⊗ HB )⊗n with HA := Span(|0 , · · · , |dA − 1 ); dim(HA ) = dA < ∞ HB := Span(|0 , · · · , |dB − 1 ); dim(HB ) = dB < ∞ the new protocol of interest: E := E0 ◦ T : ρN → (SA , SB , C) AB ||E − F || ≤ ||E0 PT − F0 PT || + ||E − E0 PT || + ||F − F0 PT || = ||E0 PT − F0 PT || + ||E0 ◦ (id − P) ◦ T || + ||F0 ◦ (id − P) ◦ T || ≤ ||E0 PT − F0 PT || + 2||(id − P) ◦ T || Postselection technique small for a "good" test Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 11. How to choose the test T ? Note: because Eve does not interact with Alice’s state, it is sufficient to apply the test on Bob’s state ρN . B Goal: find T such that ||(id − P) ◦ T || ≤ , i.e. Prob [passing the test] AND max mk ≥ dB ≤ k where mk is the result of a photon counting measurement of mode k of ρn . B Idea: photon counting ≈ energy measurement ≈ heterodyne detection T should be easy to implement: one measures m := N − n modes with heterodyne detection: results: z = (z1 , z2 , · · · , z2m ) given z, pass or fail Permutation symmetry is not sufficient In fact, even independence is not sufficient. Ex: ρN = σ ⊗N with σ = (1 − δ)|0 0| + δ|N N|. The probability of passing the test is large, but the projection will fail if δ = O(1/N). Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 12. Transformations in phase space U ∼ U(n): group generated by phase shifts and beamsplitters = ⇒ act like orthogonal transformations in phase space. Action of phase shits and beamsplitters on n modes There exists U ∈ U(n): V = Re(U) and W = −Im(U) a → Ua; a† → U ∗ a† X V W X → P −W V P ⇒ U commutes with a heterodyne detection Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 13. Symmetry in phase space For any linear passive transformation in phase space U (corresponding to a network of beamsplitters and phase shifts), there exists an orthogonal R transformation in 2N such that: One can assume that ∗ ρN is invariant under UA ⊗ UB AB UρN U † = ρN B B ∀U. ⇒ ρN B = n k =0 λk σk ≡ n 1 σk = n+k −1 |k1 · · · kN k1 · · · kN | k k1 +···+kN =k ρN is a mixture of generalized N-mode B Fock states ⇒ very unlikely to pass the test and fail the projection P R The vector (X, P) ∈ 2n is uniformly distributed on the sphere of radius ||X||2 + ||P||2 ⇒ concentration of measure on the sphere. Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 14. The test Bob computes: 2 2 2 Z := y2n+1 + y2n+2 + · · · + y2N If Z ≤ (N − n)Ztest , Alice and Bob continue otherwise, they abort Concentration of measure: 2 2 Prob [test succeeds] AND y1 + · · · + y2n ≥ n (Ztest + δ) ≤ Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 15. The test Bob computes: 2 2 2 Z := y2n+1 + y2n+2 + · · · + y2N If Z ≤ (N − n)Ztest , Alice and Bob continue otherwise, they abort Concentration of measure: 2 2 Prob [test succeeds] AND y1 + · · · + y2n ≥ n (Ztest + δ) ≤ Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 16. Sketch of the proof n Prob [pass test] AND i=1 Xi2 + Pi2 ≥ C1 n ≤ test n Prob [pass test] AND i=1 ˆ ni ≥ C2 n ≤ test ˆ n Prob [pass test] AND max ni ≥ C3 log test ≤ test for some explicit constants C1 , C2 , C3 Putting all together n choose dA , dB = O log test postselection technique: if E0 is 0 -secure against collective attacks, then E is -secure against general attacks with O (log4 (n/ test )) = 02 +2 test . ok because one can take 0 = 2−cn . Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks
  • 17. Conclusion Summary We show that collective attacks are optimal for Gaussian protocols thanks to two ideas prepending an test to the usual protocol to truncate the Hilbert space permutation symmetry is not sufficient to prove security: one needs rotation invariance in phase space Open questions Our proof is somewhat suboptimal: first, we truncate, then we use the finite-dimensional postselection technique Can we generalize the technique for maps which are symmetric in phase space? Same question for de Finetti theorem (only partial results are known) Anthony Leverrier (ETH Zürich) Security of CVQKD against general attacks