Related papers: Quantum dice rolling
Two possibly unfair $n$-sided dice, both labelled $1, 2, \ldots, n$, are rolled, and the sum is recorded. How should the dice's sides be weighted so that the resulting sum is closest to the uniform distribution on $2, 3, \ldots, 2n$? We…
Quantum backflow refers to the counterintuitive fact that the probability can flow in the direction opposite to the momentum of a quantum particle. This phenomenon has been seen to be small and fragile for one-dimensional systems, in which…
Have you ever taken a disputed decision by tossing a coin and checking its landing side? This ancestral "heads or tails" practice is still widely used when facing undecided alternatives since it relies on the intuitive fairness of…
Secure multi-party computing, also called "secure function evaluation", has been extensively studied in classical cryptography. We consider the extension of this task to computation with quantum inputs and circuits. Our protocols are…
In this paper, we present a universal scheme for transforming an arbitrary algorithm for biased 2-face coins to generate random bits from the general source of an m-sided die, hence enabling the application of existing algorithms to general…
Free motion of a quantum particle with the wave function entirely comprised of plane waves with non-negative momenta may be accompanied by negative probability current, an effect called quantum backflow. The effect is weak and fragile, and…
A classical computer does not allow to calculate a discrete cosine transform on N points in less than linear time. This trivial lower bound is no longer valid for a computer that takes advantage of quantum mechanical superposition,…
Secure key distribution among two remote parties is impossible when both are classical, unless some unproven (and arguably unrealistic) computation-complexity assumptions are made, such as the difficulty of factorizing large numbers. On the…
We investigate definitions of and protocols for multi-party quantum computing in the scenario where the secret data are quantum systems. We work in the quantum information-theoretic model, where no assumptions are made on the computational…
The lack of perfect randomness can cause significant problems in securing communication between two parties. McInnes and Pinkas proved that unconditionally secure encryption is impossible when the key is sampled from a weak random source.…
When elementary quantum systems, such as polarized photons, are used to transmit digital information, the uncertainty principle gives rise to novel cryptographic phenomena unachievable with traditional transmission media, e.g. a…
Many people have flipped coins but few have stopped to ponder the statistical and physical intricacies of the process. We collected $350{,}757$ coin flips to test the counterintuitive prediction from a physics model of human coin tossing…
There had been well known claims of unconditionally secure quantum protocols for bit commitment. However, we, and independently Mayers, showed that all proposed quantum bit commitment schemes are, in principle, insecure because the sender,…
A simple and efficient protocol for quantum oblivious transfer is proposed. The protocol can easily be implemented with present technology and is secure against cheaters with unlimited computing power provided the receiver does not have the…
The cryptographic task of secure multi-party (classical) computation has received a lot of attention in the last decades. Even in the extreme case where a computation is performed between $k$ mutually distrustful players, and security is…
Alice seeks an information-theoretically secure source of private random data. Unfortunately, she lacks a personal source and must use remote sources controlled by other parties. Alice wants to simulate a coin flip of specified bias…
A relativistic quantum information exchange protocol is proposed allowing two distant users to realize ``coin tossing'' procedure. The protocol is based on the point that in relativistic quantum theory reliable distinguishing between the…
In his seminal work, Cleve [STOC '86] has proved that any $r$-round coin-flipping protocol can be efficiently biased by $\Theta(1/r)$. This lower bound was met for the two-party case by Moran, Naor, and Segev [Journal of Cryptology '16],…
By repeated trials, one can determine the fairness of a classical coin with a confidence which grows with the number of trials. A quantum coin can be in a superposition of heads and tails and its state is most generally a density matrix.…
We analyse a model for fault-tolerant quantum computation with low overhead suitable for situations where the noise is biased. The basis for this scheme is a gadget for the fault-tolerant preparation of magic states that enable universal…