Security and Composability of Randomness Expansion from Bell Inequalities

TL;DR

This paper rigorously establishes lower bounds on the min-entropy of randomness generated from untrusted quantum devices using Bell inequalities, and demonstrates that such randomness can be securely expanded through device composition.

Contribution

It provides a correct and rigorous method to bound min-entropy from observed non-local behavior and shows how to compose untrusted devices for superpolynomial randomness expansion.

Findings

Established a rigorous lower bound on min-entropy based on non-local behavior.

Demonstrated composability of untrusted devices under non-entanglement assumptions.

Achieved superpolynomial randomness expansion with untrusted, unentangled devices.

Abstract

The nonlocal behavior of quantum mechanics can be used to generate guaranteed fresh randomness from an untrusted device that consists of two nonsignalling components; since the generation process requires some initial fresh randomness to act as a catalyst, one also speaks of randomness expansion. Colbeck and Kent proposed the first method for generating randomness from untrusted devices, however, without providing a rigorous analysis. This was addressed subsequently by Pironio et al. [Nature 464 (2010)], who aimed at deriving a lower bound on the min-entropy of the data extracted from an untrusted device, based only on the observed non-local behavior of the device. Although that article succeeded in developing important tools towards the acquired goal, it failed in putting the tools together in a rigorous and correct way, and the given formal claim on the guaranteed amount of min-entropy needs to be revisited. In this paper we show how to combine the tools provided by Pironio et al., as to obtain a meaningful and correct lower bound on the min-entropy of the data produced by an untrusted device, based on the observed non-local behavior of the device. Our main result confirms the essence of the improperly formulated claims of Pironio et al., and puts them on solid ground. We also address the question of composability and show that different untrusted devices can be composed in an alternating manner under the assumption that they are not entangled. This enables for superpolynomial randomness expansion based on two untrusted yet unentangled devices.