Signature Redacted a U Th Or
Total Page:16
File Type:pdf, Size:1020Kb
Games, Protocols, and Quantum Entanglement by Henry Yuen B.A., University of Southern California (2010) S.M., Massachusetts Institute of Technology (2013) Submitted to the Department of Electrical Engineering and Computer Science in partial fulfillment of the requirements for the degree of Doctor of Philosophy at the MASSACHUSETTS INSTITUTE OF TECHNOLOGY September 2016 Henry Yuen, MMXVI. All rights reserved. The author hereby grants to MIT permission to reproduce and to distribute publicly paper and electronic copies of this thesis document in whole or in part in any medium now known or hereafter created. A Ii Signature redacted A u th or ......................... ........ V ........................................ Departm nt of Electrical Engineering and Computer Science August 24, 2016 Signature redacted Certified by. Dana Moshkovitz Assistant Professor Thesis Supervisor Accepted by ..... Signature redacted I6 Leslie A. Kolodziejski Chair, Department Committee on Graduate Students MASSA-MUSETTS INSTITUTE OF TECHNOLOGY SEP 28 2016 LIBRARIES -11-- -.---- !""W"RRIIEVEMIMPMNNWMNP RFMXIII'M, RIMIM, R , I q p 1 11 "- " Games, Protocols, and Quantum Entanglement by Henry Yuen Submitted to the Department of Electrical Engineering and Computer Science on August 24, 2016, in partial fulfillment of the requirements for the degree of Doctor of Philosophy Abstract Quantum entanglement has evolved from being "spooky action at a distance" to being a fundamental information-theoretic resource, extending the frontiers of what is possible in communications, computation, and cryptography. It gives rise to non-local correlations that can be harnessed to perform tasks such as certified randomness generation and clas- sical verification of quantum computation. However, these same non-local correlations also pose a challenge when analyzing complexity-theoretic or cryptographic protocols in a quantum world: the soundness or security of the protocol may no longer hold in the pres- ence of entangled adversaries. This thesis presents several results involving games and protocols with entangled parties; in each result, we introduce new techniques and meth- ods to analyze soundness against adversaries that can manipulate quantum entanglement. First, we present a protocol wherein a classical verifer interacts with eight non-commu- nicating quantum devices, and for all integer N the verifier can statistically certify that the devices have produced N bits of randomness that is E-close to uniform, while only using O(log3 }) bits of seed randomness. We call this an infinite randomness expansion protocol, because the amount N of certified output randomness is independent of the verifier's seed length. Entanglement is both a blessing and a curse for this protocol: on one hand, the devices need entanglement in order to successfully generate randomness to pass the pro- tocol. But on the other hand, the devices may try to use entanglement to cheat and pass the protocol without producing additional randomness. We show that the monogamous nature of entanglement prevents this from happening. Next, this thesis studies the parallel repetition of games with entangled players. Raz's classical parallel repetition theorem (SICOMP 1998) is an influential result in complexity theory showing that the maximum success probability of unentangled players in a two- player game must decrease exponentially when the game is repeated in parallel. Its proof is highly non-trivial, and a major open question is whether it extends to the case of entangled players. We make progress on this question in several ways. First, we present an efficient trans- formation on games called "anchoring" that converts any k-player game G into a k-player game G1 such that the entangled value of its n-fold parallel repetition, G", is exponen- tially small in n (provided that the entangled value of G is less than 1). Furthermore, the transformation is completeness preserving, in that if the entangled value of G is 1, then the entangled value of G" is also 1. This yields the first gap amplification procedure for general entangled games that achieves exponential decay. We also show that parallel repetition of a game causes the entangled value to decrease at a polynomial rate with the number of repetitions. In particular, this gives the first proof that the entangled value of a parallel repeated game converges to 0 for all games who entangled value is less than 1. 3 The third result of this thesis on entangled parallel repetition is an improved analysis of the parallel repetition of free games with entangled players. Free games are those where the players' questions are independent of each other. We show how to use the fact that the DISJOINTNESS problem of size N can be solved with O(v/N) qubits of quantum commu- nication in order to speed up the rate of decay for the parallel repetition: given a free game G with entangled value 1 - e, its n-fold parallel repetition G" has entangled value at most (1 -- 3/2)0(n/s), where s is the length of the players' answers in G. In contrast, the best parallel repetition theorem for free games with unentangled players, due to Barak, et al. (RANDOM 2009), shows that for a free game G with entangled value 1 - 3, the classical 2 0 value of G" is at most (1 - E ) (n/s), which is a slower rate of decay. This suggests a sep- aration between the behavior of entangled games and unentangled games under parallel repetition. In the final part of this thesis, we examine message authentication in a quantum world. Message authentication is a fundamental task in cryptography that ensures data integrity when communicating over an insecure channel. We consider two settings. One is classi- cal authentication against quantum attacks. The other is total quantum authentication of quantum data. We give a new class of security definitions for both modes of message authentica- tion. Our definitions capture and strengthen several existing definitions, including that of Boneh-Zhandry (EUROCRYPT 2013), which pertains to superposition attacks on classi- cal authentication schemes, as well as the definition of Barnum, et al. (FOCS 2002), which addresses total authentication of quantum data. Our definitions give strong characteri- zations for what a quantum adversary is able to do in a message authentication protocol, even when the adversary has quantum side information that is entangled with the message state. We argue that, in the "one time" setting, our definitions are the strongest possible. We prove that our security definition for total quantum authentication has some sur- prising implications, such as the ability to reuse the key whenever verification is successful, and a conceptually simple quantum key distribution protocol. We then give several con- structions of protocols that satisfy our security definitions: (1) we show that the classical Wegman-Carter scheme with 3-universal hashing is secure against quantum adversaries with quantum-side information; (2) we present a protocol based on unitary designs that achieves total quantum authentication, and (3) we show that using the classical Wegman- Carter scheme to authenticate in complementary bases yields a form of total quantum authentication, with bounded key leakage. Thesis Supervisor: Dana Moshkovitz Title: Assistant Professor 4 Acknowledgments On the surface, the theorems in this thesis appear to be merely a collection of symbols that (hopefully) form true sentences in Zermelo-Fraenkel set theory. That would be completely missing a critical dimension, however: behind each theorem is a rich, complicated, and wonderful story whose most important component is not mathematics, but people. Theo- rems frequently come from spirited effort with collaborators. Just as often, though, they are a product of inspiring interactions - both mathematical and non-mathematical - with mentors, teachers, colleagues, friends, and family. So while the mathematical part of this thesis outweighs the acknowledgments section many times over in terms of page count, no number of pages (and certainly not the next few paragraphs) can properly capture the importance of the people who have shaped the course of my grad school years. First, deep thanks goes to my adviser Dana Moshkovitz. I am grateful for her support and faith in me as I tried to forge my own research path. She gave me a lot of freedom to explore my own interests, but by no means was Dana an aloof adviser. Her door was always open, and was always willing to chat about anything: research, academia, or life. I greatly appreciate all the encouragement and guidance she has given over the years, as well as the numerous explanations of the intricacies of PCP, derandomized parallel repe- tition, and games that left me simultaneously bewildered and in awe. It makes me happy that I can count Dana as a colleague and friend, in addition to having her as a wonderful mentor. Next, I have had many wonderful opportunities to visit various people at institutions around the world. Each visit led to rewarding experiences, both research-wise and other- wise. Thanks go to Aram Harrow and Anup Rao (visit to the University of Washington, summer 2012 and summer 2015), the Simons Institute at Berkeley (spring 2014), Ronald de Wolf (visits to CWI in Amsterdam, summer 2014 and summer 2015), Mark Braverman (Princeton, spring 2015), Thomas Vidick (CalTech, summer 2015 and Stellenbosch Institute of Advanced Study in South Africa, fall 2015), Troy Lee (two workshops at NUS in Singa- pore, January 2016), Irit Dinur (Weizmann Institute of Science, February 2016), and Cedric Lin (QuICS, Maryland, summer 2016).1 In particular, it was at Princeton and Singapore, re- spectively, that the results on anchoring parallel repetition and polynomial decay parallel repetition in this thesis were worked out. I've had the privilege of working with many brilliant and talented collaborators: Mo- hammad Bavarian, Kai-Min Chung, Matt Coudron, Sumegha Garg, Ioana Ivan, Troy Lee, Michael Mitzenmacher, Dana Moshkovitz, Govind Ramnarayan, Anupam Prakash, Justin Thaler, Thomas Vidick, Ronald de Wolf, Xiaodi Wu, and Mark Zhandry.