|
|
|
|
|
|
by Q_is_4_Quantum
93 days ago
|
|
|
Actually you can't compose quantum crypto protocols like you can classical ones - the composed protocol needs a new security analysis. Entanglement across protocols often kills the composition! Interestingly (to me!) it took a while in the 90’s/early 00’s for the community to realise that there are distinct questions: Question A: Does there exist a set of target states and measurements that implement the task Question B: Can mistrustful parties find a communication protocol that securely (from their perspective) create/implement those states/measurments. An example where the answer to A is “no” is fully secure oblivious transfer. There were a bunch of misguided papers trying to find communication protocols for OT, but they were doomed from the start! An example where the answer to A is “yes" but to B is “no” is strong coin flipping. And an example where the answer to both is “yes” is weak coin flipping. (See Carlos Mochon’s magnus opus arxiv 0711.4114 for the coin flipping examples). I first articulated the distinction between A and B quant-ph/0202143 but left the proof about OT and Question A as an exercise to the reader! Roger Colbeck in arxiv 0708.2843 provided a simple proof and elucidated the whole situation a lot I think. |
|
|