Device-independent quantum cryptography

A quantum cryptographic protocol is device-independent if its security does not rely on trusting that the quantum devices used are truthful. Thus the security analysis of such a protocol needs to consider scenarios of imperfect or even malicious devices. Several important problems have been shown to admit unconditional secure and device-independent protocols. A closely related topic (that is not discussed in this article) is measurement-device independent quantum key distribution.

Overview and history
Mayers and Yao proposed the idea of designing quantum protocols using "self-testing" quantum apparatus, the internal operations of which can be uniquely determined by their input-output statistics. Subsequently, Roger Colbeck in his Thesis proposed the use of Bell tests for checking the honesty of the devices. Since then, several problems have been shown to admit unconditional secure and device-independent protocols, even when the actual devices performing the Bell test are substantially "noisy," i.e., far from being ideal. These problems include quantum key distribution, randomness expansion, and randomness amplification.

Key distribution
The goal of quantum key distribution is for two parties, Alice and Bob, to share a common secret string through communications over public channels. This was a problem of central interest in quantum cryptography. It was also the motivating problem in Mayers and Yao's paper. A long sequence of works aim to prove unconditional security with robustness. Vazirani and Vidick were the first to reach this goal. Subsequently, Miller and Shi proved a similar result using a different approach.

Randomness expansion
The goal of randomness expansion is to generate a longer private random string starting from a uniform input string and using untrusted quantum devices. The idea of using Bell test to achieve this goal was first proposed by Roger Colbeck in his Ph.D. Thesis. Subsequent works have aimed to prove unconditional security with robustness and the increase the rate of expansion. Vazrani and Vidick were the first to prove full quantum security for an exponentially expanding protocol. Miller and Shi achieved several additional features, including cryptographic level security, robustness, and a single-qubit requirement on the quantum memory. The approach was subsequently extended by the same authors to show that the noise level can approach the obvious upper bound, when the output may become deterministic.

Randomness amplification
The goal of randomness amplification is to generate near-perfect randomness (approximating a fair coin toss) starting from a single source of weak randomness (a coin each of whose tosses is somewhat unpredictable, though it may be biased and correlated with previous tosses). This is known to be impossible classically. However, by using quantum devices, it becomes possible even if the devices are untrusted. Roger Colbeck and Renato Renner were motivated by physics considerations to ask the question first. Their construction and the subsequent improvement by Gallego et al. are secure against a non-signalling adversary, and have significant physical interpretations. The first construction that does not require any structural assumptions on the weak source is due to Chung, Shi, and Wu. Since then, research has focused on making constructions that are suitable for implementation.