Poster Session 1

Abstract: It is usually essential to have a common reference frame between two communication parties to perform quantum communication. Notably,  Reference-Frame-Independent Quantum Key Distribution (RFI-QKD) provides a practical way to generate secret keys between two remote parties without sharing standard reference frames. Here, we have shown that the RFI-QKD protocol can be expanded into a multiparty system with Greenberger-Horne-Zeilinger (GHZ) entangled state. We derive the asymptotic key rate and perform the proof-of-principle experiment to verify the proposed multiparty protocols feasibility. Considering that sharing a common reference frame becomes more difficult as the number of parties increases, our protocol provides a new path to implement multipartite quantum communication in real world.

Abstract: The bounded quantum storage model aims to achieve security against computationally unbounded adversaries that are restricted only with respect to their quantum memories. In this work, we provide everlasting and information-theoretic secure constructions in this model for the following powerful primitives: (1) CCA1-secure symmetric key encryption, message-authentication, and one-time programs. These schemes require no quantum memory for the honest user, while they can be made secure against adversaries with arbitrarily large memories by increasing the transmission length sufficiently. (2) CCA1-secure asymmetric key encryption, encryption tokens, signatures, and signature tokens. These schemes are secure against adversaries with roughly $e^{\sqrt{m}}$ quantum memory where $m$ is the quantum memory required for the honest user. All of the constructions additionally satisfy notions of disappearing and unclonable security.

Abstract: In the permutation inversion problem, the task is to find the preimage of some challenge value, given oracle access to the permutation. This is a fundamental problem in query complexity, and appears in many contexts, particularly cryptography. In this work, we examine the setting in which the oracle allows for quantum queries to both the forward and the inverse direction of the permutation—except that the challenge value cannot be submitted to the latter. Within that setting, we consider two options for the inversion algorithm: whether it can get quantum advice about the permutation, and whether it must produce the entire preimage (search) or only the first bit (decision). We prove several theorems connecting the hardness of the resulting variations of the inversion problem, and establish lower bounds for them. Our results indicate that, perhaps surprisingly, the inversion problem does not become significantly easier when the adversary is granted oracle access to the inverse, provided it cannot query the challenge itself.

Abstract: Much of the strength of quantum cryptography may be attributed to the no-cloning property of quantum information. We construct three new cryptographic primitives whose security is based on uncloneability, and that have in common that their security can be established via a novel monogamy-of-entanglement (MoE) property: -- We define interactive uncloneable encryption, a version of the uncloneable encryption defined by Broadbent and Lord [TQC 2020] where the receiver must partake in an interaction with the sender in order to decrypt the ciphertext. We provide a one-round construction that is secure in the information-theoretic setting, in the sense that no other receiver may learn the message even if she eavesdrops on all the interactions. -- We provide a way to make a bit string commitment scheme uncloneable. The scheme is augmented with a check step chronologically in between the commit and open steps, where an honest sender verifies that the commitment may not be opened by an eavesdropper, even if the receiver is malicious. Our construction preserves the assumptions of the original commitment while requiring only a polynomial decrease in the length of the committed string. -- We construct a receiver-independent quantum key distribution (QKD) scheme, which strengthens the notion of one-sided device independent QKD of Tomamichel, Fehr, Kaniewski, and Wehner (TFKW) [NJP 2013] by also permitting the receiver's classical device to be untrusted. Explicitly, the sender remains fully trusted while only the receiver's communication is trusted. We provide a construction that achieves the same asymptotic error tolerance as the scheme of TFKW. To show security, we prove an extension of the MoE property of coset states introduced by Coladangelo, Liu, Liu, and Zhandry [Crypto 2021]. In our stronger version, the player Charlie also receives Bob's answer prior to making his guess, thus simulating a party who eavesdrops on an interaction. To make use of this property, we express it as a new type of entropic uncertainty relation which arises naturally from the structure of the underlying MoE game.

Abstract: At its core quantum key distribution (QKD) offers information theoretical security based on the laws of physics. In deployments one has to take into account practical security and resilience. The latter includes the localization of a possible eavesdropper after an anomaly has been detected by the QKD system to avoid denial-of-service. In this work, we present a novel approach to eavesdropper localization inside a quantum channel based on opto-acoustic interaction. Employing localized stimulated Brillouin scattering, we are able to localize common eavesdropping approaches such as evanescent outcoupling as low as 1% of optical transmission power to the cm level. Furthermore we are capable to distinguish multiple nominally indistinguishable fibers from different manufacturers, paving the way for high security applications. Finally we show, that this approach surpasses traditional OTDR technology.

Abstract: We propose and demonstrate an upgraded quantum key distribution protocol based on time-bin entanglement source with access control through introducing phase randomization. The upgraded source can protect users from memory attacks at a negligible cost.

Abstract: The no-cloning theorem is a cornerstone of quantum cryptography. Here we generalize and rederive under weaker assumptions various upper bounds on the maximum achievable fidelity of probabilistic and deterministic cloning machines. Building on ideas by Gisin [Phys.~Lett.~A, 1998], our results hold even for cloning machines that do not obey the laws of quantum mechanics, as long as remote state preparation is possible and the non-signalling principle holds. We apply our general theorem to several subsets of states that are of interest in quantum cryptography.

Abstract: Global-scale quantum communication networks will require efficient long-distance distribution of quantum signals. Optical fibre communication channels have range constraints due to exponential losses in the absence of quantum memories and repeaters. Satellites enable intercontinental quantum communication by exploiting more benign inverse square free-space attenuation and long sight lines. However, the design and engineering of satellite quantum key distribution (QKD) systems are difficult and characteristic differences to terrestrial QKD networks and operations pose additional challenges. The typical approach to modelling satellite QKD (SatQKD) has been to estimate performances with a fully optimised protocol parameter space and with few payload and platform resource limitations. Here, we analyse how practical constraints affect the performance of SatQKD for the Bennett-Brassard 1984 (BB84) weak coherent pulse decoy state protocol with finite-key size effects. We consider engineering limitations and trade-offs in mission design including limited in-orbit tunability, quantum random number generation rates and storage, and source intensity uncertainty. We quantify practical SatQKD performance limits to determine the long-term key generation capacity and provide important performance benchmarks to support the design of upcoming missions.

Abstract: Measurement-device-independent (MDI) QKD removes all side-channel attacks on detectors. Continuous variable (CV) MDI-QKD based on coherent states is a promising candidate for integration into existing telecom infrastructure. Despite previous demonstrations of the concept and the potential for secure communication offered by CV MDI-QKD, a practical implementation of the system for real-world data encryption has yet to be achieved. Here, we introduce a simple and practical CV MDI-QKD system that can coexist with classical telecommunications channels. This is achieved through the use of a new relay structure, a real-time phase locking system and a well-designed digital signal-processing pipeline. Our design demonstrates the first practical CV MDI-QKD system, operating at a symbol rate of 20 MBaud and generating keys that are secure against collective attacks in both the finite-size and asymptotic regimes. This sets an important milestone towards in-field implementation and integration of high-performance CV MDI-QKD into telecom networks.

Abstract: This work is motivated by the following question: can an untrusted quantum server convince a classical verifier of the answer to an efficient quantum computation using only polylogarithmic communication? We show how to achieve this in the quantum random oracle model (QROM), after a non-succinct instance-independent setup phase. We introduce and formalize the notion of post-quantum interactive oracle arguments for languages in QMA, a generalization of interactive oracle proofs (Ben-Sasson--Chiesa--Spooner). We then show how to compile any non-adaptive public-coin interactive oracle argument (with private setup) into a succinct argument (with setup) in the QROM. To conditionally answer our motivating question via this framework under the post-quantum hardness assumption of LWE, we show that the XZ local Hamiltonian problem with at least inverse-polylogarithmic relative promise gap has an interactive oracle argument with instance-independent setup, which we can then compile. Assuming a variant of the quantum PCP conjecture that we introduce called the weak XZ quantum PCP conjecture, we obtain a succinct argument for QMA (and consequently the verification of quantum computation) in the QROM (with non-succinct instance-independent setup) which makes only black-box use of the underlying cryptographic primitives. The full version of this preprint is available at: https://eprint.iacr.org/2023/421

Abstract: With the recent availability of cloud quantum computing services, the question of verifying quantum computations delegated by a client to a quantum server is becoming of practical interest. While Verifiable Blind Quantum Computing (VBQC) has emerged as one of the key approaches to address this challenge, current protocols still need to be optimised before they are truly practical. To this end, we establish a fundamental correspondence between error-detection and verification and provide sufficient conditions to both achieve security in the Abstract Cryptography framework and optimise resource overheads of all known VBQC-based protocols. As a direct application, we demonstrate how to systematise the search for new efficient and robust verification protocols for BQP computations. While we have chosen Measurement-Based Quantum Computing (MBQC) as the working model for the presentation of our results, one could expand the domain of applicability of our framework via direct known translation between the circuit model and MBQC.

Abstract: The present study analyzes the efficiency of employing quantum error correction codes (QECC) to encode quantum information states in the context of Quantum Key Distribution (QKD). Specifically, the possibility of enhancing the security and reliability of QKD systems by adding a secondary layer of quantum coding to the states emitted by Alice in the \textit{Prepare-and-Measure} protocols is exhaustively quantified. Such an encoding scheme would be expected to be achievable by means of quantum hardware potentially available in the mid-term. This last statement refers to the assumed reasonable interconnectivity and scalability requirements that may be imposed on the physical encoding capabilities of a quantum processor for the case here considered, since only 1-qubit states are used in QKD. The model for quantum states transmission here considered does not impose any restrictions on the quantum channel, but does assume that the noise and errors to which qubits may be subject in QKD links can be characterized by discrete transformations. That is, depending on the physical encoding scheme chosen for photon's polarization, errors such as bit-flip or phase-shift errors (among others) can be corrected through logical gates derived from Pauli operators, which, along with identity, form the basis $\{I,X,Y,Z\}$ for 1-qubit discrete error operators of the form: \begin{equation} E = \left(\begin{array}{cc} \alpha_0 & \alpha_1\\ \alpha_2 & \alpha_3 \end{array}\right) \end{equation} \medskip Such a consideration imposes the need to be able to identify and correct up to a total of $k = 1 + 3n$ different types of errors (including no error at all, bit-flip, phase-shift, and combinations of the previous) that may affect a QKD state (encoded in an $n-$qubit physical state). In line with previous scalability arguments, that requires for the number of physical qubits needed to achieve such encoding to be lower bounded by the product of the previous magnitude and the dimension of the quantum code $C$ used (which, in the context of QKD, shall be $\mathrm{dim}(C) = 2$). Therefore, if $m=1$ is the number of qubits to be encoded for each transmitted state in QKD, the condition: \begin{equation} 2^n \geq dim(C)(1+3n) \end{equation} imposes a a minimum of $n=5$ physical qubits in a quantum algorithm to carry out encoding and correction of a 1-qubit quantum state. However, it should be noted that, beyond the anticipated error types, the efficiency of identifying errors in a key distilled through QKD (i.e., for all purposes, the correctable QBER associated with each transmission) will be all the more efficient the greater the number n of physical qubits available in a processor for such encoding (of the order of $2^{n-1}$). Thus, the minimum requirements of the quantum hardware topology for the feasibility of this type of encoding are specified, as well as the optimal trade-off in terms of the assumable QBER against different types of attacks, supported by future advances in quantum processor scalability. In this sense, beyond the security considerations associated with QKD implementations of this nature, the goal of this analysis is to parallelly discern the potential speed-up of employing quantum algorithms to carry out error correction of QKD keys and their potential superiority over classical error correction processes in the future. In this regard, two types of QECC are tested in this work. On the one hand, the widespread use of low-density parity check (LDPC)-type linear codes (being linearity a requirement that quantum error correction codes must necessarily satisfy) naturally leads to considering their use in Quantum CSS (Calderbank, Shor \& Steane) codes. The efficiency and performance benefits of LDPC codes applied to QKD are therefore as well transferable to a quantum processor in this context. The performance of these codes applied in QKD is contrasted, secondly, with stabilizer codes. It can be anticipated that the latter may present challenges in the initial algorithm for the encoding of the states emitted by Alice, however the decoding circuit algorithms can be implemented with relative simplicity -albeit scalability limitations- through 1-qubit logical gates (such is also the case with CSS codes once the parity matrix of the LDPC code is known, whose speed advantages over the classical use of belief-propagation algorithms are showed here). On the previous precepts, this study focuses on carrying out a comparative analysis of the convenience of potentially benefitting from the performance of either type of code, while analyzing technical considerations derived from the experimental implementation of QECC protocols in this QKD hybrid approach. The most important considerations are the following: -Complexity. From the point of view of reliability of these types of implementations, potential disadvantages are analyzed in terms of complexity added to real physical systems. Not only is the experimental complexity increase of combining quantum hardware with QKD optical transmissions estimated, but also the anticipation of additional error sources, considering the acceptable threshold values of decoding techniques and calibration errors for real applications and security proofs. - Efficiency. In terms of efficiency and overall code performance, estimated times (for different prospective states of quantum processor advancement) for quantum key generation through these techniques are simulated, and the circumstances under which each may be most convenient are identified. - Components demands. Increased demand for quality of the optics involved in the QKD protocol is expected. Protocols of this nature further increase the demand for high-quality transmissions, especially regarding photon sources, which may have a significant impact on both implementability and its associated costs. - Overhead. Additional overhead needs are projected in terms of code design, number of qubits required depending on the use case, as well as measurement operators necessary for error detection and correction. Consequently, partial limits have been found on the amount of data that can be transmitted in a QKD system that integrates this methodology, which is projected to be overcome when widely available quantum hardware reaches sufficient maturity. - Side channel attacks. Possible vulnerabilities to quantum hacking are preliminarily identified, and a testing method is suggested for this type of QECC-based QKD systems. In addition to the previous analyses, the authors note that one of the most significant features of -both of- the codes here analyzed is that they carry out the identification of errors that affect quantum states at the time of reception, while preserving the encoded quantum information in photons. In this sense, a protocol of these characteristics allows to anticipate, in some applications, the error correction process to the security analysis (although the syndromes of each of the states can be stored classically and the correction processed once the QBER estimation is finished). This can constitute a significant disadvantage in unnecessary computational energy costs when the transmission is not considered secure, but may also be exploited for beneficial applications on certain use cases. With all of the above, the work here presented collects the results on the aforementioned considerations, quantitative cost analysis and future feasibility prospects of this QECC-QKD proposal, as well as details on design and integration considerations, and requirements of both the QKD and quantum hardware components that support this type of implementation.

Abstract: Quantum supremacy poses that a realistic quantum computer can perform a calculation that classical computers cannot in any reasonable amount of time. It has become a topic of significant research interest since the birth of the field, and it is intrinsically based on the efficient construction of quantum algorithms. It has been shown that there exists an expeditious way to solve the noisy linear (or learning with errors) problems in quantum machine learning theory via a well-posed quantum sampling over pure quantum states. In this paper, we propose an advanced method to reduce the sample size in the noisy linear structure, through a technique of randomizing quantum states, namely, $\varepsilon$-random technique. Particularly, we show that it is possible to reduce a quantum sample size in a quantum random access memory (QRAM) to the linearithmic order, in terms of the dimensions of the input-data. Thus, we achieve a shorter run-time for the noisy linear problem.

Abstract: In our work, we explore various multi-user scenarios for Continuous Variable Quantum Key Distribution with discrete modulation. We propose and analyse DM CV-QKD protocols for various different multi-user scenarios such as * One Alice to $n$ Bobs, where the Bobs do not trust each other, * One Alice to $n$ Bobs, where $m<n$ Bobs trust each other, * Conference Key Agreement between one Alice and $n$ Bobs. One common feature of all protocols that we study is that Alice's source does not need any additional expensive components except state-of-the-art beamsplitters, therefore we call it `cheap source'. This makes the transmitter of our proposed protocols easily implementable in experiments and demonstrations. In our work, we calculate asymptotic secret key rates for a range of parameters and different trust scenarios and show that in the asymptotic limit multi-user DM CV-QKD is possible for distances relevant for mid-sized urban area networks between at least 16 user. This highlights, that DM CV-QKD can be extended to the multi-user scenario and remains a feasible candidate also for early implementations of Quantum Key Distribution in local networks.

Abstract: The key relay protocol (KRP) plays an important role in improving the performance and the security of quantum key distribution (QKD) networks. On the other hand, there is also an existing research field called secure network coding (SNC), which has similar goal and structure. We here analyze differences and similarities between the KRP and SNC rigorously. We found, rather surprisingly, that there is a definite gap in security between the KRP and SNC; that is, certain KRPs achieve better security than any SNC schemes on the same graph. We also found that this gap can be closed if we generalize the notion of SNC by adding free public channels; that is, KRPs are equivalent to SNC schemes augmented with free public channels.

Abstract: We present experimental findings of a versatile quantum key distribution (QKD) system for diverse application scenarios such as long-distance, metropolitan, and last-mile/in-house links. This is enabled by the system’s dual-wavelength support, automatic initialization, stabilizing feedback loops, and modular design, which allows for usage of commercial detectors and encryptors.

Abstract: Twin-Field Quantum Key Distribution (TF-QKD) is an innovative family of protocols characterized by a weaker dependence of the achievable secret key rate on the channel loss, with respect to conventional QKD solutions. In this work, we discuss several important aspects encountered in TF-QKD when transitioning from point-to-point links to a network configuration. 1) The effects of path length mismatch between the two arms of the link (A-C and B-C) is discussed in several configurations. 2) The noise contributions (stronger in in-field deployment) are meticulously analyzed, their effect on the final key rate is estimated and solutions to mitigate the problem are implemented. 3) The topic of building complex and large networks with TF-QKD is tackled to find advantageous configurations. Interconnected macro-star networks based on TF-QKD are simulated by means of the “qkdnetsim” package of the network simulator “ns3”. The upcoming deployment of national QKD networks requires dedicated studies in this direction to build efficient and long-range solutions, compatible with current telecom standards.

Abstract: Twin-field quantum key distribution (TF-QKD) and its variants provide a promising solution for sharing information-theoretic secure keys between intercity peers since they are able to overcome the fundamental rate-transmittance bound without quantum repeaters. In this paper, we propose to improve the key rate at long distances and the maximum achievable distance for TF-QKD by deriving the error rates under three mutually unbiased bases, i.e., σX, σY , and σZ in two-dimensional Hilbert space. Moreover, learning these error rates, one can add noisy preprocessing to further improve its performance. We also observe that higher bit error rates do not necessarily imply lower key rates when noisy preprocessing is added. Our method does not change the existing physical implementation or experimental operation, but only requires simple postprocessing of the experimental data, which can be directly used to improve the key rate performance of the existing QKD system. The simulation results demonstrate its notable enhancements in terms of key rate at long distances and the maximum achievable distance for the phase-encoded TF-QKD protocol.

Abstract: The no-go theorem regarding unconditionally secure Quantum Bit Commitment protocols is a relevant result in quantum cryptography. The impossibility proof for Quantum Bit Commitment has been used to prove the impossibility of unditional security for other protocols, such as Quantum Oblivious Transfer or One-Sided Two Party Computation. In this paper, we extend the same proof to the non-deterministic version of Quantum Private Queries, a protocol addressing the Symmetric-Private Information Retrieval problem. Moreover, we prove the equivalence between Quantum Private Queries and Quantum Bit Commitment and One-Sided Two Party Computation protocols.

Abstract: To construct a large-scale quantum key distribution network (QKDN) as future secure infrastructure, it is necessary interwork many QKDNs. Here, we demonstrate an interoperable key relay between two different types of QKDNs: a centralized QKDN and a distributed QKDN. In the demonstration, we build an experimental environment for interworking by using physical QKDNs and implement three fundamental functions (key relay, delivery confirmation, and status information collection) for performing key relay between heterogeneous QKDNs.

Abstract: In this work, we investigate the effect of the Kalman filter, an algorithm predicting future values of a system, for reducing pointing errors and improving the tracking performance of the coarse tracking system. We present the pointing error based on the angular velocity of the target when the Kalman filter is applied to the tracking algorithm. The tracking system is mounted on a fixed tripod, while the mobile platform moves around the system at a constant speed as a target. The effect of the Kalman filter on the performance of the tracking system and future work will be given.

Abstract: Without access to robust quantum memory or gates, long distance QKD relies upon trusted relays. Several implementations place these relays on satellites, however they are limited in computational power and numerically intensive tasks such as privacy amplification cause bottlenecks for continuous key exchange. Currently, one solution is the simplified trusted relay which leaves all privacy amplification to the end parties at a potentially significant cost to key rate. We developed a post processing technique called pre-privacy amplification which performs a small and efficient post processing step to boost key rates without any additional rounds of communication. For a simplified trusted relay running an asymptotic qubit six-state protocol, we demonstrate an increase to the maximum tolerable QBER from 9.05% to 11.7%. We also identify several sufficient conditions to determine functionally unique pre-privacy amplification maps, and connect it to the graph isomorphism problem.

Abstract: Quantum computers has a major influence on our modern computing platforms. New way of delegated quantum computation solutions continues to be introduced by researchers. The basic functionality of delegated quantum computation enables a classical client to delegates quantum computation related jobs to remote untrusted server with appropriate security measures. However, only very few techniques are addressed the security challenges and its feasibility to implement in practice. One of the solution is quantum trusted execution environment (Q-TEE), which ensures a secure and practical way to build a remote quantum computing server with classical client. In this work, we explore some new features of a quantum-TEE (QTEE), which can be seen as aiding secure computation on a quantum computer. It is reasonable to expect that a QTEE may be required to authenticate classical entities relating to a particular quantum computation. For example, a client, which has submitted a particular job, may require a proof that the quantum computation was indeed executed in that particular computer. Such a QTEE may be envisaged to be using a post-quantum signature scheme like DILITHIUM or Falcon. The quantum computing platform provider would use its secret key to sign various classical entities. The signature can be verified by using the provider's public key. We propose a design of a QTEE which uses Tokenized Signature Scheme (TSS). We also point out that such a QTEE has certain advantages over the naive DS-based ones. Ben-David and Sattath introduced the primitive called (public key) Tokenized Signature Scheme, which can be used in a situation where a owner wants to delegate the power to sign to a signer. The owner, after generating the signing and verification keys (using PPT called KeyGen) (similar to key generation in a DS), creates a certain number of quantum tokens (using QPT called TokenGen) and gives them to designated signers. The signers authenticate classical messages (using QPT called Sign) by generating a classical string called signature, on behalf of the owner and at her behest, using the owner-provided tokens. The verification (using PPT called Vrfy) can be run by anyone using the public key, the signature and the message. The authors also give a construction of TSS using subspace states. A quantum computation platform provider can generate its own key pair and generate tokens. The computers owned by the service provider may be equipped with a QTEE based on a candidate TSS scheme. The quantum tokens are loaded onto the QTEE, which are used for signing. We point out some advantages of such a construction. Firstly, the secret key of the owner is never revealed and all the computers controlled by the provider authenticate in the same manner. Secondly, the trust assumption on the QTEE may be relaxed. A secure TSS is expected to have the following unforgeability property. An adversarial signer can not sign n+1 messages if it has only n tokens. Thirdly, in a situation where the client pays for such authentication services, quantum tokens can be budgeted and monetized. A complete design of a QTEE, supporting various secure quantum computation related requirements, may be achived with a TSS at its core. A TSS supporting aggregation and aggregated-verification brings in added advantage. Meaningful analogues of remote attestation (RA) and direct anonymous attestation (DAA) in this setting may also be explored. The development of quantum- based TEE techniques enables service providers to implement proprietary quantum computing devices in practice. Also, it allows classical users to perform remote quantum computation at very high security levels.

Abstract: Advances in the security analysis of continuous-variable quantum key distribution (CVQKD) protocols with true discrete modulation aim to unlock the same performance as that obtained from `traditional' protocols based on Gaussian modulation. We report a CVQKD experiment using 4 states that utilizes a composable security proof to generate a secret key fraction of $5.6 \times 10^{-3}$ bits/symbol over 10 km channel, while providing security against collective attacks.

Abstract: Properties of quantum mechanics have enabled the emergence of quantum cryptographic protocols achieving important goals which are proven to be impossible classically. Unfortunately, this usually comes at the cost of needing quantum power from every party in the protocol, while arguably a more realistic scenario would be a network of classical clients, classically interacting with a quantum server. In this paper, we focus on copy-protection, which is a quantum primitive that allows a program to be evaluated, but not copied, and has shown interest especially due to its links to other unclonable cryptographic primitives. Our main contribution is to show how to dequantize existing quantum copy-protection from hidden coset states, by giving a construction for classically-instructed remote state preparation for coset states. We also present the first secure copy-protection scheme for point-functions in the plain model, to which our dequantizer can be applied.

Abstract: Decoy state methods improve the feasibility of quantum key distribution (QKD) by enabling the use of simple, robust sources, and techniques have been developed to allow for the use of decoy analysis in the regime where only a finite number of signals are sent. We present an iid security proof for finite-size key rates of prepare-and-measure protocols with probabilistic testing, including decoy state methods, within a composable security framework that allows for future extensions to device imperfections. Additionally, we improve the acceptance set over previous works through the use of entrywise constraints, allowing us to efficiently perform decoy state protocols. Moreover, we introduce a new figure of merit, the expected key rate, to capture the tradeoff between aborting too often and achieving high key rates, which allows for increased practicality of QKD implementations.

Abstract: Here we report on the experimental results implementing robust anonymous quantum conference key agreement using GHZ states. Results confirm the advantage when allowing for the use of multipartite entanglement along with bipartite entanglement.

Abstract: Quantum dot-based entangled photon sources are promising candidates for quantum key distribution (QKD), as they can in principle emit deterministically, with high brightness and low multiphoton contribution. However, quantum dots (QD) often inherently possess a fine structure splitting (FSS). Since the entangled photonic state in the presence of non-zero FSS is oscillating, one must settle for a lower efficiency source through temporal post-selection or a lower measured entanglement fidelity. In both cases, the overall key rate is reduced. Our QKD analysis shows that this trade-off can be overcome by constructing a time-resolved QKD protocol where all photon pairs emitted by a QD with non-zero FSS can be used in secret key generation. This protocol works only when the detection system's temporal resolution is much smaller than the FSS period. By implementing our protocol, higher key rates can be achieved as compared to previous QKD experiments with QD entangled photon pair sources. Additionally, unlike previous security analyses that assume perfect qubit states, we rigorously bound the effect of any multi-photon components of the optical state on the key rate, which is more applicable to practical implementations.

Abstract: We point out a critical flaw in the analysis of Quantum Key Distribution (QKD) protocols that employ the two-way error correction protocol Cascade. Specifically, this flaw stems from an incom-plete consideration of all two-way communication that occurs during the Cascade protocol. We present a straightforward and elegant alternative approach that addresses this flaw and produces valid key rates. We exemplify our new approach by comparing its key rates with those generated using older, incorrect approaches, for Qubit BB84 and Decoy-State BB84 protocols. We show that in many practically relevant situations, our rectified approach produces the same key rate as older, incorrect approaches. However, in other scenarios, our approach produces valid key rates that are lower, highlighting the importance of properly accounting for all two-way communication during Cascade.

Abstract: In recent times, field trials of quantum key distribution (QKD) have been conducted using the existing optical fiber infrastructure. However, one significant challenge faced during these trials is ensuring the stability of QKD operation. The instability of QKD operation is caused by the two factors: random fluctuations in polarization of photon over time and time drift of the photon as it traverses the deployed optical fiber. These issues are unavoidable due to the inability to accurately estimate and control factors such as temperature, vibration, and stress in the deployed optical fiber. To address this instability, various solutions based on active or passive optics have been proposed. In this paper, we present an active optics-based simple polarization stabilizer utilizing an optical polarizer, an active polarization controller, and a single photon detector. For the fast operation, we utilize only 2 out of the 4 axes of the polarization controller for the stabilizer. The experimental results verify the stability of the stabilizer.

Abstract: We report a method for continuously stabilizing the polarization change of photons when propagating across fibers. This technique operates at single-photon-level intensity and therefore imposes minimal noise onto the quantum channel, allowing for un-interrupted operation of a quantum network.

Abstract: Besides discrete-variable QKD, where single photon detection is used, continuous-variable (CV) protocols are using homodyne detection and are thus promising to be compatible with existing classical coherent communication technology. Originally, the research on CV QKD protocols mostly focused on Gaussian modulation (see review [1]), where one assumes that Alice can continuously displace coherent states according to a 2D Gaussian distribution. This modulation allows the security proofs to take advance of Gaussian optimality conditions, but experimental implementations can only reach this pattern up to some finite discretization. Another approach is to directly use a discrete-modulated (DM) CV QKD protocol. Here, Alice is required to prepare a finite number of displaced coherent states, aiming for a higher experimental simplicity, with the drawback of higher theoretical complexity. Recently, new security proofs such as [2] and corresponding experiments [3,4] could show the feasibility of systems using quadrature amplitude modulation (QAM) with 64 and 256 displaced states. However, the security proof was limited to the asymptotic regime and since the experiments did not use implemented error correction codes, one could only estimate the achievable key rates, but could not generate the secret key itself. In this poster, we demonstrate experiments with a protocol with a smaller constellation size of four coherent states that share the same amplitude but are shifted by 90° in phase (QPSK modulation). We exploit a recently published security proof providing tight secret key rates for collective attacks even in the finite size regime [5]. Furthermore, we show that the QPSK data is compatible with our implemented low density parity check (LDPC) codes for binary symmetric channels. This allows us to perform the full QKD protocol from experimental quantum state exchange to classical post processing and to generate a secret key shared between Alice and Bob. For this purpose, we use a laboratory system based on polarization encoding in the Stokes parameters which is equivalent to a QPSK pattern in phase space. This scheme is designed to cope with the challenges of a turbulent atmospheric channel. While the fluctuating nature of such a channel can be targeted by sub-binning the transmission channels [6], the atmosphere is in general non-birefringent, allowing for atmospheric quantum communications [7]. [1] F. Laudenbach et al., Adv. Quantum Technol. 1, 1800011 (2018) [2] A. Denys et al., Quantum 5, 540 (2021) [3] F. Roumestan et al., arXiv:2207.11702 (2022) [4] Y. Pan et al., Optics Letters 47, 3307-3310 (2022) [5] F. Kanitschar et al., arXiv:2301.08686v1 (2023) [6] V. Usenko et al., New J. Phys. 14, 093048 (2012) [7] B. Heim et al., New J. Phys. 16, 113018 (2014)

Abstract: Decoy-state quantum key distribution (QKD) represents nowadays the best countermeasure to attacks exploiting multi-photon emissions in realistic sources. A fundamental requirement is the uniform and independent distribution of phases of the transmitted pulses. However, this can not be true for lasers working under high-speed gain-switching conditions, as residual photons in the cavity can induce phase correlations across consecutive pulses. A security proof robust against such imperfections has been recently proposed, which requires knowledge of a parameter that quantifies how close the conditional distribution of each phase is to a uniform distribution. In this work we propose an experimental method to characterise this parameter in realistic setup conditions and we extend the application to the case of arbitrary length of correlations, aiming to enable experimental verification of the implementation security.

Abstract: Validation of the randomness of a quantum random number generator (QRNG) can be performed via robust statistical testing, which generally reduces to the problem of finding long range patterns in the generated random bit sequence. This problem is computationally exhaustive and poses one of important challenges for industrial implementation of self-testing integrated QRNG devices. Furthermore, classical statistical testing cannot in principle confirm the quantum non-determinism (from which the QRNG device can deviate due to its implementation imperfections). Instead, classical testing can confirm that up to certain parameters threshold, deterministic patterns were not detected. The device independent QRNG schemes are based on quantum entanglement, which is a non-classical resource that can be verified in terms of quantum measurements non-classical correlations statistically violating Bell type (e.g. CHSH) inequalities for classical limits on such correlations. This reults in a fundamental (independent from a technical implementation) confirmation that the process used to generate randomness based on entangled quantum states is indeed non-deterministic. In this paper we describe a series of recent experimental developments focused on generating quantum entanglement based randomness in a quntum optics device-independent approach, with validation of the randomness through experimentally verified violation of the CHSH inequality [1]. The experimental setup for entanglement based QRNG involves generation of entanglement in photon polarizations in the SPDC type II process with a single-photon detectors (SPAD) for quantum measurements of entangled photons. Statistical processing of the measurements outcomes shows violation of the classical limits on the correlations, violating the CHSH inequality and hence proving that the QRNG generated randomness is based on a quantum, non-deterministic process. The further direction for this research is towards miniaturization of the robust quantum optics setups to be more adequate for integrated entanglement QRNG devices. This work is part of the NCBR research and development project (contract no. POIR.01.01.01-00-0173/15) aimed at advancing QRNG setups with technical achievements reported in the SeQre.net platform [2]. 1. J.F. Clauser, M.A. Horne, A. Shimony, R.A. Holt, Proposed experiment to test local hidden-variable theories, Phys. Rev. Lett., 23 (15): 880–4, doi: https://doi.org/10.1103%2FPhysRevLett.23.880, (1969) 2. SeQre.net, Quantum Cryptography R&D Platform managed by the Department of Quantum Technology at WUST and CompSecur / SeQre, https://seqre.net/qrng

Abstract: Recent years have seen tremendous progress in increasing distances for distribution of quantum states and quantum entanglement, most notably in quantum key distribution. Even though these advances point towards breaching 1000 km and more in the near future, true global connectivity for secure intercontinental quantum links will likely require the operation of trusted networks based on quantum repeaters. To overcome associated losses in even the best optical fibers on ground, operating repeater nodes in space to utilize low-loss inter-satellite links may prove to be the only viable strategy. Successfully deployed QKD experiments and quantum technology in space, brings this idea closer to realization. Nevertheless, conceptual designs [9, 10] and component development are still in their infancy and it will require extraordinary engineering achievements to materialize robust space-based quantum networks. Here, we present recent efforts at the German Aerospace Center (DLR) to investigate the realization of robust global quantum networks. We are developing a holistic approach which bundles expertise on the necessary components for space-based quantum repeaters, i.e. photon sources, quantum memories, optical links, laser terminals, and orbital simulations. From this, we derive a common set of requirements to push concrete technological implementation. The long-term goal of this project is to develop space-hardened components for successful operation of intercontinental space-based quantum networks.

Abstract: It is well-known in classical cryptography that standard (black-box) proof techniques are insufficient to establish the security of statistical NIZK arguments for NP based on any standard (falsifiable) cryptographic assumption. In this work, we extend this impossibility result to a quantum scenario where quantum computations and communications are incorporated into the protocol. The classical result is demonstrated using the meta-reduction paradigm, which is a typical technique employed to generate cryptographic impossibility results. In our work, we extend this technique to the quantum setting to prove our results.