Abstract
We discuss the security implications of noise for quantum coin tossing protocols. We find that if quantum error correction can be used, so that noise levels can be made arbitrarily small, then reasonable security conditions for coin tossing can be framed so that results from the noiseless case will continue to hold. If, however, error correction is not available (as is the case with present day technology), and significant noise is present, then tossing a single coin becomes problematic. In this case, we are led to consider random n-bit string generation in the presence of noise, rather than single-shot coin tossing. We introduce precise security criteria for n-bit string generation and describe an explicit protocol that could be implemented with present day technology. In general, a cheater can exploit noise in order to bias coins to their advantage. We derive explicit upper bounds on the average bias achievable by a cheater for given noise levels.
- Received 31 March 2003
DOI:https://doi.org/10.1103/PhysRevA.69.022322
©2004 American Physical Society