Achieving the physical limits of the bounded-storage model

Abstract

Secure two-party cryptography is possible if the adversary's quantum storage device suffers imperfections. For example, security can be achieved if the adversary can store strictly less then half of the qubits transmitted during the protocol. This special case is known as the bounded-storage model, and it has long been an open question whether security can still be achieved if the adversary's storage were any larger. Here, we answer this question positively and demonstrate a two-party protocol which is secure as long as the adversary cannot store even a small fraction of the transmitted pulses. We also show that security can be extended to a larger class of noisy quantum memories.