Metger Tony, Fawzi Omar, Sutter David, Renner Renato
Institute for Theoretical Physics, ETH Zurich, 8093 Zurich, Switzerland.
Univ Lyon, Inria, ENS Lyon, UCBL, LIP, 69342 Lyon, France.
Commun Math Phys. 2024;405(11):261. doi: 10.1007/s00220-024-05121-4. Epub 2024 Oct 12.
Consider a sequential process in which each step outputs a system and updates a side information register . We prove that if this process satisfies a natural "non-signalling" condition between past outputs and future side information, the min-entropy of the outputs conditioned on the side information at the end of the process can be bounded from below by a sum of von Neumann entropies associated with the individual steps. This is a generalisation of the entropy accumulation theorem (EAT) (Dupuis et al. in Commun Math Phys 379: 867-913, 2020), which deals with a more restrictive model of side information: there, past side information cannot be updated in subsequent rounds, and newly generated side information has to satisfy a Markov condition. Due to its more general model of side-information, our generalised EAT can be applied more easily and to a broader range of cryptographic protocols. As examples, we give the first multi-round security proof for blind randomness expansion and a simplified analysis of the E91 QKD protocol. The proof of our generalised EAT relies on a new variant of Uhlmann's theorem and new chain rules for the Rényi divergence and entropy, which might be of independent interest.
考虑一个顺序过程,其中每一步都输出一个系统并更新一个辅助信息寄存器。我们证明,如果这个过程满足过去输出与未来辅助信息之间的自然“无信号”条件,那么在过程结束时,输出关于辅助信息的最小熵可以由与各个步骤相关的冯·诺依曼熵之和从下方界定。这是熵积累定理(EAT)(Dupuis等人,《数学物理通讯》379:867 - 913,2020)的推广,该定理处理的是一种对辅助信息限制更强的模型:在那里,过去的辅助信息在后续轮次中不能更新,并且新生成的辅助信息必须满足马尔可夫条件。由于我们的广义EAT对辅助信息的模型更通用,它可以更轻松地应用于更广泛的密码协议。作为示例,我们给出了盲随机数扩展的首个多轮安全性证明以及对E91量子密钥分发协议的简化分析。我们广义EAT的证明依赖于乌尔曼定理的一个新变体以及关于雷尼散度和熵的新链式法则,这可能具有独立的研究价值。
