A robust and composable device-independent protocol for oblivious transfer using (fully) untrusted quantum devices in the bounded storage model

TL;DR

This paper introduces a robust, device-independent quantum protocol for oblivious transfer that is secure against joint quantum attacks, works with untrusted devices, and is suitable for real-world noisy quantum devices.

Contribution

It provides the first robust, composable DI oblivious transfer protocol secure against joint quantum attacks, with a novel parallel repetition theorem for entangled games.

Findings

Protocol is secure with negligible errors in the NISQ era.

Achieves robustness against small device imperfections.

Proves a new parallel repetition theorem for entangled games.

Abstract

We present a robust and composable device-independent (DI) quantum protocol between two parties for oblivious transfer (OT) using Magic Square devices in the bounded storage model in which the (honest and cheating) devices and parties have no long-term quantum memory. After a fixed constant (real-world) time interval, referred to as DELAY, the quantum states decohere completely. The adversary (cheating party), with full control over the devices, is allowed joint (non-IID) quantum operations on the devices, and there are no time and space complexity bounds placed on its powers. The running time of the honest parties is polylog({\lambda}) (where {\lambda} is the security parameter). Our protocol has negligible (in {\lambda}) correctness and security errors and can be implemented in the NISQ (Noisy Intermediate Scale Quantum) era. By robustness, we mean that our protocol is correct even when devices are slightly off (by a small constant) from their ideal specification. This is an important property since small manufacturing errors in the real-world devices are inevitable. Our protocol is sequentially composable and, hence, can be used as a building block to construct larger protocols (including DI bit-commitment and DI secure multi-party computation) while still preserving correctness and security guarantees. None of the known DI protocols for OT in the literature are robust and secure against joint quantum attacks. This was a major open question in device-independent two-party distrustful cryptography, which we resolve. We prove a parallel repetition theorem for a certain class of entangled games with a hybrid (quantum-classical) strategy to show the security of our protocol. The hybrid strategy helps to incorporate DELAY in our protocol. This parallel repetition theorem is a main technical contribution of our work.