Secret Message Transmission over Quantum Channels under Adversarial Quantum Noise: Secrecy Capacity and Super-Activation

12/14/2017 ∙ by Holger Boche, et al. ∙ Technische Universität München TU Dresden 0

We determine the secrecy capacities of arbitrarily varying quantum channels. Both secrecy capacity with average error probability and with maximal error probability are derived. The code we construct fulfills a stringent secrecy requirement, which is called the strong code concept.We determine when the secrecy capacity is a continuous function of the system parameters and completely characterize its discontinuity points both for average error criterion and for maximal error criterion. Furthermore, we prove the phenomenon "super-activation" for secrecy capacities of arbitrarily varying quantum channels, i.e., two quantum channels both with zero secrecy capacity, if used together, allow secure transmission with positive capacity.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

I Introduction

In the last few years, the developments in modern communication systems have produced many results in a short amount of time. Quantum communication systems especially, allow us to exploit new possibilities while at the same time imposing fundamental limitations.

Quantum mechanics differs significantly from classical mechanics, it has its own laws. Quantum information theory unifies information theory with quantum mechanics, generalizing classical information theory to the quantum world. The unit of quantum information is called the "qubit", the quantum analogue of the classical “bit”. Unlike a bit, which is either “0” or “1”, a qubit can be in a “superposition”, i.e., two states at the same time. This property has turned into one of the fundamental resources of quantum information processing.

A quantum channel is a communication channel which can carry quantum information, e.g., photons. Two of the most standard ways to represent a quantum channel with linear algebraic tools are a sum of several transformations, or as a single isometry, which explicitly includes the unobserved environment.

A quantum channel can transmit both classical and quantum information. If the sender wants to transmit a classical message of a finite set to the receiver using a quantum channel , his encoding procedure will include a classical-to-quantum encoder to prepare a quantum message state suitable as an input for the channel. If the sender’s encoding is restricted to transmit an indexed finite set of quantum states , then we can consider the choice of the signal quantum states as a component of the channel. This is equivalent to considering the classical capacity of quantum channels.

Our goal is to investigate communication that takes place over a quantum channel which is, in addition to the noise from the environment, subjected to the action of a jammer who actively manipulates the states. The messages should also be kept secret from an eavesdropper.

Preceding work in quantum information theory has mostly focused on either of the two attacks. Our goal is to deliver a more general theory considering both channel robustness and security in quantum information theory. By doing so, we build on the preceding works Bl/Ca and Bo/No . Furthermore, we are interested in the delivery of large volumes of messages over many channel uses, so that we study the asymptotic behavior of the system.

A channel with a jammer is called an arbitrarily varying channel, where the jammer may change his input in every channel use and is not restricted to use a repetitive probabilistic strategy. In this model we consider such a channel which is not stationary and can change with every use. Communication over this channel works as follows: At first the sender and the receiver have to select their coding scheme. After that, the jammer makes his choice of the channel state to sabotage the message transmission. However, due to the physical properties, we assume that the jammer’s changes only take place in a set which is known to the sender and the receiver.

The arbitrarily varying channel was first introduced in Bl/Br/Th2 . Ahl1 showed a surprising result which is known as the Ahlswede Dichotomy: Either the capacity for message transmission of an arbitrarily varying channel is zero or it equals its shared randomness assisted capacity. After the discovery in Ahl1 it has remained an open question as to when the deterministic capacity is positive for several years. In Rei , a sufficient condition for that has been given, and in Cs/Na , it is proved that this condition is also necessary. The Ahlswede Dichotomy demonstrates the importance of shared randomness for communication in a very clear form.

A quantum channel with a jammer is called an arbitrarily varying quantum channel. It is defined as a family of indexed channels , where is called a channel state of the channel pair. This channel state , which varies from symbol to symbol in an arbitrary manner, governs the channel. In Ahl/Bli , the classical capacity of arbitrarily varying quantum channels has been analyzed, and a lower bound on the capacity has been given. An alternative proof and a proof of the strong converse are both given in Bj/Bo/Ja/No . In Ahl/Bj/Bo/No , the Ahlswede Dichotomy for the arbitrarily varying classical-quantum channels is established, and a sufficient and necessary condition for the zero deterministic capacity is given. In Bo/No , a simplification of this condition for the arbitrarily varying classical-quantum channels is given. Ahl/Bj/Bo/No and Bo/Ca/De complete the characterization of message transmission capacity for the arbitrarily varying channel. In Ahl/Bj/Bo/No , message transmission, key transmission, and strong subspace transmission have been considered. A full description of these transmission tasks has been completely established. In Bo/No an example has been given showing there are indeed arbitrarily varying classical-quantum channels which have zero deterministic capacity and positive random capacity. In this work we rendered these results to secrecy message transmission over arbitrarily varying quantum channels, which is the full description of secure message transmission and key transmission through arbitrarily varying quantum wiretap channels.

The noise affecting the transmission over a noisy quantum channel can be interpreted as interaction with the environment. Following the general protocol of De , we say this environment is completely under the control of the eavesdropper. Secure communication over a classical channel with an eavesdropper was first introduced in Wyn . A classical-quantum channel with an eavesdropper is called a classical-quantum wiretap channel. The secrecy capacity for classical-quantum channel with an eavesdropper has been determined in De and Ca/Wi/Ye .

This work is an extension of our previous papers Bo/Ca/De , Bo/Ca/De2 , and Bo/Ca/De3 , where we considered channel robustness against jamming, and concurrently security against eavesdropping for classical-quantum channels (cf. Section II.2), where classical-quantum channels are quantum channels whose sender’s inputs are classical variables. In our earlier works Bo/Ca/De , Bo/Ca/De2 , and Bo/Ca/De3 , we investigated secret message transmission over a classical-quantum channel. The messages were kept secret from an eavesdropper. Communication took place over a quantum channel which was, in addition to noise from the environment, subjected to the action of a jammer, which actively manipulated the states. A classical-quantum channel with both a jammer and an eavesdropper is called an arbitrarily varying classical-quantum wiretap channel. It is defined as a family of pairs of indexed channels with a common input alphabet and possible different output systems, connecting a sender with two receivers, a legal one and a wiretapper. The legitimate receiver accesses the output of the first channel in the pair, and the wiretapper observes the output of the second channel , respectively. governs both the legal receiver’s channel and the wiretap channel. A code for the channel conveys information to the legal receiver such that the wiretapper’s knowledge of the transmitted information can be kept arbitrarily small. In Bo/Ca/De , Bo/Ca/De2 , and Bo/Ca/De3 , the Ahlswede Dichotomy for arbitrarily varying classical-quantum wiretap channels is established, i.e. either the deterministic capacity of an arbitrarily varying channel is zero or is equal to its shared randomness assisted capacity. We delivered the formula for secrecy capacity of the arbitrarily varying classical-quantum wiretap channel. A full description of the arbitrarily varying classical-quantum wiretap channels is thus established with these earlier contributions Bo/Ca/De , Bo/Ca/De2 , and Bo/Ca/De3 when we combine their results. Currently only the message transmission capacity of arbitrarily varying quantum channels can be completely characterized (cf. Ahl/Bj/Bo/No , Bo/No , and Bo/No2 ). The entanglement distillation capacity, the entanglement generating capacity, and the strong subspace transmission capacity of arbitrarily varying quantum channels can only be determined for the case when the respective capacity is positive by now (Ahl/Bj/Bo/No ), i.e., the characterization of these capacities when the respective capacity is equal to zero is still an open problem.

In this work we determine the secrecy capacities of arbitrarily varying quantum channels. We also give an example showing that there are indeed arbitrarily varying quantum channels which have zero deterministic secrecy capacity and positive randomness assisted secrecy capacity. The deterministic secrecy capacity and the randomness assisted secrecy capacity of an AVQC is thus in general not equal. This behavior comes as quite a surprise because in Ahl/Bj/Bo/No the authors conjectured equality of deterministic capacity and randomness assisted capacity for entanglement distillation, entanglement generating, and strong subspace transmission for arbitrarily varying quantum channels.

The capacities of classical arbitrarily varying channel under maximal error criterion and under the average error criterion are in general, not equal. The capacity formula of classical arbitrarily varying channels under maximal error criterion is still an open problem. Interestingly, Bo/No shows that the capacities of an arbitrarily varying quantum channel under maximal error criterion and under the average error criterion are equal (cf. Remark II.2, Remark IV.2, and Remark IV.2). In Section IV.2 we extend this observation: We show that the secrecy capacities of an arbitrarily varying quantum channel under maximal error criterion and under the average error criterion are equal. For the proof we have to construct two sets of superposition codes to show the positivity of the secure capacity under maximal error criterion.

As an application of our results, we turn to the question: Is the secrecy capacity a continuous function of the system parameters? The analysis of the continuity of capacities of quantum channels is motivated by the question of whether small changes in the channel system are able to cause dramatic losses in the performance. The continuity of the message and entanglement transmission capacity of a stationary memoryless quantum channel has been listed as an open problem in WynSite and was solved in Le/Sm . Considering quantum channels with active jamming faces an especially new difficulty. The reason is that the capacity in this case is, in general, not solely specified by entropy quantities. In Bo/No2 the conditions under which the message transmission capacity of an arbitrarily varying quantum channel is continuous have been delivered. The condition for continuity of message transmission capacity of a classical arbitrarily varying wiretap channel has been given in Wi/No/Bo . We shall discuss the context of the entanglement distillation capacity, the entanglement generating capacity, and the strong subspace transmission capacity in Section III and in Section IV.

The continuity of the secrecy capacity of a classical arbitrarily varying channel under randomness assisted quantum coding has been shown in Bo/Sch/Po . This proof is still capable of improvements, since in general, the legal channel users do not have control over the the eavesdropper’s channel. However, this proof requires that the output alphabet of the eavesdropper’s channel is of finite cardinality. In this work we show that the continuity of the secrecy capacity of an arbitrarily varying quantum channel under randomness assisted quantum coding only depends on the legal channel. Moreover, we improve the result of Bo/Sch/Po when we give a generalized control function. This control function only depends on the legal channel.

Furthermore, we show as a consequence of our results that there is a phenomenon called “super-activation” for the secrecy capacity of arbitrarily varying quantum channels, i.e., two arbitrarily varying quantum channels, each useless for secure message transmission, can be super-activated to acquire positive secrecy capacity when used together.

Ii Preliminaries

ii.1 Basic properties, Communication Scenarios, and Notations

For a finite set

we denote the set of probability distributions on

by . Let and be Hermitian operators on a finite-dimensional complex Hilbert space . We say and if is positive-semidefinite. For a finite-dimensional complex Hilbert space , we denote the (convex) space of density operators on by

where is the set of linear operators on , and is the null matrix on . Note that any operator in is bounded.

For any finite set , any finite-dimensional complex Hilbert space , and , we define , and . We write for the elements of .

We denote the identity operator on a space by and the symmetric group on by . For a set on a Euclidean space we define the convex hull of by .

For a discrete random variable

on a finite set and a discrete random variable on a finite set , we denote the Shannon entropy of by and the mutual information between and by . Here is the joint probability distribution function of and , and and are the marginal probability distribution functions of and respectively, and “” means logarithm to base .

For a quantum state we denote the von Neumann entropy of by

Let and be quantum systems. We denote the Hilbert space of and by and , respectively. Let be a bipartite quantum state in . We denote the partial trace over by

where is an orthonormal basis of . We denote the conditional entropy by

where .

Let be a set of quantum states labeled by elements of . For a probability distribution on , the Holevo quantity is defined as

Note that we can always associate a state to such that holds for the quantum mutual information.

For a probability distribution on a finite set and a positive constant , we denote the set of typical sequences by

where is the number of occurrences of the symbol in the sequence .

For finite-dimensional complex Hilbert spaces and , a quantum channel : , is represented by a completely positive trace-preserving map which accepts input quantum states in and produces output quantum states in .

Definition

Let and be quantum systems. We denote the Hilbert space of and by and , respectively, and let be a finite set.

For every , let be a quantum channel . We call the set of the quantum channels an arbitrarily varying quantum channel when the state varies from symbol to symbol in an arbitrary manner.

The following Definition II.1 plays a very important role for the characterization of the capacity of arbitrarily varying quantum channels. The intuitive meaning of this is that the jammer can choose the state of the channel such that any two send sequences of quantum states of any length, may be confused by the receiver.

Definition

Let . We say that the arbitrarily varying quantum channel is -symmetrizable if for every , there exists a map which maps from to the set of distributions on such that

(1)

We say that the arbitrarily varying quantum channel is symmetrizable if is -symmetrizable for all .

Remark

In Bo/No2 the -symmetrizability was defined as follows: We say that is -symmetrizable if for every finite set there exists a such that for all , , (1) holds. The authors then showed that we might limit the cardinality to , which is the condition for -symmetrizability defined in (1). Thus the two conditions for -symmetrizability are equivalent.

ii.2 Problem Definition and Basic Definitions

Two of the common ways to represent a quantum channel, i. e. a completely positive trace-preserving map , with linear algebraic tools, are:
1. Operator sum decomposition (Kraus representation)

(2)

where (Kraus operators) are linear operators (cf.Kr , Ba/Ni/Sch , and Ni/Ch ). They satisfy the trace-preserving relation . The representation of a quantum channel according to (2) is not unique. Let and be two sets of Kraus operators (by appending zero operators to the shorter list of operation elements we may ensure that ). Suppose represents , then also represents if and only if there exists a unitary matrix such that for all we have (cf. Ni/Ch ).
2. Isometric extension (Stinespring dilation)

(3)

where is a linear operator such that , and is the quantum system of the environment (cf. Sho , Ba/Ni/Sch , and also cf. St for a more general Stinespring dilation theorem). can be chosen such that . The isometric extension of a quantum channel according to (3) is not unique either. Let and be two linear operators . Suppose represents , then also represents if and only if and are unitarily equivalent.

It is well known that we can deduce each of these two representations of the quantum channel from the other one. Let be a set of Kraus operators which represents . Let be an orthonormal system on . Then is an isometric extension which represents , since and . For the other way around, every isometric extension that represents can be written in the form , i.e. if the sender sends , and if the environment’s measurement gives , the receiver’s outcome will be . Here is a set of Kraus operators which represents , and is an orthonormal system on .

Figure 1: Arbitrarily varying quantum channel

We aim to analyze secret message transmission over a quantum channel. This channel connects the sender and the legal receiver, conveying information from the former to the latter. It is subject to active attacks: A jammer may change his input in every channel use and is not restricted to use a repetitive probabilistic strategy. If we do not consider security, we have a situation as shown in Figure 1, where public messages are transmitted. This scenario is described by a tripartite system with the sender, the legal receiver, and the jammer.

Following De we now define the secret message transmission protocol when we assume that the environment is completely under the control of the eavesdropper.

Definition

Let and be quantum systems and be a finite set. Let be an arbitrarily varying quantum channel. Following De we assume that the environment is completely under the control of the eavesdropper in the following sense:

Let be an isometric transformation which represents , where is a linear operator , and is the quantum system of the environment. can be chosen such that . Fix a with eigen-decomposition . If the channel state is , the local output density matrix seen by the receiver is

and the local output density matrix seen by the environment (which we interpret as the wiretapper) is

Therefore defines an arbitrarily varying wiretap quantum channel

where , , and , .

Figure 2: Arbitrarily varying wiretap quantum channel defined by an arbitrarily varying quantum channel

The jammer and the eavesdropper here act as two additional channel users. Instead of the tripartite system of Figure 1, we now have a quadripartite system in Figure 2. The quantum channel used by the legal parties (sender and receiver) is subject to two attacks at the same time: one passive (eavesdropping), and one active (jamming). The task for the legal transmitters is to transmit private information (secret messages or secret keys) despite the jamming attacks and at the same time to keep it secret against eavesdropping.

We consider the secrecy capacity of quantum channels carrying private information. We assume that the jammer is an additional hostile channel user. It is effectively given by an interference channel where the legal sender and the jammer are allowed to make inputs to the system, and the legal receiver as well as the eavesdropper, receive the corresponding outputs. Furthermore, we assume that the eavesdropper controls the complete environment. The jammer and the eavesdropper aim to prevent the legal parties from privately communicating, each with their own attacking strategies, respectively.

Quantum channels can transmit both classical and quantum information. For the transmission of classical information via a quantum channel, we first have to convert a classical message into a quantum state. We assume that the states to be produced in the input system are given by the set , where is a finite set of letters. By Section II.1, we can define the map , which is defined by , meaning that each classical input of leads to a distinct quantum output . defines a linear map (a classical-quantum channel) ,

In view of this, we have the following definition.

Definition

An (deterministic) code for an arbitrarily varying quantum channel with classical input consists of a stochastic encoder : , , specified by a matrix of conditional probabilities , and a collection of positive-semidefinite operators on , which is a partition of the identity, i.e. . We call these operators the decoder operators.

The average probability of the decoding error of a deterministic code is defined as

The maximal probability of the decoding error of a deterministic code is defined as

A code is created by the sender and the legal receiver before the message transmission starts. The sender uses the encoder to encode the message that he wants to send, while the legal receiver uses the decoder operators on the channel output to decode the message.

In De it has been shown that codes for secure message transmission over a classical-quantum wiretap channel can be used to build codes for entanglement transmission over a quantum channel. Please see Bo/Ca/Ca/De for a discussion of entanglement generation over compound quantum channels, which are channels when the channel states do not change with every use as in case of AVQCs, but are stationary over the time.

Remark

For classical arbitrarily varying channels, capacities under the average error criterion and under maximal error criterion are distinguished from each other. The capacity formula for the latter one is still unknown (cf. Ahl1 ). This statement is not true for the capacities of arbitrarily varying classical-quantum channel under maximal error criterion and under the average error criterion (cf. Remark IV.2, Remark IV.2, and Bj/Bo/Ja/No ).

We now consider, in addition to a faithful message transmission, a security requirement, i.e., a code for the channel conveying private information to the legal receiver such that the wiretapper’s knowledge of the transmitted information can be kept arbitrarily small.

Definition

Let be an arbitrarily varying quantum channel. A non-negative number is an achievable (deterministic) secrecy rate for the arbitrarily varying quantum channel under the average error criterion if for every , , and sufficiently large there exists a finite set , a map , and an code such that , and

(4)
(5)

where

is a random variable uniformly distributed on

and

where is a channel to the environment defined by .

The supremum on achievable (deterministic) secrecy rates of under the average error criterion is called the (deterministic) secrecy capacity of under the average error criterion, denoted by .

Remark

A weaker and widely used security criterion is obtained if we replace (5) with . In this paper we will follow Bj/Bo/So2 and use (5).

Remark

Let be a channel to the environment defined by the quantum channel . We may choose another Stinespring dilation for and obtain another channel to the environment. and are equivalent in the sense that there is a partial isometry such that for all we have (ca. Pa and Ho2 ). Thus the security criteria in Definition II.2 does not depend on which Stinespring dilation we choose to define the channel to the environment.

Remark

It is understood that the sender and the receiver have to select their coding scheme first. We assume that this coding scheme is known by the jammer and the eavesdropper. The jammer can make use of this knowledge to advance his attacking strategy. Our Definition 4 for the criterion of decoding error probability and Definition 5 for the security criterion require that a private information transmission can be guaranteed even in the worst case, i.e., under the assumption that the jammer and the eavesdropper know the complete coding scheme and will choose attacking strategies which are most advantageous for themselves.

Definition

Let be an arbitrarily varying quantum channel. A non-negative number is an achievable (deterministic) secrecy rate for the arbitrarily varying quantum channel under the maximal error criterion if for every , , and sufficiently large there exists a finite set , a map , and an code such that , and

(6)
(7)

where and are defined as in Definition II.2.

The supremum on achievable (deterministic) secrecy rates of under the maximal error criterion is called the (deterministic) secrecy capacity of under the maximal error criterion, denoted by .

The maximal error criterion is the strongest error criterion in the sense that when we consider secret message transmission under the maximal error criterion, we assume that the jammer not only knows the coding scheme of the legal channel users (cf. Remark II.2), but also the actual message. Definition II.2 requires that a private information transmission can be guaranteed even under the assumption that the jammer, knowing both the complete coding scheme and the message, will choose the most advantaged jamming attacking strategy depending on this knowledge.

With this interpretation in mind it is intuitively clear that, if sender and receiver have the ability to use one of many codes and the jammer is not informed about this choice anymore, the maximum- and average error criterion become equivalent again. This intuition is sharpened in Bo/Ca/Ca .

Definition

Let be an arbitrarily varying quantum channel. We denote the set of deterministic codes for by .

A non-negative number is an achievable secrecy rate for the arbitrarily varying quantum channel under randomness assisted coding if for every , , and , if is sufficiently large, there is a finite set , a map , and a distribution on such that , and

Here is a sigma-algebra, so chosen such that the functions and are both -measurable with respect to for every . and are defined as in Definition II.2.

The supremum on achievable secrecy rates for under randomness assisted coding is called the randomness assisted secrecy capacity of , denoted by .

Remark

The randomness assisted code technique is not to be confused with the random encoding technique. For the random encoding technique, only the sender, but not the receiver, randomly chooses a code word in to encode a message according to a probability distribution. The receiver should be able to decode even when he only knows the probability distribution, but not which code word is actually chosen by the sender. For the randomness assisted code technique, the sender randomly chooses a stochastic encoder , and the receiver chooses a set of the decoder operators . The receiver can decode the message if and only if he knows the actual random outcome of the sender’s random variable. The use of randomized encoding diffuses the knowledge of a jammer that has access to the code-words that are transmitted has regarding the actual message, and makes it more difficult for him to prevent reliable communication between sender and receiver.

Definition

Let be an arbitrarily varying quantum channel. We denote the set of deterministic codes for by .

A non-negative number is an achievable secrecy rate for the arbitrarily varying quantum channel under randomness assisted classical coding and the maximal error criterion if for every , , and , if is sufficiently large, there is a finite set , a map , and a distribution on such that , and

Here is a sigma-algebra, so chosen such that the functions and are both -measurable with respect to for every .

The supremum on achievable secrecy rates for under randomness assisted classical coding and the maximal error criterion is called the randomness assisted secrecy classical capacity under the maximal error criterion of , denoted by .

Definition

The code concept for arbitrarily varying wiretap quantum channels is similar to the code concept for arbitrarily varying classical-quantum wiretap channels in Bo/Ca/De and Bo/Ca/De3 . We build a two-part code word, the first part is used to create the randomness for the sender and the legal receiver, the second is used to transmit the message to the legal receiver. We call it a weak code concept when the first part to synchronize the second part is public, and a strong code concept when the first part is secure.

Definition

Let and be two arbitrarily varying quantum channels.

We say super-activation occurs to the secrecy capacity for two arbitrarily varying classical-quantum wiretap channels and when the following hold:

and

Definition

Let be an arbitrarily varying quantum channel. We define

(8)

The supremum is taken over all chosen finite sets , maps , and probability distributions on the input quantum states . Here and are the resulting quantum states at the output of and , respectively, where is the channel to the environment defined by and .

Let be an arbitrarily varying classical-quantum wiretap channel. We define

(9)

Here are the resulting quantum states at the output of the legitimate receiver’s channels.

are the resulting quantum states at the output of wiretap channels. The maximum is taken over all random variables that satisfy the Markov chain relationships:

for every and . Here is a random variable taking values on , and a random variable taking values on some finite set with probability distribution .

Definition

For finite sets and , we define a (discrete) classical channel : , to be a system characterized by a probability transition matrix . For and , expresses the probability of the output symbol when we send the symbol through the channel. The channel is said to be memoryless if the probability distribution of the output depends only on the input at that time and is conditionally independent of previous channel inputs and outputs. Further, we can extend this definition when we define a classical channel to a map : by denoting .

Definition

Let , , and be finite sets. Let := be a finite set. For every , let be a classical channel and be a classical channel .

We call the set of the classical channel pairs a (classical) arbitrarily varying wiretap channel when the channel state varies from symbol to symbol in an arbitrary manner. When the sender inputs into the channel, the receiver receives the output with probability , while the wiretapper receives the output with probability .

Definition

Let be a classical arbitrarily varying wiretap channel. An code for consists of a stochastic encoder : , specified by a matrix of conditional probabilities , and a collection of mutually disjoint sets (decoding sets).

The average probability of the decoding error of a deterministic code is defined as

Definition

We say that the arbitrarily varying channel is symmetrizable if there exists a parametrized set of distributions on such that for all , , and

We say that the arbitrarily varying classical-quantum channel is symmetrizable if there exists a parametrized set of distributions on such that for all , ,

Definition

Let and be finite sets, and be a finite-dimensional complex Hilbert space. Let be an index set. For every , let be a classical channel and be a classical-quantum channel . We call the set of the classical channel/classical-quantum channel pairs a classical arbitrarily varying quantum wiretap channel when the state varies from symbol to symbol in an arbitrary manner, while the legitimate receiver accesses the output of , and the wiretapper observes the output of , respectively.

Definition

Let be a classical arbitrarily varying quantum wiretap channel. An code for the classical arbitrarily varying quantum wiretap channel consists of a stochastic encoder : , , specified by a matrix of conditional probabilities , and a collection of mutually disjoint sets (decoding sets).

Definition

A non-negative number is an achievable secrecy rate for the classical arbitrarily varying quantum wiretap channel under the maximal error criterion if for every , , and sufficiently large there exist an code such that , and

(10)

and

(11)

The supremum on achievable secrecy rates for is called the secrecy capacity of under the maximal error criterion, denoted by .

Definition

Let and be quantum systems. We denote the Hilbert space of and by and , respectively. Let := be a finite set. For every , let be a quantum channel .

We call the set of the quantum channel a quantum compound channel. When the channel state is and the sender inputs a quantum state into the channel, the receiver receives an output quantum state .

Definition

An code for the classical-quantum compound wiretap channel consists of a stochastic encoder : , and a collection of positive-semidefinite operators on , which is a partition of the identity.

We deal with two communication scenarios. In the first one, only the sender is informed about the index , or in other words, has CSI, where CSI is an abbreviation for “channel state information”. In the second scenario, neither sender nor receiver has any information about that index at all.

Definition

A non-negative number is an achievable secrecy rate with CSI at the encoder for the compound wiretap quantum channel if for every , , and sufficiently large there exist a finite set , a map , and an code for each such that , and