Adrian Kent

Adrian Kent

Over the past 25 years, I have been involved in some intriguing developments in the foundations of physics, exploring the quantum reality problem, the relationship between quantum theory and gravity and the interplay between consciousness and physical laws. These investigations make it plausible that we will find physics beyond quantum theory, potentially including both new evolution laws and new types of measurement. There is also a significant chance they could have potentially transformative impact on information processing and on the development of and our future with AI.

Adrian Kent, Damián Pitalúa-García

S-money [Proc. R. Soc. A 475, 20190170 (2019)] schemes define virtual tokens designed for networks with relativistic or other trusted signalling constraints. The tokens allow near-instant verification and guarantee unforgeability without requiring quantum state storage. We present refined two stage S-money schemes. The first stage, which may involve quantum information exchange, generates private user token data. In the second stage, which need only involve classical communications, users determine the valid presentation point, without revealing it to the issuer. This refinement allows the user to determine the presentation point anywhere in the causal past of all valid presentation points. It also allows flexible transfer of tokens among users without compromising user privacy.

Adrian Kent

We propose definitions and implementations of "S-money" - virtual tokens designed for high value fast transactions on networks with relativistic or other trusted signalling constraints, defined by inputs that in general are made at many network points, some or all of which may be space-like separated. We argue that one significant way of characterising types of money in space-time is via the "summoning" tasks they can solve: that is, how flexibly the money can be propagated to a desired space-time point in response to relevant information received at various space-time points. We show that S-money is more flexible than standard quantum or classical money in the sense that it can solve deterministic summoning tasks that they cannot. It requires the issuer and user to have networks of agents with classical data storage and communication, but no long term quantum state storage, and is feasible with current technology. User privacy can be incorporated by secure bit commitment and zero knowledge proof protocols. The level of privacy feasible in given scenarios depends on efficiency and composable security questions that remain to be systematically addressed.

Adrian Kent

Summoning is a task between two parties, Alice and Bob, with distributed networks of agents in space-time. Bob gives Alice a random quantum state, known to him but not her, at some point. She is required to return the state at some later point, belonging to a subset defined by communications received from Bob at other points. Many results about summoning, including the impossibility of unrestricted summoning tasks and the necessary conditions for specific types of summoning tasks to be possible, follow directly from the quantum no-cloning theorem and the relativistic no-superluminal-signalling principle. The impossibility of cloning devices can be derived from the impossibility of superluminal signalling and the projection postulate, together with assumptions about the devices' location-independent functioning. In this qualified sense, known summoning results follow from the causal structure of space-time and the properties of quantum measurements. Bounds on the fidelity of approximate cloning can be similarly derived. Bit commitment protocols and other cryptographic protocols based on the no-summoning theorem can thus be proven secure against some classes of post-quantum but non-signalling adversaries.

Emily Adlam, Adrian Kent

Bob has a black box that emits a single pure state qudit which is, from his perspective, uniformly distributed. Alice wishes to give Bob evidence that she has knowledge about the emitted state while giving him little or no information about it. We show that zero-knowledge evidencing of such knowledge is impossible in quantum relativistic protocols, extending a previous result of Horodecki et al.. We also show that no such protocol can be both sound and complete. We present a new quantum relativistic protocol which we conjecture to be close to optimal in security against Alice and which reveals little knowledge to Bob, for large dimension $d$. We analyse its security against general attacks by Bob and restricted attacks by Alice.

Emily Adlam, Adrian Kent

We examine the possibility of device-independent relativistic quantum bit commitment. We note the potential threat of {\it location attacks}, in which the behaviour of untrusted devices used in relativistic quantum cryptography depends on their space-time location. We describe relativistic quantum bit commitment schemes that are immune to these attacks, and show that these schemes offer device-independent security against hypothetical post-quantum adversaries subject only to the no-signalling principle. We compare a relativistic classical bit commitment scheme with similar features, and note some possible advantages of the quantum schemes.

Emily Adlam, Adrian Kent

We describe new unconditionally secure bit commitment schemes whose security is based on Minkowski causality and the monogamy of quantum entanglement. We first describe an ideal scheme that is purely deterministic, in the sense that neither party needs to generate any secret randomness at any stage. We also describe a variant that allows the committer to proceed deterministically, requires only local randomness generation from the receiver, and allows the commitment to be verified in the neighbourhood of the unveiling point. We show that these schemes still offer near-perfect security in the presence of losses and errors, which can be made perfect if the committer uses an extra single random secret bit. We discuss scenarios where these advantages are significant.

Jonathan Barrett, Roger Colbeck, Adrian Kent

Device-independent quantum key distribution is the task of using uncharacterized quantum devices to establish a shared key between two users. If a protocol is secure regardless of the device behaviour, it can be used to generate a shared key even if the supplier of the devices is malicious. To date, all device-independent quantum key distribution protocols that are known to be secure require separate isolated devices for each entangled pair, which is a significant practical limitation. We introduce a protocol that requires Alice and Bob to have only one device each. Although inefficient, our protocol is unconditionally secure against an adversarial supplier limited only by locally enforced signalling constraints.

Sarah Croke, Adrian Kent

We spell out details of a simple argument for a security bound for the secure relativistic quantum bit commitment protocol of Ref. [1].

Adrian Kent, Serge Massar, Jonathan Silman

An important class of cryptographic applications of relativistic quantum information work as follows. B generates a random qudit and supplies it to A at point P. A is supposed to transmit it at near light speed c to to one of a number of possible pairwise spacelike separated points Q1; : : : ;Qn. A's transmission is supposed to be secure, in the sense that B cannot tell in advance which Qj will be chosen. This poses significant practical challenges, since secure reliable long-range transmission of quantum data at speeds near to c is presently not easy. Here we propose different techniques to overcome these difficulties. We introduce protocols that allow secure long-range implementations even when both parties control only widely separated laboratories of small size. In particular we introduce a protocol in which A needs send the qudit only over a short distance, and securely transmits classical information (for instance using a one time pad) over the remaining distance. We further show that by using parallel implementations of the protocols security can be maintained in the presence of moderate amounts of losses and errors.