Quantum Bit String Commitment

Abstract

A bit string commitment protocol securely commits N classical bits in such a way that the recipient can extract only M<N bits of information about the string. Classical reasoning might suggest that bit string commitment implies bit commitment and hence, given the Mayers-Lo-Chau theorem, that non-relativistic quantum bit string commitment is impossible. Not so: there exist non-relativistic quantum bit string commitment protocols, with security parameters ε and M, that allow A to commit N = N(M, ε) bits to B so that A's probability of successfully cheating when revealing any bit and B's probability of extracting more than N'=N-M bits of information about the N bit string before revelation are both less than ε. With a slightly weakened but still restrictive definition of security against A, N can be taken to be O( (C N')) for a positive constant C. I briefly discuss possible applications.

0

Turn this paper into a full lesson

ArcXiv compiles a staged curriculum from this paper: 8-12 lessons across beginner → advanced, synthesised section guides, visuals, flashcards, a quiz, exercises, and on-demand deep dives per section. Grounded in the abstract, never invented.

Discussion (0)

Sign in to join the discussion.

Loading comments…