Optimal bounds for semi-honest quantum oblivious transfer
This provides a foundational security guarantee for quantum cryptography, addressing a fundamental primitive with implications for secure communication protocols.
The paper tackles the problem of establishing optimal security bounds for quantum oblivious transfer protocols, proving that 2B + A ≥ 2, which implies at least one party can cheat with probability at least 2/3, and shows this bound is optimal by constructing protocols that approach any point on the tradeoff curve.
Oblivious transfer is a fundamental cryptographic primitive in which Bob transfers one of two bits to Alice in such a way that Bob cannot know which of the two bits Alice has learned. We present an optimal security bound for quantum oblivious transfer protocols under a natural and demanding definition of what it means for Alice to cheat. Our lower bound is a smooth tradeoff between the probability B with which Bob can guess Alice's bit choice and the probability A with which Alice can guess both of Bob's bits given that she learns one of the bits with certainty. We prove that 2B + A is greater than or equal to 2 in any quantum protocol for oblivious transfer, from which it follows that one of the two parties must be able to cheat with probability at least 2/3. We prove that this bound is optimal by exhibiting a family of protocols whose cheating probabilities can be made arbitrarily close to any point on the tradeoff curve.