Device-independent quantum cryptography
Rahul Jain | Centre for Quantum Technologies
Device-independent (DI) cryptography is particularly motivated in the quantum setting. In DI quantum cryptographic protocols, honest parties perform classical operations, classical communication, and interact with untrusted quantum devices via classical inputs and outputs. This allows honest parties to source quantum devices from third parties. DI protocols are often based on self-testing via non-local games. This requires that quantum devices do not communicate with each other after the inputs are provided to them and the outputs are produced by them (the no-signalling assumption). This is a stringent and hard-to-implement assumption in practice, especially with adversarial devices.
Quantum key distribution (QKD) is one of the most well-studied cryptographic tasks in which two parties (Alice and Bob) establish secret keys between themselves. We present a DI protocol for QKD where the no-signalling assumption is relaxed to a bounded leakage assumption. The interaction with the quantum devices is parallel and hence can be implemented in bounded time. The protocol is secure even with linear (in the number of bits of the key produced) interactive leakage between the devices and the adversary Eve. Bounded leakage in bounded time may be easier to implement in practice with bandwidth limitations on communication. Oblivious transfer (OT) is another very important cryptographic task that allows for secure multiparty computations (MPC). It is known that, unlike QKD, information-theoretic secure quantum protocols for OT are not possible.
We present a DI protocol for OT in the bounded storage model in which the long-term (lasting beyond a fixed time interval, say one second) quantum memory for each party (including the adversary and the quantum devices) is linearly (in the number of devices used in the protocol) bounded. This is a reasonable assumption in practice since long-term quantum memories are expected to be bounded. There are no additional complexity assumptions placed. This protocol can be implemented in NISQ, is efficient and robust (works with slightly erroneous devices), allows for general (non-iid) adversaries, has negligible (in the security parameter) correctness and security errors, and is composable (can be used inside larger cryptographic protocols).
Talk based on:
- A direct product theorem for quantum communication complexity with applications to device-independent QKD. Rahul Jain, Srijita Kundu. SICOMP, 2025. FOCS, 2021. QIP, 2022 (short plenary talk), ArXiv:2106.04299.
- A robust and composable device-independent protocol for oblivious transfer using (fully) untrusted quantum devices in the bounded storage model. Rishabh Batra, Sayantan Chakraborty, Rahul Jain, Upendra Kapshikar. QCrypt, 2025. ArXiv:2404.11283.
IQC faculty host: Ashwin Nayak
About the speaker
Rahul Jain is a Professor at the Computer Science Department, National University of Singapore (NUS). He was an Associate Professor from 2013 to 2019 and an Assistant Professor from 2009 to 2013 at NUS. He obtained his PhD from the Tata Institute of Fundamental Research (TIFR), Mumbai, India, in 2003. He was a post-doctoral researcher at the University of California at Berkeley, USA, from 2004 to 2006 and at the Institute for Quantum Computing (IQC), University of Waterloo, Canada, from 2006 to 2008. He obtained a Bachelor's degree (B.Tech) in Electrical and Electronics Engineering from the Indian Institute of Technology, Mumbai (IITB), India, in 1997. He has been a Principal Investigator at the Centre for Quantum Technologies (CQT) in Singapore since 2009.
Location
QNC 0101