Abstract: So far experimental confirmation of entanglement has been restricted to qubits, i.e. two-state quantum systems including recent realization of three- and four-qubit entanglements. Yet, an ever increasing body of theoretical work calls for entanglement in quantum system of higher dimensions. Here we report the first realization of multi-dimensional entanglement exploiting the orbital angular momentum of photons, which are states of the electromagnetic field with phase singularities (doughnut modes). The properties of such states could be of importance for the efforts in the field of quantum computation and quantum communication. For example, quantum cryptography with higher alphabets could enable one to increase the information flux through the communication channels.

Abstract: Basic techniques to prove the unconditional security of quantum crypto graphy are described. They are applied to a quantum key distribution protocol proposed by Bennett and Brassard [1984]. The proof considers a practical variation on the protocol in which the channel is noisy and photos may be lost during the transmission. Each individual signal sent into the channel must contain a single photon or any two-dimensional system in the exact state described in the protocol. No restriction is imposed on the detector used at the receiving side of the channel, except that whether or not the received system is detected must be independent of the basis used to measure this system.

Abstract: In this paper so-called ‘large pulse attack’ is investigated. This attack is one of the possible methods of conventional optical eavesdropping, a new strategy of eavesdropping on quantum cryptosystems, which eliminates the need of immediate interaction with transmitted quantum states. It allows the eavesdropper to avoid inducing transmission errors that disclose her presence to the legal users. As an object of the eavesdropping, phase-state fibre optic schemes are considered. With large pulse attack, settings of transmitting and/ or receiving apparatus are interrogated by external high-power light pulses. Applicability conditions of this method are given. Type and amount of information learned by the eavesdropper is estimated, depending on parameters of the interrogating pulse and apparatus. An experimental set-up for an eavesdropping experiment is proposed and results of successful preliminary measurements are presented. It is concluded that additional protection is necessary for currently imple...

Abstract: Summary form only given. A source of single photons, each arriving within a known time interval, would be useful in the new field of quantum cryptography, where security from eavesdropping requires that only one photon be sent at a time. While other recent efforts to generate single photons have relied on saturated absorption in a single quantum emitter such as a molecule our method takes advantage of the emission properties of a single emitter, an InAs dot. When a laser pulse creates multiple electron-hole pairs (excitons), the last pair to recombine creates a photon at a unique wavelength, which can be spectrally separated from the others. This is because Coulomb interactions shift the emission wavelength when multiple excitons are present.

Abstract: The general conditions for the orthogonal product states of the multi-state systems to be used in quantum key distribution (QKD) are proposed, and a novel QKD scheme with orthogonal product states in the 3x3 Hilbert space is presented. We show that this protocol has many distinct features such as great capacity, high efficiency. The generalization to nxn systems is also discussed and a fancy limitation for the eavesdropper's success probability is reached.

Abstract: We present a theoretical and experimental study of preparing maximally entangled two-photon polarization states, or Bell states, using femtosecond-pulse-pumped spontaneous parametric down-conversion (SPDC). First, we show how the inherent distinguishability in femtosecond-pulse-pumped type-II SPDC can be removed by using an interferometric technique without spectral and amplitude postselection. We then analyze the recently introduced Bell-state preparation scheme using type-I SPDC. Theoretically, both methods offer the same results, however, type-I SPDC provides experimentally superior methods of preparing Bell states in femtosecond-pulse-pumped SPDC. Such a pulsed source of highly entangled photon pairs is useful in quantum communications, quantum cryptography, quantum teleportation, etc.

Abstract: In this paper we show how to convert a statistically binding but computationally concealing quantum bit commitment scheme into a computationally binding but statistically concealing QBC scheme. For a security parameter n, the construction of the statistically concealing scheme requires O(n2) executions of the statistically binding scheme. As a consequence, statistically concealing but computationally binding quantum bit commitments can be based upon any family of quantum one-way functions. Such a construction is not known to exist in the classical world.

Abstract: For thousands of years, code-makers and code-breakers have been competing for supremacy. Their arsenals may soon include a powerful new weapon: quantum mechanics. We give an overview of quantum cryptology as of November 2000.

Abstract: A system establishes a path for distributing data through an optical network ( 115 ). The system includes an optical switch ( 205 a ) and a data distribution endpoint ( 105 a ). The optical switch ( 205 a ) establishes a first encryption key distribution path through the optical network ( 115 ), the first encryption key distribution path including multiple optical switches and optical links. The data distribution endpoint ( 105 a ) determines whether eavesdropping has occurred on the first encryption key distribution path using quantum cryptography. The optical switch ( 205 a ) further establishes a second data distribution path through the optical network ( 115 ) responsive to the eavesdropping determination. The second encryption key distribution path includes multiple optical switches and optical links.

Abstract: A quantum-dot photon turnstile device is capable of producing a stream of regulated and directed single pairs of photons with opposite circular polarizations. This device operates by injecting pairs of electrons and holes, alternately, into a single quantum dot, where they combine to form photons. The device will efficiently and reliably produce a directed beam of such photons at regular time intervals. It will be able to operate at high frequency and at high temperature. Such a stream of regulated photon pairs will be useful in quantum cryptography, quantum computing, low-power optical communications, as a light standard, and in many other areas of technology and fundamental science.

Abstract: Quantum computers will be useful for all kinds of computing In addition to computer graphics they will have applications in cryptography, biology, and communications We start with a look at the general principles of quantum mechanics as they apply to quantum computing In the next issue, I present some of the mathematics behind actually creating quantum algorithms

Abstract: I show that a simple multi-party communication task can be performed more efficiently with quantum communication than with classical communication, even with low detection efficiency�. The task is a communication complexity problem in which distant parties need to compute a function of the distributed inputs, while minimizing the amount of communication between them. A realistic quantum optical setup is suggested that can demonstrate a five-party quantum protocol with higher-thanclassical performance, provided � > 0.33. In theory, quantum communication is better than classical communication. Experimentalists, on the other hand, know that even the simplest quantum communication protocols involve inefficiencies in state preparation, manipulation and measurement. It is, therefore, important to study sufficient experimental conditions for unambiguous demonstration of the advantages of quantum communication. Some tasks are only possible with quantum communication, such as unconditionally secure cryptographic key distribution [1, 2, 3]. Many authors have analyzed the experimental requirements for the security of these protocols [4, 5, 6]. For other tasks quantum communication offers an improvement of efficiency, and such is the case of communication complexity problems [7, 8], one of which will be analyzed in this paper. In these problems many distant parties need to compute a function of the distributed inputs, while trying to minimize the amount of communication between them. This abstract problem has numerous practical applications, for example in computer networks, VLSI circuits and data structures (see [8] for a survey of the field). Quantum mechanics can enhance the performance of communication complexity protocols in two different ways [9]. The first approach is the entanglementbased model of communication complexity [10, 11, 12, 13], where in addition to the classical communication we allow the parties to do measurements on previously shared multi-party entangled states. Experimental requirements for some protocols of this kind have been studied in [14, 15], and it turns out that the high detection efficiency needed could be achieved in ion trapexperiments [16].

Abstract: In this paper,the principle of the quantum signature has been investigated,and a quantum signature scheme has been proposed.The presented scheme is based on the correlation of the Greenberger-Horne-Zeilinger(GHz) triplet state.Results sho w that the proposed quantum signature scheme is provable secure.

Abstract: Recent developments in quantum technology have shown that quantum computers can provide dramatic advantages over classical computers for some problems [1] [2]. These quantum algorithms rely upon the inherent parallel qualities of quantum computers to achieve their improvement. In this paper we provide a brief background of quantum computers. We present a simple quantum approach to genetic algorithms and analyze its benefits and drawbacks. We describe the quantum advantage of true randomness. We show that in some cases, such as program induction, there is a measurable difference [3]. These algorithms are significant because to date there are only a handful of quantum algorithms that take advantage of quantum parallelism [4] and none that show an advantage due to true randomness. Finally, we provide ideas for directions of future research.

Abstract: We have improved the hardware and software of our autocompensating system for quantum key distribution by replacing bulk optical components at the end stations with fiber-optic equivalents and implementing software that synchronizes end-station activities, communicates basis choices, corrects errors and performs privacy amplification over a local area network. The all fiber-optic arrangement provides stable, efficient and high-contrast routing of the photons. The low bit error rate leads to high error correction efficiency and minimizes data sacrifice during privacy amplification. Characterization measurements made on a number of commercial avalanche photodiodes are presented that highlight the need for improved devices tailored specifically for quantum information applications. A scheme for frequency shifting the photons returning from Alice's station to allow them to be distinguished from backscattered noise photons is also described. OCIS codes: 030.5260, 060.0060, 060.2360, 230.2240, 270.5570.

Abstract: We show how an arbitrary qubit rotation can be teleported, albeit probabilistically, using one e-bit of entanglement and one classical bit. We use this to present a scheme for implementing quantum secret sharing. The scheme operates essentially by sending a `secret' rotated qubit of information to several users, who need to cooperate in order to recover the original qubit.

Abstract: A polarization-based receiver for quantum key distribution incorporating an InGaAs/InP single photon avalanche photodiode (SPAD) has been constructed to investigate the potential for increasing the transmission distance in long wavelength quantum key distribution systems beyond the 50km range.

Abstract: We introduce a new model for studying quantum data structure problems -- the quantum cell probe model. We prove a lower bound for the static predecessor problem in the address-only version of this model where, essentially, we allow quantum parallelism only over the 'address lines' of the queries. This model subsumes the classical cell probe model, and many quantum query algorithms like Grover's algorithm fall into this framework. We prove our lower bound by obtaining a round elimination lemma for quantum communication complexity. A similar lemma was proved by Miltersen, Nisan, Safra and Wigderson [9] for classical communication complexity, but their proof does not generalise to the quantum setting. We also study the static membership problem in the quantum cell probe model. Generalising a result of Yao [16], we show that if the storage scheme is implicit, that is it can only store members of the subset and 'pointers', then any quantum query scheme must make Ω(log n) probes. We also consider the one-round quantum communication complexity of set membership and show tight bounds.

Abstract: We report a new transmission that can be used for quantum key distribution. The system uses single-sideband-modulated light in an implementation of the BB84 quantum cryptography protocol. The system is formed by two integrated unbalanced Mach–Zehnder interferometers and is based on interference between phase-modulated sidebands in the spectral domain. Experiments show that high interference visibility can be obtained.

Abstract: For part 2, see ibid., September/October (2001). Every now and then surprising new theories appear on the scientific stage that hold the promise of dramatic new technologies. Quantum computing is one of these. The ideas in this field radically change the way we think about computers and computing. in my last two columns, I introduced the theory of quantum computing and presented its basic terminology and notation. In this installment, I wrap up my discussion of the subject by presenting some interesting quantum algorithms and then showing how quantum computing can change the world of cryptography, or the sharing of secrets.

Abstract: Detecting errors in a raw key and authenticating a private key are crucial for quantum key distribution schemes. Our aim is to propose practical methods for error detection and authentication in quantum key distribution schemes. We introduce several concepts about neighborhood collision free properties of Boolean functions, which are closely related to hash functions, and propose methods based on neighborhood collision free functions and error correcting codes such as Reed-Solomon code. We also examine whether or not widely used cryptographic hash functions SHA-1 and MD5 satisfy the neighborhood collision free property by computation experiments.

Abstract: Quantum Cryptography, or more accurately, Quantum Key Distribution (QKD) is based on using an unconditionally secure ``quantum channel'' to share a secret key among two users. A manufacturer of QKD devices could, intentionally or not, use a (semi-)classical channel instead of the quantum channel, which would remove the supposedly unconditional security. One example is the BB84 protocol, where the quantum channel can be implemented in polarization of single photons. Here, use of several photons instead of one to encode each bit of the key provides a similar but insecure system. For protocols based on violation of a Bell inequality (e.g., the Ekert protocol) the situation is somewhat different. While the possibility is mentioned by some authors, it is generally thought that an implementation of a (semi-)classical channel will differ significantly from that of a quantum channel. Here, a counterexample will be given using an identical physical setup as is used in photon-polarization Ekert QKD. Since the physical implementation is identical, a manufacturer may include this modification as a Trojan Horse in manufactured systems, to be activated at will by an eavesdropper. Thus, the old truth of cryptography still holds: you have to trust the manufacturer of your cryptographic device. Even when you do violate the Bell inequality.

Abstract: Recently, Zhang, Li, and Guo have proposed a particular eavesdropping attack [Phys. Rev. A 63, 036301 (2001)] that shows that my quantum key distribution protocol based on entanglement swapping [Phys. Rev. A 61, 052312 (2000)] is insecure. However, security against this attack can be attained with a simple modification. In addition, a simpler version of the protocol using four qubits is introduced.

Abstract: Amplitude squeezed pulsed light has been produced using a microstructured silica fibre. By spectrally filtering after the nonlinear propagation in the fibre a squeezing value of -1.7dB has been measured. A quantum key distribution scheme based on squeezed light from such microstructured fibres is proposed.

Abstract: We consider a model of learning Boolean functions from quantum membership queries. This model was studied in [26], where it was shown that any class of Boolean functions which is information-theoretically learnable from polynomially many quantum membership queries is also information-theoretically learnable from polynomially many classical membership queries. In this paper we establish a strong computational separation between quantum and classical learning. We prove that if any cryptographic one-way function exists, then there is a class of Boolean functions which is polynomial-time learnable from quantum membership queries but not polynomial-time learnable from classical membership queries. A novel consequence of our result is a quantum algorithm that breaks a general cryptographic construction which is secure in the classical setting.

Abstract: This paper presents a hybrid cryptographic protocol, using quantum and classical resources, for authentication and authorization in a network. One or more trusted servers distribute streams of entangled photons to individual resources that seek to communicate. It is assumed that each resource shares a previously distributed secret key with the trusted server, and that resources can communicate with the server using both classical and quantum channels. Resources do not share secret keys with each other, so that the key distribution problem for the network is reduced from O(n^2) to O(n). Some advantages of the protocol are that it avoids the requirement for timestamps used in classical protocols, guarantees that the trusted server cannot know the authentication key, can provide resistance to multiple photon splitting attacks and can be used with BB84 or other quantum key distribution protocols.

Abstract: A number of questions associated with practical implementations of quantum cryptography systems having to do with unconditional secrecy, computational loads and effective secrecy rates in the presence of perfect and imperfect sources are discussed. The different types of unconditional secrecy, and their relationship to general communications security, are discussed in the context of quantum cryptography. In order to actually carry out a quantum cryptography protocol it is necessary that sufficient computational resources be available to perform the various processing steps, such as sifting, error correction, privacy amplification and authentication. We display the full computer machine instruction requirements needed to support a practical quantum cryptography implementation. We carry out a numerical comparison of system performance characteristics for implementations that make use of either weak coherent sources of light or perfect single photon sources, for eavesdroppers making individual attacks on the quantum channel characterized by different levels of technological capability. We find that, while in some circumstances it is best to employ perfect single photon sources, in other situations it is preferable to utilize weak coherent sources. In either case the secrecy level of the final shared cipher is identical, with the relevant distinguishing figure-of-merit being the effective throughput rate.