Composable security in relativistic quantum cryptography

TL;DR

This paper develops a new composable framework using Causal Boxes within Abstract Cryptography to analyze relativistic quantum cryptography protocols, enabling the derivation of novel security impossibility results.

Contribution

It introduces a Minkowski space-based, composable security framework for relativistic quantum cryptography, addressing limitations of previous models.

Findings

Coin flipping can be constructed from the primitive channel with delay

Biased coin flipping and bit commitment are impossible without additional assumptions

Channels with delay cannot be improved

Abstract

Relativistic protocols have been proposed to overcome some impossibility results in classical and quantum cryptography. In such a setting, one takes the location of honest players into account, and uses the fact that information cannot travel faster than the speed of light to limit the abilities of dishonest agents. For example, various relativistic bit commitment protocols have been proposed. Although it has been shown that bit commitment is sufficient to construct oblivious transfer and thus multiparty computation, composing specific relativistic protocols in this way is known to be insecure. A composable framework is required to perform such a modular security analysis of construction schemes, but no known frameworks can handle models of computation in Minkowski space. By instantiating the systems model from the Abstract Cryptography framework with Causal Boxes, we obtain such a composable framework, in which messages are assigned a location in Minkowski space (or superpositions thereof). This allows us to analyse relativistic protocols and to derive novel possibility and impossibility results. We show that (1) coin flipping can be constructed from the primitive channel with delay, (2) biased coin flipping, bit commitment and channel with delay are all impossible without further assumptions, and (3) it is impossible to improve a channel with delay. Note that the impossibility results also hold in the computational and bounded storage settings. This implies in particular non-composability of all proposed relativistic bit commitment protocols, of bit commitment in the bounded storage model, and of biased coin flipping.