Universally Composable Privacy Amplification Against Quantum Adversaries

  • Renato Renner
  • Robert König
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3378)


Privacy amplification is the art of shrinking a partially secret string Z to a highly secret key S. We show that, even if an adversary holds quantum information about the initial string Z, the key S obtained by two-universal hashing is secure, according to a universally composable security definition. Additionally, we give an asymptotically optimal lower bound on the length of the extractable key S in terms of the adversary’s (quantum) knowledge about Z. Our result has applications in quantum cryptography. In particular, it implies that many of the known quantum key distribution protocols are universally composable.


Density Operator Shannon Entropy Quantum Cryptography Random State Quantum Operation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Ambainis, A., Schulman, L.J., Ta-Shma, A., Vazirani, U., Wigderson, A.: The quantum communication complexity of sampling. In: Proceedings of the 39th Annual Symposium on Foundations of Computer Science, pp. 342–351 (1998)Google Scholar
  2. 2.
    Ben-Or, M.: Security of BB84 QKD Protocol (2002), Slides available at
  3. 3.
    Ben-Or, M., Horodecki, M., Leung, D., Mayers, D., Oppenheim, J.: Composability of QKD (2002), Slides available at (Part II)
  4. 4.
    Ben-Or, M., Horodecki, M., Leung, D.W., Mayers, D., Oppenheim, J.: The universal composable security of quantum key distribution. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 386–406. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Ben-Or, M., Mayers, D.: Quantum universal composability (2002), Slides available at
  6. 6.
    Ben-Or, M., Mayers, D.: General security definition and composability for quantum & classical protocols (2004), Available at
  7. 7.
    Bennett, C.H.: Quantum cryptography using any two nonorthogonal states. Physical Review Letters 68(21), 3121–3124 (1992)zbMATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Bennett, C.H., Brassard, G.: Quantum cryptography: Public-key distribution and coin tossing. In: Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, pp. 175–179 (1984)Google Scholar
  9. 9.
    Bennett, C.H., Brassard, G., Crépeau, C., Maurer, U.: Generalized privacy amplification. IEEE Transaction on Information Theory 41(6), 1915–1923 (1995)zbMATHCrossRefGoogle Scholar
  10. 10.
    Bennett, C.H., Brassard, G., Robert, J.-M.: Privacy amplification by public discussion. SIAM Journal on Computing 17(2), 210–229 (1988)CrossRefMathSciNetGoogle Scholar
  11. 11.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science, pp. 136–145 (2001)Google Scholar
  12. 12.
    Carter, J.L., Wegman, M.N.: Universal classes of hash functions. Journal of Computer and System Sciences 18, 143–154 (1979)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Christandl, M., Renner, R., Ekert, A.: A generic security proof for quantum key distribution. (February 2004), Available at
  14. 14.
    Csiszár, I., Körner, J.: Broadcast channels with confidential messages. IEEE Transactions on Information Theory 24, 339–348 (1978)zbMATHCrossRefGoogle Scholar
  15. 15.
    Devetak, I., Winter, A.: Distillation of secret key and entanglement from quantum states (June 2003), Available at
  16. 16.
    DiVincenzo, D., Horodecki, M., Leung, D., Smolin, J., Terhal, B.: Locking classical correlation in quantum states. Physical Review Letters 92, 67902 (2004)CrossRefGoogle Scholar
  17. 17.
    Dziembowski, S., Maurer, U.: Optimal randomizer efficiency in the bounded-storage model. Journal of Cryptology 17(1), 5–26 (2004); Conference version appeared in Proc. of STOC 2002zbMATHCrossRefMathSciNetGoogle Scholar
  18. 18.
    Gottesman, D., Lo, H.-K.: Proof of security of quantum key distribution with two-way classical communications. IEEE Transactions on Information Theory 49(2), 457–475 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    Hayden, P., Leung, D., Shor, P.W., Winter, A.: Randomizing quantum states: Constructions and applications. Communications in Mathematical Physics 250(2), 371–391 (2004)zbMATHCrossRefMathSciNetGoogle Scholar
  20. 20.
    Horn, R.A., Johnson, C.R.: Matrix analysis. Cambridge University Press, Cambridge (1985)zbMATHGoogle Scholar
  21. 21.
    Impagliazzo, R., Levin, L.A., Luby, M.: Pseudo-random generation from one-way functions (extended abstract). In: Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing, pp. 12–24 (1989)Google Scholar
  22. 22.
    König, R., Maurer, U., Renner, R.: On the power of quantum memory (May 2003), Available at
  23. 23.
    Kraus, B., Gisin, N., Renner, R.: Lower and upper bounds on the secret key rate for QKD protocols using one-way classical communication (2004), Available at
  24. 24.
    Maurer, U.M.: Secret key agreement by public discussion from common information. IEEE Transactions on Information Theory 39(3), 733–742 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  25. 25.
    Nielsen, M.A.: Majorization and its applications to quantum information theory (June 1999), Available at
  26. 26.
    Nielsen, M.A., Chuang, I.L.: Quantum computation and quantum information. Cambridge University Press, Cambridge (2000)zbMATHGoogle Scholar
  27. 27.
    Pfitzmann, B., Waidner, M.: Composition and integrity preservation of secure reactive systems. In: 7th ACM Conference on Computer and Communications Security, pp. 245–254. ACM Press, New York (2000)CrossRefGoogle Scholar
  28. 28.
    Renner, R., Wolf, S.: Smooth Rényi entropy and applications. In: Proceedings of the 2004 IEEE International Symposium on Information Theory, p. 233 (2004)Google Scholar
  29. 29.
    Rényi, A.: On measures of entropy and information. In: Proceedings of the 4th Berkeley Symp. on Math. Statistics and Prob., vol. 1, pp. 547–561. Univ. of Calif. Press, Berkeley (1961)Google Scholar
  30. 30.
    Unruh, D.: Simulatable security for quantum protocols (2004), Available at
  31. 31.
    Wegman, M.N., Carter, J.L.: New hash functions and their use in authentication and set equality. Journal of Computer and System Sciences 22, 265–279 (1981)zbMATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Renato Renner
    • 1
  • Robert König
    • 1
  1. 1.Swiss Federal Institute of Technology (ETH)ZürichSwitzerland

Personalised recommendations