TY - JOUR
T1 - A simpler proof of the existence of quantum weak coin flipping with arbitrarily small bias
AU - Aharonov, Dorit
AU - Chailloux, André
AU - Ganz, Maor
AU - Kerenidis, Iordanis
AU - Magnin, Loïck
N1 - Publisher Copyright:
© 2016 Society for Industrial and Applied Mathematics.
PY - 2016
Y1 - 2016
N2 - Mochon's proof [Quantum Weak Coin Flipping with Arbitrarily Small Bias, preprint, arXiv:0711.4114, 2007] of the existence of quantum weak coin flipping with arbitrarily small bias is a fundamental result in quantum cryptography, but at the same time one of the least understood. Though used several times as a black box in important follow-up results [M. Ganz, Quantum Leader Election, preprint, arXiv:0910.4952, 2009; A. Chailloux and I. Kerenidis, in Proceedings of the 50th Annual IEEE Symposium on Foundations of Computer Science, IEEE Computer Society, Los Alamitos, CA, 2009, pp. 527-533; N. Aharon and J. Silman, New J. Phys., 12 (2010), 033027; A. Chailloux and I. Kerenidis, in Proceedings of the 52nd Annual IEEE Symposium on Foundations of Computer Science, IEEE Computer Society, Los Alamitos, CA, 2011; I. Kerenidis and S. Zhang, in Theory of Quantum Computation, Communication, and Cryptography, Lecture Notes in Computer Science 7582, Springer, Berlin, 2013, pp. 13-28], the result has not been peer reviewed, its novel techniques (and, in particular, Kitaev's point game formalism) have not been applied anywhere else, and an explicit protocol is missing. We believe that truly understanding the existence proof and the novel techniques it relies on would constitute a major step in quantum information theory, leading to deeper understanding of entanglement and of quantum protocols in general. In this work, we make a first step in this direction. We simplify parts of Mochon's construction considerably, making about 20 pages of analysis in the original proof superfluous, clarifying some other parts of the proof on the way, and presenting the proof in a way which is conceptually easier to grasp. We believe the resulting proof of existence is easier to understand, more readable, and certainly verifiable. Moreover, we analyze the resources needed to achieve a bias ϵ and show that the number of qubits is O(log 1/ϵ), while the number of rounds is (1/ϵ)O(1ϵ). A true understanding of the proof, including Kitaev's point-game techniques and their applicability, as well as completing the task of constructing an explicit (and also simpler and more efficient) protocol, are left to future work.
AB - Mochon's proof [Quantum Weak Coin Flipping with Arbitrarily Small Bias, preprint, arXiv:0711.4114, 2007] of the existence of quantum weak coin flipping with arbitrarily small bias is a fundamental result in quantum cryptography, but at the same time one of the least understood. Though used several times as a black box in important follow-up results [M. Ganz, Quantum Leader Election, preprint, arXiv:0910.4952, 2009; A. Chailloux and I. Kerenidis, in Proceedings of the 50th Annual IEEE Symposium on Foundations of Computer Science, IEEE Computer Society, Los Alamitos, CA, 2009, pp. 527-533; N. Aharon and J. Silman, New J. Phys., 12 (2010), 033027; A. Chailloux and I. Kerenidis, in Proceedings of the 52nd Annual IEEE Symposium on Foundations of Computer Science, IEEE Computer Society, Los Alamitos, CA, 2011; I. Kerenidis and S. Zhang, in Theory of Quantum Computation, Communication, and Cryptography, Lecture Notes in Computer Science 7582, Springer, Berlin, 2013, pp. 13-28], the result has not been peer reviewed, its novel techniques (and, in particular, Kitaev's point game formalism) have not been applied anywhere else, and an explicit protocol is missing. We believe that truly understanding the existence proof and the novel techniques it relies on would constitute a major step in quantum information theory, leading to deeper understanding of entanglement and of quantum protocols in general. In this work, we make a first step in this direction. We simplify parts of Mochon's construction considerably, making about 20 pages of analysis in the original proof superfluous, clarifying some other parts of the proof on the way, and presenting the proof in a way which is conceptually easier to grasp. We believe the resulting proof of existence is easier to understand, more readable, and certainly verifiable. Moreover, we analyze the resources needed to achieve a bias ϵ and show that the number of qubits is O(log 1/ϵ), while the number of rounds is (1/ϵ)O(1ϵ). A true understanding of the proof, including Kitaev's point-game techniques and their applicability, as well as completing the task of constructing an explicit (and also simpler and more efficient) protocol, are left to future work.
KW - Coin flipping
KW - Quantum cryptography
KW - Quantum protocols
KW - Quantum weak
KW - Security
KW - Theory
UR - http://www.scopus.com/inward/record.url?scp=84976905690&partnerID=8YFLogxK
U2 - 10.1137/14096387X
DO - 10.1137/14096387X
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???
AN - SCOPUS:84976905690
SN - 0097-5397
VL - 45
SP - 633
EP - 679
JO - SIAM Journal on Computing
JF - SIAM Journal on Computing
IS - 3
ER -