Device-independent quantum key distribution from computational assumptions

TL;DR

This paper introduces a new DIQKD protocol that remains secure even if device components communicate arbitrarily, replacing the no-communication assumption with a computational assumption from post-quantum cryptography.

Contribution

It replaces the no-communication assumption in DIQKD with a computational assumption, enabling security against communicating devices under standard cryptographic assumptions.

Findings

Secure keys generated despite quantum communication between device parts

Protocol relies on computational hardness during execution, but achieves information-theoretic security at the end

Advances practical implementation of DIQKD by relaxing communication constraints

Abstract

In device-independent quantum key distribution (DIQKD), an adversary prepares a device consisting of two components, distributed to Alice and Bob, who use the device to generate a secure key. The security of existing DIQKD schemes holds under the assumption that the two components of the device cannot communicate with one another during the protocol execution. This is called the no-communication assumption in DIQKD. Here, we show how to replace this assumption, which can be hard to enforce in practice, by a standard computational assumption from post-quantum cryptography: we give a protocol that produces secure keys even when the components of an adversarial device can exchange arbitrary quantum communication, assuming the device is computationally bounded. Importantly, the computational assumption only needs to hold during the protocol execution -- the keys generated at the end of the protocol are information-theoretically secure as in standard DIQKD protocols.