# Contributed Talk 3

Wed, 4 Sep
, 12:30 - 13:10

- Making Existing Quantum Position Verification Protocols Secure Against Arbitrary Transmission LossRene Allerstorfer (QuSoft (CWI Amsterdam)); Andreas Bluhm (Univ. Grenoble Alpes, CNRS, Grenoble INP, LIG); Harry Buhrman (QuSoft, CWI Amsterdam, University of Amsterdam); Matthias Christandl (University of Copenhagen); Llorenç Escolà-Farràs (QuSoft, CWI Amsterdam, University of Amsterdam); Florian Speelman (QuSoft, University of Amsterdam); Philip Verduyn Lunel (QuSoft (CWI Amsterdam))[abstract]
**Abstract:**Signal loss poses a significant threat to the security of quantum cryptography when the chosen protocol lacks loss-tolerance. In quantum position verification (QPV) protocols, even relatively small loss rates can compromise security. The goal is thus to find protocols that remain secure under practically achievable loss rates. In this work, we modify the usual structure of QPV protocols and prove that this modification makes the potentially high transmission loss between the verifiers and the prover security-irrelevant for a class of protocols that includes a practically-interesting candidate protocol inspired by the BB84 protocol. This modification, which involves photon presence detection, a small time delay at the prover, and a commitment to play before proceeding, reduces the overall loss rate to just the prover’s laboratory. The adapted protocol then becomes a practically feasible QPV protocol with strong security guarantees, even against attackers using adaptive strategies. As the loss rate between the verifiers and prover is mainly dictated by the distance between them, secure QPV over longer distances becomes possible. We also show possible implementations of the required photon presence detection, making the adapted protocol a protocol that solves all major practical issues in QPV. Finally, we discuss experimental aspects and give parameter estimations. - merged withConditional disclosure of secrets with quantum resourcesAlex May (Institute for Quantum Computing and Perimeter Institute for Theoretical Physics, Waterloo); Vahid Reza Asadi (University of Waterloo); Kohdai Kuroiwa (Institute for Quantum Computing and Perimeter Institute for Theoretical Physics, Waterloo); Debbie Leung (Institute for Quantum Computing and Perimeter Institute for Theoretical Physics, Waterloo); Sabrina Pasterski (Perimeter Institute for Theoretical Physics, Waterloo); Chris Waddell (Perimeter Institute for Theoretical Physics, Waterloo)[abstract]
**Abstract:**The conditional disclosure of secrets (CDS) primitive is among the simplest cryptographic settings in which to study the relationship between communication, randomness, and security. CDS involves two parties, Alice and Bob, who do not communicate but who wish to reveal a secret $z$ to a referee if and only if a Boolean function $f$ has $f(x,y)=1$. Alice knows $x,z$, Bob knows $y$, and the referee knows $x,y$. Recently, a quantum analogue of this primitive called CDQS was defined and related to $f$-routing, a task studied in the context of quantum position-verification. CDQS has the same inputs, outputs, and communication pattern as CDS but allows the use of shared entanglement and quantum messages. We initiate the systematic study of CDQS, with the aim of better understanding the relationship between privacy and quantum resources in the information theoretic setting. Following the classical literature on CDS for guidance, we establish closure under negation, an amplification property, and prove a number of lower bounds on CDQS based on communication complexity.Lower bounds on entanglement and quantum gates in non-local quantum computationAlex May (Perimeter Institute for Theoretical Physics); Vahid Reza Asadi (University of Waterloo); Eric Culf (University of Waterloo); Richard Cleve (University of Waterloo)[abstract]**Abstract:**A non-local quantum computation (NLQC) replaces an interaction between two quantum systems with a single simultaneous round of communication and shared entanglement. We study two classes of NLQC, f-routing and f-BB84. These are well studied in the context of position-verification, where they are leading candidates for feasible and secure verification schemes. Both settings require an honest prover implement only O(1) quantum operations. We prove that a dishonest prover must use linear quantum resources to attack the same scheme. First, we give the first non-trivial lower bounds on entanglement in both settings, but are restricted to lower bounding protocols with perfect correctness. Our bound can be stated in terms of the quantum non-deterministic communication complexity of f. For the equality, non-equality, and greater-than functions we obtain linear lower bounds on entanglement for f-routing and f-BB84 in the perfect setting. In a second result, which applies in the robust setting, we give a new lower bound on the number of quantum gates and measurements needed to attack these verification schemes. We lower bound the gates plus measurements linearly in the simultaneous message passing cost of the function f. This leads to a linear bound against the inner product function. This gives a clear separation between the difficulty of implementing these tasks in the honest and dishonest settings, and does so in a noise robust and loss tolerant setting.