pith. sign in

arxiv: 1907.02475 · v1 · pith:OSDZLNWEnew · submitted 2019-07-04 · 🪐 quant-ph

One-out-of-m spacetime-constrained oblivious transfer

Dami\'an Pital\'ua-Garc\'ia This is my paper

Pith reviewed 2026-05-25 09:14 UTC · model grok-4.3

classification 🪐 quant-ph
keywords spacetime-constrained oblivious transferone-out-of-m oblivious transferunconditional securityquantum cryptographydistributed quantum access with classical memoryMinkowski spacetimerelativistic quantum protocols
0
0 comments X

The pith

Unconditionally secure protocols exist for one-out-of-m spacetime-constrained oblivious transfer for any m.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper constructs one-out-of-m spacetime-constrained oblivious transfer protocols that work for arbitrary integers m of two or greater. These extend earlier one-out-of-two protocols while preserving unconditional security in Minkowski spacetime. A subroutine called one-out-of-m distributed quantum access with classical memory allows implementation when distant agents exchange only classical messages. A sympathetic reader would care because the result widens the set of secure multiparty tasks possible when information flow must respect light-cone constraints. The work also sketches a k-out-of-m generalization as a direct next step.

Core claim

We introduce unconditionally secure one-out-of-m SCOT protocols extending the one-out-of-two SCOT protocols for arbitrary integers m≥2. We present unconditionally secure one-out-of-m DQACM protocols and one-out-of-m SCOT protocols of the class P_CC, for arbitrary integers m≥2.

What carries the argument

One-out-of-m distributed quantum access with classical memory (DQACM) as a subroutine that enables a class P_CC of SCOT protocols using only classical communication between distant agents.

If this is right

  • Bob obtains exactly one message x_b while remaining unable to obtain any other x_i.
  • Alice learns nothing about Bob's choice b at any spacetime point.
  • The protocols function with m pairwise spacelike separated output regions.
  • Only classical communication between distant agents suffices for the P_CC class.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The same extension technique could be applied to other relativistic quantum-cryptographic primitives that currently exist only for two parties.
  • Laboratory tests could simulate the required spacelike regions using delayed-choice measurements on entangled photons.
  • Security analysis of the suggested k-out-of-m generalization remains an open direction left by the paper.

Load-bearing premise

The security of the base one-out-of-two protocols carries over without flaw to the extended versions for general m.

What would settle it

An explicit attack allowing Bob to recover two distinct messages or Alice to learn Bob's choice b in one of the new protocols would disprove the unconditional security claim.

Figures

Figures reproduced from arXiv: 1907.02475 by Dami\'an Pital\'ua-Garc\'ia.

Figure 1
Figure 1. Figure 1: FIG. 1. Illustration of a setting for the SCOT protocols of [PITH_FULL_IMAGE:figures/full_fig_p004_1.png] view at source ↗
Figure 2
Figure 2. Figure 2: FIG. 2. Illustration of a setting for one-out-of- [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: illustrates the task of one-out-of-m DQACM. We see that by construction, in the defined task of one-out-of-m DQACM, Alice remains oblivious to Bob’s input c, as she does not receive any physical system from Bob. This obliviousness property, as well as the prop￾erties of correctness and security against dishonest Bob allow us to use one-out-of-m DQACM to construct cor￾rect and secure one-out-of-m SCOT. FIG.… view at source ↗
Figure 4
Figure 4. Figure 4: FIG. 4. Illustration of the class [PITH_FULL_IMAGE:figures/full_fig_p016_4.png] view at source ↗
read the original abstract

In one-out-of-$m$ spacetime-constrained oblivious transfer (SCOT), Alice and Bob agree on $m$ pairwise spacelike separated output spacetime regions $R_0,R_1,\ldots, R_{m-1}$ in an agreed reference frame in a spacetime that is Minkowski, or close to Minkowski; Alice inputs a message $x_i$ in the causal past of a spacetime point $Q_i$ of $R_i$, for $i\in\{0,1,\ldots,m-1\}$; Bob inputs $b\in\{0,1,\ldots,m-1\}$ in the intersection of the causal pasts of $Q_0,Q_1,\ldots,Q_{m-1}$ and outputs $x_b$ in $R_b$; Alice remains oblivious to $b$ anywhere in spacetime; and Bob is unable to obtain $x_i$ in $R_i$ and $x_j$ in $R_j$ for any pair of different numbers $i,j\in\{0,1,\ldots,m-1\}$. We introduce unconditionally secure one-out-of-$m$ SCOT protocols extending the one-out-of-two SCOT protocols of Pital\'ua-Garc\'ia [Phy. Rev. A 93, 062346 (2016)] and Pital\'ua-Garc\'ia and Kerenidis [Phy. Rev. A 98, 032327 (2018)], for arbitrary integers $m\geq 2$. We define the task of one-out-of-$m$ distributed quantum access with classical memory (DQACM), which works as a subroutine to implement a class $\mathcal{P}_{\text{CC}}$ of one-out-of-$m$ SCOT protocols where distant agents only need to communicate classically. We present unconditionally secure one-out-of-$m$ DQACM protocols and one-out-of-$m$ SCOT protocols of the class $\mathcal{P}_{\text{CC}}$, for arbitrary integers $m\geq2$. We discuss various generalizations of SCOT. In particular, we introduce a straightforward extension of SCOT to a $k$-out-of-$m$ setting, and suggest protocols where distant agents only need to communicate classically, while we leave the investigation of their security as an open problem.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

1 major / 0 minor

Summary. The manuscript claims to introduce unconditionally secure one-out-of-m spacetime-constrained oblivious transfer (SCOT) protocols for arbitrary m≥2 by extending the authors' prior one-out-of-two SCOT constructions from 2016 and 2018. It defines one-out-of-m distributed quantum access with classical memory (DQACM) as a subroutine, presents secure DQACM protocols and SCOT protocols in the class P_CC (requiring only classical communication), and discusses generalizations such as k-out-of-m SCOT while leaving security of some variants as open.

Significance. If the security claims hold, the work would meaningfully generalize relativistic cryptographic primitives beyond the m=2 case, enabling protocols with multiple spacelike-separated output regions and providing a useful DQACM subroutine plus a classical-communication class P_CC. The explicit discussion of open problems in the generalizations is a positive feature.

major comments (1)
  1. [Abstract] Abstract (paragraph beginning 'We introduce unconditionally secure...'): the central claim of unconditional security for arbitrary m≥2 rests on extension of the cited m=2 protocols without an explicit security reduction, re-derivation of the obliviousness or spacetime-separation properties, or verification that causal-past intersections and output-region constraints remain intact when the number of regions increases; this is load-bearing for the headline result, as any new leakage channel (e.g., via P_CC classical communication or the DQACM subroutine) would invalidate the claim even if the base protocols are sound.

Simulated Author's Rebuttal

1 responses · 0 unresolved

We appreciate the referee's thorough evaluation of our manuscript. We address the major comment regarding the security claims for arbitrary m below, and will make revisions to strengthen the presentation of the security argument.

read point-by-point responses

  1. Referee: [Abstract] Abstract (paragraph beginning 'We introduce unconditionally secure...'): the central claim of unconditional security for arbitrary m≥2 rests on extension of the cited m=2 protocols without an explicit security reduction, re-derivation of the obliviousness or spacetime-separation properties, or verification that causal-past intersections and output-region constraints remain intact when the number of regions increases; this is load-bearing for the headline result, as any new leakage channel (e.g., via P_CC classical communication or the DQACM subroutine) would invalidate the claim even if the base protocols are sound.

    Authors: We thank the referee for highlighting this important point. The security of the one-out-of-m protocols follows from the m=2 constructions because the generalization to m regions maintains the pairwise spacelike separation of the output regions R_i and the intersection of their causal pasts for Bob's input b. The DQACM subroutine is designed such that it provides the necessary quantum access without allowing Bob to obtain more than one x_i, and the classical communication in P_CC is limited to messages that do not leak information about b or additional messages due to the relativistic constraints. However, we agree that an explicit security reduction would make the argument clearer. In the revised manuscript, we will include a dedicated subsection deriving the security properties for general m from the m=2 case, verifying that no new leakage channels are introduced. revision: yes

Circularity Check

1 steps flagged

Security for m>2 SCOT/DQACM protocols asserted solely via extension of self-cited m=2 results without independent reduction

specific steps
  1. self citation load bearing [Abstract]
    "We introduce unconditionally secure one-out-of-m SCOT protocols extending the one-out-of-two SCOT protocols of Pitalúa-García [Phy. Rev. A 93, 062346 (2016)] and Pitalúa-García and Kerenidis [Phy. Rev. A 98, 032327 (2018)], for arbitrary integers m≥2. ... We present unconditionally secure one-out-of-m DQACM protocols and one-out-of-m SCOT protocols of the class P_CC, for arbitrary integers m≥2."

    The unconditional security assertion for the m-generalization is justified exclusively by extension of the author's prior m=2 papers. The text supplies no new proof or reduction showing that the obliviousness, spacetime-separation, and output-region constraints hold when the number of regions increases; the security claim therefore reduces directly to the correctness of the self-cited works.

full rationale

The paper's central claim of unconditional security for arbitrary m≥2 rests on the statement that the new protocols 'extend' the author's own 2016 and 2018 m=2 constructions. No explicit security reduction, re-derivation of obliviousness or spacetime constraints, or verification that causal-past intersections remain intact for m>2 is supplied in the provided text. This makes the headline security result load-bearing on self-citation rather than independently established. The protocol definitions themselves may contain novel steps, so the circularity is partial (score 6) rather than total equivalence by definition. No other patterns (self-definitional, fitted predictions, ansatz smuggling, etc.) are exhibited.

Axiom & Free-Parameter Ledger

0 free parameters · 2 axioms · 0 invented entities

The paper introduces no new free parameters, invented entities, or ad-hoc axioms beyond standard quantum mechanics and the assumption of Minkowski (or near-Minkowski) spacetime for causal structure; all security claims rest on these domain assumptions plus the correctness of the cited m=2 base protocols.

axioms (2)
  • domain assumption Minkowski spacetime (or close to it) provides the causal structure for the output regions and input points
    Invoked in the definition of SCOT in the abstract: 'in a spacetime that is Minkowski, or close to Minkowski'
  • domain assumption Standard quantum mechanics suffices for unconditional security of the extended protocols
    The abstract claims unconditional security without additional computational assumptions

pith-pipeline@v0.9.0 · 5950 in / 1481 out tokens · 29297 ms · 2026-05-25T09:14:10.823194+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

81 extracted references · 81 canonical work pages · 1 internal anchor

  1. [1]

    Security ForǫBob ≥ 0, we say a SCOT protocol is ǫBob− secure against dishonest Bob if, when Alice follows the protocol honestly and Bob follows any cheating strategy, the prob- abilityPBob that Bob outputs messages x′ i inRi and x′ j in Rj satisfyingd(x′ i, xi) ≤ niγi andd(x′ j, xj ) ≤ njγj satis- fies PBob ≤ ǫBob, for any pair of different numbers i and j ...

    work page

  2. [2]

    We extend this protocol here for the case m ≥ 2 and denote it as PSR

    for the case m = 2. We extend this protocol here for the case m ≥ 2 and denote it as PSR

    work page

  3. [3]

    A sends |ψ s r⟩ to B, who receives it in G

    Alice’s agent A encodes a random n− bit string r in a quantum state |ψ s r⟩ = ⨂ j∈ [n]|ψ sj rj ⟩ of n BB84 states, where s is a random n− bit string denoting the bases. A sends |ψ s r⟩ to B, who receives it in G

    work page

  4. [4]

    B obtains his input number b ∈ Im in G and redi- rects the received state |ψ s r⟩ to his colleague Bb, who receives it in the causal past of at least one spacetime point of Rb

    work page

  5. [5]

    For i ∈ Im, A sends a copy of s to her colleague Ai, who receives it in the causal past of Qi

    work page

  6. [6]

    For i ∈ Im, Ai gives s to Bi at the spacetime point Qi

    work page

  7. [7]

    Bb measures the quantum state |ψ s r⟩ in the basis labeled by s, and obtains a n− bit string r′ in Rb

    work page

  8. [8]

    Correctness In the ideal case in which there are not any errors nor any losses, Bob’s output r′ equals r with unit probability

    work page

  9. [9]

    Thus, Alice cannot guess Bob’s input b with probability greater than 1 m

    Security against dishonest Alice Since Bob does not transmit any physical systems to Alice, Alice cannot obtain any information about Bob’s input b. Thus, Alice cannot guess Bob’s input b with probability greater than 1 m

    work page

  10. [10]

    Security against dishonest Bob For the case m = 2, it was shown in Ref. [1] that if Alice follows the protocol honestly and Bob follows an arbitrary cheating strategy allowed by quantum theory and relativity, the probability PBob that Bob outputs n− bit strings r0 = r in R0 and r1 = r in R1 satisfies PBob ≤ ( 1 2 + 1 2 √ 2 ) n . It was also shown that for ...

    work page

  11. [11]

    Alice and Bob implement the subroutine PSR, where r ∈ { 0, 1}n is the message encoded by A inG andb ∈ Im is B’s input in G, and where r′ ∈ { 0, 1}n is Bb’s output in Rb

    work page

  12. [12]

    For i ∈ Im, A sends a copy of r to Ai, who receives it in the causal past of Qi

    work page

  13. [13]

    For i ∈ Im, Ai obtains her input message xi ∈ {0, 1}n in the causal past of Qi

    work page

  14. [14]

    For i ∈ Im, Ai gives ti = xi ⊕ r to Bi at the space- time point Qi

    work page

  15. [15]

    Bb computes the message x′ b = r′ ⊕ tb and outputs it in Rb

    work page

  16. [16]

    For example, Bob’s agents having quantum memories have more freedom on the time at which they receive, pro- cess and transmit classical and quantum information

    Comments Different variations of this protocol can be considered. For example, Bob’s agents having quantum memories have more freedom on the time at which they receive, pro- cess and transmit classical and quantum information. On the other hand, if Bob does not have any quantum mem- ories, Bob’s agent B must redirect the quantum states as soon as he receiv...

    work page

  17. [17]

    In an implementation of PSR in which Bob outputs r′ in Rb satisfying d(r′, r) ≤ γn, Bob’s output x′ b in Rb satisfies d(x′ b, xb) ≤ γn, for γ ≥ 0

    Correctness In the ideal case that there are not any errors nor any losses, Bob outputs r′ = r in Rb in the subroutine PSR, hence, Bob outputs x′ b = xb in Rb in the protocol PQC. In an implementation of PSR in which Bob outputs r′ in Rb satisfying d(r′, r) ≤ γn, Bob’s output x′ b in Rb satisfies d(x′ b, xb) ≤ γn, for γ ≥ 0

    work page

  18. [18]

    Thus, Alice cannot guess Bob’s input b with probability greater than 1 m

    Security against dishonest Alice Like in the subroutine PSR, Bob does not transmit any physical systems to Alice in the protocol PQC, hence, Alice cannot obtain any information about Bob’s input b. Thus, Alice cannot guess Bob’s input b with probability greater than 1 m . Therefore the protocol PQC is perfectly secure against dishonest Alice

    work page

  19. [19]

    Thus, from the security properties of the subroutine PSR, it follows straightfor- wardly that if errors are not tolerated, i.e

    Security against dishonest Bob For any pair of different numbers i,j ∈ Im, the probability PBob that Bob outputs x′ i ∈ { 0, 1}n in Ri and x′ j ∈ { 0, 1}n in Rj in the protocol PQC satisfy- ing d(x′ i, xi) ≤ nγ and d(x′ j, xj) ≤ nγ is equal to the probability that Bob outputs ri ∈ { 0, 1}n in Ri and rj ∈ { 0, 1}n in Rj in the subroutine PSR satisfying d(ri...

    work page

  20. [20]

    We say a protocol to implement one-out-of- m DQACM is perfectly correct if it is 0 − correct

    Correctness Forǫcor ≥ 0, we say a protocol to implement one-out- of-m DQACM is ǫcor− correct if, when Alice and Bob follow the protocol honestly, the probability P that Bob outputs rc satisfies P ≥ 1 − ǫcor, for any input c ∈ Im by Bob. We say a protocol to implement one-out-of- m DQACM is perfectly correct if it is 0 − correct

    work page

  21. [21]

    Security For ǫBob ≥ 0, we say a protocol to implement one- out-of-m DQACM is ǫBob− secure against dishonest Bob if, when Alice follows the protocol honestly, for any pair of different numbers i and j from the set I m, for any quantum operation O independent of r and independent of s applied by Bob on the quantum state |Ψs r⟩A that produces at least two qua...

    work page

  22. [22]

    We say a protocol to implement one-out-of-m DQACM is perfectly correct if it is 0 − correct

    Correctness Forǫcor ≥ 0, we say a protocol to implement one-out- of-m DQACM is ǫcor− correct if, when Alice and Bob follow the protocol honestly, the probability P that Bob outputs a message r′ c satisfying d(r′ c, rc) ≤ ncγc satisfies P ≥ 1 − ǫcor, for any input c ∈ Im by Bob. We say a protocol to implement one-out-of-m DQACM is perfectly correct if it is...

    work page

  23. [23]

    Security ForǫBob ≥ 0, we say a protocol to implement one-out- of-m DQACM is ǫBob− secure against dishonest Bob if, when Alice follows the protocol honestly, for any pair of different numbers i,j ∈ Im, for any quantum operation O independent of r and independent of s applied by Bob on the quantum state |Ψs r⟩A that produces at least two quantum systemsB0 an...

    work page

  24. [24]

    First, Alice takes the following actions

    Proof of the bound (19) We note that our protocol is mathematically equiva- lent to the following procedure. First, Alice takes the following actions. She prepares a pair of l-dimensional quantum systems Cj i and Aj i in the state |φ⟩C j i Aj i given by (6) , for i ∈ Im andj ∈ [n]. More precisely, Alice pre- pares a global quantum system with Hilbert spac...

    work page

  25. [25]

    Alice’s agent A and Bob’s agent B implement the stage I of a one-out-of- m DQACM protocol with random inputs s ∈ Λbasis and ri ∈ { 0, 1}n by Alice, and a random input c ∈ Im by Bob, for i ∈ Im. This consists in A sending to B a quantum state |Ψs r⟩ encoding r = ( r0, r1,..., rm− 1) in a basis la- beled by s, B applying a quantum measurement M c on the rec...

    work page

  26. [26]

    A sends copies of s, r0, r1,..., rm− 1 to Ai, who re- ceives them in the causal past of Qi, for i ∈ Im

    work page

  27. [27]

    B transmits c and d to Bi, who receives these in the causal past of Qi, for i ∈ Im. B. Stage II

    work page

  28. [28]

    Within G, B generates his SCOT input b ∈ Im, and transmits the number b′ = b +c modulo m to A, who receives it within G

    work page

  29. [29]

    For i ∈ Im, B transmits b to Bi, who receives it in the causal past of Qi

    work page

  30. [30]

    For i ∈ Im, A transmitsb′ to Ai, who receives it in the causal past of Qi

    work page

  31. [31]

    For i ∈ Im, Ai generates xi in the causal past of Qi, and gives ti = rb′− i ⊕ xi to Bi at Qi, where b′ − i is modulo m

    work page

  32. [32]

    This corresponds to the first step in stage II of the DQACM protocol

    For i ∈ Im, Ai gives s to Bi atQi. This corresponds to the first step in stage II of the DQACM protocol

    work page

  33. [33]

    This corresponds to the second step in stage II of the DQACM protocol

    Within the spacetime region Rb, Bb uses s, d andc to obtain the output rc (or r′ c close to rc according to a predetermined threshold) of the DQACM pro- tocol. This corresponds to the second step in stage II of the DQACM protocol

    work page

  34. [34]

    Within Rb, Bb outputs xb = rc ⊕ tb (or x′ b = r′ c ⊕ tb, which is close to xb according to a predetermined threshold). 16 FIG. 4. Illustration of the class PCC of one-out-of- m SCOT protocols in a two-dimensional spacetime diagram in a frame F of Minkowski spacetime. The world lines of the laboratories of Alice’s agents A0, A1, . . . ,Am− 1 (green rectang...

    work page

  35. [35]

    Extensions in which Alice encodes n dits inm qudits, where Bob can retrieve any dit of his choice with probability p > 1 d , for d ≥ 2, are considered in Ref

    and entanglement [42] improve the efficiency of the encodings, etc. Extensions in which Alice encodes n dits inm qudits, where Bob can retrieve any dit of his choice with probability p > 1 d , for d ≥ 2, are considered in Ref. [43]. Extensions of QRACs codes in which Alice en- codes, and Bob decodes, intrinsically quantum informa- tion were introduced in Re...

    work page

  36. [36]

    Pital´ ua-Garc ´ ıa, Phys

    D. Pital´ ua-Garc ´ ıa, Phys. Rev. A93, 062346 (2016)

    work page 2016

  37. [37]

    Pital´ ua-Garc ´ ıa and I

    D. Pital´ ua-Garc ´ ıa and I. Kerenidis, Phys. Rev. A 98, 032327 (2018)

    work page 2018

  38. [38]

    Kilian, in Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC ’88 (ACM, New York, 1988) pp

    J. Kilian, in Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC ’88 (ACM, New York, 1988) pp. 20–31

    work page 1988

  39. [39]

    A. C. Yao, in 23rd Annual Symposium on Foundations of Computer Science (SFCS 1982) (IEEE, Chicago, IL, 23

    work page 1982

  40. [40]

    A. C. Yao, in 27th Annual Symposium on Foundations of Computer Science (SFCS 1986) (IEEE, Toronto, ON,

    work page 1986

  41. [41]

    Wehner, C

    S. Wehner, C. Schaffner, and B. M. Terhal, Phys. Rev. Lett. 100, 220502 (2008)

    work page 2008

  42. [42]

    Lo, Phys

    H.-K. Lo, Phys. Rev. A 56, 1154 (1997)

    work page 1997

  43. [43]

    Colbeck, Phys

    R. Colbeck, Phys. Rev. A 76, 062308 (2007)

    work page 2007

  44. [44]

    Buhrman, M

    H. Buhrman, M. Christandl, and C. Schaffner, Phys. Rev. Lett. 109, 160501 (2012)

    work page 2012

  45. [45]

    Kent, Phys

    A. Kent, Phys. Rev. Lett. 83, 1447 (1999)

    work page 1999

  46. [46]

    Kent, Class

    A. Kent, Class. Quantum Grav. 29, 224013 (2012)

    work page 2012

  47. [47]

    Lo and H

    H.-K. Lo and H. Chau, Physica D: Nonlinear Phenomena 120, 177 (1998), proceedings of the Fourth Workshop on Physics and Consumption

    work page 1998

  48. [48]

    Lo and H

    H.-K. Lo and H. F. Chau, Phys. Rev. Lett. 78, 3410 (1997)

    work page 1997

  49. [49]

    Mayers, Phys

    D. Mayers, Phys. Rev. Lett. 78, 3414 (1997)

    work page 1997

  50. [50]

    Kent, Phys

    A. Kent, Phys. Rev. Lett. 83, 5382 (1999)

    work page 1999

  51. [51]

    A. Kent, J. Cryptology 18, 313 (2005)

    work page 2005

  52. [52]

    Kent, New J

    A. Kent, New J. Phys. 13, 113015 (2011)

    work page 2011

  53. [53]

    Kent, Phys

    A. Kent, Phys. Rev. Lett. 109, 130501 (2012)

    work page 2012

  54. [54]

    Lunghi, J

    T. Lunghi, J. Kaniewski, F. Bussi` eres, R. Houl- mann, M. Tomamichel, S. Wehner, and H. Zbinden, Phys. Rev. Lett. 115, 030502 (2015)

    work page 2015

  55. [55]

    Kent, Phys

    A. Kent, Phys. Rev. A 84, 012328 (2011)

    work page 2011

  56. [56]

    C. H. Bennett and G. Brassard, in Proceedings of IEEE International Conference on Computers, Systems, and Signal Processing, Bangalore, India (IEEE, New York,

    work page

  57. [57]

    A. D. Wissner-Gross and C. E. Freer, Phys. Rev. E 82, 056104 (2010)

    work page 2010

  58. [58]

    Dieks, Phys

    D. Dieks, Phys. Lett. A 92, 271 (1982)

    work page 1982

  59. [59]

    W. K. Wootters and W. H. Zurek, Nature (London) 299, 802 (1982)

    work page 1982

  60. [60]

    Terhal, IBM J

    B. Terhal, IBM J. Res. Dev. 48, 71 (2004)

    work page 2004

  61. [61]

    J. S. Bell, Physics 1, 195 (1964), reprinted in [46], pages 14–21

    work page 1964

  62. [62]

    C. H. Bennett, G. Brassard, C. Cr´ epeau, R. Jozsa, A. Peres, and W. K. Wootters, Phys. Rev. Lett. 70, 1895 (1993)

    work page 1993

  63. [63]

    Ambainis, M

    A. Ambainis, M. Mosca, A. Tapp, and R. D. Wolf, in Proceedings 41st Annual Symposium on Foundations of Computer Science (IEEE, Redondo Beach, CA, 2000) pp. 547–553

    work page 2000

  64. [64]

    J. H. van Lint, Introduction to coding Theory (Springer, Berlin, 1999)

    work page 1999

  65. [65]

    Tomamichel, S

    M. Tomamichel, S. Fehr, J. Kaniewski, and S. Wehner, New J. Phys. 15, 103002 (2013)

    work page 2013

  66. [66]

    Kent, Quantum Inf

    A. Kent, Quantum Inf. Process. 12, 1023 (2013)

    work page 2013

  67. [67]

    Hayden and A

    P. Hayden and A. May, J. Phys. A: Math. Theor. 49, 175304 (2016)

    work page 2016

  68. [68]

    Adlam and A

    E. Adlam and A. Kent, Phys. Rev. A 93, 062327 (2016)

    work page 2016

  69. [69]

    Kent, Phys

    A. Kent, Phys. Rev. A 98, 062332 (2018)

    work page 2018

  70. [70]

    Localizing and excluding quan- tum information; or, how to share a quantum secret in spacetime,

    P. Hayden and A. May, “Localizing and excluding quan- tum information; or, how to share a quantum secret in spacetime,” (2018), arXiv:1806.04154

    work page arXiv 2018

  71. [71]

    Kent, Proc

    A. Kent, Proc. R. Soc. A 475, 20190170 (2019)

    work page 2019

  72. [72]

    Wiesner, SIGACT News 15, 78 (1983)

    S. Wiesner, SIGACT News 15, 78 (1983)

    work page 1983

  73. [73]

    Ambainis, A

    A. Ambainis, A. Nayak, A. Ta-Shma, and U. Vazirani, in Proceedings of the Thirty-first Annual ACM Symposium on Theory of Computing, STOC ’99 (ACM, New York,

    work page

  74. [74]

    Ambainis, A

    A. Ambainis, A. Nayak, A. Ta-Shma, and U. Vazirani, Journal of the ACM 49(4), 496 (2002)

    work page 2002

  75. [75]

    Hayashi, K

    M. Hayashi, K. Iwama, H. Nishimura, R. Raymond, and S. Yamashita, New J. Phys. 8, 129 (2006)

    work page 2006

  76. [76]

    Quantum Random Access Codes with Shared Randomness

    A. Ambainis, D. Leung, L. Mancinska, and M. Ozols, “Quantum random access codes with shared randomness,” (2009), arXiv:0810.2937

    work page internal anchor Pith review Pith/arXiv arXiv 2009

  77. [77]

    Paw/suppress lowski and M

    M. Paw/suppress lowski and M. ˙Zukowski, Phys. Rev. A 81, 042326 (2010)

    work page 2010

  78. [78]

    Liabøtrø, Phys

    O. Liabøtrø, Phys. Rev. A 95, 052315 (2017)

    work page 2017

  79. [79]

    Pital´ ua-Garc ´ ıa, Phys

    D. Pital´ ua-Garc ´ ıa, Phys. Rev. Lett.110, 210402 (2013)

    work page 2013

  80. [80]

    R. W. Spekkens, D. H. Buzacott, A. J. Keehn, B. Toner, and G. J. Pryde, Phys. Rev. Lett. 102, 010401 (2009)

    work page 2009

Showing first 80 references.