Limits of privacy amplification against non-signalling memory attacks

TL;DR

This paper demonstrates that in scenarios with non-signalling adversaries possessing memory, super-polynomial privacy amplification via hashing is impossible, highlighting fundamental limits for device-independent cryptography against such adversaries.

Contribution

It proves the impossibility of super-polynomial privacy amplification under time-ordered non-signalling constraints, extending understanding of security limits in device-independent cryptography.

Findings

Super-polynomial privacy amplification is impossible under certain non-signalling conditions.

Memory in non-signalling systems enables adversaries to undermine privacy amplification.

Results impact the security assumptions of practical device-independent key distribution.

Abstract

The task of privacy amplification, in which Alice holds some partially secret information with respect to an adversary Eve and wishes to distill it until it is completely secret, is known to be solvable almost optimally both in the classical and quantum world. Unfortunately, when considering an adversary who is only limited by non-signalling constraints such a statement cannot be made in general. We here prove that under the natural assumptions of time-ordered non-signalling system, which allow past subsystems to signal future subsystems (using the device's memory for example), super-polynomial privacy amplification by any hashing is impossible. This is in great relevance when considering practical device independent key distribution protocols which assume a super-quantum adversary.