Device-independent quantum cryptography with input leakage
Víctor Zapatero, Marcos Curty
Abstract
Device-independence is the gold standard of quantum cryptography. To meet this standard, a central assumption is that no information leakage occurs during protocol execution. We relax this assumption by analyzing CHSH-based randomness certification and key distribution with partial leakage of the inputs, modeled in terms of a noisy channel. Our results quantify the certifiable local randomness and the secret key rate as a function of the magnitude of the input leakage.
AI Impact Assessments
(3 models)Scientific Impact Assessment
Core Contribution
This paper addresses a fundamental practical concern in device-independent (DI) quantum cryptography: what happens when the protocol inputs (measurement settings) partially leak to an adversary during execution. The authors analyze two core DI protocols—randomness generation (DIRG) and quantum key distribution (DIQKD)—in the CHSH scenario where input leakage is modeled as a noisy channel. The main technical contribution is a semidefinite programming (SDP) framework that computes Eve's guessing probability (for DIRG) and the asymptotic secret key rate (for DIQKD) as a function of the leakage magnitude, parameterized by the crossover probability of a symmetric channel.
The key novelty lies in providing the first explicit security analysis of DIQKD with input leakage—a problem previously suggested in the literature but never formally addressed. The framework is "plug-and-play" in the sense that it accommodates arbitrary leakage channel statistics.
Methodological Rigor
The technical approach is sound and builds on well-established tools in the DI cryptography literature. The authors:
1. Formalize the leakage model within the measurement-dependence framework, specifically the causal/independent-sources variant, where independent leakage variables U and V correlate with inputs X and Y respectively. This is physically well-motivated (e.g., electromagnetic side-channels from RNGs).
2. Reduce the optimization complexity through a clever behavior reduction trick, collapsing 8 subnormalized behaviors into 4 normalized ones via bit-flip symmetry—a standard but non-trivial simplification.
3. Provide explicit SDP formulations using the NPA hierarchy (level 1+AB), with a detailed proof (Proposition 1) of the moment matrix structure. The choice of 1+AB is justified by noting it reproduces the known analytical bound (Eq. 6) in the no-leakage limit.
4. Establish connections to biased CHSH games, deriving quantum bounds (Eq. C6) and an analytical guessing probability formula (Eq. C8) for the case of biased Alice inputs with uniform Bob inputs.
A notable limitation in rigor is that the analysis is restricted to the i.i.d./collective attack scenario and asymptotic regime. The authors acknowledge this and point to entropy accumulation as a path forward, but the gap between asymptotic i.i.d. results and composable finite-size security against general attacks remains significant. Additionally, the NPA relaxation at level 1+AB is not proven tight in the leakage setting (only in the zero-leakage case), so the reported bounds are technically outer approximations.
Potential Impact
Practical relevance: Input leakage through hardware side-channels is a realistic concern in any physical implementation of DI protocols. The paper provides a quantitative framework to assess how much such leakage degrades security, which is directly useful for experimental groups implementing DIQKD (e.g., the recent demonstrations cited in refs [17-20]).
Theoretical value: The connection between input leakage and biased CHSH games (Appendix C) provides useful conceptual insight. The threshold result—that for binary symmetric leakage with ε ≤ 1 - 1/√2 ≈ 0.293, no randomness can be certified—gives a sharp boundary for when DI protocols fundamentally fail under this type of leakage.
Scope of influence: The results are somewhat specialized to the CHSH scenario with specific leakage models. Broader impact would require extensions to other Bell inequalities, multipartite settings, and general (not fully characterized) leakage channels. The authors note these as future directions.
Timeliness & Relevance
The paper is timely given the recent wave of experimental DIQKD demonstrations (2022-2026). As these experiments move toward practical deployment, understanding the robustness of DI protocols to realistic imperfections—including side-channel leakage—becomes increasingly important. The paper fills a specific gap: while output leakage was addressed in [38], input leakage in DIQKD had not been formally treated despite being flagged as an open problem in multiple prior works.
The concurrent work of Ramanathan & Liu [34] tackles a related but distinct problem (relaxing parameter-independence rather than measurement-independence), suggesting this is an active area where multiple groups are converging.
Strengths
Limitations
Overall Assessment
This is a competent and clearly written paper that addresses a well-motivated problem with appropriate technical tools. It fills an acknowledged gap in the DI cryptography literature by providing the first quantitative security analysis of DIQKD with input leakage. However, the contribution is somewhat incremental—the techniques are established, the setting is specific, and the analysis is limited to the asymptotic i.i.d. regime. The paper's impact will likely be moderate: useful as a reference for the DI cryptography community and as a foundation for more complete analyses, but not transformative.
Generated Apr 23, 2026
Comparison History (43)
Paper 2 addresses a critical bottleneck in scaling photonic quantum computing (erasure errors) by proposing a novel compilation scheme and encoding strategy. It demonstrates exponential improvement over state-of-the-art methods and validates findings on real hardware. While Paper 1 provides valuable theoretical advancements in quantum cryptography, Paper 2's combination of algorithmic innovation, extensive benchmarking, and practical hardware implementation gives it higher potential for immediate real-world application and broader impact in advancing practical quantum computers.
Paper 2 addresses a critical bottleneck in scalable photonic quantum computing (photon loss/erasure) by bridging theory, compiler design, and real hardware implementation. Its comprehensive approach, showing exponential improvement over state-of-the-art methods and including proof-of-concept hardware validation, offers higher potential for immediate real-world application and broad impact. Paper 1, while relaxing an important theoretical assumption in quantum cryptography, is narrower in scope and primarily theoretical.
Paper 2 addresses a critical and practical limitation in device-independent quantum cryptography by modeling input leakage. Its findings directly impact the security and feasibility of real-world quantum key distribution and randomness certification, offering broader technological applications compared to the more foundational and theoretical focus on Wigner function negativity in Paper 1.
Paper 1 addresses a critical near-term quantum computing challenge by co-designing error mitigation (PEC) and error detection (QED), discovering non-obvious failure modes in naive integration, and providing practical solutions. The work opens a new architectural design space with concrete, quantified improvements. Paper 2 makes a meaningful but more incremental contribution by relaxing an assumption in device-independent cryptography. While both are rigorous, Paper 1's broader applicability to near-term quantum computing, novel co-design methodology, and practical impact give it higher potential scientific influence.
Device-independent quantum cryptography is a highly active and practically important field. Paper 2 addresses a critical real-world vulnerability—input leakage—in device-independent protocols, which is essential for practical implementations. Relaxing the no-leakage assumption makes DI-QKD more realistic and deployable. While Paper 1 provides interesting theoretical insights connecting coherent-state superpositions to Wigner function negativity, its impact is more niche within quantum optics foundations. Paper 2's broader relevance to quantum security, practical cryptographic protocols, and the growing quantum technology industry gives it higher potential impact.
Paper 2 addresses a critical bottleneck in quantum computing—scalable quantum chemistry simulations on NISQ devices—by combining dynamic ansatz construction with DMET embedding, demonstrating applicability to systems up to 144 qubits. This has broad impact across quantum computing, chemistry, and materials science. Paper 1, while theoretically important for relaxing device-independence assumptions in quantum cryptography, addresses a more niche concern with incremental advancement. Paper 2's practical applicability, methodological innovation, and broader interdisciplinary relevance give it higher potential impact.
Paper 1 is more likely to have higher near-term scientific impact: it introduces a concrete, co-designed integration of QED and PEC (including the new notions of an optimized QED interval and “steady-state extraction” to fix a previously unrecognized integration failure mode), with quantified multi-fold error/MSE improvements on realistic workloads. It is timely for NISQ-era systems and has broad applicability across quantum computing stacks (codes, characterization, compilation, benchmarking). Paper 2 is valuable and novel in relaxing a key device-independence assumption, but appears narrower in scope and likely more incremental without clear methodological or experimental validation in the abstract.
Paper 2 has higher likely scientific impact due to broader applicability and clearer near-term utility: it targets a central bottleneck in quantum chemistry on NISQ devices, proposes a concrete commutativity/screening-based dynamic ansatz within DMET, and reports scalable demonstrations (up to 144-qubit problems with ~20-qubit active runs) with reduced gate counts. This can influence quantum algorithms, embedding methods, and practical chemical simulation workflows. Paper 1 is novel and important for DI cryptography security modeling, but its impact is narrower and more theoretical, primarily affecting protocol security analyses rather than multiple application domains.
Paper 2 addresses a foundational question—deriving classical field theory from quantum mechanics using random-matrix environmental interactions—extending prior work on particles to fields. This has broad implications across quantum foundations, quantum-to-classical transition, and field theory. The derivation of classical field equations (Klein-Gordon, electromagnetism) from unitary Schrödinger evolution without coherent states is highly novel. Paper 1, while valuable for practical quantum cryptography by relaxing device-independence assumptions, represents an incremental advance in a specialized subfield. Paper 2's breadth of impact across multiple domains of physics gives it higher potential impact.
Paper 1 addresses a critical, practical bottleneck in device-independent quantum cryptography by relaxing the strict no-leakage assumption. Its direct applicability to secure communication and the deployment of real-world quantum technologies gives it a higher potential for immediate and widespread scientific impact compared to the highly theoretical, albeit conceptually interesting, exploration of quantum game theory in Paper 2.