AI Summary • Published on Feb 17, 2026
The increasing volume of private data used in artificial intelligence and machine learning applications has raised significant privacy concerns. Secure function computation, a method allowing service providers to process data without directly accessing it, relies on foundational cryptographic primitives like Bit Commitment (BC). However, quantum mechanics' no-go theorems, notably by Mayers, and Lo and Chau, have demonstrated the impossibility of unconditionally secure quantum BC, where both concealment and binding are simultaneously guaranteed. These theorems highlight that any quantum BC protocol relying solely on quantum laws is fundamentally insecure, often due to an adversary's ability to delay their bit choice using entanglement. This necessitates the development of BC systems under added, physically motivated assumptions to restore cryptographic functionality and ensure data privacy.
The authors propose a novel quantum optical Bit Commitment (BC) protocol that circumvents the no-go theorems by introducing the assumption of secured network connections provided by a Trusted Third Party (TTP). This TTP ensures transmission lines are protected against eavesdropping and tampering. In the protocol, Alice commits to a bit by preparing a specific multi-mode coherent state, which is a tensor product of phase-shifted coherent states, and sends it to Bob. This constitutes the 'commit' phase. The key states involved are based on phase-averaged coherent states, making them almost indistinguishable to Bob, thereby ensuring concealment. In the later 'opening' phase, Alice reveals her committed bit and a random string. Bob then displaces the received state and performs photon number measurements. If the measurement results in all zeros, he accepts Alice's claim; otherwise, he rejects. The design ensures that if Alice were to cheat and change her bit, the resulting state would be distinguishable by Bob with high probability, thus providing binding.
The protocol demonstrates approximate binding and concealing properties, quantifiable by an epsilon-security parameter. The probabilities of Bob learning the bit prematurely (`pCB`) and Alice cheating (`pCA`) are derived and shown to be upper-bounded by epsilon, provided certain conditions on the system parameters (received energy `E`, number of signals `k`, and number of phase shifts `M`) are met. Specifically, `pCA` decays exponentially with increasing `k`, while `pCB` is also shown to decrease with increasing `M`. A trade-off is identified: increasing `M` makes Alice's attack easier, while increasing `k` makes Bob's detection of cheating easier. The paper also analyzes the hardness of Mayers' attack against this protocol. It argues that implementing Mayers' attack, which requires Alice to create purifications of the committed states, would be extremely difficult. This difficulty is supported by three perspectives: the non-Gaussian nature of the states involved (making linear optical implementations non-trivial), the infinite stellar rank of the required states for a sufficiently large `M` (indicating high complexity for their creation), and the exponential decrease in success probability for creating the necessary high photon number states with current technology. The analysis suggests that a higher received energy `E` (or `t`) would enforce larger `M` and `k`, which further implies that the TTP should ensure high transmittivity to maintain efficiency.
This work presents a significant step forward in quantum cryptography by offering a new quantum Bit Commitment protocol that is demonstrably secure under a reasonable and experimentally relevant assumption—secured network connections by a Trusted Third Party. Unlike previous assumption-based protocols that rely on limited quantum memory or separability, this protocol provides a fresh perspective for building secure two-party primitives. The detailed discussion on the complexity of Mayers' attack not only strengthens the security claims of the proposed protocol but also highlights the critical need for developing new computational models at the physical layer to rigorously quantify the hardness of such quantum cryptographic schemes. The protocol is considered readily implementable with existing quantum optical technology, bridging the gap between theoretical impossibility results and practical quantum security applications.