Incomplete quantum oblivious transfer with perfect one-sided security

TL;DR

The paper tackles the impossibility of information-theoretically secure perfect quantum OT by focusing on incomplete, non-interactive 1-out-of-2 OT and fixing the sender’s cheating capability at $p_s=1/2$ while allowing a nonzero protocol failure probability $p_f$. It develops a theory for symmetric pure-state encodings, derives general bounds on Bob’s cheating probability $p_r$ in terms of quantum fidelities, and identifies explicit optimal constructions using symmetric states (notably BB84/Wiesner-like qubit states and ququart states) that asymptotically beat classical non-interactive protocols for $p_f$ up to about $0.31$. The work provides concrete, experimentally feasible protocols that require no entanglement or quantum memory and clarifies how incomplete OT interpolates between quantum random access codes and complete OT. It further delineates a precise trade-off between protocol failure and cheating probabilities and maps out dimensionality- and state-space requirements for optimality, offering practical implications for optical implementations and a deeper link to QRAC/RAC primitives.

Abstract

Oblivious transfer is a fundamental cryptographic primitive which is useful for secure multiparty computation. There are several variants of oblivious transfer. We consider 1 out of 2 oblivious transfer, where a sender sends two bits of information to a receiver. The receiver only receives one of the two bits, while the sender does not know which bit the receiver has received. Perfect quantum oblivious transfer with information theoretic security is known to be impossible. We aim to find the lowest possible cheating probabilities. Bounds on cheating probabilities have been investigated for complete protocols, where if both parties follow the protocol, the bit value obtained by the receiver matches the sender bit value. We instead investigate incomplete protocols, where the receiver obtains an incorrect bit value with probability pf. We present optimal non interactive protocols where Alice bit values are encoded in four symmetric pure quantum states, and where she cannot cheat better than with a random guess. We find the protocols such that for a given pf, Bob cheating probability pr is as low as possible, and vice versa. Furthermore, we show that non-interactive quantum protocols can outperform non-interactive classical protocols, and give a lower bound on Bob cheating probability in interactive quantum protocols. Importantly for optical implementations, our protocols do not require entanglement nor quantum memory.

Figures (1)

• Figure 1: The lowest possible cheating probability $p_r$ for the receiver Bob, as a function of the protocol success probability $1-p_f$, in non-interactive protocols for oblivious transfer. The sender Alice can only cheat with probability $p_s=1/2$ (a random guess). The grey line shows the lowest possible $p_r$ in classical protocols. The solid black line and dashed black line show the lowest possible $p_r$ for quantum protocols using symmetric pure states, in the ranges $1/4\le p_r\le 1/2$ and $1/2 \le p_r \le 1$, respectively. For the solid black line, the states $\ket{\psi_{ij}}$ span a two-dimensional space, and for the dashed line, a four-dimensional space. The dotted line shows the cheating probability achieved by the family of states in section \ref{['sec:qutrits']}, spanning a three-dimensional space.