Unconditionally Secure Commitment of a Certified Classical Bit is Impossible

In a secure bit commitment protocol involving only classical physics, A commits either a 0 or a 1 to B. If quantum information is used in the protocol, A may be able to commit a state of the form $\alpha \ket{0} + \beta \ket{1}$. If so, she can also commit mixed states in which the committed bit is entangled with other quantum states under her control. We introduce here a quantum cryptographic primitive, {\it bit commitment with a certificate of classicality} (BCCC), which differs from standard bit commitment in that it guarantees that the committed state has a fixed classical value. We show that no unconditionally secure BCCC protocol based on special relativity and quantum theory exists. We also propose complete definitions of security for quantum and relativistic bit commitment.