Certified finite randomness expansion: Difference between revisions

From Quantum Protocol Zoo
Jump to navigation Jump to search
(Created page with "Randomness expansion is a protocol for Quantum Random Number Generator which takes as input a private, uniformly random string and outputs a longer string which is (close...")
 
No edit summary
Line 2: Line 2:


Such a protocol is useful in the case where one already has access to a private source for true randomness, but whose use is prohibitively expensive or whose access is limited. By applying randomness expansion, it is possible to make this resource go further using potentially much cheaper or more simple methods.
Such a protocol is useful in the case where one already has access to a private source for true randomness, but whose use is prohibitively expensive or whose access is limited. By applying randomness expansion, it is possible to make this resource go further using potentially much cheaper or more simple methods.
[[: Category: Building Blocks|Building Blocks]], [[: Category: Quantum Functionality|Quantum Functionality]], [[:Category: Specific Task|Specific Task]] [[Category: Building Blocks]] [[Category: Quantum Functionality]] [[Category: Specific Task]], [[Category:Entanglement Distribution Network stage]]


==Assumptions==
==Assumptions==
Line 39: Line 41:
* <math>\alpha</math>: the chosen confidence with which the returned entropy lower bound is correct
* <math>\alpha</math>: the chosen confidence with which the returned entropy lower bound is correct
* <math>\textrm{Ext}</math>: strong seeded (classical) randomness extractor
* <math>\textrm{Ext}</math>: strong seeded (classical) randomness extractor
==Requirements==
* '''Network stage''': [https://wiki.veriqloud.fr/index.php?title=Category:Entanglement_Distribution_Network_stage Entanglement Distribution]
* Random number generator
* Authenticated quantum channel
* Authenticated classical channel
* Hardware:
** Multi qubit non-separable state preparation
** Single qubit measurement
** Single qubit gates


<div style='text-align: right;'>''Neil Mcblane''</div>
<div style='text-align: right;'>''Neil Mcblane''</div>

Revision as of 15:36, 4 November 2019

Randomness expansion is a protocol for Quantum Random Number Generator which takes as input a private, uniformly random string and outputs a longer string which is (close to) private and uniformly random. The protocol of Pironio et. al. enables randomness expansion of such an input using only two identical untrusted (i.e. provided by an adversary) measurement devices. Privacy of the output string is guaranteed to a given confidence level and its length depends on the stochastic outcome of a CHSH game, the confidence level desired and the randomness extractor used in post-processing.

Such a protocol is useful in the case where one already has access to a private source for true randomness, but whose use is prohibitively expensive or whose access is limited. By applying randomness expansion, it is possible to make this resource go further using potentially much cheaper or more simple methods.

Building Blocks, Quantum Functionality, Specific Task,

Assumptions

  • Quantum theory is correct.
  • The measurement devices do not interact during measurements.
  • The measurement devices are not correlated with the input string.
  • The adversary does not have access to a quantum memory.

Outline

In this protocol, Alice has an initial private random string (the seed) and has been provided with two identical measurement devices by Eve. Each of the devices has two settings and can produce two outputs. Prior to beginning the protocol, Alice has to decide with which confidence she would like her output string to be private from Eve, and which strong randomness extractor she would like to perform post-processing with. She then splits her seed into two portions - the sizes of which are determined by the chosen randomness extractor.

Alice then takes two bits from the start of the first portion of her initial string and uses these to choose the settings of her measurement devices (i.e. if the pair is then she sets the first device to setting $0$ and the second device to setting ). She prepares an EPR state and shares it across the two measurement devices, then performs measurements using each device with the chosen settings and records the output. She repeats this process until this portion of her input string has been exhausted, resulting in a binary string of recorded outputs of equal length to the input.

Using the input and output strings, Alice estimates the violation of the CHSH inequality her experiment has produced. This allows her to place a bound on the conditional min-entropy of the output string with respect to both the input string and any information Eve may have.

Finally, Alice passes her output string, the second portion of her initial seed and the determined min-entropy bound to a strong randomness extractor to generate a processed string which is (close to) uniform and private from Eve with the confidence specified at the beginning of the protocol. As Alice has kept her seed private throughout and the randomness extractor used is a strong one, she can then simply append her entire seed to the output of the randomness extractor to produce a final expanded string, which is guaranteed to be longer than the seed so long as a super-classical CHSH game has occurred.

Notation

  • : number of measurement iterations
  • : measurement setting for device A on iteration
  • : measurement setting for device B on iteration
  • : tuple of measurement bases for device A;
  • : tuple of measurement bases for device B;
  • : measurement result for device A on iteration (0 or 1)
  • : measurement result for device B on iteration (0 or 1)
  • : string of measurement basis pairs;
  • : string of measurement result pairs;
  • : output string from classical randomness extraction of
  • : initial private random seed
  • : final randomness expanded string
  • Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \hat{I}} : experimental estimate of CHSH correlation
  • : lower bound on conditional min-entropy of measurement results with respect to measurement settings and any information held by an adversary
  • : function which takes as input a(n estimated) CHSH correlation and returns a per-use lower bound on the conditional min-entropy of the measurement results with respect to measurement settings and any information held by an adversary in the limit of a large number of uses (determined using semi-definite programming in Pironio et. al.)
  • Failed to parse (SVG (MathML can be enabled via browser plugin): Invalid response ("Math extension cannot connect to Restbase.") from server "https://wikimedia.org/api/rest_v1/":): {\displaystyle \epsilon} : term to account for finite statistics effects
  • : the chosen confidence with which the returned entropy lower bound is correct
  • : strong seeded (classical) randomness extractor

Requirements

  • Network stage: Entanglement Distribution
  • Random number generator
  • Authenticated quantum channel
  • Authenticated classical channel
  • Hardware:
    • Multi qubit non-separable state preparation
    • Single qubit measurement
    • Single qubit gates
Neil Mcblane