Limitations for private randomness repeaters

Cryptographic protocols are often based on the two main resources: private randomness and private key. In this paper, we develop the relationship between these two resources. First, we show that any state containing perfect, directly accessible, private key (a private state) is a particular case of the state containing perfect, directly accessible, private randomness (an independent state). We then demonstrate a fundamental limitation on the possibility of transferring the privacy of random bits in quantum networks with an intermediate repeater station. More precisely, we provide an upper bound on the rate of repeated randomness in this scenario, similar to the one derived for private key repeaters. This bound holds for states with positive partial transposition. We further demonstrate the power of this upper bound by showing a gap between the localizable and the repeated private randomness for separable Werner states. In the case of restricted class of operations, we provide also a bound on repeated randomness which holds for arbitrary states.

Figure 1

Onion structure of quantum states containing ideal privacy. The singlet state is an example of a private state. The set of private states is a proper subset of the set of independent states. The state $|+\rangle$ is an independent state, which is not a private state.

Figure 2

Depiction of the limitation for private randomness in the context of network repeaters. Part (a) depicts redistribution of loyalty in the network via entanglement swapping: on the LHS $A$ trusts $C$ and $C$ trusts $B$, as depicted by the green arrows. On the RHS $A$ trusts $B$ only [2]. Part (b) shows that for any $\epsilon >0$ there exist states with positive partial transposition, that have almost 1 bit of secure key $K_D$ each. However, there is no LOCC protocol between three parties that outputs an approximate private state with more than $\lfloor n\epsilon \rfloor$ bits of key [7]. Part (c) depicts the result of this paper, in analogy to the case (b): for any $\epsilon >0$, there exist states that have almost 1 bit of private randomness, but there is no $\mathrm{CLODCC}$ protocol between three parties that outputs an independent state with more than $\lfloor n\epsilon \rfloor$ bits of private randomness.

Figure 3

Depiction of the considered scenario. All three parties can perform locally unitary transformations, and can send a system down a dephasing channel to the other parties. Their task is to distill independent states shared by $A$ and $B$.

Figure 4

Values of $d_{\mathrm{cri}}$ as the parameter $\alpha$ increases from 0.1 by steps of 0.05. It is worth mentioning some special values, such as $\alpha =0.1$, for which the $d_{\mathrm{cri}}$ takes a very large value of 51, and $\alpha \in \{0.2,0.5\}$ that determine sudden drops of $d_{\mathrm{cri}}$ to the values $\left\{5,2\right\}$, respectively.

Figure 5

Plots of information vs dimension show the values of $I{\left(A:B\right)}_{\rho }$ (blue line) and $2I{\left(A:B\right)}_{{\rho }^{\mathrm{\Gamma }}}$ (orange line) for several values of $\alpha$, starting with $\alpha =0.1$ in the upper left corner and increasing by steps of 0.1 until $\alpha =0.9$ in the bottom right corner. The solid area highlights the gap between $I{\left(A:B\right)}_{\rho }$ and $2I{\left(A:B\right)}_{{\rho }^{\mathrm{\Gamma }}}$.