TL;DR
This paper proposes an energy-efficient quantum-enabled blockchain architecture utilizing light for secure, trustless mining, combining classical and quantum communication methods to enhance security and reduce energy consumption.
Contribution
It introduces a novel hybrid quantum-classical blockchain system with a light-based quantum mining protocol that eliminates the need for trust in network infrastructure.
Findings
Demonstrated energy efficiency of the quantum mining protocol based on previous optical experiments.
Showed the protocol's compatibility with existing quantum internet and computing technologies.
Addressed security vulnerabilities and open questions in quantum blockchain systems.
Abstract
We outline a quantum-enabled blockchain architecture based on a consortium of quantum servers. The network is hybridised, utilising digital systems for sharing and processing classical information combined with a fibre--optic infrastructure and quantum devices for transmitting and processing quantum information. We deliver an energy efficient interactive mining protocol enacted between clients and servers which uses quantum information encoded in light and removes the need for trust in network infrastructure. Instead, clients on the network need only trust the transparent network code, and that their devices adhere to the rules of quantum physics. To demonstrate the energy efficiency of the mining protocol, we elaborate upon the results of two previous experiments (one performed over 1km of optical fibre) as applied to this work. Finally, we address some key vulnerabilities, explore…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Code & Models
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Energy efficient mining on a quantum–enabled blockchain using light
Adam J. Bennet A. J. Bennet is an independent researcher in Melbourne, Australia.
Shakib Daryanoosh S. Daryanoosh is a post–doctoral researcher at Macquarie University, Department of Physics and Astronomy, and the Australian Research Council Centre of Excellence for Engineered Quantum Systems, Sydney, Australia.
Abstract
We outline a quantum-enabled blockchain architecture based on a consortium of quantum servers. The network is hybridised, utilising digital systems for sharing and processing classical information combined with a fibre–optic infrastructure and quantum devices for transmitting and processing quantum information. We deliver an energy efficient interactive mining protocol enacted between clients and servers which uses quantum information encoded in light and removes the need for trust in network infrastructure. Instead, clients on the network need only trust the transparent network code, and that their devices adhere to the rules of quantum physics. To demonstrate the energy efficiency of the mining protocol, we elaborate upon the results of two previous experiments (one performed over 1km of optical fibre) as applied to this work. Finally, we address some key vulnerabilities, explore open questions, and observe forward–compatibility with the quantum internet and quantum computing technologies.
keywords:
quantum information quantum blockchain quantum optics entanglement
1 Introduction
Blockchain technology has shown potential for transforming traditional industry with its key characteristics of decentralization, transparency, persistency, and auditability. Despite the great potential of blockchain, it faces numerous challenges, which limit the wide use of blockchain technology. For example, the energy consumption of the Bitcoin blockchain11endnote: 1Nakamoto, S. “Bitcoin: A Peer-to-Peer Electronic Cash System.” Bitcoin.org (2009) (accessed August 2018) http://bitcoin.org/bitcoin.pdf.22endnote: 2Antonopoulos, A. M. Mastering Bitcoin: Unlocking Digital Cryptocurrencies. O’Reilly Media, Inc. (2015)33endnote: 3Extance, A. “The future of cryptocurrencies: Bitcoin and beyond.” Nature 526 21–23 (2015). has been predicted to eclipse total global energy consumption by 2020.44endnote: 4de Vries, A. “Bitcoin’s growing energy problem”. Joule, 2.5, 801–805 (2018). Blockchain technology also faces issues with security, privacy, and scalability. Blockchain consensus faces challenges too, for example, some popular proof–of–work55endnote: 5Miller, A., & LaViola, J. J. “Anonymous Byzantine consensus from moderately–hard puzzles: A model for Bitcoin.” Tech. Report, CS-TR-14-01, UCF, (2014) algorithms result in energy waste66endnote: 6Baraniuk, C. “Bitcoin energy use in Iceland set to overtake homes, says local firm”. BBC News (accessed 24 October 2018) https://www.bbc.com/news/technology-43030677 whereas proof–of–stake77endnote: 7King, S., Nadal, S. “PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake” (2012) (accessed September 2018) https://archive.org/details/PPCoinPaper may result in resource or wealth concentration.88endnote: 8Zheng, Z., Xie, S., Dai, H., Chen X., Wang, H. “An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends.” Proc. IEEE International Congress on Big Data, 557-564, (2017) As a result, fundamental redesign of blockchain architectures may be required to ensure the technology is capable of widespread acceptance whilst retaining its attractive qualities.99endnote: 9Croman K. et al. “On Scaling Decentralized Blockchains.” Financial Cryptography and Data Security, Lecture Notes in Computer Science, 9604, Springer, Berlin, Heidelberg (2016)1010endnote: 10Fedorov, A. K., Kiktenko, E. O., Lvovsky, A. I. “Quantum computers put blockchain security at risk.” Nature 563 465–467 (2018) doi:10.1038/d41586-018-07449-z
This work is a contribution in that direction, which explores mining new blocks on a quantum–enabled blockchain using light generated by energy efficient quantum optical devices (See Figure 1 for a conceptual overview). Quantum optical devices are a new type of network infrastructure for secure transmission and processing of quantum information. These devices offer advantages over traditional network infrastructures due to the fact that the information is transmitted, encoded, and decoded using physical systems which adhere to the laws of quantum physics. Quantum optical devices operate at the single photon level, where a photon is the smallest permissible unit of light. Formally, a single bit of quantum information is called a quantum bit, or qubit, and in the case of optical encodings, information is encoded onto a photonic qubit using degrees of freedom which correspond to physical parameters of the photon (e.g. polarization, angular momentum, spatial mode, or a combination1111endnote: 11Wang, X. L., et. al. “18–Qubit Entanglement with Six Photons’ Three Degrees of Freedom.” Phys. Rev. Lett 120.26 260502 (2018) doi: https://doi.org/10.1103/PhysRevLett.120.260502). This optical encoding, when paired with the quantum properties of qubits, guarantees an inherent protection against eavesdropping,1212endnote: 12Bennett, C, H., & Brassard, G. “Quantum Cryptography: Public key distribution and coin tossing.” Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, 175, Bangalore, India (1984)1313endnote: 13Ekert, A. K. “Quantum cryptography based on Bell’s theorem.” Phys. Rev. Lett. 67 661-663 (1991)1414endnote: 14Gisin, N., Ribordy, G., Tittel, W., Zbinden, H. “Quantum Cryptography.” Rev. Mod. Phys. 74 145 (2002) affords compatibility with quantum computing,1515endnote: 15Deutsch, D. “Quantum theory, the Church–Turing principle and the universal quantum computer” Proceedings of the Royal Society A. 400 1818 (1985)1616endnote: 16DiVincenzo, P. D. “Quantum Computation.” Science, 270 255–26 (1995)1717endnote: 17Monroe, C., Meekhof, D. M., King, B. E., Itano,W. M., & Wineland, D. J. “Demonstration of a Fundamental Quantum Logic Gate.” Phys. Rev. Lett. 75 4714 (1995)1818endnote: 18Ekert, A., Jozsa, R. “Quantum computation and Shor’s factoring algorithm.” Rev. Mod. Phys. 68 733 (1996)1919endnote: 19Ohlsson, N., Mohan, R. K., Kröll, S. “Quantum computer hardware based on rare–earth–ion–doped inorganic crystals.” Optics Communications 201.1 71–77 (2002) and permits secure information distribution and information teleportation on optical networks.2020endnote: 20Pirandola, S., Eisert, J., Weedbrook, C., Furusawa, A., Braunstein, S. L. “Advances in quantum teleportation.” Nature Photonics, 9 641–652 (2015)2121endnote: 21Nölleke, C., et. al.“Efficient Teleportation Between Remote Single-Atom Quantum Memories.” Phys. Rev. Lett. 110 140403 (2013)2222endnote: 22Valivarthi, R., et. al. “Quantum teleportation across a metropolitan fibre network.” Nature Photonics 10 676–680 (2016)2323endnote: 23Xia, X. X., Sun, Q. C., Zhang, Q., & Pan, J. W. “Long distance quantum teleportation.” Quantum Science and Technology 3 014012 (2017) https://doi.org/10.1088/2058-9565/aa9baf2424endnote: 24Bennett, C. H., Brassard, G., Crépeau, C., Jozsa, R., Peres, A., Wootters, W. K. “Teleporting an unknown quantum state via dual classical and Einstein–Podolsky–Rosen channels.” Phys. Rev. Lett. 70 1895 (1993)2525endnote: 25Neumann, P., et. al. “Multipartite Entanglement Among Single Spins in Diamond.” Science 320.5881 1326–1329 (2008)
Tests of this new infrastructure have proven the robustness of quantum optical devices in real–world scenarios. Some recent examples include quantum key distribution,2626endnote: 26Salvail, L. et al. “Security of trusted repeater quantum key distribution networks.” J. Comput. Sec. 18 61–87 (2010)2727endnote: 27Peev, M. et al. “The SECOQC quantum key distribution network in Vienna.” New J. Phys. 11 075001 (2009)2828endnote: 28Stucki, D. et al. “Long–term performance of the Swiss quantum quantum key distribution network in a field environment.” New J. Phys. 13 123001 (2011)2929endnote: 29Chen, T. Y. et al. “Field test of a practical secure communication network with decoy–state quantum cryptography.” Opt. Express 17 6540–6549 (2009)3030endnote: 30Chen, T. Y. et al. “Metropolitan all–pass and inter–city quantum communication network.” Opt. Express 18 27217–27225 (2010)
3131endnote: 31Kiktenko, E. O. et al. “Demonstration of a quantum key distribution network across urban fiber channels.” arXiv:1705.07154 (2017) quantum verification,3232endnote: 32Shadbolt, P., Mathews, J. C. F., Laing, A., O’Brien, J. L. “Testing foundations of quantum mechanics with photons.” Nat. Phys. 10 278–286 (2014)3333endnote: 33Christensen, B. G. et. al. “Detection–loophole–free test of quantum nonlocality, and applications.” Phys. Rev. Lett. 111 130406 (2013)3434endnote: 34Smith, D. H. et. al. “Conclusive quantum steering with superconducting transition–edge sensors.” Nat. Comms. 3 625 (2012)3535endnote: 35Wittmann B. et. al. “Loophole–free Einstein–Podolsky–Rosen experiment via quantum steering.” New J. Phys. 14 053030 (2012) and mobile quantum communication protocols,3636endnote: 36Sasaki, M. “Quantum networks: where should we be heading?” Quantum Science and Technology 2 020501 (2017)3737endnote: 37Elmabrok, O., Razavi, M. “Wireless quantum key distribution in indoor environments.” Journal of the Optical Society of America B, 35.2 197–207 (2018)3838endnote: 38Chun, H., et al. “Handheld free space quantum key distribution with dynamic motion compensation.” Optics Express 25.6 6784–6795 (2017)3939endnote: 39Zhang, P., et. al. “Reference–Frame–Independent Quantum Key Distribution Server with a Telecom Tether for an On–Chip Client.” Phys. Rev. Lett. 112 130501 (2014)
4040endnote: 40Bourgoin, J. P., et. al. “Free–space quantum key distribution to a moving receiver.” Optics Express 23.26 33437–33447 (2015) all of which are compatible with existing telecommunication networks.4141endnote: 41Toshiba Corporation. “High–speed quantum cryptographic communications with key distribution speeds exceeding 10 Mbps in a real-world environment.” Toshiba Press Release (accessed 25th October 2018) https://www.toshiba.co.jp/about/press/2018_09/pr1101.htm4242endnote: 42Sasaki, M. et al. “Field test of quantum key distribution in the Tokyo QKD Network.” Opt. Express 19 10387 (2011)4343endnote: 43Tysowski, P. K., Ling, X., Lütkenhaus, N., Mosca, M. “The engineering of a scalable multi–site communications system utilizing quantum key distribution (QKD).” Quantum Science and Technology 3.2 (2018) Here, we present a means of integrating quantum optical devices into a blockchain architecture, and deliver an interactive quantum protocol designed for energy efficient mining on a blockchain using light, namely using entanglement as a resource for securing new blocks on a blockchain, which we term proof of entanglement (PoE). Entanglement is a new kind of resource that is as real as energy,4444endnote: 44Horodecki, R., Horodecki, P., Horodecki, M., Horodecki, K. “Quantum Entanglement.” Rev. Mod. Phys. 81 865 (2009) with applications in communication, cryptography, computation, and information distribution technologies.
In this work, we elaborate upon results from two previous proof–in–principle experiments, and explore how the PoE mining protocol may be readily implemented with a Sagnac interferometer,4545endnote: 45Fedrizzi, A., Herbst, T., Poppe, A., Jennewein, T., Zeilinger, A. “A wavelength–tunable fiber–coupled source of narrowband entangled photons.” Optics Express 15.23 15377–15386 (2007)4646endnote: 46Li, Y., Zhou, Z. Y., Ding, D. S., Shi, B. S. “CW–pumped telecom band polarization entangled photon pair generation in a Sagnac interferometer.” Optics Express 23.22 28792–28800 (2015)4747endnote: 47Jin, R. B. et. al. “Pulsed Sagnac polarization–entangled photon source with a PPKTP crystal at telecom wavelength.” Optics Express 22.10 11498–11507 (2014) functioning, in this case, as a quantum server. The role of the quantum server is to generate entanglement, encoded in photonic qubits, which is sent to clients on the network via direct fibre link. This approach to blockchain redesign with quantum compatibility in mind contrasts starkly with contemporary trends in information technology, whereby developers resist emerging quantum technologies (like quantum computing) by implementing “quantum–resistant” protocols and algorithms on traditional (i.e. non–quantum) platforms.4848endnote: 48Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A. “Zero–Knowledge Proofs From Secure Multiparty Computation.” SIAM J. Comput. 39.3 1121–1152 (2009) doi: 10.1137/0807253984949endnote: 49Torres, W. A. A., et al. “Post–Quantum One–Time Linkable Ring Signature and Application to Ring Confidential Transactions in Blockchain.” In Susilo, W., Yang, G. (Ed.) Information Security and Privacy. ACISP 2018. Lecture Notes in Computer Science, vol. 10946. Springer, Cham 558–576 (2018)
https://doi.org/10.1007/978-3-319-93638-3_325050endnote: 50Gao X., Ding J., Liu J., Li, L. “Post-Quantum Secure Remote Password Protocol from RLWE Problem.” In Chen, X., Lin, D., Yung, M. (Ed.) Information Security and Cryptology. Inscrypt 2017. Lecture Notes in Computer Science, vol. 10726. Springer, Cham 99–116 (2018)
https://doi.org/10.1007/978-3-319-75160-3_8 By presenting an alternative blockchain architecture, we hope to promote further investigation into issues and advantages of novel quantum–enabled blockchain protocols,5151endnote: 51Jogenfors, J. “Breaking the Unbreakable: Exploiting Loopholes in Bell’s Theorem to Hack Quantum Cryptography.” PhD Thesis, Linkoping University, Sweden (2017)5252endnote: 52Kalinin, K. P., Berloff, N. G. “Blockchain platform with proof-of-work based on analog Hamiltonian optimisers.” arXiv:1802.10091 (2018)5353endnote: 53Rajan, D., Visser, M. “Quantum Blockchain using entanglement in time.” arXiv:1804.05979 (2018)5454endnote: 54Ikeda, K. “qBitcoin: A Peer–to–Peer Quantum Cash System.” arXiv:1708.04955 (2017)5555endnote: 55Sapaev, D. et al. “Quantum–Assisted Blockchain.” arXiv:1802.06763 (2018)5656endnote: 56Guan, J. Y. et. al. “Experimental preparation and verification of quantum money.” arXiv:1709.05882 (2018) and more generally, offer insight into the process of mapping traditional scientific computing technologies onto newly emerging quantum technologies.5757endnote: 57Haylock, B., et. al. “Multiplexed Quantum Random Number Generation.” arXiv:1801.06926 (2018)5858endnote: 58Lenzini, F., et. al. “Integrated photonic platform for quantum information with continuous variables.” arXiv:1804.07435 (2018)5959endnote: 59Lenzini, F.,, et. al. “Active demultiplexing of single–photons from a solid–state source.” Laser & Photonics Reviews 11 1600297 (2017)6060endnote: 60Bogdanov, S. I., et. al. “Ultrabright Room–Temperature Sub–Nanosecond Emission from Single Nitrogen–Vacancy Centers Coupled to Nanopatch Antennas.” Nano Lett. 18.8 4837–4844 (2018)6161endnote: 61Kandala, A., et. al. “Hardware–efficient variational quantum eigensolver for small molecules and quantum magnets” Nature 549 242–246 (2017)6262endnote: 62Rancic, M., Hedges, M. P., Ahlefeldt, R. L., & Sellars, M. J. “Coherence time of over a second in a telecom–compatible quantum memory storage material”. Nature Physics 14 50–54 (2018)
2 Structure of paper
In Section 3, we explore the connection between entanglement and trust. In Section 4, we detail the architecture and devices which support authentication, mining, and consensus on the quantum–enabled blockchain. In Section 5, we deliver our main result, the proof–of–entanglement mining protocol. In Section 6 we explore the results of two previous proof–in–principle experiments which support a preliminary energy efficiency analysis of the network and protocol. Section 7 offers a discussion and analysis of vulnerabilities. Section 8 concludes the work.
3 Entanglement and trust
In 1935, researchers began exploring the notion that a pair of physical systems separated by vast distances might instantaneously influence one other. This idea sprouted from the mathematical formalism of the newly emerging quantum theory, and caused a great deal of controversy.6363endnote: 63Wiseman, H. M. “From Einstein’s theorem to Bell’s theorem: a history of quantum non-locality.” Contemporary Physics 47 79–88 (2006) At the time, the strangeness of the predicted phenomenon caused Einstein to reject the possibility of such occurrences, under the assertion that the emerging quantum theory must be incomplete.6464endnote: 64Einstein, A., Podolsky, B., Rosen, N. “Can quantum–mechanical description of physical reality be considered complete?” Phys. Rev. Lett. 47 777 (1935) Since then, experimental investigations into the phenomenon of entanglement have rigorously proven and characterised the effect,6565endnote: 65Freedman, S. J., Clauser, J. F. “Experimental Test of Local Hidden–Variable Theories.” Phys. Rev. Lett. 28 938 (1972)6666endnote: 66Aspect, A., Dalibard, J., Roger, G. “Experimental realization of Einstein–Podolsky–Rosen–Bohm
Gedankenexperiment: a new violation of Bell’s inequalities.” Phys. Rev. Lett. 49.2 91–94 (1982)
doi.org/10.1103/PhysRevLett.49.916767endnote: 67Weihs, G., et. al. “Violation of Bell’s Inequality under Strict Einstein Locality Conditions.” Phys. Rev. Lett. 81 5039 (1998)6868endnote: 68Rowe, M. A., et. al. “Experimental Violation of a Bell’s Inequality with Efficient Detection.” Nature 409 791 (2001)6969endnote: 69Matsukevich, D. N., et. al. “Bell Inequality Violation with Two Remote Atomic Qubits.” Phys. Rev. Lett. 100 150404 (2008)7070endnote: 70Ansmann, M., et. al. “Decoherence Dynamics of Complex Photon States Violation of Bell’s inequality in Josephson phase qubits.” Nature 461 504 (2009)7171endnote: 71Hofmann, J., et. al. “Heralded entanglement between widely separated atoms.” Science 337 72 (2012)7272endnote: 72Scheidl, T., et. al. “Violation of local realism with freedom of choice.” Proc. Natl. Acad. Sci. 107 19708 (2010)7373endnote: 73Aguero, M. B., Hnilo,A. A., Kovalsky, M. G. “Time–resolved measurement of Bell inequalities and the coincidence loophole.” Phys. Rev. A 86 052121 (2012)7474endnote: 74Giustina, M., et. al. “Bell violation using entangled photons without the fair–sampling assumption.” Nature 497 227 (2013)7575endnote: 75Hensen, B., et. al. “Loophole–free Bell inequality violation using electron spins separated by 1.3 kilometres.” Nature 526 682 (2015)7676endnote: 76Giustina, M., et. al. “Significant-Loophole–Free Test of Bell’s Theorem with Entangled Photons.” Phys. Rev. Lett. 115 250401 (2015)7777endnote: 77Shalm, L. K., et al. “Strong Loophole–Free Test of Local Realism.” Phys. Rev. Lett. 115 250402 (2015) and today, entanglement is placed as the “missing link” for the unification of quantum theory and gravity.7878endnote: 78Susskind, L. “Copenhagen vs Everett, Teleportation, and ER=EPR.” Progress of Physics 64.6 551–564 (2016)7979endnote: 79Cao, C., Carroll, S. M., Michalakis, S. “Space from Hilbert space: Recovering geometry from bulk entanglement.” Phys. Rev. D 95 024031 (2017)8080endnote: 80Raamsdonk, M., V. “Building up spacetime with quantum entanglement.” General Relativity and Gravitation, 42.10 2323–2329 (2010)8181endnote: 81Susskind, L., Zhao, Y. “Teleportation through the wormhole.” Phys. Rev. D 98 046016 (2018) Along the way, physical devices and algorithms have been developed in laboratories all over the world which have directly tested the existence and utility of the phenomenon. Recently, the devices involved in such tests have undergone rapid technological advancement,8282endnote: 82Jiang, W. C., Lu, X., Zhang, J., Painter, O., Lin, Q. “Silicon–chip source of bright photon pairs.” Optics Express 23.16 20884–20904 (2015)8383endnote: 83Silverstone, J. W. et. al. “On–chip quantum interference between silicon photon–pair sources.” Nature Photonics 8 104–108 (2014)8484endnote: 84Autebert, C., et. al. “Electrically Injected Source of Photon Pairs at Room Temperature: Device Performances and Entanglement Generation.” European Conference on Lasers and Electro-Optics - EQEC (2015)8585endnote: 85Horn, R., Abolghasem, P., Bijlani, B. J., Kang, D., Helmy, A. S., Weihs, G. “Monolithic source of photon pairs.” Phys Rev Lett. 108.15 153605 (2012)8686endnote: 86Davoyan, A., Atwater, H. “Quantum nonlinear light emission in metamaterials: broadband Purcell enhancement of parametric downconversion.” Optica 5.5 608–611 (2018) and the majority of components, which typically consist of commercially available arrangements of lasers, mirrors, nonlinear crystals, optical detectors, and integrated photonic devices, have experienced reduced manufacturing costs and increased availability.8787endnote: 87Joint Report: Interagency Working Group on Quantum Information Science of the Subcommittee on Physical Sciences. “ADVANCING QUANTUM INFORMATION SCIENCE: NATIONAL CHALLENGES AND OPPORTUNITIES” (accessed July 2018) https://www.whitehouse.gov/sites/whitehouse.gov/files/images/Quantum_Info_Sci_Report_2016_07_22%20final.pdf
Interestingly, the interplay between the phenomenon of entanglement and the physical devices used in testing the existence of the phenomenon has also been the subject of intense research. These research outcomes have demonstrated that entanglement can be used as an indicator of device trustworthiness, such that, under appropriate circumstances, if entanglement is observed, then a device’s behaviour may be certified as trustworthy.8888endnote: 88Mayers, D., Yao, A. “Quantum cryptography with imperfect apparatus.” IEEE Proceedings of the 39th Annual Symposium on Foundations of Computer Science 503–509 (1998)8989endnote: 89Acín, A., Brunner, N., Gisin, N., Massar, S., Pironio, S., Scarani, V. “Device–independent security of quantum cryptography against collective attacks.” Phys. Rev. Lett. 98 230501 (2007)9090endnote: 90Pironio, S., Acín, A., Brunner, N., Gisin, N., Massar, S., Scarani, V. “Device–independent quantum key distribution secure against collective attacks.” New Journal of Physics 11 045021 (2009)9191endnote: 91Branciard, C., Cavalcanti, E. G., Walborn, S. P., Scarani, V., Wiseman, H. M. “One–sided device–independent quantum key distribution: Security, feasibility, and the connection with steering.” Phys. Rev. A. 85 010301 (2012)9292endnote: 92Acín, A., Gisin, N., Masanes, L. “From Bell’s Theorem to Secure Quantum Key Distribution.” Phys. Rev. Lett. 97 120405 (2006)9393endnote: 93Liang, Y. C., Vertesi, T., Brunner, N. “Semi–device–independent bounds on entanglement.” Phys. Rev. A. 83 022108 (2011) This is termed device–independent entanglement verification, and is a powerful and practical application borne from research into the field of quantum information science. In these applications, initially untrusted pairs of non–communicating devices participate in a protocol which monitors the device’s inputs and outputs, and, irrespective of the devices functionality, enacts a trust–test on the device’s behaviour based upon the experimental data which may guarantee a correct and therefore trusted functionality. The confirmation of trustworthiness certifies that the devices physically interact with an entangled resource in such a way that the resultant correlations observed in the experimental data cannot be recreated or emulated by any arrangement of non–communicating analogue, digital, or quantum systems.9494endnote: 94Brunner, N., Cavalcanti, D., Pironio, S., Scarani, V., Wehner, S. “Bell nonlocality.” Rev. Mod. Phys. 86 419 (2014) Thus, the devices either yield a correct and secure result, or the trust–test detects that the devices are insecure (either working incorrectly or are under the control of a dishonest party), and any subsequent protocols (which may deal with valuable, sensitive, or private information) are aborted. Such protocols are highly desirable for practical implementation as they provide a higher level of security, unachievable by traditional systems. Here, we apply this technology towards developing blockchain–specific protocols which are energy efficient and secure against general adversaries.
4 Devices and architecture of the quantum–enabled blockchain
The architecture we propose consists of i) a network consortium of quantum servers, comprised of quantum optical devices which generate light for encoding quantum information, ii) a pool of clients whom operate quantum modems for decoding quantum information stored in light, and iii) an optical fibre network which connects the client’s quantum modems to the quantum servers. We assume a cryptographic scenario whereby the quantum servers and modems operate from secure environments which prevent unwanted information leakage. To communicate between one another, the servers and clients utilise insecure but authenticated classical channels and authenticated quantum channels (Figure 2(a)). The servers and clients are able to process classical information in a trusted way within their secure environment. Devices used for processing quantum information are assumed to operate in accordance with the laws of quantum physics, however in the mining round, no assumptions are made about the quantum servers or network infrastructure. An adversary may access (but not modify) classical information shared between the server and client, and may access and modify quantum information shared between them. An adversary is assumed complete knowledge of the authentication, mining, and consensus protocols, but does not have access to the random data generated by the client in their secure environment (except for information deduced from what they make public).
Figure 2 (b) summarizes the network devices, device subsystems, and device’s trust statuses, with quantum servers consisting of i) an attenuated and modulated laser source (for client authentication, described below), ii) a high–quality source of two–qubit photonic entanglement, iii) a device for performing measurements upon photonic qubits generated by the entanglement source, and iv) a source of randomness, for example, a quantum random number generator9595endnote: 95Pironio, S., et. al. “Random numbers certified by Bell’s theorem.” Nature 464 1021–1024 (2010) (QRNG). Quantum modems contain i) an embedded photonic key and spatial light modulators (for client authentication, described below), ii) a measurement device for performing measurements upon photonic qubits, and iii) a QRNG, or a trusted and secure pseudo–random number generator.
Blockchain consensus protocols undertaken by a consortium of trusted entities have received little treatment in literature, but are of considerable interest in practice, with mainstream financial institutions actively exploring their use.9696endnote: 96Shin, L. “Bitcoin blockchain technology in financial services: How the disruption will play out.” Forbes (accessed November 2018) *https://www.forbes.com/sites/laurashin/2015/09/14/bitcoin-
blockchain-technology-in-financial-services-how-the-disruption-will-play-out/67a974bf5edf* Traditionally, in a public blockchain everyone can participate in the consensus process. In a consortium blockchain, only a subset of “nodes”, or in this case, quantum servers, are selected to participate in consensus. However, in the consortium blockchain architecture we propose, the consortium is considered untrusted at the start of each round of block creation, and must be publicly elected by network clients through successful interactions in the mining round in order to qualify for the consensus round. In this way, clients trust only their own personal devices and the transparent network code. We now explore the details of block creation, which consists of an authentication round, mining round, and consensus round.
4.1 Authentication Round
The authentication round utilises a decoy–state variant of the quantum secure authentication (QSA) protocol,9797endnote: 97Goorden, S. A., Horstmann, M., Mosk, A. P., korić, B., Pinkse, P. W. H. “Quantum-secure authentication of a physical unclonable key.” Optica 1 421–424 (2014)9898endnote: 98Nikolopoulos, G.M., Diamanti, E. “Continuous–variable quantum authentication of physical unclonable keys.” Scientific Reports 7 46047 (2017)9999endnote: 99Skoric, B. “Security analysis of Quantum–Readout PUFs in the case of challenge–estimation attacks.” Cryptology ePrint Archive (2013) (accessed 5 December) https://eprint.iacr.org/2013/479 allowing for hardware–based authentication of clients.The QSA protocol is a quantum cryptographic security primitive for the purposes of identification, authentication, read–proof key storage, key distribution, tamper detection, anti–counterfeiting, software–to–hardware binding, and trusted computing. Formally, the QSA protocol does not rely upon pre–shared secrets or seed keys, does not depend on the secrecy of stored data, does not depend on unproven mathematical assumptions, affords tamper resistance of devices, and is straightforward to implement with current technology (see Appendix A for additional information). The QSA protocol utilises photonic qubits (or more generally, quantum states of light), generated by a quantum server and sent, via a quantum communication channel, to a client–controlled quantum modem. The modems store an embedded photonic key, formally referred to as a physically unclonable key, which are optically addressed and read using quantum states of light. Each photonic key is uniquely random by design, and is impossible to clone, spoof, or copy.100100endnote: 100Pappu, R., Recht, B., Taylor, J., Gershenfeld, N. “Physical one-way functions.” Science 297 2026 (2002)101101endnote: 101Pappu, R. “Physical One-Way Functions.” Ph.D. dissertation Massachusetts Institute of Technology (2001)102102endnote: 102van Putten, E. G. “Disorder–enhanced imaging with spatially controlled light.” Ph.D. Thesis University of Twente (2011) Using quantum readout of physically unclonable keys guarantees accurate real–time verification and makes spoofing fundamentally difficult due to the no–cloning theorem of quantum physics103103endnote: 103Wootters, W. K., Zurek, W. H. “A single quantum cannot be cloned.” Nature 299 802–803 (1982) doi: 10.1038/299802a0. By utilising the quantum secure authentication protocol, vulnerability to the Sybil attack104104endnote: 104Douceur, J. R. “The sybil attack.” Peer-to-peer Systems 251–260 (2002) is diminished as entry to the network is physically gated, incurring a resource cost in the case of multiple pseudonyms attributed to the same individual. As well as functioning as a secure hardware–based authenticator, the integrated photonic key may also serve as a physical address which can be uniquely attributed to a client on the network, allowing provision for dues paying or rewards to physical addresses that build a trustworthy reputation, and may be used in conjunction with a root seed for generating hierarchical deterministic wallets.105105endnote: 105No author. “Cryptocurrency Standards”. Tresor Wiki (accessed October 2018) https://wiki.trezor.io/Cryptocurrency_standards
4.2 Mining Round
After authentication, the mining round utilises a variant of the EPR steering protocol,106106endnote: 106Wiseman, H. M., Jones, S. J., Doherty, A. C. “Steering, entanglement, nonlocality, and the EPR paradox.” Phys. Rev. Lett. 98 140402 (2007)107107endnote: 107Evans, D. A., Cavalcanti, E. G., Wiseman, H. M. “Loss–Tolerant Tests Of Einstein–Podolsky–Rosen Steering.” Phys. Rev. A. 88 022106 (2013)108108endnote: 108Saunders, D. J., Jones, S. J., Wiseman, H. M., Pryde, G. J. “Experimental EPR–steering using Bell–local states.” Nat. Phys. 76 845–849 (2010) termed the PoE protocol, which acts as an entanglement witness and trust–test on the behaviour of a quantum server in the consortium (described in detail below). The PoE protocol is interactive, and requires that the quantum server engage with clients on the network to generate the resource (entanglement or cumulative trust) for securing the blockchain, forming an example of resource–efficient mining.109109endnote: 109Zhang, F., Eyal, I., Escriva, R., Juels, A., van Renesse, R. “REM: Resource–Efficient Mining for
Blockchains.” USENIX Security (2017) At the start of a new mining round, each quantum server announces a candidate block. Clients observe the announcements and, pending successful block verification, nominate themselves to participate in block mining. Clients are free to choose which servers to interact with (provided they reside within the region of server coverage) and work to elect servers into the voting round based upon i) the validity of the candidate block (agreement with block verification metrics), ii) the reputation of the quantum server (historical performance), iii) the throughput of the quantum server (i.e. rate of entanglement generation), and iv) connection availability (server proximity and reliability). Servers then assemble a team of unique clients, self–nominated for mining (termed miners), to interactively generate and accumulate entanglement. Success in the mining round depends upon how much entanglement is generated by servers amongst their team of unique clients within the mining window. Quantum servers are thus incentivised to construct viable mining teams (in accordance with any construction metrics or regulations) and cultivate a reputation for honest behaviour. The subset of quantum servers in the consortium who “win” the mining round are then permitted to participate in the subsequent consensus round.
4.3 Consensus Round
The results of the mining round determine which subset of quantum servers in the consortium are elected into the consensus round. The number of servers in the subset are determined by network protocol, only their identities change from round to round. We explore a consensus mechanism based upon a modified delegated Byzantine fault tolerant protocol110110endnote: 110Lamport, L., Shostak, R., Pease, M. “The Byzantine generals problem.” ACM Trans. Program. Lang. Syst. 4 382–401 (1982) (BFT) for securing new blocks and achieving decentralised consensus on the quantum–enabled blockchain. We choose a modified delegated BFT consensus protocol as it retains an element of decentralisation through interactive mining and circumvents the creation of branches off the main chain. Quantum servers that move into the consensus round are therefore always obligated to append newly mined blocks to the main chain with the most cumulative invested entanglement (or trust) recorded via PoE, and due to the mechanism of publicly electing delegates, the fate of the main chain is democratically guided as quantum servers must earn the right to vote in the consensus round through successful interactions with clients. Consensus finality (also referred to as forward security111111endnote: 111Decker, C., Seidel, J., Wattenhofer, R. “Bitcoin meets strong consistency”. In 17th International Conference on Distributed Computing and Networking (2016)) is satisfied by all BFT and state–machine replication protocols,112112endnote: 112Schneier, F. B. “Implementing fault–tolerant services using the state machine approach: A tutorial.” ACM Comput. Surv. 22.4 299–319 (1990) and BFT is resistant to server outages or arbitrarily long periods of asynchrony.113113endnote: 113Dwork, C., Lynch, N., Stockmeyer, L. “Consensus in the presence of partial synchrony.” J. ACM 35 (1988) Here, consensus finality is a property which guarantees that blocks cannot be removed from the chain once added,114114endnote: 114Vukolić, M. “The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication.” In Camenisch, J., Kesdoğan, D., Open Problems in Network Security, Springer, Cham, 112–125, (2016).115115endnote: 115Xavier, D., Schiper, A., Urbań, P. “Total order broadcast and multi- cast algorithms: Taxonomy and survey.” ACM Comput. Surv. 36.4 372–421 (2004) facilitating rapid confirmation and inclusions of transactions into the blockchain once candidate blocks have been successfully mined. Upon initiation of the consensus round, one of the servers in the subset is nominated as a “speaker”, with the remainder of servers presiding as “delegates”, who are tasked with voting against the speaker’s nomination. The speaker’s nomination consists of the candidate block, mined by clients in the mining round, which the speaker presents on behalf of the clients for consideration by the consortium. Provided 66 of servers vote honestly, consensus will be reached. If the nomination and accompanying PoE are valid, then the block will be included in the chain. If the speaker’s nomination is detected as being illegitimate (e.g. the speaker nominates a block with an invalid or falsified PoE), then the consensus round automatically starts anew, with a new speaker elected and the original speaker incurring a reputation loss and demotion to the role of delegate for that round. Section 7 covers potential attack vectors in more detail.
5 The “proof–of–entanglement” mining protocol
5.1 Protocol background, assumptions, and characteristics
We now discuss the mining protocol in more detail. Candidate data blocks are announced to the network by quantum servers in the consortium, spreading to clients via the gossip protocol. The blocks must be compiled according to the network ruleset, consisting of a cryptographic hash of relevant information (e.g. recent transactions, code for smart contracts, digital media tags, etc.), which a quantum server recommends for inclusion into the blockchain data structure. Clients check the candidate blocks against key block verification criteria, and upon successful verification, will nominate themselves as miners for that block and wait to be placed in a mining team.
As clients are drawn from the mining team, one by one, they will participate in the interactive mining protocol to test measurement data (generated between their quantum modem and the quantum server) for quantum correlations which, importantly, cannot be faked (provided the clients satisfy criteria for one–sided device–independence, described below). Tests of quantum correlations (or tests of “quantumness”) arise due to physical interactions with entangled quantum systems, and are witnessed by mathematical inequalities. These inequalities are derived from constraints imposed upon probability distributions which quantify the degree of maximum classical correlation allowed under the assumptions of realism (from objective determinism) and locality (from relativity). These mathematical inequalities are well studied (for example, Clauser–Horne–Shimony–Holt inequalities116116endnote: 116Clauser, J. F., Horne, M. A., Shimony, A., Holt, R. A. “Proposed Experiment to Test Local Hidden–Variable Theories.” Phys. Rev. Lett. 23.15 880–884 (1969) or EPR–steering inequalities) and are known to act as an entanglement witness, allowing, in this case, a quantum server to prove honest distribution of entanglement to clients. For honest interactions, the entanglement generated in the mining round may then be “invested” towards securing the blockchain data structure in the subsequent consensus round. Dishonest interactions, which may attempt to fabricate entanglement by distributing unentangled qubits, falsify timestamps, or utilise Sybil or pre–mine attacks, are either detected or prohibited by the protocol, and are explored below in Section 7.
Formally, in the case of the mining protocol delivered here, the trust–test performed against the quantum server will meet the requirements for one–sided device–independence provided that i) the data produced by the client’s device is the result of measurements performed upon photonic qubits (this may be verified using measurement data from the authentication round), ii) the client’s device does not leak information (a standard cryptographic assumption, which may be enforced with proper device design and tamper detection), iii) measurement inputs on the client side are uniquely generated at the time of measurement by random and unpredictable processes (enacted with a QRNG), and iv) detection efficiencies of relevant parties are properly considered and accounted for (in this case, via client–side tests of loss–tolerant EPR–steering inequalities). Appendix B elaborates on the specific safeguards required for observing device–independent entanglement witnesses. By ensuring the requirements for one–sided device independent entanglement verification are met, clients may interact with the blockchain whilst assuming nothing about the operation or makeup of external servers or infrastructure. Furthermore, clients trust the transparent network code, which formally acts as a third party, but in the case of EPR steering inequalities simply amounts to clients trusting themselves.117117endnote: 117Jones, S. J., Wiseman, H. M., Doherty, A. C. “Entanglement, Einstein–Podolsky–Rosen correlations, Bell nonlocality, and steering.” Phys. Rev. A. 76 052116 (2007) Put differently, clients with limited “quantum powers” (namely, the ability to perform measurements upon photonic qubits) can use the mining protocol to monitor and verify the actions of quantum servers such that any deviations from trustworthy behaviour are easily detectable.
5.2 PoE mining protocol
One at a time, miners will be drawn from the mining team to participate in the interactive mining protocol, which proceeds as follows (Figure 3):
Step 1. A miner is drawn from the mining team , where is the total number of miners in the team. Each miner is accompanied by metadata which informs the quantum server of key parameters (e.g. physical address, reputation, measurement strategy).
Step 2. The quantum server announces that it has transmitted a photonic qubit to the miner.
Step 3. The miner generates a random measurement input for their device. This input is generated by reading the bitwise output from the client’s QRNG. The output is combined under modulo addition with the bit value (or values, depending on measurement strategy) of the candidate block hash nominated by the quantum server for mining. This forms the measurement input, which tethers the hash of the candidate block to the PoE in a random way that can be validated at a later time by studying the measurement data.
Step 4. The client announces their choice of measurement input generated in Step 3 to the quantum server and performs a measurement upon the photonic qubit.
Step 5. The client privately records the measurement outcome .
Step 6. The quantum server announces a measurement outcome . Although no assumptions are made about the workings of the quantum server, correlated results will appear between the client’s secretly recorded and the server’s announced , provided entanglement is present between the quantum server and client.
Step 7. Steps 2–6 are repeated until sufficient statistics are collected for the chosen measurement strategy. The measurement duration for each setting is tuned according to the client’s detection efficiency, to ensure the minimisation of statistical errors.
Step 8. The client calculates the heralding efficiency of the quantum server and the EPR steering parameter (Equation 1, below) from the measurement data, and checks the calculated parameters against the inequality bound required for entanglement verification (explored below). If the calculated EPR steering parameter does not exceed the bound required for entanglement verification, the network records a null event for that iteration (potentially incurring a reputation loss against the server) and the next miner is called in from Step 1. If a quantum server consistently fails to certify the presence of entanglement, it will be flagged for maintenance and may incur a reputation loss.
Step 9. If the EPR steering parameter exceeds the bound required for entanglement, the inequality successfully witnesses entanglement. The resultant PoE and measurement data required for the verification (e.g. , ) are appended to the block and attributed to the client .
Step 10. A new client is drawn from the team , and Steps 1–9 are repeated until clients have witnessed entanglement generation of the quantum server.
The PoE uniquely ties the entanglement investment to the candidate block, and upon exhausting its team of miners (or upon closure of the mining window), the quantum server announces it’s accumulation of PoE for that round, such that the results cannot be modified without re–doing the PoE. Thus, if the quantum server is elected as speaker in the voting round, the server is obligated to nominate it’s newly mined candidate block. The PoE is easily verified simply by running the measurement data through the verification witness to ensure that the key parameters and generated in the mining round observe entanglement. Here, the one–way functionality in resource expenditure, which is traditionally observed in proof–of–work systems, is also preserved via PoE, since generating the PoE requires physical interaction with an entangled quantum resource (“resource intensive”), but requires no physical interaction to certify the “quantumness” of the resultant verifier data (”resource light”).
6 Energy cost and scalability analysis
Demonstrating transmission of entanglement over a channel such as an optical fiber is important for real–world viability of the PoE protocol. Thus, we utilise the results of two previous proof–in–principle experiments implemented with a polarization Sagnac interferometer (Figure 4) to demonstrate the robustness and energy efficiency of the protocol. In the first experiment, a lossy channel was inserted into the entanglement source to test the validity of the one–sided device independent entanglement verification protocol, even in cases of extreme photon loss.118118endnote: 118Bennet, A. J., et. al. “Arbitrarily Loss–Tolerant Einstein–Podolsky–Rosen Steering Allowing a Demonstration over 1km of Optical Fiber with No Detection Loophole.” Phys. Rev. X 2 031003 (2012) This test characterised and addressed vulnerabilities in the entanglement verification protocol which might otherwise be used to exploit photon loss (on the “server” side) for fabricating entanglement. In the second experiment, a lossy channel was inserted between the output of the entanglement source (the “server”) and the detection apparatus (the “client”), closely mimicking a real–world client–server configuration.119119endnote: 119Wollmann, S., Bennet, A. J., Walk, N., Wiseman, H. M., Pryde, G. J. “Observation of Genuine One–Way Einstein–Podolsky–Rosen Steering.” Phys. Rev. Lett. 116 160403 (2016) In this second test, the client trusted their own measurement device (equivalent to a simplified quantum modem), and holds the entanglement source (equivalent to a simplified quantum server) accountable to demonstrate honest behaviour by overcoming the inequality constraints placed upon the server’s reported efficiencies tested in the first experiment.
In implementing the PoE protocol, the client trusts their own device, so that protocol iterations which fail to detect a photonic qubit are safely discarded. However, the client cannot trust any claims the server makes about the propagation losses or the efficiency of its detectors. In particular, the client does not trust the server’s claims about how often it sees a photonic qubit, conditional on the client’s detecting one. Rather, the client makes use only of the server’s heralding efficiency : the probability that the server heralds the client’s result by declaring a measurement outcome (or equivalently, nonzero prediction) for it. The quantity is determined by the client wholly from the publicly announced frequencies of events to which the client (and the network) has direct access. The key result is that the client can circumvent loss–dependent vulnerabilities, even in the presence of arbitrarily high loss, by computing the witness based upon the shared correlations from the inequality
[TABLE]
and observing that the inequality is violated, thereby signifying entanglement. Here, the bound is derived by the client, who in doing so, utilises the optimal cheating strategy available to the server for the observed efficiency and pre–determined measurement strategy . The client’s quantum mechanical measurement operator, denoted , defines their randomly selected choice of measurement setting drawn from the pre–determined set. In our experimental demonstrations, these operators define projective polarization measurements, which in the formalism of optical quantum theory, map an incident qubit (optically encoded in polarization) onto a polarization measurement basis defined by the transmission and reflection ports of a polarizing beam splitter.
We utilise the results of the two previous experiments as an analysis and simulation of mining via PoE. To ensure a good signal–to–noise ratio of detection events on the client side, the photonic qubit detection rate was optimised to between 3000–6000 detection events per second. The total energy consumption used by the devices in the entanglement verification stage is estimated at 86W for the quantum server, which consisted of (not including passive optical elements, which do not consume electricity) two photon detectors (Perkin Elmer SPCM-AQR-14-FC), one temperature control unit (Thorlabs TEC200C), two waveplate controllers (Newport PR50CC), one continuous–wave laser (Toptica iBeam 405nm), and one coincidence electronics unit (UQDevices FPGA). The energy consumption for the client is estimated at 19W, consisting of one detector (Perkin Elmer SPCM-AQR-14-FC) and two waveplate controllers (Newport PR50CC). This measure of energy consumption excludes the energy costs associated with the PCs required to run the equipment, since PCs are assumed to be a pre-existing component in a server/client infrastructure. The devices considered in our analysis are simply those needed to upgrade an existing digital system infrastructure to include quantum capability. At any given moment, the rate of energy delivery per quantum server running the interactive PoE protocol with a client is estimated at 105W.
For our energy cost analysis, assuming continuous operation over a 24 hour period and a 10 minute block mining window, the PoE protocol is predicted to service between 288 to 2880 clients (2 to 20 clients per mining team, randomly selected) who interactively mine 144 new blocks. Assuming energy efficient quantum servers with entanglement generation rates between those we tested ( entangled photon pairs per second) up to quantum servers based upon the latest integrated photonic technologies ( photon pairs per second120120endnote: 120Jiang, W. C., Lu,X., Zhang, J., Painter, O., Lin, Q. “Silicon–chip source of bright photon pairs.” Optics Express 23.16 20884 (2015) doi: 10.1364/OE.23.020884), each server can be expected to reliably service clients via direct fibre link in a 1km to 50km radius (assuming optical fiber transmission losses of 0.5dB/km, coupling losses of 80, and detection losses of ). Assuming a consortium testnet of 2000 quantum servers, the energy consumption based on interactive mining via the PoE protocol is of order 210kW. Using specially designed hardware, renewable energy sources, and further optimising server throughput will help to keep energy consumption low, with the added bonus of forward–compatibility with a quantum internet and optical quantum computing technologies.
7 Discussion and analysis of vulnerabilities
We note that in a real–world implementation, the client must choose their measurement settings independently from one iteration of the mining protocol to the next, and safeguards must be in place to ensure that no information escapes from the client’s devices unless they allow it. As these are standard assumptions in cryptographic proofs, these safeguards were not imposed in the previous experimental demonstrations. In addition, since we (the experimenters) controlled the server’s implementation of honest or dishonest strategies, there was no need to enforce a strict time ordering of events. In a field deployment, the protocol requires that the client only accepts the server’s announcements after the client measures their photonic qubit and declares their measurement setting , in accordance with the PoE protocol described.
This latter requirement circumvents a potential vulnerability, exploitable by a quantum server, based upon falsified announcements of entanglement generation and fabricated qubit encodings which might allow a server to fabricate entanglement (termed a cheating strategy in literature). However, successfully exploiting these vulnerabilities requires that the server either: a) knows the variables determining the behaviour of the client’s QRNG, or b) violates backward non–signalling121121endnote: 121Friedman, R. A., Hänggi, E., Ta–Shma, A. “Towards the Impossibility of Non–Signalling Privacy Amplification from Time–Like Ordering Constraints.” arXiv (2012) (accessed 14 January 2019) https://arxiv.org/abs/1205.3736v1, whereby the server is able to send encoding information backwards in time to a photonic qubit (Figure 5). In the case of the former (a), access to these variables was proven impossible in 1964 by Bell,122122endnote: 122Bell, J. S. “On the Einstein–Podolsky–Rosen paradox.” Physics (Long Island City, N.Y.) 1 195 (1964) who demonstrated that such variables do not exist for quantum systems, meaning no adversary can predict measurement outcomes prior to a measurement being made (called measurement–independence, see Appendix B). And in the latter case (b), signalling encoding information backwards in time for use in a cheating strategy based upon fabricated qubit encodings amounts to a violation of the standard assumption of locality (in relativistic mechanics, faster than light signalling and signalling backwards in time are indistinguishable). Thus, provided no information leaks out of the client’s device, and the client’s device performs measurements upon photonic qubits to test loss–tolerant EPR steering inequalities, the PoE will generate data that cannot be simulated or spoofed by a quantum server. This distinction of “quantumness” means that, as long as an inequality violation is observed, we have the guarauntee, independently of any implementation details on the server side, that the two systems measured by the client and server are entangled.
The risk of a traditional pre–mine attack against the network is diminished by infrastructure cost due to the interactive nature of the mining protocol. Because real data generated in a genuine round of block creation can be distinguished from attempted simulations of the required data, an attacker planning a pre–mine attack will need to collude with a large pool of clients to stage a Sybil attack, with each client needing their own quantum modem and photonic key. Furthermore, if mining pool construction demands a random selection of clients, an attacker would need to wait for an optimal mining team assemblage. This means an attacker planning a Sybil attack would be better incentivised to act as an honest participant. By ensuring the identities of quantum server operators/administrators are publicly known and certified prior to entry to the consortium and for participation in consensus via BFT, double spend attacks may be detected, recorded, and prevented in the consensus round (also at the start of the round of block creation through block verification by clients), provided two thirds of quantum servers on the network are acting honestly and serving the best interests of the network. Heavy increases in the throughput of a quantum server (in terms of entanglement generation rates) allows servers to overcome transmission losses more easily whilst remaining publicly accountable and limited in their capacity to arbitrarily command network consensus. This allows for an increased area of coverage and/or greater flexibility in constructing mining teams, which due to the interactive nature of the mining protocol, benefits clients too.
Other factors which affect mining rates include detection efficiencies, transmission loss, coupling efficiencies, measurement strategy, and the switching rate between measurement settings. To optimise network performance and ensure fair competition between servers, a provider might impose reward restrictions or sanctions against a subset of high–performance quantum servers, or choose to implement composition rules for constructing mining teams, opting for completely general mining (maximum competition and freedom amongst servers), standardised mining (some competition and restricted freedoms), or restricted mining (collaborative and regulated). Servers which perform well may build a strong reputation and potentially be rewarded, depending on the network objectives and ruleset.
As a final commentary, at a high level, the quantum–enabled blockchain architecture we consider aims to incorporate four systems which work together to enable and incentivize trustworthy behaviour, these being123123endnote: 123Schneier, B. Liars and Outliers. Enabling the Trust that Society Needs to Thrive Indianapolis, Indiana: John Wiley & Sons, Inc. 61–123 (2012): morals, reputation, institutions, and security. The first two systems, morals and reputation, are supported through a system of peer–to–peer trust, whereby clients and servers come to trust one another through public interactions and build a reputation for honest behaviour.124124endnote: 124Werbach, K. The Blockchain and the New Architecture of Trust Cambridge, MA: MIT Press 25–28 (2018) The third system, institutions, traditionally have rules, contracts, and laws which formalize reputation and encourage people to behave according to the group norm (and enact sanctions against those who do not). The institutional trust system, supplanted by transparent network code, allows parties that don’t trust each other (i.e. server/client pairs) to enter into an agreement through mutual trust in an overarching system of rules, laws, or logic that will help resolve disputes (implementing, for instance, protocols based upon the validity of relativity and quantum physics). The fourth system for incentivizing trustworthy behaviour, security systems, encompasses the wide variety of available security technologies used for detecting tampering, detecting device faults, detecting eavesdropping, ensuring records are immutable and auditable, ensuring anti-counterfeiting, and ensuring privacy through secure authentication and encryption technologies.
Blockchain technology allows developers to shift some of the trust in people and institutions to trust in technology. However, any evaluation of the security of the system has to take the whole socio-technical system into account125125endnote: 125Schneier, B. “Blockchain and Trust.” Schneier On Security (accessed 16 February 2019) https://www.schneier.com/blog/archives/2019/02/blockchain_and_.html. In architectures which carry financial and social implications or consider social dynamics, it is not enough to focus solely on the technology and ignore the social element, as network trust can’t be entirely replaced by algorithms and protocols. There is a social system too, where decisions in that system may be informed by accountability and reputation. Therefore, in this work, we aim to establish a network architecture whereby use of the network strengthens existing trust relationships. We aim to implement a trust model whereby abuses of trust do not incur irreversible damages to those exploited, but do incur reputation penalties for offenders. We argue that the system architecture we explore, were it not to utilise a blockchain architecture, would lack the flexibility required to support a broader social context which may utilise metrics for decision making and for quantifying accountability and reputation.
8 Conclusion
Here we have presented an interactive mining protocol for energy efficient mining on a quantum–enabled consortium blockchain. The architecture is designed to ensure that the consortium behaves in the best interest of the network, removing the need for trust in server operators or network administrators in the mining round. Instead, clients on the network need only trust the network code and their own devices, and the consortium is held accountable to act in accordance with the network ruleset. We explore the use of a quantum–secure authentication protocol for authenticating clients, hardware, and communication channels, for physical addressing, for prevention against a Sybil attack and for tamper detection of devices. The tamper detection supports the assumption that devices do not leak information and that devices function according to the rules of quantum mechanics, which permits the use of entanglement as a resource for securing the blockchain data structure through an interactive mining protocol.
Many potential improvements remain. The possibilities and ultimate limitations of a quantum–enabled blockchain remain largely unexplored, including benchmarks for transaction throughput, exploring alternative consensus mechanisms (for instance, those which allow for chain forks), alternative mining protocols, latency and storage optimisations, optimal signing and authentication schemes, optimal mining team construction algorithms, privacy, and a deep analysis of network vulnerabilities. We note that recent demonstrations of quantum–secured blockchain networks demonstrate the application of quantum digital signatures126126endnote: 126Kiktenko, E. O., et. al. “Quantum-secured blockchain.” Quantum Sci. Technol. 3 035004 (2018) doi:10.1088/2058-9565/aabc6b, however, the architecture requires an additional infrastructure requirement, namely, that all quantum servers share quantum communication channels (i.e. optic fiber links) between one another, and furthermore does not address consensus. In future works, we plan to expand upon our proof–in–principle experimental demonstrations to include promotion into a voting round and quantum secure authentication capabilities, and additionally emphasise the scalability and compatibility of the quantum–enabled blockchain with current telecommunication infrastructure and emerging quantum technologies.
Looking forwards, there is a promising outlook for quantum networks and protocols,127127endnote: 127Gottesman, D., Chuang, I. “Quantum Digital Signatures.” arXiv:quant-ph/0105032 (2001)
128128endnote: 128Lo, H. K., Curty, M., Qi, B. “Measurement–Device–Independent Quantum Key Distribution.” Phys. Rev. Lett., 108 130503 (2012)129129endnote: 129Smania, M., Elhassan, A. M., Tavakoli, A., Bourennane, M. “Experimental quantum multiparty communication protocols.” NPJ Quantum Information 2 16010 (2016)130130endnote: 130Fitzi, M., Gisin, N., Maurer, U. “Quantum solution to the Byzantine agreement problem.” Phys. Rev. Lett. 87 217901 (2001)131131endnote: 131Bancal, J D., Brunner, N., Gisin, N., Liang, Y. C. “Detecting Genuine Multipartite Quantum Nonlocality: A Simple Approach and Generalization to Arbitrary Dimensions.” Phys. Rev. Lett. 106 020405 (2011)132132endnote: 132Brunner, N., Sharam, J., Vértesi, T. “Testing the Structure of Multipartite Entanglement with Bell Inequalities.” Phys. Rev. Lett. 108 110501 (2012)133133endnote: 133Kocsis, S., Hall, M. J. W., Bennet, A. J., Saunders, D. J., Pryde, G. J. ”Experimental measurement–device–independent verification of quantum steering.” Nature Comms. 6 5886 (2015)
doi: https://doi.org/10.1038/ncomms6886 especially those which use limited infrastructures and supplement quantum computing. For instance, recent work on verifiable delegated quantum protocols134134endnote: 134Reichardt, B. W., Unger, F., Vazirani, U. “A classical leash for a quantum system: Command of quantum systems via rigidity of CHSH games” arXiv:1209.0448 (2012)135135endnote: 135Gheorghiu, A., Wallden, P., Kashefi, E. “Rigidity of quantum steering and one–sided device–independent verifiable quantum computation.” New Journal of Physics, 19 (2017)136136endnote: 136Mahadev, U. “Classical Homomorphic Encryption for Quantum Circuits.” arXiv (accessed 15 December 2018) https://arxiv.org/abs/1708.02130v4 explore how clients with limited “quantum powers” – namely, the ability to perform measurements upon qubits, might interact with quantum technologies to verify the trustworthiness of data outputs. An example in the case of quantum computation is a client enacting a verifiable delegation protocol to ensure that an untrusted cloud–based quantum computer correctly performs encrypted quantum computations on behalf of a client. It may be useful to explore more deeply the utility of these kinds of protocols against untrusted quantum servers, and more generally to explore the utility of quantum modems for enacting verifiable delegated quantum protocols against quantum–enabled network infrastructures.
The quantum–enabled blockchain architecture we describe requires a fibre optic infrastructure, making the network challenging to implement on a large scale. However, the ability to witness entanglement in the presence of large losses opens new possibilities for security in long-range transmission of photonic entanglement over optical fiber, through free space137137endnote: 137Ursin, R. et. al. “Entanglement–Based Quantum Communication over 144 km.” Nature Phys. 3 481–486 (2007) doi: 10.1038/nphys629, or to a satellite.138138endnote: 138Aspelmeyer, M., Jennewein, T., Pfennigbauer, M., Leeb, W. R., Zeilinger, A. “Long–Distance Quantum Communication with Entangled Photons Using Satellites.” IEEE J. Sel. Top. Quantum Electron. 9.6 1541–1551 (2003) doi: 10.1109/JSTQE.2003.820918 The architecture we explore opens further avenues for quantum technologies in the blockchain space, with initial applications perhaps best suited for use in enterprise, due to the consortium architecture and ease of retrofitting short–to–medium range fibre optic interconnects. We expect this infrastructure would be particularly interesting to those with a vision for compatibility with quantum computing, the quantum internet, and the use of quantum cryptographic encryption protocols on a blockchain.
Notes
- 1 Nakamoto, S. “Bitcoin: A Peer-to-Peer Electronic Cash System.” Bitcoin.org (2009) (accessed August 2018) http://bitcoin.org/bitcoin.pdf.
- 2 Antonopoulos, A. M. Mastering Bitcoin: Unlocking Digital Cryptocurrencies. O’Reilly Media, Inc. (2015)
- 3 Extance, A. “The future of cryptocurrencies: Bitcoin and beyond.” Nature 526 21–23 (2015).
- 4 de Vries, A. “Bitcoin’s growing energy problem”. Joule, 2.5, 801–805 (2018).
- 5 Miller, A., & LaViola, J. J. “Anonymous Byzantine consensus from moderately–hard puzzles: A model for Bitcoin.” Tech. Report, CS-TR-14-01, UCF, (2014)
- 6 Baraniuk, C. “Bitcoin energy use in Iceland set to overtake homes, says local firm”. BBC News (accessed 24 October 2018) https://www.bbc.com/news/technology-43030677
- 7 King, S., Nadal, S. “PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake” (2012) (accessed September 2018) https://archive.org/details/PPCoinPaper
- 8 Zheng, Z., Xie, S., Dai, H., Chen X., Wang, H. “An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends.” Proc. IEEE International Congress on Big Data, 557-564, (2017)
- 9 Croman K. et al. “On Scaling Decentralized Blockchains.” Financial Cryptography and Data Security, Lecture Notes in Computer Science, 9604, Springer, Berlin, Heidelberg (2016)
- 10 Fedorov, A. K., Kiktenko, E. O., Lvovsky, A. I. “Quantum computers put blockchain security at risk.” Nature 563 465–467 (2018) doi:10.1038/d41586-018-07449-z
- 11 Wang, X. L., et. al. “18–Qubit Entanglement with Six Photons’ Three Degrees of Freedom.” Phys. Rev. Lett 120.26 260502 (2018) doi: https://doi.org/10.1103/PhysRevLett.120.260502
- 12 Bennett, C, H., & Brassard, G. “Quantum Cryptography: Public key distribution and coin tossing.” Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, 175, Bangalore, India (1984)
- 13 Ekert, A. K. “Quantum cryptography based on Bell’s theorem.” Phys. Rev. Lett. 67 661-663 (1991)
- 14 Gisin, N., Ribordy, G., Tittel, W., Zbinden, H. “Quantum Cryptography.” Rev. Mod. Phys. 74 145 (2002)
- 15 Deutsch, D. “Quantum theory, the Church–Turing principle and the universal quantum computer” Proceedings of the Royal Society A. 400 1818 (1985)
- 16 DiVincenzo, P. D. “Quantum Computation.” Science, 270 255–26 (1995)
- 17 Monroe, C., Meekhof, D. M., King, B. E., Itano,W. M., & Wineland, D. J. “Demonstration of a Fundamental Quantum Logic Gate.” Phys. Rev. Lett. 75 4714 (1995)
- 18 Ekert, A., Jozsa, R. “Quantum computation and Shor’s factoring algorithm.” Rev. Mod. Phys. 68 733 (1996)
- 19 Ohlsson, N., Mohan, R. K., Kröll, S. “Quantum computer hardware based on rare–earth–ion–doped inorganic crystals.” Optics Communications 201.1 71–77 (2002)
- 20 Pirandola, S., Eisert, J., Weedbrook, C., Furusawa, A., Braunstein, S. L. “Advances in quantum teleportation.” Nature Photonics, 9 641–652 (2015)
- 21 Nölleke, C., et. al.“Efficient Teleportation Between Remote Single-Atom Quantum Memories.” Phys. Rev. Lett. 110 140403 (2013)
- 22 Valivarthi, R., et. al. “Quantum teleportation across a metropolitan fibre network.” Nature Photonics 10 676–680 (2016)
- 23 Xia, X. X., Sun, Q. C., Zhang, Q., & Pan, J. W. “Long distance quantum teleportation.” Quantum Science and Technology 3 014012 (2017) https://doi.org/10.1088/2058-9565/aa9baf
- 24 Bennett, C. H., Brassard, G., Crépeau, C., Jozsa, R., Peres, A., Wootters, W. K. “Teleporting an unknown quantum state via dual classical and Einstein–Podolsky–Rosen channels.” Phys. Rev. Lett. 70 1895 (1993)
- 25 Neumann, P., et. al. “Multipartite Entanglement Among Single Spins in Diamond.” Science 320.5881 1326–1329 (2008)
- 26 Salvail, L. et al. “Security of trusted repeater quantum key distribution networks.” J. Comput. Sec. 18 61–87 (2010)
- 27 Peev, M. et al. “The SECOQC quantum key distribution network in Vienna.” New J. Phys. 11 075001 (2009)
- 28 Stucki, D. et al. “Long–term performance of the Swiss quantum quantum key distribution network in a field environment.” New J. Phys. 13 123001 (2011)
- 29 Chen, T. Y. et al. “Field test of a practical secure communication network with decoy–state quantum cryptography.” Opt. Express 17 6540–6549 (2009)
- 30 Chen, T. Y. et al. “Metropolitan all–pass and inter–city quantum communication network.” Opt. Express 18 27217–27225 (2010)
- 31 Kiktenko, E. O. et al. “Demonstration of a quantum key distribution network across urban fiber channels.” arXiv:1705.07154 (2017)
- 32 Shadbolt, P., Mathews, J. C. F., Laing, A., O’Brien, J. L. “Testing foundations of quantum mechanics with photons.” Nat. Phys. 10 278–286 (2014)
- 33 Christensen, B. G. et. al. “Detection–loophole–free test of quantum nonlocality, and applications.” Phys. Rev. Lett. 111 130406 (2013)
- 34 Smith, D. H. et. al. “Conclusive quantum steering with superconducting transition–edge sensors.” Nat. Comms. 3 625 (2012)
- 35 Wittmann B. et. al. “Loophole–free Einstein–Podolsky–Rosen experiment via quantum steering.” New J. Phys. 14 053030 (2012)
- 36 Sasaki, M. “Quantum networks: where should we be heading?” Quantum Science and Technology 2 020501 (2017)
- 37 Elmabrok, O., Razavi, M. “Wireless quantum key distribution in indoor environments.” Journal of the Optical Society of America B, 35.2 197–207 (2018)
- 38 Chun, H., et al. “Handheld free space quantum key distribution with dynamic motion compensation.” Optics Express 25.6 6784–6795 (2017)
- 39 Zhang, P., et. al. “Reference–Frame–Independent Quantum Key Distribution Server with a Telecom Tether for an On–Chip Client.” Phys. Rev. Lett. 112 130501 (2014)
- 40 Bourgoin, J. P., et. al. “Free–space quantum key distribution to a moving receiver.” Optics Express 23.26 33437–33447 (2015)
- 41 Toshiba Corporation. “High–speed quantum cryptographic communications with key distribution speeds exceeding 10 Mbps in a real-world environment.” Toshiba Press Release (accessed 25th October 2018) https://www.toshiba.co.jp/about/press/2018_09/pr1101.htm
- 42 Sasaki, M. et al. “Field test of quantum key distribution in the Tokyo QKD Network.” Opt. Express 19 10387 (2011)
- 43 Tysowski, P. K., Ling, X., Lütkenhaus, N., Mosca, M. “The engineering of a scalable multi–site communications system utilizing quantum key distribution (QKD).” Quantum Science and Technology 3.2 (2018)
- 44 Horodecki, R., Horodecki, P., Horodecki, M., Horodecki, K. “Quantum Entanglement.” Rev. Mod. Phys. 81 865 (2009)
- 45 Fedrizzi, A., Herbst, T., Poppe, A., Jennewein, T., Zeilinger, A. “A wavelength–tunable fiber–coupled source of narrowband entangled photons.” Optics Express 15.23 15377–15386 (2007)
- 46 Li, Y., Zhou, Z. Y., Ding, D. S., Shi, B. S. “CW–pumped telecom band polarization entangled photon pair generation in a Sagnac interferometer.” Optics Express 23.22 28792–28800 (2015)
- 47 Jin, R. B. et. al. “Pulsed Sagnac polarization–entangled photon source with a PPKTP crystal at telecom wavelength.” Optics Express 22.10 11498–11507 (2014)
- 48 Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A. “Zero–Knowledge Proofs From Secure Multiparty Computation.” SIAM J. Comput. 39.3 1121–1152 (2009) doi: 10.1137/080725398
- 49 Torres, W. A. A., et al. “Post–Quantum One–Time Linkable Ring Signature and Application to Ring Confidential Transactions in Blockchain.” In Susilo, W., Yang, G. (Ed.) Information Security and Privacy. ACISP 2018. Lecture Notes in Computer Science, vol. 10946. Springer, Cham 558–576 (2018) https://doi.org/10.1007/978-3-319-93638-3_32
- 50 Gao X., Ding J., Liu J., Li, L. “Post-Quantum Secure Remote Password Protocol from RLWE Problem.” In Chen, X., Lin, D., Yung, M. (Ed.) Information Security and Cryptology. Inscrypt 2017. Lecture Notes in Computer Science, vol. 10726. Springer, Cham 99–116 (2018) https://doi.org/10.1007/978-3-319-75160-3_8
- 51 Jogenfors, J. “Breaking the Unbreakable: Exploiting Loopholes in Bell’s Theorem to Hack Quantum Cryptography.” PhD Thesis, Linkoping University, Sweden (2017)
- 52 Kalinin, K. P., Berloff, N. G. “Blockchain platform with proof-of-work based on analog Hamiltonian optimisers.” arXiv:1802.10091 (2018)
- 53 Rajan, D., Visser, M. “Quantum Blockchain using entanglement in time.” arXiv:1804.05979 (2018)
- 54 Ikeda, K. “qBitcoin: A Peer–to–Peer Quantum Cash System.” arXiv:1708.04955 (2017)
- 55 Sapaev, D. et al. “Quantum–Assisted Blockchain.” arXiv:1802.06763 (2018)
- 56 Guan, J. Y. et. al. “Experimental preparation and verification of quantum money.” arXiv:1709.05882 (2018)
- 57 Haylock, B., et. al. “Multiplexed Quantum Random Number Generation.” arXiv:1801.06926 (2018)
- 58 Lenzini, F., et. al. “Integrated photonic platform for quantum information with continuous variables.” arXiv:1804.07435 (2018)
- 59 Lenzini, F.,, et. al. “Active demultiplexing of single–photons from a solid–state source.” Laser & Photonics Reviews 11 1600297 (2017)
- 60 Bogdanov, S. I., et. al. “Ultrabright Room–Temperature Sub–Nanosecond Emission from Single Nitrogen–Vacancy Centers Coupled to Nanopatch Antennas.” Nano Lett. 18.8 4837–4844 (2018)
- 61 Kandala, A., et. al. “Hardware–efficient variational quantum eigensolver for small molecules and quantum magnets” Nature 549 242–246 (2017)
- 62 Rancic, M., Hedges, M. P., Ahlefeldt, R. L., & Sellars, M. J. “Coherence time of over a second in a telecom–compatible quantum memory storage material”. Nature Physics 14 50–54 (2018)
- 63 Wiseman, H. M. “From Einstein’s theorem to Bell’s theorem: a history of quantum non-locality.” Contemporary Physics 47 79–88 (2006)
- 64 Einstein, A., Podolsky, B., Rosen, N. “Can quantum–mechanical description of physical reality be considered complete?” Phys. Rev. Lett. 47 777 (1935)
- 65 Freedman, S. J., Clauser, J. F. “Experimental Test of Local Hidden–Variable Theories.” Phys. Rev. Lett. 28 938 (1972)
- 66 Aspect, A., Dalibard, J., Roger, G. “Experimental realization of Einstein–Podolsky–Rosen–Bohm Gedankenexperiment: a new violation of Bell’s inequalities.” Phys. Rev. Lett. 49.2 91–94 (1982) doi.org/10.1103/PhysRevLett.49.91
- 67 Weihs, G., et. al. “Violation of Bell’s Inequality under Strict Einstein Locality Conditions.” Phys. Rev. Lett. 81 5039 (1998)
- 68 Rowe, M. A., et. al. “Experimental Violation of a Bell’s Inequality with Efficient Detection.” Nature 409 791 (2001)
- 69 Matsukevich, D. N., et. al. “Bell Inequality Violation with Two Remote Atomic Qubits.” Phys. Rev. Lett. 100 150404 (2008)
- 70 Ansmann, M., et. al. “Decoherence Dynamics of Complex Photon States Violation of Bell’s inequality in Josephson phase qubits.” Nature 461 504 (2009)
- 71 Hofmann, J., et. al. “Heralded entanglement between widely separated atoms.” Science 337 72 (2012)
- 72 Scheidl, T., et. al. “Violation of local realism with freedom of choice.” Proc. Natl. Acad. Sci. 107 19708 (2010)
- 73 Aguero, M. B., Hnilo,A. A., Kovalsky, M. G. “Time–resolved measurement of Bell inequalities and the coincidence loophole.” Phys. Rev. A 86 052121 (2012)
- 74 Giustina, M., et. al. “Bell violation using entangled photons without the fair–sampling assumption.” Nature 497 227 (2013)
- 75 Hensen, B., et. al. “Loophole–free Bell inequality violation using electron spins separated by 1.3 kilometres.” Nature 526 682 (2015)
- 76 Giustina, M., et. al. “Significant-Loophole–Free Test of Bell’s Theorem with Entangled Photons.” Phys. Rev. Lett. 115 250401 (2015)
- 77 Shalm, L. K., et al. “Strong Loophole–Free Test of Local Realism.” Phys. Rev. Lett. 115 250402 (2015)
- 78 Susskind, L. “Copenhagen vs Everett, Teleportation, and ER=EPR.” Progress of Physics 64.6 551–564 (2016)
- 79 Cao, C., Carroll, S. M., Michalakis, S. “Space from Hilbert space: Recovering geometry from bulk entanglement.” Phys. Rev. D 95 024031 (2017)
- 80 Raamsdonk, M., V. “Building up spacetime with quantum entanglement.” General Relativity and Gravitation, 42.10 2323–2329 (2010)
- 81 Susskind, L., Zhao, Y. “Teleportation through the wormhole.” Phys. Rev. D 98 046016 (2018)
- 82 Jiang, W. C., Lu, X., Zhang, J., Painter, O., Lin, Q. “Silicon–chip source of bright photon pairs.” Optics Express 23.16 20884–20904 (2015)
- 83 Silverstone, J. W. et. al. “On–chip quantum interference between silicon photon–pair sources.” Nature Photonics 8 104–108 (2014)
- 84 Autebert, C., et. al. “Electrically Injected Source of Photon Pairs at Room Temperature: Device Performances and Entanglement Generation.” European Conference on Lasers and Electro-Optics - EQEC (2015)
- 85 Horn, R., Abolghasem, P., Bijlani, B. J., Kang, D., Helmy, A. S., Weihs, G. “Monolithic source of photon pairs.” Phys Rev Lett. 108.15 153605 (2012)
- 86 Davoyan, A., Atwater, H. “Quantum nonlinear light emission in metamaterials: broadband Purcell enhancement of parametric downconversion.” Optica 5.5 608–611 (2018)
- 87 Joint Report: Interagency Working Group on Quantum Information Science of the Subcommittee on Physical Sciences. “ADVANCING QUANTUM INFORMATION SCIENCE: NATIONAL CHALLENGES AND OPPORTUNITIES” (accessed July 2018) https://www.whitehouse.gov/sites/whitehouse.gov/files/images/Quantum_Info_Sci_Report_2016_07_22%20final.pdf
- 88 Mayers, D., Yao, A. “Quantum cryptography with imperfect apparatus.” IEEE Proceedings of the 39th Annual Symposium on Foundations of Computer Science 503–509 (1998)
- 89 Acín, A., Brunner, N., Gisin, N., Massar, S., Pironio, S., Scarani, V. “Device–independent security of quantum cryptography against collective attacks.” Phys. Rev. Lett. 98 230501 (2007)
- 90 Pironio, S., Acín, A., Brunner, N., Gisin, N., Massar, S., Scarani, V. “Device–independent quantum key distribution secure against collective attacks.” New Journal of Physics 11 045021 (2009)
- 91 Branciard, C., Cavalcanti, E. G., Walborn, S. P., Scarani, V., Wiseman, H. M. “One–sided device–independent quantum key distribution: Security, feasibility, and the connection with steering.” Phys. Rev. A. 85 010301 (2012)
- 92 Acín, A., Gisin, N., Masanes, L. “From Bell’s Theorem to Secure Quantum Key Distribution.” Phys. Rev. Lett. 97 120405 (2006)
- 93 Liang, Y. C., Vertesi, T., Brunner, N. “Semi–device–independent bounds on entanglement.” Phys. Rev. A. 83 022108 (2011)
- 94 Brunner, N., Cavalcanti, D., Pironio, S., Scarani, V., Wehner, S. “Bell nonlocality.” Rev. Mod. Phys. 86 419 (2014)
- 95 Pironio, S., et. al. “Random numbers certified by Bell’s theorem.” Nature 464 1021–1024 (2010)
- 96 Shin, L. “Bitcoin blockchain technology in financial services: How the disruption will play out.” Forbes (accessed November 2018) https://www.forbes.com/sites/laurashin/2015/09/14/bitcoin- blockchain-technology-in-financial-services-how-the-disruption-will-play-out/67a974bf5edf
- 97 Goorden, S. A., Horstmann, M., Mosk, A. P., korić, B., Pinkse, P. W. H. “Quantum-secure authentication of a physical unclonable key.” Optica 1 421–424 (2014)
- 98 Nikolopoulos, G.M., Diamanti, E. “Continuous–variable quantum authentication of physical unclonable keys.” Scientific Reports 7 46047 (2017)
- 99 Skoric, B. “Security analysis of Quantum–Readout PUFs in the case of challenge–estimation attacks.” Cryptology ePrint Archive (2013) (accessed 5 December) https://eprint.iacr.org/2013/479
- 100 Pappu, R., Recht, B., Taylor, J., Gershenfeld, N. “Physical one-way functions.” Science 297 2026 (2002)
- 101 Pappu, R. “Physical One-Way Functions.” Ph.D. dissertation Massachusetts Institute of Technology (2001)
- 102 van Putten, E. G. “Disorder–enhanced imaging with spatially controlled light.” Ph.D. Thesis University of Twente (2011)
- 103 Wootters, W. K., Zurek, W. H. “A single quantum cannot be cloned.” Nature 299 802–803 (1982) doi: 10.1038/299802a0
- 104 Douceur, J. R. “The sybil attack.” Peer-to-peer Systems 251–260 (2002)
- 105 No author. “Cryptocurrency Standards”. Tresor Wiki (accessed October 2018) https://wiki.trezor.io/Cryptocurrency_standards
- 106 Wiseman, H. M., Jones, S. J., Doherty, A. C. “Steering, entanglement, nonlocality, and the EPR paradox.” Phys. Rev. Lett. 98 140402 (2007)
- 107 Evans, D. A., Cavalcanti, E. G., Wiseman, H. M. “Loss–Tolerant Tests Of Einstein–Podolsky–Rosen Steering.” Phys. Rev. A. 88 022106 (2013)
- 108 Saunders, D. J., Jones, S. J., Wiseman, H. M., Pryde, G. J. “Experimental EPR–steering using Bell–local states.” Nat. Phys. 76 845–849 (2010)
- 109 Zhang, F., Eyal, I., Escriva, R., Juels, A., van Renesse, R. “REM: Resource–Efficient Mining for Blockchains.” USENIX Security (2017)
- 110 Lamport, L., Shostak, R., Pease, M. “The Byzantine generals problem.” ACM Trans. Program. Lang. Syst. 4 382–401 (1982)
- 111 Decker, C., Seidel, J., Wattenhofer, R. “Bitcoin meets strong consistency”. In 17th International Conference on Distributed Computing and Networking (2016)
- 112 Schneier, F. B. “Implementing fault–tolerant services using the state machine approach: A tutorial.” ACM Comput. Surv. 22.4 299–319 (1990)
- 113 Dwork, C., Lynch, N., Stockmeyer, L. “Consensus in the presence of partial synchrony.” J. ACM 35 (1988)
- 114 Vukolić, M. “The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication.” In Camenisch, J., Kesdoğan, D., Open Problems in Network Security, Springer, Cham, 112–125, (2016).
- 115 Xavier, D., Schiper, A., Urbań, P. “Total order broadcast and multi- cast algorithms: Taxonomy and survey.” ACM Comput. Surv. 36.4 372–421 (2004)
- 116 Clauser, J. F., Horne, M. A., Shimony, A., Holt, R. A. “Proposed Experiment to Test Local Hidden–Variable Theories.” Phys. Rev. Lett. 23.15 880–884 (1969)
- 117 Jones, S. J., Wiseman, H. M., Doherty, A. C. “Entanglement, Einstein–Podolsky–Rosen correlations, Bell nonlocality, and steering.” Phys. Rev. A. 76 052116 (2007)
- 118 Bennet, A. J., et. al. “Arbitrarily Loss–Tolerant Einstein–Podolsky–Rosen Steering Allowing a Demonstration over 1km of Optical Fiber with No Detection Loophole.” Phys. Rev. X 2 031003 (2012)
- 119 Wollmann, S., Bennet, A. J., Walk, N., Wiseman, H. M., Pryde, G. J. “Observation of Genuine One–Way Einstein–Podolsky–Rosen Steering.” Phys. Rev. Lett. 116 160403 (2016)
- 120 Jiang, W. C., Lu,X., Zhang, J., Painter, O., Lin, Q. “Silicon–chip source of bright photon pairs.” Optics Express 23.16 20884 (2015) doi: 10.1364/OE.23.020884
- 121 Friedman, R. A., Hänggi, E., Ta–Shma, A. “Towards the Impossibility of Non–Signalling Privacy Amplification from Time–Like Ordering Constraints.” arXiv (2012) (accessed 14 January 2019) https://arxiv.org/abs/1205.3736v1
- 122 Bell, J. S. “On the Einstein–Podolsky–Rosen paradox.” Physics (Long Island City, N.Y.) 1 195 (1964)
- 123 Schneier, B. Liars and Outliers. Enabling the Trust that Society Needs to Thrive Indianapolis, Indiana: John Wiley & Sons, Inc. 61–123 (2012)
- 124 Werbach, K. The Blockchain and the New Architecture of Trust Cambridge, MA: MIT Press 25–28 (2018)
- 125 Schneier, B. “Blockchain and Trust.” Schneier On Security (accessed 16 February 2019) https://www.schneier.com/blog/archives/2019/02/blockchain_and_.html
- 126 Kiktenko, E. O., et. al. “Quantum-secured blockchain.” Quantum Sci. Technol. 3 035004 (2018) doi:10.1088/2058-9565/aabc6b
- 127 Gottesman, D., Chuang, I. “Quantum Digital Signatures.” arXiv:quant-ph/0105032 (2001)
- 128 Lo, H. K., Curty, M., Qi, B. “Measurement–Device–Independent Quantum Key Distribution.” Phys. Rev. Lett., 108 130503 (2012)
- 129 Smania, M., Elhassan, A. M., Tavakoli, A., Bourennane, M. “Experimental quantum multiparty communication protocols.” NPJ Quantum Information 2 16010 (2016)
- 130 Fitzi, M., Gisin, N., Maurer, U. “Quantum solution to the Byzantine agreement problem.” Phys. Rev. Lett. 87 217901 (2001)
- 131 Bancal, J D., Brunner, N., Gisin, N., Liang, Y. C. “Detecting Genuine Multipartite Quantum Nonlocality: A Simple Approach and Generalization to Arbitrary Dimensions.” Phys. Rev. Lett. 106 020405 (2011)
- 132 Brunner, N., Sharam, J., Vértesi, T. “Testing the Structure of Multipartite Entanglement with Bell Inequalities.” Phys. Rev. Lett. 108 110501 (2012)
- 133 Kocsis, S., Hall, M. J. W., Bennet, A. J., Saunders, D. J., Pryde, G. J. ”Experimental measurement–device–independent verification of quantum steering.” Nature Comms. 6 5886 (2015) doi: https://doi.org/10.1038/ncomms6886
- 134 Reichardt, B. W., Unger, F., Vazirani, U. “A classical leash for a quantum system: Command of quantum systems via rigidity of CHSH games” arXiv:1209.0448 (2012)
- 135 Gheorghiu, A., Wallden, P., Kashefi, E. “Rigidity of quantum steering and one–sided device–independent verifiable quantum computation.” New Journal of Physics, 19 (2017)
- 136 Mahadev, U. “Classical Homomorphic Encryption for Quantum Circuits.” arXiv (accessed 15 December 2018) https://arxiv.org/abs/1708.02130v4
- 137 Ursin, R. et. al. “Entanglement–Based Quantum Communication over 144 km.” Nature Phys. 3 481–486 (2007) doi: 10.1038/nphys629
- 138 Aspelmeyer, M., Jennewein, T., Pfennigbauer, M., Leeb, W. R., Zeilinger, A. “Long–Distance Quantum Communication with Entangled Photons Using Satellites.” IEEE J. Sel. Top. Quantum Electron. 9.6 1541–1551 (2003) doi: 10.1109/JSTQE.2003.820918
- 139 No author. “Framework for Improving Critical Infrastructure Cybersecurity.” National Institute of Standards and Technology (accessed October 2018) https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
- 140 “Security Tenets for Life Critical Embedded Systems.” Department of Homeland Security (accessed October 2018) https://www.dhs.gov/sites/default/files/publications/security-tenets-lces-paper-11-20-15-508.pdf
- 141 Goorden, S. A., Horstmann,M., Mosk, A. P., Skoric, B., Pinkse, P. W. H. ”Quantum–secure authentication of a physical unclonable key: supplementary material.” Optica 1 421–424 (2014)
- 142 Skoric, B. “Quantum readout of Physical Unclonable Functions: Remote authentication without trusted readers and authenticated Quantum Key Exchange without initial shared secrets.” eprint.iacr.org/2009/369, (2009)
- 143 No author. “Challenge Response Authentication.” Wiipedia (accessed June 2018) https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication
- 144 Ling, A., Wildfeuer, C., Scarani, V. “A note on quantum safe symmetric key growing.” arXiv:1707.02766v1 (2017)
- 145 Pearle, P. M. “Hidden-variable example based upon data rejection.” Phys. Rev. D. 2 14181425 (1970)
- 146 Bell, J. S. “Speakable and Unspeakable in Quantum Mechanics.” Cambridge, Cambridge University Press (1987)
- 147 Gallicchio, J., Friedman, A. S., Kaiser, D. I. “Testing Bell’s inequality with cosmic photons: closing the setting–independence loophole.” Phys. Rev. Lett. 112 110405 (2014)
Supplement A Quantum Secure Authentication
A.1 Background
In a real–world setting, the network ruleset for client authentication should meet modern cybersecurity standards for globally connected devices,139139endnote: 139No author. “Framework for Improving Critical Infrastructure Cybersecurity.” National Institute of Standards and Technology (accessed October 2018)
https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf which naturally includes quantum optical devices embedded into a quantum–enabled blockchain. As a general rule, authentication mode should ensure140140endnote: 140“Security Tenets for Life Critical Embedded Systems.” Department of Homeland Security (accessed October 2018) https://www.dhs.gov/sites/default/files/publications/security-tenets-lces-paper-11-20-15-508.pdf:
i) All interactions between devices are mutually authenticated;
ii) Continuous authentication is used when feasible and appropriate;
iii) All communications between devices is encrypted;
iv) Devices never trust unauthenticated data or code during boot–time;
v) Devices are never permitted to run unauthorised code;
vi) Devices never trust unauthenticated data during run–time; and
vii) When used, cryptographic keys are protected, or are one–time use only (depending on protocol).
The integrity of QSA is guaranteed provided that141141endnote: 141Goorden, S. A., Horstmann,M., Mosk, A. P., Skoric, B., Pinkse, P. W. H. ”Quantum–secure authentication of a physical unclonable key: supplementary material.” Optica 1 421–424 (2014) i) it is technically infeasible to make a physical clone of a photonic key, ii) an adversary is unable to apply arbitrary unitary transformations to high–dimensional quantum states with low losses (termed quantum–computational unclonability142142endnote: 142Skoric, B. “Quantum readout of Physical Unclonable Functions: Remote authentication without trusted readers and authenticated Quantum Key Exchange without initial shared secrets.” eprint.iacr.org/2009/369, (2009)), and iii) different challenges are allowed to be applied to the photonic key. The protocol utilises a challenge/response protocol143143endnote: 143No author. “Challenge Response Authentication.” Wiipedia (accessed June 2018) https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication (i.e. round–by–round interaction between a client and quantum server). Clients request photonic challenges from the quantum servers, and due to the interactive nature of authentication and mining, it is in the best interest of quantum servers to support the authentication of clients. The QSA protocol is unique in that it results in an authenticated quantum channel, whilst circumventing the need for pre–shared secrets. This finds various applications, for example, in quantum key growing protocols144144endnote: 144Ling, A., Wildfeuer, C., Scarani, V. “A note on quantum safe symmetric key growing.”
arXiv:1707.02766v1 (2017) which may be used to generate symmetric encryption keys for quantum–safe communication without the need for pre–shared secrets.
A.2 Protocol overview
The photonic challenge is randomly chosen from a set of pre–determined challenges, selected by the quantum server, and is sent to the client’s quantum modem via a quantum communication channel for direct interaction with the client’s photonic key. Interaction on the client side transforms the incident photonic challenge into a photonic response, which is detected on the client side. In accordance with the QSA protocol, the photonic response pairs uniquely with the photonic challenge, provided the challenge physically interacts with the correct photonic key. To guarantee accurate pairing, photonic keys are pre–characterised in a key enrolment stage, with each key requiring 50MB of characterisation data for accurate enrolment. Enrolment can be done in two ways: i) A certification authority or manufacturer enrols the key. In this case, a key identifier and a precise characterization of the key are entered into a publicly readable and tamper proof database (i.e the blockchain which the key will be used to access). Or, ii) a certificate authority signs a digital certificate containing the key identifier and characterization data. The certificate is then stored publicly, e.g. through inclusion to the blockchain. When a verifier wants to see if a certain key is authentic, the challenge-response behaviour is checked against the enrolled data, which in the case of quantum readout, does not require trust in the remote key reader. The authentication of the quantum channel is then based on the possession of a physical object, instead of knowledge of a pre–shared secret. An authentic detection event on the client side occurs when the response wavefront focusses cleanly onto an optical detector. The QSA protocol in its original form assumes that a client’s quantum modem is immune to tampering, since an authentic detection event could be easily spoofed if the detector was illuminated in a way that appears consistent with correct authentication. However, the assumption of tampering immunity may be relaxed, provided that the quantum server is allowed to send decoy photonic challenges that are randomly and secretly mixed in with real photonic challenges. In this case, because a client is unable to infer whether an incident challenge is legitimate or a decoy (due to the no–cloning theorem of quantum physics), a dishonest client is left uncertain as to whether to correctly illuminate the detector on any given round. This addition of decoy challenges further protects the network from false authentications. Based on experimental demonstrations in literature, in the case of an honest client with a legitimate photonic key, 200–500 rounds of key interrogation via the challenge/response protocol is sufficient for successful authentication, with authentication concluding in 200ms–400ms (allowing provision for decoy photonic challenges), with false authentication rates of 1 in 100 billion.
Supplement B Experimental Devices and Loopholes
Experimental tests of entanglement witnesses can be technologically demanding. To mitigate the technological demands of these tests, it is common practice to make additional assumptions pertaining to the expected action of experimental devices. Importantly, these assumptions lie outside of the theoretical framework applied in developing the mathematical inequalities which witness entanglement. Hence, assumptions of this kind pertain only to the experimental devices employed in the test; they may affect the test outcomes (allowing for false positives) but do not affect the veracity of the mathematical derivation. Devices which act in conflict with such assumptions, resulting in false positives (perhaps due to interference by an adversary), are said to open experimental loopholes. The key experimental assumptions, which when subverted, open experimental loopholes, are:
Fair sampling assumption.145145endnote: 145Pearle, P. M. “Hidden-variable example based upon data rejection.” Phys. Rev. D. 2 14181425 (1970) : Non–unit–efficiency detection devices record events that constitute a fair sample of all possible detection events. The detection loophole is opened if compromised detectors record a subset of events that are not representative of the entire set. Invocation of the fair–sampling assumption can be avoided by employing high–efficiency detectors, overcoming channel/transmission losses with low–loss channels, or implementing loss–tolerant measurement strategies.
No–signalling assumption:146146endnote: 146Bell, J. S. “Speakable and Unspeakable in Quantum Mechanics.” Cambridge, Cambridge University Press (1987) Experimental devices cannot signal information to each other. The signalling loophole is opened if a compromised apparatus communicates secret information to external devices. Invocation of the no–signalling assumption may be avoided by ensuring space–like separation of devices, or by proper experimental design and shielding of devices (a common requirement for cryptographic protocols).
Measurement–independence assumption: Measurement devices and their measurement settings are not pre–programmed or influenced by external sources or events (past or future). The setting–independence loophole is opened if devices are externally influenced or their behaviour becomes predictable. Invocation of the measurement–independence assumption may be avoided by ensuring measurement devices employ genuinely random sources of measurement setting, typically enacted with a quantum random number generator (QRNG). 147147endnote: 147Gallicchio, J., Friedman, A. S., Kaiser, D. I. “Testing Bell’s inequality with cosmic photons: closing the setting–independence loophole.” Phys. Rev. Lett. 112 110405 (2014)
Ensuring closure of the detection, signalling, and freedom–of–choice loopholes is a routine requirement in quantum cryptographic protocols and in applied technologies which utilise tests of quantum correlations.
Notes
- 1 Nakamoto, S. “Bitcoin: A Peer-to-Peer Electronic Cash System.” Bitcoin.org (2009) (accessed August 2018) http://bitcoin.org/bitcoin.pdf.
- 2 Antonopoulos, A. M. Mastering Bitcoin: Unlocking Digital Cryptocurrencies. O’Reilly Media, Inc. (2015)
- 3 Extance, A. “The future of cryptocurrencies: Bitcoin and beyond.” Nature 526 21–23 (2015).
- 4 de Vries, A. “Bitcoin’s growing energy problem”. Joule, 2.5, 801–805 (2018).
- 5 Miller, A., & LaViola, J. J. “Anonymous Byzantine consensus from moderately–hard puzzles: A model for Bitcoin.” Tech. Report, CS-TR-14-01, UCF, (2014)
- 6 Baraniuk, C. “Bitcoin energy use in Iceland set to overtake homes, says local firm”. BBC News (accessed 24 October 2018) https://www.bbc.com/news/technology-43030677
- 7 King, S., Nadal, S. “PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake” (2012) (accessed September 2018) https://archive.org/details/PPCoinPaper
- 8 Zheng, Z., Xie, S., Dai, H., Chen X., Wang, H. “An Overview of Blockchain Technology: Architecture, Consensus, and Future Trends.” Proc. IEEE International Congress on Big Data, 557-564, (2017)
- 9 Croman K. et al. “On Scaling Decentralized Blockchains.” Financial Cryptography and Data Security, Lecture Notes in Computer Science, 9604, Springer, Berlin, Heidelberg (2016)
- 10 Fedorov, A. K., Kiktenko, E. O., Lvovsky, A. I. “Quantum computers put blockchain security at risk.” Nature 563 465–467 (2018) doi:10.1038/d41586-018-07449-z
- 11 Wang, X. L., et. al. “18–Qubit Entanglement with Six Photons’ Three Degrees of Freedom.” Phys. Rev. Lett 120.26 260502 (2018) doi: https://doi.org/10.1103/PhysRevLett.120.260502
- 12 Bennett, C, H., & Brassard, G. “Quantum Cryptography: Public key distribution and coin tossing.” Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, 175, Bangalore, India (1984)
- 13 Ekert, A. K. “Quantum cryptography based on Bell’s theorem.” Phys. Rev. Lett. 67 661-663 (1991)
- 14 Gisin, N., Ribordy, G., Tittel, W., Zbinden, H. “Quantum Cryptography.” Rev. Mod. Phys. 74 145 (2002)
- 15 Deutsch, D. “Quantum theory, the Church–Turing principle and the universal quantum computer” Proceedings of the Royal Society A. 400 1818 (1985)
- 16 DiVincenzo, P. D. “Quantum Computation.” Science, 270 255–26 (1995)
- 17 Monroe, C., Meekhof, D. M., King, B. E., Itano,W. M., & Wineland, D. J. “Demonstration of a Fundamental Quantum Logic Gate.” Phys. Rev. Lett. 75 4714 (1995)
- 18 Ekert, A., Jozsa, R. “Quantum computation and Shor’s factoring algorithm.” Rev. Mod. Phys. 68 733 (1996)
- 19 Ohlsson, N., Mohan, R. K., Kröll, S. “Quantum computer hardware based on rare–earth–ion–doped inorganic crystals.” Optics Communications 201.1 71–77 (2002)
- 20 Pirandola, S., Eisert, J., Weedbrook, C., Furusawa, A., Braunstein, S. L. “Advances in quantum teleportation.” Nature Photonics, 9 641–652 (2015)
- 21 Nölleke, C., et. al.“Efficient Teleportation Between Remote Single-Atom Quantum Memories.” Phys. Rev. Lett. 110 140403 (2013)
- 22 Valivarthi, R., et. al. “Quantum teleportation across a metropolitan fibre network.” Nature Photonics 10 676–680 (2016)
- 23 Xia, X. X., Sun, Q. C., Zhang, Q., & Pan, J. W. “Long distance quantum teleportation.” Quantum Science and Technology 3 014012 (2017) https://doi.org/10.1088/2058-9565/aa9baf
- 24 Bennett, C. H., Brassard, G., Crépeau, C., Jozsa, R., Peres, A., Wootters, W. K. “Teleporting an unknown quantum state via dual classical and Einstein–Podolsky–Rosen channels.” Phys. Rev. Lett. 70 1895 (1993)
- 25 Neumann, P., et. al. “Multipartite Entanglement Among Single Spins in Diamond.” Science 320.5881 1326–1329 (2008)
- 26 Salvail, L. et al. “Security of trusted repeater quantum key distribution networks.” J. Comput. Sec. 18 61–87 (2010)
- 27 Peev, M. et al. “The SECOQC quantum key distribution network in Vienna.” New J. Phys. 11 075001 (2009)
- 28 Stucki, D. et al. “Long–term performance of the Swiss quantum quantum key distribution network in a field environment.” New J. Phys. 13 123001 (2011)
- 29 Chen, T. Y. et al. “Field test of a practical secure communication network with decoy–state quantum cryptography.” Opt. Express 17 6540–6549 (2009)
- 30 Chen, T. Y. et al. “Metropolitan all–pass and inter–city quantum communication network.” Opt. Express 18 27217–27225 (2010)
- 31 Kiktenko, E. O. et al. “Demonstration of a quantum key distribution network across urban fiber channels.” arXiv:1705.07154 (2017)
- 32 Shadbolt, P., Mathews, J. C. F., Laing, A., O’Brien, J. L. “Testing foundations of quantum mechanics with photons.” Nat. Phys. 10 278–286 (2014)
- 33 Christensen, B. G. et. al. “Detection–loophole–free test of quantum nonlocality, and applications.” Phys. Rev. Lett. 111 130406 (2013)
- 34 Smith, D. H. et. al. “Conclusive quantum steering with superconducting transition–edge sensors.” Nat. Comms. 3 625 (2012)
- 35 Wittmann B. et. al. “Loophole–free Einstein–Podolsky–Rosen experiment via quantum steering.” New J. Phys. 14 053030 (2012)
- 36 Sasaki, M. “Quantum networks: where should we be heading?” Quantum Science and Technology 2 020501 (2017)
- 37 Elmabrok, O., Razavi, M. “Wireless quantum key distribution in indoor environments.” Journal of the Optical Society of America B, 35.2 197–207 (2018)
- 38 Chun, H., et al. “Handheld free space quantum key distribution with dynamic motion compensation.” Optics Express 25.6 6784–6795 (2017)
- 39 Zhang, P., et. al. “Reference–Frame–Independent Quantum Key Distribution Server with a Telecom Tether for an On–Chip Client.” Phys. Rev. Lett. 112 130501 (2014)
- 40 Bourgoin, J. P., et. al. “Free–space quantum key distribution to a moving receiver.” Optics Express 23.26 33437–33447 (2015)
- 41 Toshiba Corporation. “High–speed quantum cryptographic communications with key distribution speeds exceeding 10 Mbps in a real-world environment.” Toshiba Press Release (accessed 25th October 2018) https://www.toshiba.co.jp/about/press/2018_09/pr1101.htm
- 42 Sasaki, M. et al. “Field test of quantum key distribution in the Tokyo QKD Network.” Opt. Express 19 10387 (2011)
- 43 Tysowski, P. K., Ling, X., Lütkenhaus, N., Mosca, M. “The engineering of a scalable multi–site communications system utilizing quantum key distribution (QKD).” Quantum Science and Technology 3.2 (2018)
- 44 Horodecki, R., Horodecki, P., Horodecki, M., Horodecki, K. “Quantum Entanglement.” Rev. Mod. Phys. 81 865 (2009)
- 45 Fedrizzi, A., Herbst, T., Poppe, A., Jennewein, T., Zeilinger, A. “A wavelength–tunable fiber–coupled source of narrowband entangled photons.” Optics Express 15.23 15377–15386 (2007)
- 46 Li, Y., Zhou, Z. Y., Ding, D. S., Shi, B. S. “CW–pumped telecom band polarization entangled photon pair generation in a Sagnac interferometer.” Optics Express 23.22 28792–28800 (2015)
- 47 Jin, R. B. et. al. “Pulsed Sagnac polarization–entangled photon source with a PPKTP crystal at telecom wavelength.” Optics Express 22.10 11498–11507 (2014)
- 48 Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A. “Zero–Knowledge Proofs From Secure Multiparty Computation.” SIAM J. Comput. 39.3 1121–1152 (2009) doi: 10.1137/080725398
- 49 Torres, W. A. A., et al. “Post–Quantum One–Time Linkable Ring Signature and Application to Ring Confidential Transactions in Blockchain.” In Susilo, W., Yang, G. (Ed.) Information Security and Privacy. ACISP 2018. Lecture Notes in Computer Science, vol. 10946. Springer, Cham 558–576 (2018) https://doi.org/10.1007/978-3-319-93638-3_32
- 50 Gao X., Ding J., Liu J., Li, L. “Post-Quantum Secure Remote Password Protocol from RLWE Problem.” In Chen, X., Lin, D., Yung, M. (Ed.) Information Security and Cryptology. Inscrypt 2017. Lecture Notes in Computer Science, vol. 10726. Springer, Cham 99–116 (2018) https://doi.org/10.1007/978-3-319-75160-3_8
- 51 Jogenfors, J. “Breaking the Unbreakable: Exploiting Loopholes in Bell’s Theorem to Hack Quantum Cryptography.” PhD Thesis, Linkoping University, Sweden (2017)
- 52 Kalinin, K. P., Berloff, N. G. “Blockchain platform with proof-of-work based on analog Hamiltonian optimisers.” arXiv:1802.10091 (2018)
- 53 Rajan, D., Visser, M. “Quantum Blockchain using entanglement in time.” arXiv:1804.05979 (2018)
- 54 Ikeda, K. “qBitcoin: A Peer–to–Peer Quantum Cash System.” arXiv:1708.04955 (2017)
- 55 Sapaev, D. et al. “Quantum–Assisted Blockchain.” arXiv:1802.06763 (2018)
- 56 Guan, J. Y. et. al. “Experimental preparation and verification of quantum money.” arXiv:1709.05882 (2018)
- 57 Haylock, B., et. al. “Multiplexed Quantum Random Number Generation.” arXiv:1801.06926 (2018)
- 58 Lenzini, F., et. al. “Integrated photonic platform for quantum information with continuous variables.” arXiv:1804.07435 (2018)
- 59 Lenzini, F.,, et. al. “Active demultiplexing of single–photons from a solid–state source.” Laser & Photonics Reviews 11 1600297 (2017)
- 60 Bogdanov, S. I., et. al. “Ultrabright Room–Temperature Sub–Nanosecond Emission from Single Nitrogen–Vacancy Centers Coupled to Nanopatch Antennas.” Nano Lett. 18.8 4837–4844 (2018)
- 61 Kandala, A., et. al. “Hardware–efficient variational quantum eigensolver for small molecules and quantum magnets” Nature 549 242–246 (2017)
- 62 Rancic, M., Hedges, M. P., Ahlefeldt, R. L., & Sellars, M. J. “Coherence time of over a second in a telecom–compatible quantum memory storage material”. Nature Physics 14 50–54 (2018)
- 63 Wiseman, H. M. “From Einstein’s theorem to Bell’s theorem: a history of quantum non-locality.” Contemporary Physics 47 79–88 (2006)
- 64 Einstein, A., Podolsky, B., Rosen, N. “Can quantum–mechanical description of physical reality be considered complete?” Phys. Rev. Lett. 47 777 (1935)
- 65 Freedman, S. J., Clauser, J. F. “Experimental Test of Local Hidden–Variable Theories.” Phys. Rev. Lett. 28 938 (1972)
- 66 Aspect, A., Dalibard, J., Roger, G. “Experimental realization of Einstein–Podolsky–Rosen–Bohm Gedankenexperiment: a new violation of Bell’s inequalities.” Phys. Rev. Lett. 49.2 91–94 (1982) doi.org/10.1103/PhysRevLett.49.91
- 67 Weihs, G., et. al. “Violation of Bell’s Inequality under Strict Einstein Locality Conditions.” Phys. Rev. Lett. 81 5039 (1998)
- 68 Rowe, M. A., et. al. “Experimental Violation of a Bell’s Inequality with Efficient Detection.” Nature 409 791 (2001)
- 69 Matsukevich, D. N., et. al. “Bell Inequality Violation with Two Remote Atomic Qubits.” Phys. Rev. Lett. 100 150404 (2008)
- 70 Ansmann, M., et. al. “Decoherence Dynamics of Complex Photon States Violation of Bell’s inequality in Josephson phase qubits.” Nature 461 504 (2009)
- 71 Hofmann, J., et. al. “Heralded entanglement between widely separated atoms.” Science 337 72 (2012)
- 72 Scheidl, T., et. al. “Violation of local realism with freedom of choice.” Proc. Natl. Acad. Sci. 107 19708 (2010)
- 73 Aguero, M. B., Hnilo,A. A., Kovalsky, M. G. “Time–resolved measurement of Bell inequalities and the coincidence loophole.” Phys. Rev. A 86 052121 (2012)
- 74 Giustina, M., et. al. “Bell violation using entangled photons without the fair–sampling assumption.” Nature 497 227 (2013)
- 75 Hensen, B., et. al. “Loophole–free Bell inequality violation using electron spins separated by 1.3 kilometres.” Nature 526 682 (2015)
- 76 Giustina, M., et. al. “Significant-Loophole–Free Test of Bell’s Theorem with Entangled Photons.” Phys. Rev. Lett. 115 250401 (2015)
- 77 Shalm, L. K., et al. “Strong Loophole–Free Test of Local Realism.” Phys. Rev. Lett. 115 250402 (2015)
- 78 Susskind, L. “Copenhagen vs Everett, Teleportation, and ER=EPR.” Progress of Physics 64.6 551–564 (2016)
- 79 Cao, C., Carroll, S. M., Michalakis, S. “Space from Hilbert space: Recovering geometry from bulk entanglement.” Phys. Rev. D 95 024031 (2017)
- 80 Raamsdonk, M., V. “Building up spacetime with quantum entanglement.” General Relativity and Gravitation, 42.10 2323–2329 (2010)
- 81 Susskind, L., Zhao, Y. “Teleportation through the wormhole.” Phys. Rev. D 98 046016 (2018)
- 82 Jiang, W. C., Lu, X., Zhang, J., Painter, O., Lin, Q. “Silicon–chip source of bright photon pairs.” Optics Express 23.16 20884–20904 (2015)
- 83 Silverstone, J. W. et. al. “On–chip quantum interference between silicon photon–pair sources.” Nature Photonics 8 104–108 (2014)
- 84 Autebert, C., et. al. “Electrically Injected Source of Photon Pairs at Room Temperature: Device Performances and Entanglement Generation.” European Conference on Lasers and Electro-Optics - EQEC (2015)
- 85 Horn, R., Abolghasem, P., Bijlani, B. J., Kang, D., Helmy, A. S., Weihs, G. “Monolithic source of photon pairs.” Phys Rev Lett. 108.15 153605 (2012)
- 86 Davoyan, A., Atwater, H. “Quantum nonlinear light emission in metamaterials: broadband Purcell enhancement of parametric downconversion.” Optica 5.5 608–611 (2018)
- 87 Joint Report: Interagency Working Group on Quantum Information Science of the Subcommittee on Physical Sciences. “ADVANCING QUANTUM INFORMATION SCIENCE: NATIONAL CHALLENGES AND OPPORTUNITIES” (accessed July 2018) https://www.whitehouse.gov/sites/whitehouse.gov/files/images/Quantum_Info_Sci_Report_2016_07_22%20final.pdf
- 88 Mayers, D., Yao, A. “Quantum cryptography with imperfect apparatus.” IEEE Proceedings of the 39th Annual Symposium on Foundations of Computer Science 503–509 (1998)
- 89 Acín, A., Brunner, N., Gisin, N., Massar, S., Pironio, S., Scarani, V. “Device–independent security of quantum cryptography against collective attacks.” Phys. Rev. Lett. 98 230501 (2007)
- 90 Pironio, S., Acín, A., Brunner, N., Gisin, N., Massar, S., Scarani, V. “Device–independent quantum key distribution secure against collective attacks.” New Journal of Physics 11 045021 (2009)
- 91 Branciard, C., Cavalcanti, E. G., Walborn, S. P., Scarani, V., Wiseman, H. M. “One–sided device–independent quantum key distribution: Security, feasibility, and the connection with steering.” Phys. Rev. A. 85 010301 (2012)
- 92 Acín, A., Gisin, N., Masanes, L. “From Bell’s Theorem to Secure Quantum Key Distribution.” Phys. Rev. Lett. 97 120405 (2006)
- 93 Liang, Y. C., Vertesi, T., Brunner, N. “Semi–device–independent bounds on entanglement.” Phys. Rev. A. 83 022108 (2011)
- 94 Brunner, N., Cavalcanti, D., Pironio, S., Scarani, V., Wehner, S. “Bell nonlocality.” Rev. Mod. Phys. 86 419 (2014)
- 95 Pironio, S., et. al. “Random numbers certified by Bell’s theorem.” Nature 464 1021–1024 (2010)
- 96 Shin, L. “Bitcoin blockchain technology in financial services: How the disruption will play out.” Forbes (accessed November 2018) https://www.forbes.com/sites/laurashin/2015/09/14/bitcoin- blockchain-technology-in-financial-services-how-the-disruption-will-play-out/67a974bf5edf
- 97 Goorden, S. A., Horstmann, M., Mosk, A. P., korić, B., Pinkse, P. W. H. “Quantum-secure authentication of a physical unclonable key.” Optica 1 421–424 (2014)
- 98 Nikolopoulos, G.M., Diamanti, E. “Continuous–variable quantum authentication of physical unclonable keys.” Scientific Reports 7 46047 (2017)
- 99 Skoric, B. “Security analysis of Quantum–Readout PUFs in the case of challenge–estimation attacks.” Cryptology ePrint Archive (2013) (accessed 5 December) https://eprint.iacr.org/2013/479
- 100 Pappu, R., Recht, B., Taylor, J., Gershenfeld, N. “Physical one-way functions.” Science 297 2026 (2002)
- 101 Pappu, R. “Physical One-Way Functions.” Ph.D. dissertation Massachusetts Institute of Technology (2001)
- 102 van Putten, E. G. “Disorder–enhanced imaging with spatially controlled light.” Ph.D. Thesis University of Twente (2011)
- 103 Wootters, W. K., Zurek, W. H. “A single quantum cannot be cloned.” Nature 299 802–803 (1982) doi: 10.1038/299802a0
- 104 Douceur, J. R. “The sybil attack.” Peer-to-peer Systems 251–260 (2002)
- 105 No author. “Cryptocurrency Standards”. Tresor Wiki (accessed October 2018) https://wiki.trezor.io/Cryptocurrency_standards
- 106 Wiseman, H. M., Jones, S. J., Doherty, A. C. “Steering, entanglement, nonlocality, and the EPR paradox.” Phys. Rev. Lett. 98 140402 (2007)
- 107 Evans, D. A., Cavalcanti, E. G., Wiseman, H. M. “Loss–Tolerant Tests Of Einstein–Podolsky–Rosen Steering.” Phys. Rev. A. 88 022106 (2013)
- 108 Saunders, D. J., Jones, S. J., Wiseman, H. M., Pryde, G. J. “Experimental EPR–steering using Bell–local states.” Nat. Phys. 76 845–849 (2010)
- 109 Zhang, F., Eyal, I., Escriva, R., Juels, A., van Renesse, R. “REM: Resource–Efficient Mining for Blockchains.” USENIX Security (2017)
- 110 Lamport, L., Shostak, R., Pease, M. “The Byzantine generals problem.” ACM Trans. Program. Lang. Syst. 4 382–401 (1982)
- 111 Decker, C., Seidel, J., Wattenhofer, R. “Bitcoin meets strong consistency”. In 17th International Conference on Distributed Computing and Networking (2016)
- 112 Schneier, F. B. “Implementing fault–tolerant services using the state machine approach: A tutorial.” ACM Comput. Surv. 22.4 299–319 (1990)
- 113 Dwork, C., Lynch, N., Stockmeyer, L. “Consensus in the presence of partial synchrony.” J. ACM 35 (1988)
- 114 Vukolić, M. “The Quest for Scalable Blockchain Fabric: Proof-of-Work vs. BFT Replication.” In Camenisch, J., Kesdoğan, D., Open Problems in Network Security, Springer, Cham, 112–125, (2016).
- 115 Xavier, D., Schiper, A., Urbań, P. “Total order broadcast and multi- cast algorithms: Taxonomy and survey.” ACM Comput. Surv. 36.4 372–421 (2004)
- 116 Clauser, J. F., Horne, M. A., Shimony, A., Holt, R. A. “Proposed Experiment to Test Local Hidden–Variable Theories.” Phys. Rev. Lett. 23.15 880–884 (1969)
- 117 Jones, S. J., Wiseman, H. M., Doherty, A. C. “Entanglement, Einstein–Podolsky–Rosen correlations, Bell nonlocality, and steering.” Phys. Rev. A. 76 052116 (2007)
- 118 Bennet, A. J., et. al. “Arbitrarily Loss–Tolerant Einstein–Podolsky–Rosen Steering Allowing a Demonstration over 1km of Optical Fiber with No Detection Loophole.” Phys. Rev. X 2 031003 (2012)
- 119 Wollmann, S., Bennet, A. J., Walk, N., Wiseman, H. M., Pryde, G. J. “Observation of Genuine One–Way Einstein–Podolsky–Rosen Steering.” Phys. Rev. Lett. 116 160403 (2016)
- 120 Jiang, W. C., Lu,X., Zhang, J., Painter, O., Lin, Q. “Silicon–chip source of bright photon pairs.” Optics Express 23.16 20884 (2015) doi: 10.1364/OE.23.020884
- 121 Friedman, R. A., Hänggi, E., Ta–Shma, A. “Towards the Impossibility of Non–Signalling Privacy Amplification from Time–Like Ordering Constraints.” arXiv (2012) (accessed 14 January 2019) https://arxiv.org/abs/1205.3736v1
- 122 Bell, J. S. “On the Einstein–Podolsky–Rosen paradox.” Physics (Long Island City, N.Y.) 1 195 (1964)
- 123 Schneier, B. Liars and Outliers. Enabling the Trust that Society Needs to Thrive Indianapolis, Indiana: John Wiley & Sons, Inc. 61–123 (2012)
- 124 Werbach, K. The Blockchain and the New Architecture of Trust Cambridge, MA: MIT Press 25–28 (2018)
- 125 Schneier, B. “Blockchain and Trust.” Schneier On Security (accessed 16 February 2019) https://www.schneier.com/blog/archives/2019/02/blockchain_and_.html
- 126 Kiktenko, E. O., et. al. “Quantum-secured blockchain.” Quantum Sci. Technol. 3 035004 (2018) doi:10.1088/2058-9565/aabc6b
- 127 Gottesman, D., Chuang, I. “Quantum Digital Signatures.” arXiv:quant-ph/0105032 (2001)
- 128 Lo, H. K., Curty, M., Qi, B. “Measurement–Device–Independent Quantum Key Distribution.” Phys. Rev. Lett., 108 130503 (2012)
- 129 Smania, M., Elhassan, A. M., Tavakoli, A., Bourennane, M. “Experimental quantum multiparty communication protocols.” NPJ Quantum Information 2 16010 (2016)
- 130 Fitzi, M., Gisin, N., Maurer, U. “Quantum solution to the Byzantine agreement problem.” Phys. Rev. Lett. 87 217901 (2001)
- 131 Bancal, J D., Brunner, N., Gisin, N., Liang, Y. C. “Detecting Genuine Multipartite Quantum Nonlocality: A Simple Approach and Generalization to Arbitrary Dimensions.” Phys. Rev. Lett. 106 020405 (2011)
- 132 Brunner, N., Sharam, J., Vértesi, T. “Testing the Structure of Multipartite Entanglement with Bell Inequalities.” Phys. Rev. Lett. 108 110501 (2012)
- 133 Kocsis, S., Hall, M. J. W., Bennet, A. J., Saunders, D. J., Pryde, G. J. ”Experimental measurement–device–independent verification of quantum steering.” Nature Comms. 6 5886 (2015) doi: https://doi.org/10.1038/ncomms6886
- 134 Reichardt, B. W., Unger, F., Vazirani, U. “A classical leash for a quantum system: Command of quantum systems via rigidity of CHSH games” arXiv:1209.0448 (2012)
- 135 Gheorghiu, A., Wallden, P., Kashefi, E. “Rigidity of quantum steering and one–sided device–independent verifiable quantum computation.” New Journal of Physics, 19 (2017)
- 136 Mahadev, U. “Classical Homomorphic Encryption for Quantum Circuits.” arXiv (accessed 15 December 2018) https://arxiv.org/abs/1708.02130v4
- 137 Ursin, R. et. al. “Entanglement–Based Quantum Communication over 144 km.” Nature Phys. 3 481–486 (2007) doi: 10.1038/nphys629
- 138 Aspelmeyer, M., Jennewein, T., Pfennigbauer, M., Leeb, W. R., Zeilinger, A. “Long–Distance Quantum Communication with Entangled Photons Using Satellites.” IEEE J. Sel. Top. Quantum Electron. 9.6 1541–1551 (2003) doi: 10.1109/JSTQE.2003.820918
- 139 No author. “Framework for Improving Critical Infrastructure Cybersecurity.” National Institute of Standards and Technology (accessed October 2018) https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
- 140 “Security Tenets for Life Critical Embedded Systems.” Department of Homeland Security (accessed October 2018) https://www.dhs.gov/sites/default/files/publications/security-tenets-lces-paper-11-20-15-508.pdf
- 141 Goorden, S. A., Horstmann,M., Mosk, A. P., Skoric, B., Pinkse, P. W. H. ”Quantum–secure authentication of a physical unclonable key: supplementary material.” Optica 1 421–424 (2014)
- 142 Skoric, B. “Quantum readout of Physical Unclonable Functions: Remote authentication without trusted readers and authenticated Quantum Key Exchange without initial shared secrets.” eprint.iacr.org/2009/369, (2009)
- 143 No author. “Challenge Response Authentication.” Wiipedia (accessed June 2018) https://en.wikipedia.org/wiki/Challenge%E2%80%93response_authentication
- 144 Ling, A., Wildfeuer, C., Scarani, V. “A note on quantum safe symmetric key growing.” arXiv:1707.02766v1 (2017)
- 145 Pearle, P. M. “Hidden-variable example based upon data rejection.” Phys. Rev. D. 2 14181425 (1970)
- 146 Bell, J. S. “Speakable and Unspeakable in Quantum Mechanics.” Cambridge, Cambridge University Press (1987)
- 147 Gallicchio, J., Friedman, A. S., Kaiser, D. I. “Testing Bell’s inequality with cosmic photons: closing the setting–independence loophole.” Phys. Rev. Lett. 112 110405 (2014)
