Abstract:
An approximate quantum encryption scheme uses a private classical key to
encrypt a quantum state while leaking only a very small amount of
information to the adversary. Previous work has shown that while we need
2n bits of key to encrypt n qubits exactly, we can get away with only n
bits in the approximate case, provided that we know that the state to be
encrypted is not entangled with something that the adversary already has
in his possession. In this talk, I will show a generalisation of this
result: approximate quantum encryption requires roughly n-t bits of key,
where t is a lower bound on the quantum conditional min-entropy of the
state to be encrypted given the adversary's prior knowledge. I will show
that this result follows naturally from a quantum version of entropic
security and indistinguishability. This is joint work with Simon-Pierre
Desrosiers.