1 / 82

Infinite Randomness Expansion with a Constant Number of Devices

Infinite Randomness Expansion with a Constant Number of Devices. Matthew Coudron , Henry Yuen MIT EECS arXiv 1310.6755. Goal: Testing RNG’s …. Goal: Testing RNG’s …. … in a “black box” manner. Goal: Testing RNG’s …. … in a “black box” manner

arty
Download Presentation

Infinite Randomness Expansion with a Constant Number of Devices

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Infinite Randomness Expansion with a Constant Number of Devices Matthew Coudron, Henry Yuen MIT EECS arXiv 1310.6755

  2. Goal: Testing RNG’s …

  3. Goal: Testing RNG’s … … in a “black box” manner

  4. Goal: Testing RNG’s … … in a “black box” manner • “Stealthy Dopant-Level Hardware Trojans” [Becker, Regazzoni, Paar, Burleson 2013]

  5. With interactive proofs … Test = T(S, O) … we still can’t test that (classical) provers are producing randomness. Problem: All prover strategies are contained in the convex hull of deterministic strategies (linearity of expectation).

  6. The CHSH game (Bell’s Theorem - 1964)

  7. The CHSH game (Bell’s Theorem - 1964)

  8. The CHSH game (Bell’s Theorem - 1964)

  9. Randomness Expansion • Roger Colbeck – PhD Thesis, 2006

  10. Randomness Expansion • Roger Colbeck – PhD Thesis, 2006 A B

  11. Randomness Expansion a = 1 b = 1 • Roger Colbeck – PhD Thesis, 2006 A B

  12. Randomness Expansion a = 1 b = 1 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B

  13. Randomness Expansion a = 0 b = 0 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B

  14. Randomness Expansion a = 0 b = 0 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B

  15. Randomness Expansion a = 1 b = 1 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B

  16. Randomness Expansion a = 1 b = 0 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B O = Output

  17. Randomness Expansion a = 1 b = 0 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B Test O = Output

  18. Randomness Expansion a = 1 b = 0 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B Test Pass O = Output

  19. Randomness Expansion a = 1 b = 0 • Roger Colbeck – PhD Thesis, 2006 • Serial rounds “Query and Response” A B Fail Fail Test Pass O = Output

  20. Randomness Expansion VV Protocol [Vazirani, Vidick ‘11] • Exponential expansion n bit seed -> O has Min Entropy • Secure against quantum eavesdropper a = 1 b = 0 A B O = Output

  21. Randomness Expansion VV Protocol [Vazirani, Vidick ‘11] • Exponential expansion n bit seed -> O has Min Entropy • Secure against quantum eavesdropper a = 1 b = 0 A B O = Output

  22. Randomness Expansion VV Protocol [Vazirani, Vidick ‘11] • Exponential expansion n bit seed -> (O) • Secure against quantum eavesdropper a = 1 b = 0 A B O = Output

  23. Randomness Expansion VV Protocol [Vazirani, Vidick ‘11] • Exponential expansion n bit seed -> (O) • Secure against quantum eavesdropper a = 1 b = 0 A B O = Output

  24. Randomness Expansion VV Protocol [Vazirani, Vidick ‘11] • Exponential expansion n bit seed -> (O) • Secure against quantum eavesdropper a = 1 b = 0 A B E O = Output

  25. Randomness Expansion VV Protocol [Vazirani, Vidick ‘11] • Exponential expansion n bit seed -> (O) • Secure against quantum eavesdropper ≈ ⊗ ≈ ⊗ a = 1 b = 0 A B E O = Output

  26. Question What is the greatest possible rate of randomness expansion? Exponential? Higher?

  27. Question What is the greatest possible rate of randomness expansion? Exponential? Higher? Doubly exponential upper bound for analysis of existing non-adaptive protocols. [C, Vidick, Yuen]

  28. Question What is the greatest possible rate of randomness expansion? Exponential? Higher? Doubly exponential upper bound for analysis of existing non-adaptive protocols. [C, Vidick, Yuen] Our Result: Infinite randomness expansion with 8 devices. (We can also do 6)

  29. Compose? a = 1 b = 0 A B EXTRACTOR O

  30. Compose? a = 1 b = 0 A B EXTRACTOR O

  31. Compose? EXTRACTOR a = 1 a = 1 b = 0 b = 0 A B A B EXTRACTOR O O

  32. Compose? Group 2 Group 1 A B A B EXTRACTOR O2 O1

  33. Compose? Group 2 Group 1 A B A B EXTRACTOR O2 O1 Secure Against Eavesdropper

  34. Compose? Group 2 Group 1 A B A B E EXTRACTOR O2 O1 Secure Against Eavesdropper

  35. Compose? Group 2 Group 1 A B A B E EXTRACTOR O2 O1 Secure Against Eavesdropper ≈ ⊗ ≈ ⊗

  36. Alternate? Group 2 Group 1 EXTRACTOR A B A B EXTRACTOR O2

  37. Alternate? Group 2 Group 1 EXTRACTOR A B A B EXTRACTOR O2

  38. Alternate? Group 2 Group 1 EXTRACTOR A B A B EXTRACTOR O2 Secure Against Eavesdropper

  39. Alternate? Group 2 Group 1 EXTRACTOR A B A B E EXTRACTOR O2 Secure Against Eavesdropper

  40. Alternate? Group 2 Group 1 EXTRACTOR A B A B E EXTRACTOR O2 Secure Against Eavesdropper ≈ ⊗ ≈ ⊗

  41. Alternate? Group 2 Group 1 EXTRACTOR A B A B E EXTRACTOR O2 Secure Against Eavesdropper ≈ ⊗ ≈ ⊗

  42. Compose? Group 2 Group 1 A B A B EXTRACTOR O2 O1

  43. Alternate? Group 2 Group 1 EXTRACTOR A B A B E EXTRACTOR O2 Secure Against Eavesdropper ≈ ⊗ ≈ ⊗

  44. Alternate? Group 2 Group 1 EXTRACTOR A B A B E EXTRACTOR O2 Secure Against Eavesdropper ≈ ⊗ ≈ ⊗

  45. Input Security Secure Against Q. Eavesdropper “Input Secure” • Provably input secure randomness expansion protocol Infinite randomness expansion. • Can we obtain input security in a randomness expansion protocol? • Randomness Extractors are provably not input secure. ≈ ⊗ ≈ ⊗

  46. Input Security Secure Against Q. Eavesdropper “Input Secure” • Provably input secure randomness expansion protocol Infinite randomness expansion. • Can we obtain input security in a randomness expansion protocol? • Randomness Extractors are provably not input secure. ≈ ⊗ ≈ ⊗

  47. Input Security Secure Against Q. Eavesdropper “Input Secure” • Provably input secure randomness expansion protocol Infinite randomness expansion. • Can we obtain input security in a randomness expansion protocol? • Randomness Extractors are provably not input secure. ≈ ⊗ ≈ ⊗

  48. A New Tool a = 1 b = 0 [Reichardt, Unger, Vazirani 2012] “RUV” Protocol • Device Independent protocol • Gives a test for special structure in the devices’ strategy. • Certifies that devices are employing the ideal CHSH strategy in certain rounds. A B

  49. Input Secure? a = 1 b = 0 The RUV protocol seems Input Secure! . A B

  50. Input Secure? a = 1 b = 0 The RUV protocol seems Input Secure! . A B

More Related