Limits of privacy amplification against non-signalling memory attacks

The task of privacy amplification, in which Alice holds some partially secret information with respect to an adversary Eve and wishes to distill it until it is completely secret, is known to be solvable almost optimally in both the classical and quantum worlds. Unfortunately, when considering an adversary who is limited only by nonsignalling constraints such a statement cannot be made in general. We consider systems which violate the chained Bell inequality and prove that under the natural assumptions of a time-ordered non-signalling system, which allow past subsystems to signal future subsystems (using the device’s memory for example), super-polynomial privacy amplification by any hashing is impossible. This is of great relevance when considering practical device independent key distribution protocols which assume a super-quantum adversary. Full paper: Physical Review A, Vol.86, No.6. DOI: 10.1103/PhysRevA.86.062333 http://pra.aps.org/abstract/PRA/v86/i6/e062333 Motivation the path to protocols with minimal assumptions As already quite known, due to the difficulty in fully characterising the device on which a protocol is being executed one would like to consider device independent protocols, for which the security proof is not based on the internal functioning of the device. An example for this is the scenario of device independent quantum key distribution (DIQKD). In DIQKD we assume that the system on which the protocol is being executed was made and given to the honest parties Alice and Bob by a malicious adversary Eve. We therefore ought to consider the system, which we know nothing about, as a black box, and impose no assumptions on it. Taking another step forward in constructing a protocol with minimal assumptions, one can also consider removing the assumption that the adversary is limited by quantum physics and instead consider a non-signalling adversary. When considering the presence of a non-signalling adversary we assume that the only thing which limits the adversary is the non-signalling principle. That is, the adversary has super-quantum power; however, if Alice and Bob enforce some local non-signalling constraints on their devices then these cannot be broken by the adversary. Such constraints can be enforced by shielding and isolating the devices or by placing them in a space-like separated way. For example, if Alice and Bob perform their measurements in a space-like separated way, then according to relativity theory, Alice cannot use her system in order to signal Bob and vice-versa. Time-ordered non-signalling conditions Is it possible to construct such DIQKD protocols when considering a non-signalling adversary? It appears that the answer depends on the specific local non-signalling conditions that Alice and Bob enforce on the system. It was proven in [1, 2] that if Alice and Bob enforce full non-signalling conditions, i.e., any subsystem cannot signal any other subsystem, then DIQKD is possible. The main drawback is that the full non-signalling conditions are hard to enforce (shielding each subsystem is impractical for example), and therefore such protocols are impractical. On the other extreme, it was already proven in [3] that the task of privacy amplification, which is easier than QKD, is impossible if we impose non-signalling conditions only between Alice and Bob, i.e., Alice and Bob cannot signal each other, while signalling within their systems is possible. A more realistic non-signalling condition that one can consider is that in addition to the non-signalling condition between Alice and Bob, within the system of the parties signalling is possible only from the past to the future and not the other way around. These time-ordered non-signalling conditions are natural assumptions when considering a protocol in which Alice and Bob each use just one device with memory. In that case, the inputs and outputs of past measurements (which were saved in the memory of the device) can affect the outputs of future measurements.