Entropy Accumulation Under Post-Quantum Cryptographic Assumptions

Abstract

In device-independent (DI) quantum protocols, security statements are agnostic to the internal workings of the quantum devices—they rely solely on classical interactions with the devices and specific assumptions. Traditionally, such protocols are set in a non-local scenario, where two non-communicating devices exhibit Bell inequality violations. Recently, a new class of DI protocols has emerged that requires only a single device. In this setting, the assumption of no communication is replaced by a computational one: the device cannot solve certain post-quantum cryptographic problems. Protocols developed in this single-device computational setting—such as for randomness certification—have relied on ad hoc techniques, making their guarantees difficult to compare and generalize. In this work, we introduce a modular proof framework inspired by techniques from the non-local DI literature. Our approach combines tools from quantum information theory, including entropic uncertainty relations and the entropy accumulation theorem, to yield both conceptual clarity and quantitative security guarantees. This framework provides a foundation for systematically analyzing DI protocols in the single-device setting under computational assumptions. It enables the design and security proof of future protocols for DI randomness generation, expansion, amplification, and key distribution, grounded in post-quantum cryptographic hardness.

1. Introduction

The fields of quantum and post-quantum cryptography are rapidly evolving. In particular, the device-independent (DI) approach for quantum cryptography is being investigated in different setups and for various protocols. Consider a cryptographic protocol and a physical device that is being used to implement the protocol. The DI paradigm treats the device as untrusted and possibly adversarial. This means that in proving security, one must assume the device may have been prepared by an adversary. Only limited, well-defined assumptions regarding the inner workings of the device are placed. In such protocols, the honest party, called the verifier here, interacts with the untrusted device in a black-box manner, using classical communication. The security proofs are then based on properties of the transcript of the interaction, i.e., the classical data collected during the execution of the protocol, and the underlying assumptions.

The most well-studied DI setup is the so-called “non-local setting” [1,2]. There, the protocols are implemented using (at least) two untrusted devices, and the assumption made is that the devices cannot communicate between themselves during the execution of the protocol (or parts of it). In recent years, another variant has been introduced: instead of working with two devices, the protocol requires only a single device and the no-communication assumption is replaced by an assumption regarding the computational power of the device. More specifically, one assumes that during the execution of the protocol, the device is unable to solve certain computational problems, such as Learning With Errors (LWE) [3], which are believed to be hard for a quantum computer. (The exact setup and assumptions are explained in Section 3). Both models are DI, in the sense that the actions of the quantum devices are uncharacterized. Figure 1 schematically presents the two scenarios.

As in practice it might be challenging to assure that two quantum devices do not communicate, as required in the non-local setting, the incentive to study what can be achieved using only a single device is high. Indeed, after the novel proposals made in [4,5] for DI protocols for the verification of computation and randomness certification, many more protocols for various tasks and computational assumptions were investigated; see, e.g., [6,7,8,9,10,11,12,13,14,15,16]. Experimental works also followed, aiming at verifying quantum computation in the model of a single computationally restricted device [17,18]. With this research agenda advancing, more theoretical and experimental progress is needed—a necessity before one can estimate whether this avenue is of relevance for future quantum technologies or of sheer theoretical interest.

In this work we are interested in the task of generating randomness (Unless otherwise written, when we discuss the generation of randomness, we refer to a broad family of tasks: randomness certification, expansion, and amplification, as well as, potentially, quantum key distribution. In the context of the current work, the differences are minor). We consider a situation in which the device is prepared by a quantum adversary and then given to the verifier (the end user or costumer). The verifier wishes to use the device in order to produce a sequence of random bits. In particular, the bits should be random also from the perspective of the quantum adversary. The protocol defines how the verifier interacts with the device (also called the prover). It should be constructed to guarantee that the verifier aborts with high probability if the device is not trustworthy. Otherwise, it must certify that the bits produced by the device are random and unknown to the adversary.

Let us slightly formalize the above. The story begins with the adversary preparing a quantum state ${\rho }_{PE}^{\mathrm{in}}$; the marginal ${\rho }_P^{\mathrm{in}}$ is the initial state of the device given to the verifier while the adversary keeps the quantum register E for herself. In addition to the initial state ${\rho }_P^{\mathrm{in}}$, the device is described by the quantum operations, e.g., measurements, that it performs during the execution of the protocol. We assume that the device is a quantum polynomial time (QPT) device and thus can only perform efficient operations. Namely, the initial state ${\rho }_P^{\mathrm{in}}$ is of polynomial size and the operations can be described by a polynomial size quantum circuit; these are formally defined in Section 2. The verifier can perform only (efficient) classical operations. Together with the verifier, the initial state of all parties is denoted by ${\rho }_{PVE}^{\mathrm{in}}$. (In a simple scenario, one can consider ${\rho }_{PVE}^{\mathrm{in}}={\rho }_{PE}^{\mathrm{in}}\otimes {\rho }_V^{\mathrm{in}}$, i.e., the verifier is initially decoupled from the device and the adversary. This is, however, not necessarily the case in, for example, randomness amplification protocols [19]. We therefore allow for this flexibility with the above more general notation.) The verifier then executes the considered protocol using the device.

All protocols consist of what we call “test rounds” and “generation rounds”. The goal of a test round is to allow the verifier to check that the device is performing the operations that it is asked to apply by making it pass a test that only certain quantum devices can pass. The test and its correctness are based on the chosen computational assumption. (In the non-local setting, the test is based on the violation of a Bell inequality, or winning a non-local game with sufficiently high winning probability. Here the computational assumption “replaces” the Bell inequality.) For example, in [5], the cryptographic scheme being used is “Trapdoor Claw-Free Functions” (TCF)—a family of pairs of injective functions $f_0,f_1:{\{0,1\}}^n\to {\{0,1\}}^n$. Informally speaking, it is assumed that, for every image y, (a) given a “trapdoor” one could classically and efficiently compute two pre-images $x_0,x_1$ such that $f_0\left(x_0\right)=f_1\left(x_1\right)=y$; (b) without a trapdoor, even a quantum computer cannot come up with $x_0,x_1$ such that $f_0\left(x_0\right)=f_1\left(x_1\right)=y$ (with high probability). While there does not exist an efficient quantum algorithm that can compute both pre-images $x_0,x_1$ for a given image y without a trapdoor, a quantum device can nonetheless hold a superposition of the pre-images by computing the function over a uniform superposition of all inputs to receive ${\sum }_{y\in {\{0,1\}}^n}\left(\mid 0,x_0\rangle +\mid 1,x_1\rangle \right)\mid y\rangle$. These insights (and more—see Section 2.3 for details) allow one to define a test based on TCF such that a quantum device that creates ${\sum }_{y\in {\{0,1\}}^n}\left(\mid 0,x_0\rangle +\mid 1,x_1\rangle \right)\mid y\rangle$ can win while other devices that do not hold a trapdoor cannot. Moreover, the verifier, holding the trapdoor, will be able to check classically that the device indeed passes the test.

Let us move on to the generation rounds. In these rounds, the device produces the output bits O, which are supposed to be random. During the execution of the protocol, some additional information, such as a chosen public key for example (or whatever is determined by the protocol), may be publicly announced or leaked; we denote this side information by S.

After executing all the test and generation rounds, the verifier checks if the average winning probability in the test rounds is higher than some pre-determined threshold probability $\omega \in (0,1)$. If it is, then the protocol continues and otherwise aborts. Let the final state of the entire system, conditioned on not aborting the protocol, be ${\rho }_{|\Omega }$. To show that randomness has been produced, one needs to lower bound the conditional smooth min-entropy $H_{min}^{\epsilon }{\left(O\right|SE)}_{{\rho }_{|\Omega }}$ [20] (the formal definitions are given in Section 2). Indeed, this is the quantity that tightly describes the amount of information-theoretically uniform bits that can be extracted from the output O, given S and E, using a quantum-proof randomness extractor [21,22]. The focus of our work is to supply explicit lower bounds on $H_{min}^{\epsilon }{\left(O\right|SE)}_{{\rho }_{|\Omega }}$ in a general and modular way.

An important remark is in order before continuing. In our setting, the device is computationally bounded, but the output bits O must be secure against an unbounded adversary. This means that the adversary may retain her system E and later perform arbitrary operations on it, possibly using the side information S. Proving security in this setting implies that the computational assumption needs to hold only during the execution of the protocol. Once the output is generated, the security guarantee remains valid even if the computational assumption (such as LWE) is later broken. This property, known as “security lifting”, is a fundamental feature of all DI protocols based on computational assumptions.

1.1. Motivation of the Current Work

The setup of two non-communicating devices has naturally emerged from the study of quantum key distribution (QKD) protocols and non-local games (or Bell inequalities). As such, the quantum information theoretic toolkit for proving the security of protocols such as DIQKD, DI randomness certification, and alike was developed over many years and used for the analysis of numerous quantum protocols (see, for example, the survey [23]). The well-established toolkit includes powerful techniques that allow bounding the conditional smooth min-entropy $H_{min}^{\epsilon }{\left(O\right|SE)}_{{\rho }_{|\Omega }}$ mentioned above. Examples for such tools are the entropic uncertainty relations [24], the entropy accumulation theorem [25,26], and more. The usage of these tools allows one to derive quantitatively strong lower bounds on $H_{min}^{\epsilon }{\left(O\right|SE)}_{{\rho }_{|\Omega }}$, as well as handling realistically noisy quantum devices.

Unlike the protocols in the non-local setup, the newly developed protocols, for example, for randomness certification with a single device restricted by its computational power, are each analyzed using ad hoc proof techniques. On the qualitative side, such proofs make it harder to separate the wheat from the chaff, resulting in less modular and insightful claims. Quantitatively, the strength of the achieved statements is hard to judge—they are most likely not strong enough to lead to practical applications, and it is unknown whether this is due to a fundamental difficulty or a result of the proof technique. As a consequence, it is unclear whether such protocols are of relevance for future technology.

In this work, we show how to combine the information theoretic toolkit with assumptions regarding the computational power of the device. More specifically, we prove the lower bounds on the quantity $H_{min}^{\epsilon }{\left(O\right|SE)}_{{\rho }_{|\Omega }}$ by exploiting post-quantum cryptographic assumptions and quantum information-theoretic techniques, in particular the entropic uncertainty relation and the entropy accumulation theorem. Prior to our work, it was believed that such an approach cannot be taken in the computational setting (see the discussion in [5]). Once a bound on $H_{min}^{\epsilon }{\left(O\right|SE)}_{{\rho }_{|\Omega }}$ is proven, the security of the considered protocols then follows from our bounds using standard tools. The developed framework is general and modular. We use the original work of [5] as an explicit example; the same steps can be easily applied to, for example, the protocols studied in the recent works [14,15].

1.2. Main Ideas and Results

The main tool which is used to lower bound the conditional smooth min-entropy in DI protocols in the non-local setting is the entropy accumulation theorem (EAT) [25,27]. The EAT deals with sequential protocols, namely, protocols that proceed in rounds, one after the other, and in each round, some bits are being output. Roughly speaking, the theorem allows us to relate the total amount of entropy that accumulates throughout the execution of the protocol to, in some sense, an “average worst-case entropy of a single round” (see Section 2 for the formal statements). It was previously unclear how to use the EAT in the context of computational assumptions, and so [5] used an ad hoc proof to bound the total entropy.

The general structure of a protocol that we consider is shown in Figure 2. The initial state of the system is ${\rho }_{PVE}^{\mathrm{in}}$. The protocol, as mentioned, proceeds in rounds. Each round includes interaction between the verifier and the prover and, overall, can be described by an efficient quantum channel ${\mathcal{M}}_i$ for round $i\in \left[n\right]$. The channels output some outcomes $O_i$ and side information $S_i$. In addition, the device (as well as the verifier) may keep the quantum and classical memory from previous rounds—this is denoted in the figure by the registers $R_i$. We remark that there is only one device and the figure merely describes the way that the protocol proceeds. That is, in each round $i\in \left[n\right]$, the combination of the actions of the device and the verifier, together, defines the maps ${\mathcal{M}}_i$. The adversary’s system E is untouched by the protocol. One could also consider more complex protocols in which the adversary’s information does change in some ways. This can be covered using the generalized EAT [26]. We do not do so in the current manuscript since all protocols so far fall in the above description, but the results can be extended to the setup of [26].

We are interested in bounding the entropy that accumulates by the end of the protocol: $H_{min}^{\epsilon }{\left(\mathbf{O}\right|\mathbf{S}E)}_{{\rho }_{|\Omega }}$, where $\mathbf{O}=O_1,\cdots ,O_n$ and similarly $\mathbf{S}=S_1,\cdots ,S_n$. The EAT tells us that, under certain conditions, this quantity is lower bounded, to the first order in n, by $tn$ with t of the form

$$t=\underset{\sigma \in \Sigma \left(\omega \right)}{min}H{\left(O_i\right|S_{i}E)}_{{\mathcal{M}}_i\left(\sigma \right)},$$

(1)

Here, ${\mathcal{M}}_i$ denotes the quantum channel that describes the action of the i-th round of the protocol on the input state $\sigma$, including both the verifier’s interaction and the device’s response. The entropy is then computed with respect to the output distribution induced by this channel on the input state $\sigma$. The value $\omega$ is the average winning probability of the device in the test rounds, and $\Sigma \left(\omega \right)$ is the set of all (including inefficiently constructed) states of polynomial size that achieve the winning probability $\omega$.

To lower bound the entropy appearing in Equation (1), one needs to use the computational assumption being made. This can be performed in various ways. In the current work, we show how statements about anti-commuting operators, such as those proven in [5,14,15], can be brought together with the entropic uncertainty relation [24], another tool frequently used in quantum information theory, to obtain the desired bound. In combination with our usage of the EAT, the bound on $H_{min}^{\epsilon }{\left(\mathbf{O}\right|\mathbf{S}E)}_{{\rho }_{|\Omega }}$ follows.

The described techniques are being made formal in the rest of the manuscript. We use [5] as an explicit example, also deriving quantitative bounds. We discuss the implications of the quantitative results in Section 4 and their importance for future works. Furthermore, our results can be used directly to prove the full security of the DIQKD protocol of [9].

The core technical result of this work is formalized in Theorem 2. This theorem provides a concrete, non-asymptotic lower bound on the conditional smooth min-entropy of the protocol output, conditioned on all side information including the adversary’s system. It gives a usable, round-scalable guarantee that applies to protocols based on noisy trapdoor claw-free functions, assuming only computational limitations on the device.

Informally, Theorem 2 states the following. If the device passes the test rounds with a sufficiently high success probability, then the output bits collected in the generation rounds contain min-entropy linear in the number of rounds, even conditioned on all classical and quantum side information.

We add that on top of the generality and modularity of our technique, its simplicity contributes to a better understanding of the usage of post-quantum cryptographic assumptions in randomness generation protocols. Thus, apart from being a tool for the analysis of protocols, we also shed light on what is required for a protocol to be strong and useful. For example, we can see from the explanation given in this section that the computational assumptions enter in three forms in Equation (1):

• The channels ${\mathcal{M}}_i$ must be efficient.
• The states $\sigma$ must be of polynomial size.
• Due to the minimization, the states $\sigma$ that we need to consider may also be inefficient to construct, even though the device is efficient.

Points 1 and 2 are the basis when considering the computational assumption and constructing the test; in particular, they allow one to bound $H{\left(O_i\right|S_{i}E)}_{{\mathcal{M}}_i\left(\sigma \right)}$, up to a negligible function $\eta \left(\lambda \right)$, where $\lambda$ is a security parameter defined by the computational assumption.

Point 3 is slightly different. The set over which the minimization is taken determines the strength of the computational assumption that one needs to consider. For example, it indicates that the protocol in [5] requires that the LWE assumption is hard even with a potentially inefficient polynomial-size advice state. This is a (potentially) stronger assumption than the “standard” formulation of LWE. Note that the stronger assumption is required even though the initial state of the device, ${\rho }_P^{\mathrm{in}}$, is efficient to prepare (i.e., it does not act as an advice state in this case). In [5], this delicate issue arises only when analyzing everything that can happen to the initial state throughout the entire protocol and conditioning upon not aborting. In the current work, we directly see and deal with the need for allowing advice states from the minimization in Equation (1).

We conclude our work with a discussion of what information is it that we allow our protocol to leak to the adversary via the side information register $\mathbf{S}$. One obvious part of the side information $\mathbf{S}$ is the cryptographic key $K_i$, which was used to initiate the protocol, and the type of challenge (as was considered in [5]). Here we consider leakage of additional information to the adversary, and its consequent effect on the smooth min entropy $H_{min}^{\epsilon }{\left(\mathbf{O}\right|\mathbf{S}E)}_{{\rho }_{|\Omega }}$. With regard to the constituents of the side information, it is also important to note that even leakage of the trapdoor to the side information $\mathbf{S}$ is allowed. This should, naively, render the cryptographic primitives useless by undermining the computational assumptions, but in practice does not since we only demand that the computational assumptions hold, with respect to the device we are interacting with, during the execution of the protocol. Since the adversary E itself is unbounded and has access to the cryptographic key $K_i$, we can assume it computes the trapdoor.

1.3. Related Works

• This work builds on [5] as a case study and draws on several of its results. We make use of the cryptographic primitive introduced in [5] (Section 3), as well as lemmas from [5] (Sections 6 and 7), which together define the core of the computational assumption underlying randomness generation.
  Our main advancement over this prior work is the ability to construct a von Neumann entropy bound for a single protocol round. This enables us to entirely replace the protocol-specific analysis in [5] (Section 8), a task that was conjectured to be beyond the reach of entropy accumulation techniques, by adapting the EAT framework of [28] to the computational setting.
  In Section 8 of [5], the authors develop a two-step analysis: they define an idealized device equipped with a fictitious projective measurement used to identify when the device lies in a “good subspace”, and then argue that the real protocol approximates the behavior of this idealized version. The entropy bound is derived manually, using a custom score function and round-by-round reductions that are specific to their protocol. While this approach is rigorous, it is mathematically involved and lacks generality.
  In contrast, our framework defines a per-round min-trade-off function and uses a general entropy accumulation argument to bound the total output entropy. This substitution yields a conceptually cleaner and modular proof, and allows us to derive concrete, non-asymptotic entropy bounds. This stands in contrast to the asymptotic nature of the results in [5], which do not quantify the amount of certified entropy for any finite choice of parameters.
  The absence of explicit bounds in [5] was later addressed by the same authors in [29], where a protocol variant generates n bits of randomness in a single round but without the ability to accumulate entropy across multiple rounds. As a result, achieving meaningful entropy guarantees in that setting requires choosing security parameters that are unreasonably large. This mirrors the trade-off in our work, where a large number of rounds is similarly required to achieve practically significant entropy rates.
• In [16], the authors investigate the certification of randomness on “NISQ” (Noisy Intermediate Scale Quantum) devices using the entropy accumulation theorem. The verification scheme proposed in that work is computationally hard. As a result, there is a tension between ensuring security and maintaining practicality: the security parameter must be large enough to make the underlying problem hard, yet small enough to keep verification feasible. Perhaps as a consequence, the computational assumptions described in that work are somewhat amorphous.

2. Preliminaries

Throughout this work, we use the symbol $\mathbb{1}$ as the identity operator and as the characteristic function interchangeably; the usage is clear due to context. We denote $x\leftarrow X$ when x is sampled uniformly from the set X or $x\leftarrow \mathcal{D}$ when x is sampled according to a distribution $\mathcal{D}$. The Bernoulli distribution with $p\left(0\right)=\gamma$ is denoted as $\mathrm{Bernoulli}(1-\gamma )$ The Pauli operators are denoted by ${\sigma }_x,{\sigma }_y,{\sigma }_z$. The set $\{1,\cdots ,n\}$ is denoted as $\left[n\right]$.

2.1. Mathematical Background

Definition 1 (Negligible function).

A function $\eta :\mathbb{N}\to {\mathbb{R}}^{+}$ is to be negligible if for every $c\in \mathbb{N}$ there exists $N\in \mathbb{N}$ such that for every $n>N$, $\eta \left(n\right)<n^{-c}$.

Lemma 1.

Let $\eta :\mathbb{N}\to {\mathbb{R}}^{+}$ be a negligible function. The function $\eta \left(n\right)ln(1/\eta (n\left)\right)$ is also negligible.

Proof. 

Assume, without loss of generality, the monotonicity and positivity of some negligible function $\eta$. Given $c\in \mathbb{N}$, we wish to find $N\in \mathbb{N}$ such that $\forall n>N$, $\eta \left(n\right)ln(1/\eta \left(n\right))<n^{-c}$. We denote the following function:

$$g\left(n\right):=max\left\{\left.k\in \mathbb{N}\right|\eta \left(n\right)<n^{-k}\right\}.$$

This means

$$\begin{array}{ccccccc}& n^{-\left(g\right(n)+1)}& \le & \eta \left(n\right)& <& n^{-g\left(n\right)}& ,\hfill \\ \Rightarrow & -\left(g\right(n)+1)lnn& \le & ln\eta \left(n\right)& <& -g\left(n\right)lnn& ,\hfill \\ \Rightarrow & \left(g\right(n)+1)lnn& \ge & ln(1/\eta (n\left)\right)& >& g\left(n\right)lnn& ,\hfill \end{array}$$

yielding

$$\eta \left(n\right)ln(1/\eta \left(n\right))<n^{-g\left(n\right)}(g\left(n\right)+1)lnn={\displaystyle \frac{g\left(n\right)+1}{n^{g\left(n\right)-1}}}{\displaystyle \frac{lnn}{n}}<{\displaystyle \frac{g\left(n\right)+1}{n^{g\left(n\right)-1}}}={\displaystyle \frac{g\left(n\right)+1}{n^{g\left(n\right)-1-c}}}{\displaystyle \frac{1}{n^c}}.$$

By the negligibility property of $\eta \left(n\right)$, the function $g\left(n\right)$ diverges to infinity. Therefore, $\exists N\in \mathbb{N}$ such that $\forall n>N$

$${\displaystyle \frac{g\left(n\right)+1}{n^{g\left(n\right)-1-c}}}\le 1,$$

and for all $n>N$

$$\eta \left(n\right)ln(1/\eta \left(n\right))<{\displaystyle \frac{g\left(n\right)+1}{n^{g\left(n\right)-1-c}}}{\displaystyle \frac{1}{n^c}}\le {\displaystyle \frac{1}{n^c}}.$$

□

Corollary 1.

Let η be a negligible function and let $h\left(x\right)=-xlogx-(1-x)log(1-x)$ be the binary entropy function. There exists a negligible function ξ for which the following holds:

$$h(x-\eta (n\left)\right)\ge h\left(x\right)-\xi \left(n\right).$$

(2)

Definition 2 (Hellinger distance).

Given two probability distributions $P={\left\{p_i\right\}}_i$ and $Q={\left\{q_i\right\}}_i$, the Hellinger distance between P and Q is defined as

$$H(P,Q)={\displaystyle \frac{1}{\sqrt{2}}}\sqrt{\sum _i{(\sqrt{p_i}+\sqrt{q_i})}^2}.$$

Lemma 2 (Jordan’s lemma extension).

Let $U_1,U_2$ be two self-adjoint unitary operators acting on a Hilbert space $\mathcal{H}$ of a countable dimension. Let L be a normal operator acting on the same space such that $[L,U_1]=[L,U_2]=0$. There exists a decomposition of the Hilbert space into a direct sum of orthogonal subspaces $\mathcal{H}={\oplus }_{\alpha }{\mathcal{H}}_{\alpha }$ such that for all α, $dim\left({\mathcal{H}}_{\alpha }\right)\le 2$ and given $\mid \psi \rangle \in {\mathcal{H}}_{\alpha }$, all three operators satisfy $U_1\mid \psi \rangle ,U_2\mid \psi \rangle ,L\mid \psi \rangle \in {\mathcal{H}}_{\alpha }$.

Jordan’s lemma appears, among other places, in [2] (Appendix G.4). The sole change in the proof of the extension is in the choice of diagonalizing basis of the unitary operator $U_2{U}_1$. The chosen basis is now a mutual diagonalizing basis of $U_2{U}_1$ and L, which exists due to commutative relations.

Lemma 3.

Let $\Pi ,M,K$ be Hermitian projections acting on a Hilbert space $\mathcal{H}$ of a countable dimension such that $[K,\Pi ]=[K,M]=0$. There exists a decomposition of the Hilbert space into a direct sum of orthogonal subspaces such that $\Pi ,M$ and K are a 2 by 2 block diagonal. In addition, in subspaces ${\mathcal{H}}_{\alpha }$ of dimension 2, Π and M take the forms

$$\begin{array}{cc}{\Pi }_{\alpha }=\left(\begin{array}{c}1\\ \phantom{0}& 0\end{array}\right)& \end{array}{M}_{\alpha }=\left(\begin{array}{cc}{c}_{\alpha }^2& c_{\alpha }{s}_{\alpha }\\ c_{\alpha }{s}_{\alpha }& s_{\alpha }^2\end{array}\right)$$

where $c_{\alpha }=cos{\theta }_{\alpha },s_{\alpha }=sin{\theta }_{\alpha }$ for some ${\theta }_{\alpha }$.

Proof. 

Given a Hermitian projection $\Pi$, consider the unitary operator $2\Pi -\mathbb{1}$, satisfying ${(2\Pi -\mathbb{1})}^2=\mathbb{1}$. Therefore, the operators $2\Pi -\mathbb{1},2M-\mathbb{1}$ satisfy the conditions for Lemma 2 and there exists the decomposition of $\mathcal{H}$ to a direct sum of orthogonal subspaces ${\mathcal{H}}_{\alpha }$ such that in these subspaces,

$$\begin{array}{cc}2{\Pi }_{\alpha }-{\mathbb{1}}_{\alpha }=\left(\begin{array}{cc}& 1\\ 1\end{array}\right)& \end{array}2M_{\alpha }-{\mathbb{1}}_{\alpha }=\left(\begin{array}{cc}& \omega \\ \overline{\omega }\end{array}\right).$$

One can recognize the operators as ${\sigma }_x$ and $cos\theta {\sigma }_x+sin\theta {\sigma }_y$, respectively, for some angle $\theta$. Therefore, there exists a basis of ${\mathcal{H}}_{\alpha }$ such that the operators are ${\sigma }_z$ and $cos\varphi {\sigma }_z+sin\varphi {\sigma }_x$, respectively, for some angle $\varphi$. Consequently, in this subspace, the projections take the form

$$\begin{array}{c}{\Pi }_{\alpha }={\displaystyle \frac{1}{2}}(\left(\begin{array}{cc}1& \\ & -1\end{array}\right)+\left(\begin{array}{cc}1& \\ & 1\end{array}\right))=\left(\begin{array}{cc}1& \\ & 0\end{array}\right)\\ \\ M_{\alpha }={\displaystyle \frac{1}{2}}(\left(\begin{array}{cc}cos\varphi & sin\varphi \\ sin\varphi & -cos\varphi \end{array}\right)+\left(\begin{array}{cc}1& \\ & 1\end{array}\right))=\left(\begin{array}{cc}{c}_{\alpha }^2& c_{\alpha }{s}_{\alpha }\\ c_{\alpha }{s}_{\alpha }& c_{\alpha }^2\end{array}\right)\end{array},$$

with ${\theta }_{\alpha }=\varphi /2$. □

Lemma 4 (Jensen’s inequality extension).

Let $f:U\to \mathbb{R}$ be a convex function over a convex set $U\in {\mathbb{R}}^n$ such that for every $u\in U$ there exists a subgradient. Let ${\left(X_i\right)}_{i\in \left[n\right]}$ be a sequence of random variables with support over U. Then, $\mathbb{E}\left[f(X_1,\dots ,X_n)\right]\ge f(\mathbb{E}\left[X_1\right],\dots ,\mathbb{E}\left[X_n\right])$.

2.2. Tools in Quantum Information Theory

We state here the main quantum information theoretic definitions and techniques appearing in previous work, on which we build in the current manuscript.

Definition 3 (von Neumann entropy).

Let ${\rho }_{AB}$ be a density over the Hilbert space ${\mathcal{H}}_A\otimes {\mathcal{H}}_B$. The von Neumann entropy of the ${\rho }_A$ is defined as

$$H{\left(A\right)}_{\rho }=-\mathrm{Tr}({\rho }_{A}log{\rho }_A).$$

The conditional von Neumann entropy of A given B is defined to be

$$H{\left(A\right|B)}_{\rho }=H{\left(AB\right)}_{\rho }-H{\left(B\right)}_{\rho }.$$

Definition 4

(Square overlap [24]). Let Π and M be two observables, described by orthonormal bases ${\{\mid {\pi }_i\rangle \}}_i$ and ${\{\mid m_j\rangle \}}_j$ on a d-dimensional Hilbert space ${\mathcal{H}}_A$. The measurement processes are then described by the completely positive maps

$$\mathcal{P}:\rho \to \sum _i\langle {\pi }_i\mid \rho \mid {\pi }_i\rangle \mid {\pi }_i\rangle \langle {\pi }_i\mid ,\mathcal{M}:\rho \to \sum _j\langle m_j\mid \rho \mid m_j\rangle \mid m_j\rangle \langle m_j\mid .$$

(3)

The square overlap of Π and M is then defined as

$$c:=\underset{i,j}{max}{\left|\langle {\pi }_i\mid m_j\rangle \right|}^2.$$

Definition 5.

Let M be an observable on a d-dimensional Hilbert space ${\mathcal{H}}_A$ and let $\mathcal{M}$ be its corresponding map as appearing in Equation (3). Given a state $\rho \in {\mathcal{H}}_A\otimes {\mathcal{H}}_B$, we define the conditional entropy of the measurement M given the side information B as

$$H{\left(M\right|B)}_{\rho }=H{\left(A\right|B)}_{(\mathcal{M}\otimes {\mathbb{1}}_B)\left(\rho \right)}=H{\left(AB\right)}_{(\mathcal{M}\otimes {\mathbb{1}}_B)\left(\rho \right)}-H{\left(B\right)}_{(\mathcal{M}\otimes {\mathbb{1}}_B)\left(\rho \right)}.$$

(4)

Lemma 5

(Entropic uncertainty principle [24] (Supplementary—Corollary 2)). Let Π and M be two observables on a Hilbert space ${\mathcal{H}}_P$ and let c be their square overlap. For any density operator $\rho \in {\mathcal{H}}_V\otimes {\mathcal{H}}_P\otimes {\mathcal{H}}_E$,

$$H(\Pi |E)\ge log(1/c)-H(M\left|V\right).$$

In order to provide a clear understanding of the quantum uncertainty that arises from two measurements, as in Lemma 5, it is beneficial to examine the square overlap between those measurements (Definition 4). The Bloch sphere representation, which pertains to Hilbert spaces of two dimensions, offers a lucid illustration of this concept as shown in Figure 3.

Lemma 6.

Given two non-trivial Hermitian projections

$$\Pi ={\displaystyle \frac{1}{2}}(\mathbb{1}+{\sigma }_z);M={\displaystyle \frac{1}{2}}(\mathbb{1}+cos\left(\theta \right){\sigma }_z+sin\left(\theta \right){\sigma }_x),$$

(5)

acting on a two-dimensional Hilbert space $\mathcal{H}$, the eigenvalues of the operator $\Pi M\Pi +(\mathbb{1}-\Pi )M(\mathbb{1}-\Pi )$ are ${cos}^2(\theta /2)$ and ${sin}^2(\theta /2)$. In addition, the square overlap of the operators in Equation (5) is $c=max\left\{{cos}^2(\theta /2),{sin}^2(\theta /2)\right\}$.

Lemma 7

(Continuity of conditional entropies [30] (Lemma 2)). For states ρ and σ on a Hilbert space ${\mathcal{H}}_A\otimes {\mathcal{H}}_B$, if ${\displaystyle \frac{1}{2}}{\parallel \rho -\sigma \parallel }_1\le ϵ\le 1$, then

$${|H\left(A\right|B)}_{\rho }-H{\left(A\right|B)}_{\sigma }|\le ϵ{log}_2\left(\right|A\left|\right)+(1+ϵ)h\left({\displaystyle \frac{ϵ}{1+ϵ}}\right).$$

(6)

Lemma 8

(Good-subspace projection [5] (Lemma 7.2)). Let Π and M be two Hermitian projections on $\mathcal{H}$ and ϕ a state on $\mathcal{H}$. Let $\omega =\left(M\varphi \right)$ and

$$\mu ={\displaystyle |}{\displaystyle \frac{1}{2}}-\mathrm{Tr}(M\Pi \varphi \Pi )-\mathrm{Tr}\left(M(\mathbb{1}-\Pi )\varphi (\mathbb{1}-\Pi )\right){\displaystyle |}.$$

Let $c\in (1/2,1]$. Let $B_j$ be the orthogonal projection on the j’th $2\times 2$ block as given in Lemma 3 and denote $c_j$ as the square overlap of Π and M in the corresponding block. Define Γ to be the orthogonal projection on all blocks such that the square overlap is bound by c:

$$\Gamma :=\sum _{j:c_j\le c}{B}_j.$$

(7)

Then,

$$\mathrm{Tr}\left((\mathbb{1}-\Gamma )\varphi \right)\le {\displaystyle \frac{2\mu +10\sqrt{1-\omega }}{{(2c-1)}^2}}.$$

(8)

The above lemma was proven in [5]. Since it plays a crucial part in the work, we include the proof for completeness.

Proof. 

Using Jordan’s lemma we find a basis of $\mathcal{H}$, in which

$$M={\oplus }_j\left(\begin{array}{cc}{a}_j^2& a_j{b}_j\\ a_j{b}_j& b_j^2\end{array}\right)\mathrm{and}\Pi ={\oplus }_j\left(\begin{array}{cc}1& \\ & 0\end{array}\right),$$

(9)

where $a_j=cos{\theta }_j$, $b_j=sin{\theta }_j$, for some angles ${\theta }_j$. Let $\Gamma$ be the orthogonal projection on those two-dimensional blocks such that $max(a_j^2,b_j^2)\equiv c_j\le c$. Note the following:

• $\Gamma$ commutes with both M and $\Pi$, but not necessarily with $\varphi$.
• $\Gamma$ is the projection on $2\times 2$ blocks where the eigenvalues of the operator $\Pi M\Pi +(\mathbb{1}-\Pi )M(\mathbb{1}-\Pi )$ are in the range $[1-c,c]$ as a consequence of Lemma 6.

Assume that $\omega =1$. This implies that $\varphi$ is supported on the range of M. For any block j, let $B_j$ be the projection on the block and $p_j=\mathrm{Tr}\left(B_j\varphi \right)$. It follows from the decomposition of M and $\Pi$ to two-dimensional blocks and the definition of $\mu$ that (this is easily seen in the Bloch sphere representation):

$$|\sum _{j:c_j\le c}{p}_j(a_j^4+b_j^4)+\sum _{j:c_j>c}{p}_j(a_j^4+b_j^4)-{\displaystyle \frac{1}{2}}|=\mu .$$

(10)

Using that for j with $c_j>c$ such that $max(a_j^2,b_j^2)\ge c$ and the fact that the polynomial $1-2x(1-x)$ is strictly rising in the regime $x>1/2$, we get

$$a_j^4+b_j^4=1-2a_j^2{b}_j^2=1-2max(a_j^2,b_j^2)(1-max(a_j^2,b_j^2))\ge 1-2c(1-c)={\displaystyle \frac{1}{2}}+{\displaystyle \frac{1}{2}}{(2c-1)}^2.$$

From Equation (10) and $a_j^4+b_j^4\ge 1/2$, it follows that

$$\begin{array}{cc}\hfill 2\mu & =\sum _{j:c_j\le c}{p}_j(1+{(2c_j-1)}^2)+\sum _{j:c_j>c}{p}_j(1+{(2c_j-1)}^2)-1\hfill \\ \hfill & =\sum _{j:c_j\le c}{p}_j{(2c_j-1)}^2+\sum _{j:c_j>c}{p}_j{(2c_j-1)}^2\ge \sum _{j:c_j>c}{p}_j{(2c-1)}^2.\hfill \end{array}$$

Consequently,

$$\mathrm{Tr}\left((\mathbb{1}-\Gamma )\varphi \right)\le {\displaystyle \frac{2\mu }{{(2c-1)}^2}}.$$

(11)

This concludes the case where $\omega =1$.

Consider $\omega <1$ and $\mathrm{Tr}\left(M\varphi \right)>0$, as otherwise the lemma is trivial. Let ${\varphi }^{\prime }=M\varphi M/\mathrm{Tr}\left(M\varphi \right)$. By the gentle measurement lemma [31] (Lemma 9.4.1),

$${\parallel {\varphi }^{\prime }-\varphi \parallel }_1\le 2\sqrt{1-\omega }.$$

(12)

Using the definition of $\mu$, it follows that

$$|{\displaystyle \frac{1}{2}}-\mathrm{Tr}(M\Pi {\varphi }^{\prime }\Pi )-\mathrm{Tr}\left(M(\mathbb{1}-\Pi ){\varphi }^{\prime }(\mathbb{1}-\Pi )\right)\mid \le \mu +4\sqrt{1-\omega }.$$

Following the same steps as those used for the case $\gamma =0$ yields an analogue of (11), with ${\varphi }^{\prime }$ instead of $\varphi$ on the left-hand side and $\mu +4\sqrt{1-\omega }$ instead of $\mu$ on the right-hand side. Applying again Equation (12), the same bound transfers to $\varphi$ with an additional loss of $2\sqrt{1-\omega }$. □

A main tool that we are going to use is the entropy accumulation theorem (EAT) [25,32]. For our quantitative results, we used the version appearing in [25]; one can use any other version of the EAT in order to optimize the randomness rates, e.g., [32] as well as the generalization in [26]. We do not explain the EAT in detail; the interested reader is directed to [28] for a pedagogical explanation.

Definition 6 (EAT channels).

Quantum channels ${\{{\mathcal{M}}_i:R_{i-1}\to R_i{O}_i{S}_i{Q}_i\}}_{i\in \left[n\right]}$ are said to be EAT channels if the following requirements hold:

1. 

${\left\{O_i\right\}}_{i\in \left[n\right]}$ are finite dimensional quantum systems of dimension $d_O$, and ${\left\{Q_i\right\}}_{i\in \left[n\right]}$ are finite-dimensional classical systems (RV). ${\left\{S_i\right\}}_{i\in \left[n\right]}$ are arbitrary quantum systems.

2. 

For any $i\in \left[n\right]$ and any input state ${\sigma }_{R_{i-1}}$, the output state ${\sigma }_{R_i{O}_i{S}_i}={\mathcal{M}}_i\left({\sigma }_{R_{i-1}}\right)$ has the property that the classical value $Q_i$ can be measured from the marginal ${\sigma }_{O_i{S}_i}$ without changing the state. That is, for the map ${\mathcal{T}}_i:O_i{S}_i\to O_i{S}_i{Q}_i$ describing the process of deriving $Q_i$ from $O_i$ and $S_i$, it holds that ${\mathrm{Tr}}_{Q_i}\circ {\mathcal{T}}_i\left({\sigma }_{O_i{S}_i}\right)={\sigma }_{O_i{S}_i}$.

3. 

For any initial state ${\rho }_{R_{0}E}^{\mathrm{in}}$, the final state ${\rho }_{\mathbf{OSX}E}=({\mathrm{Tr}}_{R_n}\circ {\mathcal{M}}_n\circ \cdots \circ {\mathcal{M}}_1)\otimes {\mathbb{1}}_E{\rho }_{R_{0}E}^{\mathrm{in}}$ fulfills the Markov chain conditions $O_1,\cdots ,O_{i-1}\leftrightarrow S_1,\cdots ,S_{i-1},E\leftrightarrow S_i$.

Definition 7 (Min-trade-off function).

Let $\left\{{\mathcal{M}}_i\right\}$ be a family of EAT channels and $\mathcal{Q}$ denote the common alphabet of $Q_1,\dots ,Q_n$. A differentiable and convex function $f_{\min }$ from the set of probability distributions p over $\mathcal{Q}$ to the real numbers is called a min-trade-off function for $\left\{{\mathcal{M}}_i\right\}$ if it satisfies

$$f_{\min }\left(p\right)\le \underset{{\sigma }_{R_{i-1}{R}^{\prime }}:{\mathcal{M}}_i{\left(\sigma \right)}_{Q_i}=p}{inf}{H\left(O_i\right|S_i{R}^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}$$

for all $i\in \left[n\right]$, where the infimum is taken over all purifications of input states of ${\mathcal{M}}_i$ for which the marginal on $Q_i$ of the output state is the probability distribution p.

Definition 8.

Given an alphabet $\mathcal{Q}$, for any $\mathbf{q}\in {\mathcal{Q}}^n$, we define the probability distribution ${\mathrm{freq}}_{\mathbf{q}}$ over $\mathcal{Q}$ such that for any $\tilde{q}\in \mathcal{Q}$,

$${\mathrm{freq}}_{\mathbf{q}}\left(\tilde{q}\right)={\displaystyle \frac{|\{i\in \left[n\right]:q_i=\tilde{q}\}|}{n}}.$$

Theorem 1 (Entropy Accumulation Theorem (EAT)).

Let ${\mathcal{M}}_i:R_{i-1}\to R_i{O}_i{S}_i{Q}_i$ for $i\in \left[n\right]$ be EAT channels, let ρ be the final state, Ω an event defined over ${\mathcal{Q}}^n$, $p_{\Omega }$ the probability of Ω in ρ and ${\rho }_{|\Omega }$ the final state conditioned on Ω. Let $\epsilon \in (0,1)$. For $\widehat{\Omega }=\{{\mathrm{freq}}_{\mathbf{q}}:\mathbf{q}\in \Omega \}$ convex, $f_{\min }$ is a min-trade-off function for ${\left\{{\mathcal{M}}_i\right\}}_{i\in \left[n\right]}$, and any $t\in \mathbb{R}$ such that $f_{\min }\left({\mathrm{freq}}_{\mathbf{q}}\right)\ge t$ for any ${\mathrm{freq}}_{\mathbf{q}}\in \widehat{\Omega }$,

$$H_{\min }^{\epsilon }{\left(\mathbf{O}\right|\mathbf{S}E)}_{{\rho }_{|\Omega }}\ge nt-\mu \sqrt{n},$$

(13)

where

$$\mu =2(log(1+2d_O)+⌈{∥\nabla f_{\max }∥}_{\infty }⌉)\sqrt{1-2log(\epsilon ·p_{\Omega })}.$$

(14)

2.3. Post-Quantum Cryptography

Definition 9 (Trapdoor claw-free function family).

For every security parameter $\lambda \in \mathbb{N}$, let $\mathcal{X}\subseteq {\{0,1\}}^w,\mathcal{Y}$ and ${\mathcal{K}}_{\mathcal{F}}$ be finite sets of inputs, outputs, and keys, respectively. A family of injective functions

$$\mathcal{F}={\{f_{k,b}:\mathcal{X}\to \mathcal{Y}\}}_{k\in {\mathcal{K}}_{\mathcal{F}},b\in \{0,1\}}$$

is said to be trapdoor claw-free (TCF) family if the following holds:

• Efficient Function Generation: There exists a PPT algorithm ${\mathit{Gen}}_{\mathcal{F}}$ which takes the security parameter $1^{\lambda }$ and outputs a key $k\in {\mathcal{K}}_{\mathcal{F}}$ and a trapdoor t.
• Trapdoor: For all keys $k\in {\mathcal{K}}_{\mathcal{F}}$, there exists an efficient deterministic algorithm ${\mathit{Inv}}_k$ such that, given t, for all $b\in \{0,1\}$ and $x\in \mathcal{X}$, ${\mathit{Inv}}_k(t,b,f_{k,b}\left(x\right))=x$.
• Claw-Free: For every QPT algorithm $\mathcal{A}$ receiving as input $(1^{\lambda },k)$ and outputting a pair $(x_0,x_1)\in {\mathcal{X}}^2$, the probability to find a claw is negligible, i.e., there exists a negligible function η for which the following holds:

  $$\underset{\stackrel{k\leftarrow {\mathcal{K}}_{\mathcal{F}}}{(x_0,x_1)\leftarrow \mathcal{A}(1^{\lambda },k)}}{\mathrm{Pr}}[f_{k,0}\left(x_0\right)=f_{k,1}\left(x_1\right)]\le \eta \left(\lambda \right).$$

The noisy trapdoor claw-free (NTCF) family used in this work is a generalization of the standard TCF definition presented above. The NTCF primitive was introduced in [5] as part of the construction of cryptographic protocols secure against quantum adversaries. Although the cryptographic primitive underlying Protocol 1 is an NTCF, it is often more intuitive to reason about the simpler TCF structure from Definition 9, which captures the essential properties in the noise-free setting.

Definition 10

(Noisy NTCF family [5]). For every security parameter $\lambda \in \mathbb{N}$, let $\mathcal{X},\mathcal{Y}$ and ${\mathcal{K}}_{\mathcal{F}}$ be finite sets of inputs, outputs, and keys, respectively, and ${\mathcal{D}}_{\mathcal{Y}}$ the set of distributions over $\mathcal{Y}$. A family of functions

$$\mathcal{F}={\{f_{k,b}:\mathcal{X}\to {\mathcal{D}}_Y\}}_{k\in {\mathcal{K}}_{\mathcal{F}},b\in \{0,1\}}$$

is said to be a noisy trapdoor claw-free (NTCF) family if the following conditions hold:

• Efficient Function Generation:  There exists a probabilistic polynomial time (PPT) algorithm ${\mathit{Gen}}_{\mathcal{F}}$ which takes the security parameter $1^{\lambda }$ and outputs a key $k\in {\mathcal{K}}_{\mathcal{F}}$ and a trapdoor t.
• Trapdoor Injective Pair:  For all keys $k\in {\mathcal{K}}_{\mathcal{F}}$, the following two conditions are satisfied:

  1. 

  Trapdoor: For all $b\in \{0,1\}$ and $x\ne x^{\prime }\in \mathcal{X},\mathit{Supp}\left(f_{k,b}\left(x\right)\right)\cap \mathit{Supp}\left(f_{k,b}\left(x^{\prime }\right)\right)=\varnothing$. In addition, there exists an efficient deterministic algorithm ${\mathit{Inv}}_k$ such that for all $b\in \{0,1\},x\in \mathcal{X}$ and $y\in \mathit{Supp}\left(f_{k,b}\left(x\right)\right)$, ${\mathit{Inv}}_k(t,b,y)=x$.

  2. 

  Injective Pair: There exists a perfect matching relation ${\mathcal{R}}_k\subseteq \mathcal{X}\times \mathcal{X}$ such that $f_{k,0}\left(x_0\right)=f_{k,1}\left(x_1\right)$ if and only if $(x_0,x_1)\in {\mathcal{R}}_k$.

• Efficient Range Superposition:  For every function in the family $f_{k,b}\in \mathcal{F}$, there exists a function $f_{k,b}^{\prime }:\mathcal{X}\to {\mathcal{D}}_{\mathcal{Y}}$ (not necessarily a member of $\mathcal{F}$) such that the following hold:

  1. 

  For all $(x_0,x_1)\in {\mathcal{R}}_k$ and $y\in \mathit{Supp}\left(f_{k,b}^{\prime }\left(x_b\right)\right)$, ${\mathit{Inv}}_k(t,b,y)=x_b$ and ${\mathit{Inv}}_k(t,1-b,y)=x_{1-b}$.

  2. 

  There exists an efficient deterministic algorithm ${\mathit{Chk}}_k$ (not requiring a trapdoor) such that

  $${\mathit{Chk}}_k(b,x,y)={\mathbb{1}}_{y\in \mathit{Supp}\left(f_{k,b}^{\prime }\left(x\right)\right)}.$$

  3. 

  There exists some negligible function η such that

  $$\underset{x\leftarrow \mathcal{X}}{\mathbb{E}}\left[{\mathit{H}}^2(f_{k,b}\left(x\right),f_{k,b}^{\prime }\left(x\right))\right]\le \eta \left(\lambda \right)$$

  where $\mathit{H}$ is the Hellinger distance for distributions defined in Definition 2.

  4. 

  There exists a quantum polynomial time (QPT) algorithm ${\mathrm{Samp}}_{k,b}$ that prepares the quantum state

  $$\mid {\psi }^{\prime }\rangle ={\displaystyle \frac{1}{\sqrt{\left|\mathcal{X}\right|}}}=\sum _{x\in \mathcal{X},y\in \mathcal{Y}}\sqrt{\left(f_{k,b}^{\prime }\left(x\right)\right)\left(y\right)}\mid x\rangle \mid y\rangle .$$

• Adaptive Hardcore Bit:  For all keys $k\in {\mathcal{K}}_{\mathcal{F}}$, the following holds. For some integer w that is a polynomially bounded function of λ, we have the following:

  1. 

  For all $b\in \{0,1\}$ and $x\in \mathcal{X}$, there exists a set $G_{k,b,x}\subseteq {\{0,1\}}^w$ such that ${\mathrm{Pr}}_{d\leftarrow {\{0,1\}}^w}[d\notin G_{k,b,x}]\le \eta \left(\lambda \right)$ for some negligible function η. In addition, there exists a PPT algorithm that checks for membership in $G_{k,b,x}$ given $k,b,x$ and the trapdoor t.

  2. 

  Let

  $$\begin{array}{c}\hfill \begin{array}{cc}\hfill H_k:=& \{(b,x_b,d,d·(x_0\oplus x_1))|b\in \{0,1\},(x_0,x_1)\in {\mathcal{R}}_k,d\in G_{k,0,x_0}\cap G_{k,1,x_1}\},\hfill \\ \hfill {\overline{H}}_k:=& \{(b,x_b,d,e)|e\in \{0,1\},(b,x_b,d,1-e)\in H_k\}.\hfill \end{array}\end{array}$$

  then for any QPT $\mathcal{A}$ and polynomial size (potentially inefficient to prepare) advice state ϕ independent of the key k, there exists a negligible function ${\eta }^{\prime }$ for which the following holds (we remark that the same computational assumption is being used in [5], even though the advice state is not included explicitly in the definition therein):

  $$|\underset{(k,t)\leftarrow Ge{n}_{\mathcal{F}\left(1^{\lambda }\right)}}{\mathrm{Pr}}[\mathcal{A}(k,\varphi )\in H_k]-\underset{(k,t)\leftarrow Ge{n}_{\mathcal{F}\left(1^{\lambda }\right)}}{\mathrm{Pr}}[\mathcal{A}(k,\varphi )\in {\overline{H}}_k]|\le {\eta }^{\prime }\left(\lambda \right).$$

  (15)

Lemma 9

(Informal: existence of NTCF family [5] (Section 4)). There exists an LWE-based construction of an NTCF family as in Definition 10. (As previously noted, [5] assumes that the LWE problem is hard also when given an advice state. Thus, though not explicitly stated, the construction in [5] (Section 4) is secure with respect to an advice state.)

Protocol 1 Entropy accumulation protocol.

Arguments:   D—untrusted device with which the verifier can interact according to the described protocol.   $\mathcal{F}$— NTCF   $n\in \mathbb{N}$—number of rounds   $\gamma \in (0,1]$—expected fraction of test rounds   $\omega \in [0,1]$—threshold winning rate   $\beta \in (0,1)$—pre-image test to equation test ratio Process: 1:   Set all variables to the default value ⊥. 2:   For every round $i\in \left[n\right]$ do Steps 3–14. 3:     Sample key and trapdoor $(K_i,{\tau }_i)\leftarrow {\mathrm{Gen}}_{\mathcal{F}}$ for the NTCF $\mathcal{F}$. 4:     Pass the key $K_i$ to the device D which in return outputs $Y_i\in \mathcal{Y}$. 5:     Verifier samples $G_i\leftarrow \mathrm{Bernoulli}(1-\gamma )$. 6:     If $G_i=0$: Test round 7:       Verifier samples $T_i\leftarrow \mathrm{Bernoulli}\left(\beta \right)$ and passes it to the device D. 8:       If $T_i=0$, pre-image test. D outputs $(b_i,x_i)\in \{0,1\}\times \mathcal{X}$. 9:         Verifier sets 10:           ${\widehat{\Pi }}_i=b_i$ if ${\mathrm{Chk}}_{k_i}(b_i,x_i,Y_i)=1$ and 2 otherwise. 11:           $W_i={\mathrm{Chk}}_{k_i}(b_i,x_i,Y_i)$. 12:       If $T_i=1$, equation test. D outputs $(u_i,d_i)\in \{0,1\}\times {\{0,1\}}^w$. 13:         Verifier, using ${\tau }_i$, sets ${\widehat{M}}_i=1$ if $(u_i,d_i)$ is a valid response for the         challenge (0 otherwise) and $W_i={\widehat{M}}_i$. 14:     If $G_i=1$: Generation round 15:       Verifier sets $T_i=0$, and passes $T_i$ to the device D. 16:         D outputs $(b_i,x_i)\in \{0,1\}\times \mathcal{X}$. 17:         Verifier sets ${\widehat{\Pi }}_i=b_i$ if ${\mathrm{Chk}}_{k_i}(b_i,x_i,Y_i)=1$ and 2 otherwise. 18:   Abort if ${\displaystyle \frac{1}{\gamma ·n}}{\sum }_{j:G_j=0}{W}_j<\omega$. Output: ${\widehat{\Pi }}_j$ for all j such that $G_j=1$.

• Protocol 1: High-level description of the entropy accumulation protocol. In each round, the verifier interacts with an untrusted device by sending a challenge based on a noisy trapdoor claw-free function and receiving a response. The round is designated as either a test or generation round. In test rounds, the verifier checks whether the device behaves consistently with the structure of the function (either via a pre-image or equation check). In generation rounds, the verifier collects output bits intended to serve as randomness. The variable ${\widehat{\Pi }}_i$ encodes the outcome of the round in a unified way: it stores a candidate output bit if the associated check passes, and a placeholder value (2) otherwise. This allows both test and generation rounds to be treated uniformly in the later entropy analysis.

3. Randomness Certification

Our main goal in this section is to provide a framework for lower bounding the entropy accumulated during the execution of a protocol involving a single quantum device. Protocol 1 specifies the randomness generation protocol used in our setting, which consists of n rounds of classical interaction between a verifier and a quantum device. The security of the protocol is based on the existence of a noisy trapdoor claw-free (NTCF) family $\mathcal{F}=\{f_{b,k}:\mathcal{X}\to \mathcal{Y}\}$, constructed under the LWE assumption [3], following [5]. The protocol makes use of the keys sampled from $\mathcal{F}$ and a security parameter $\lambda$, with all definitions stated implicitly in terms of these.

In each round, the verifier samples a bit $G_i$ to determine whether the round is a test round ($G_i=0$) or a generation round ($G_i=1$). When $T_i=0$, the device produces a pair $(b_i,x_i)$ in both types of rounds. The difference lies in how the verifier handles this response: In test rounds, the verifier uses the trapdoor to check whether the response is consistent with the challenge, contributing to a success/failure count. In generation rounds, no check is performed, and the output bit $b_i$ is retained as part of the protocol’s output. Correctness in generation rounds is inferred from the device’s performance in the test rounds.

We denote by ${\widehat{\Pi }}_i$ a unified variable that stores either the output bit (when a check is passed or skipped) or a placeholder value otherwise. The final quantitative result of this section is a lower bound on the smooth min-entropy of the output bits $\widehat{\Pi }$, conditioned on the adversary’s information and public transcript.

3.1. Single-Round Entropy

In this section, we analyze a single round of Protocol 1, presented as Protocol 2.

Protocol 2 Single-round protocol.

Arguments:   Classical verifier $\mathcal{V}$   Quantum prover $\mathcal{P}$ represented by the device $D=(\varphi ,\Pi ,M)$   $\mathcal{F}$—NTCF   $\beta \in (0,1)$ Process: 1:   $\mathcal{V}$ samples $(k,\tau )\leftarrow {\mathrm{Gen}}_{\mathcal{F}}$ for the NTCF $\mathcal{F}$. 2:   $\mathcal{V}$ sends the key k to the prover. 3:   $\mathcal{P}$ sends $y\in \mathcal{Y}$ to $\mathcal{V}$. 4:   $\mathcal{V}$ samples $T\leftarrow \mathrm{Bernoulli}\left(\beta \right)$ and gives it to $\mathcal{P}$. 5:   If $T=0$ 6:     $\mathcal{P}$ returns $(b,x)\in \{0,1\}\times \mathcal{X}$ to $\mathcal{V}$. 7:     $\mathcal{V}$ sets $\widehat{\pi }=b$ if ${\mathrm{Chk}}_k(b,x,y)=1$ and 2 otherwise. $W={\mathrm{Chk}}_k(b,x,y)$. 8:   If $T=1$ 9:     $\mathcal{P}$ returns $(u,d)\in \{0,1\}\times {\{0,1\}}^w$ to $\mathcal{V}$. 10:     $\mathcal{V}$, using $\tau$, sets $W=1$ if $(u,d)$ is a valid response to the challenge.

• Protocol 2: Description of the single-round protocol.

3.1.1. One Round Protocols and Devices

Protocol 2, roughly, describes a single round of Protocol 1. The goal of Protocol 2 can be clarified by thinking about an interaction between a verifier $\mathcal{V}$ and a quantum prover $\mathcal{P}$ in an independent and identically distributed (IID) scenario, in which the device is repeating the same actions in each round. Upon multiple rounds of interaction between the two, $\mathcal{V}$ is convinced that the winning rate provided by $\mathcal{P}$ is as high as expected and therefore can continue with the protocol. We will, of course, use the protocol later on without assuming that the device behaves in an IID manner throughout the multiple rounds of interaction.

We begin by formally defining the most general device that can be used to execute the considered single round Protocol 2.

Definition 11

(General device [5]). A general device is a tuple $D=(\varphi ,\Pi ,M)$ that receives $k\in {\mathcal{K}}_{\mathcal{F}}$ as input and is specified by the following:

1. 

A normalized density matrix $\varphi \in {\mathcal{H}}_D\otimes {\mathcal{H}}_Y$.

• ${\mathcal{H}}_D$ is a polynomial (in λ) space, private to the device.
• ${\mathcal{H}}_Y$ is a space private to the device whose dimension is the same of the cardinality of $\mathcal{Y}$.
• For every $y\in \mathcal{Y}$, ${\varphi }_y$ is a sub-normalized state such that

  $${\varphi }_y=({\mathbb{1}}_D\otimes \langle {y\mid }_Y)\varphi ({\mathbb{1}}_D\otimes \mid {y\rangle }_Y).$$

2. 

For every $y\in \mathcal{Y}$, a projective measurement $M_y^{(u,d)}$ on ${\mathcal{H}}_D$, with outcomes $(u,d)\in \{0,1\}\times {\{0,1\}}^w$ (The value w is determined by the NTCF construction. The string d is used in equation-test rounds as a witness that the verifier can check using the trapdoor. It does not play a direct role in the entropy analysis).

3. 

For every $y\in \mathcal{Y}$, a projective measurement ${\Pi }_y^{(b,x)}$ on ${\mathcal{H}}_D$, with outcomes $(b,x)\in \{0,1\}\times \mathcal{X}$.

Definition 12 (Valid response).

Let $y\in \mathcal{Y}$ be a challenge derived from the NTCF family associated with key k.

1. 

A pair $(b,x)\in \{0,1\}\times \mathcal{X}$ is called a valid response to a pre-image test if ${\mathit{Chk}}_k(b,x,y)=1$. There are exactly two such valid responses for each challenge y, $(0,x_0)$ and $(1,x_1)$.

2. 

A pair $(u,d)\in \{0,1\}\times {\{0,1\}}^w$ is called a valid response to an equation test if $(b,x_b,d,u)\in H_k$ for both $b\in \{0,1\}$.

Intuitively, this means that if $u=d·(x_0\oplus x_1)$ holds, then the response is valid (up to some choices of d that the verifier always rejects, such as $d=0^w$).

We denote these sets of valid responses as $V_{y,0}$ and $V_{y,1}$, for the pre-image and equation tests, respectively. These conditions define the responses that the verifier accepts during test rounds of Protocol 1.

Definition 13 (Efficient device).

We say that a device $D=(\varphi ,\Pi ,M)$ is efficient if the following holds:

1. 

The state ϕ is a polynomial size (in λ) “advice state” that is independent of the chosen keys $k\in {\mathcal{K}}_{\mathcal{F}}$. The state might not be producible using a polynomial time quantum circuit (we say that the state can be inefficient).

2. 

The measurements Π and M can be implemented by polynomial size quantum circuit.

The above definitions do not specify an honest strategy. Rather, they provide a formal abstraction that allows us to analyze the entropy generated by the device in a single round. This abstraction is crucial for our proof technique: it isolates a simplified description of the device in terms of a fixed state $\varphi$ and two projective measurements $\Pi$ and M, which correspond to the two possible test types in the protocol. By reducing to this formal model, we are able to apply tools such as the entropic uncertainty relation and construct a min-trade-off function compatible with the entropy accumulation theorem.

Importantly, this abstraction is not purely theoretical—it is designed to faithfully capture the observable behavior of real quantum devices, whether honest or adversarial, while making the analysis tractable. In particular, an honest device fits naturally within this formalism. For example, it may prepare a state of the form ${\displaystyle \frac{1}{\sqrt{2}}}(|0,x_0\rangle +|1,x_1\rangle )$, where $f_0\left(x_0\right)=f_1\left(x_1\right)=y$, and perform either a computational basis measurement (yielding $(b,x)$) or a Hadamard measurement (yielding $(u,d)$), depending on the challenge. Such a device is efficient according to Definition 13 and behaves in a way that satisfies the test criteria of the protocol with probability 1.

To ensure that the analysis remains sound even for dishonest or arbitrarily structured devices, we impose computational constraints on the device model. These constraints limit both its time and memory resources, and are essential for the validity of the cryptographic assumptions used in the protocol.

We emphasize that the device D is computationally bounded by both time steps and memory. This prevents pre-processing schemes in which the device manually goes over all keys and pre-images to store a table of answers to all the possible challenges, as such schemes demand exponential memory in $\lambda$.

The cryptographic assumption made on the device is the following. Intuitively, the lemma states that due to the hardcore bit property in Equation (15), the device cannot pass both pre-image and equation tests. Once it passes the pre-image test, trying to pass also the equation test results in two computationally indistinguishable states—one in which the device also passes the equation test and one in which it does not.

Lemma 10

(Computational indistinguishability [5] (Lemma 7.1)). Let $D=(\varphi ,\Pi ,M)$ be an efficient general device as in Definitions 11 and 14. Define a sub-normalized density matrix

$${\tilde{\varphi }}_{YBXD}=\sum _{y\in \mathcal{Y}}{|y\rangle \langle y|}_Y\otimes \sum _{b\in \{0,1\}}{|b,x_b\rangle \langle b,x_b|}_{BX}\otimes {\Pi }_y^{(b,x_b)}{\varphi }_y{\Pi }_y^{(b,x_b)}.$$

Let

$$\begin{array}{c}\hfill \begin{array}{cc}\hfill {\sigma }_0& =\sum _{b\in \{0,1\}}{|b,x_b\rangle \langle b,x_b|}_{BX}\otimes \sum _{(u,d)\in V_{y,1}}{|u,d\rangle \langle u,d|}_U\otimes ({\mathbb{1}}_Y\otimes M_y^{(u,d)}){\tilde{\varphi }}_{YD}^{\left(b\right)}({\mathbb{1}}_Y\otimes M_y^{(u,d)}),\hfill \\ \hfill {\sigma }_1& =\sum _{b\in \{0,1\}}{|b,x_b\rangle \langle b,x_b|}_{BX}\otimes \sum _{(u,d)\notin V_{y,1}}{\mathbb{1}}_{d\in {\widehat{G}}_y}{|u,d\rangle \langle u,d|}_U\otimes ({\mathbb{1}}_Y\otimes M_y^{(u,d)}){\tilde{\varphi }}_{YD}^{\left(b\right)}({\mathbb{1}}_Y\otimes M_y^{(u,d)}),\hfill \end{array}\end{array}$$

where $V_{y,1}$ is the set of valid responses to the equation test challenge y as defined in Definition 12. Then, ${\sigma }_0$ and ${\sigma }_1$ are computationally indistinguishable.

The proof is given in [5] (Lemma 7.1). Note that even though the proof in [5] does not address the potentially inefficient advice state $\varphi$ explicitly, it holds due to the non-explicit definition of their computational assumption.

We proceed with a reduction of Protocol 2 to a simplified one, Protocol 3. As the name suggests, it will be easier to work with the simplified protocol and devices when bounding the produced entropy. We remark that a similar reduction is used in [5]; the main difference is that we are using the reduction on the level of a single round, in contrast to the way it is used in [5] (Section 8) when dealing with the full multi-round protocol. Using the reduction in the single-round protocol instead of the full protocol helps in disentangling the various challenges that arise in the analysis of the entropy.

Protocol 3 Simplified single-round protocol.

Arguments:   Classical verifier $\mathcal{V}$   Quantum prover $\mathcal{P}$ represented by the simplified device $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$   $\beta \in (0,1)$ Process: 1:   $\mathcal{V}$ samples the random variable $T\leftarrow \mathrm{Bernoulli}\left(\beta \right)$ which is then passed to $\mathcal{P}$. 2:   If $T=0$ 3:     $\mathcal{P}$ measures $\tilde{\Pi }$ on the state $\varphi$ for an outcome $p\in \{0,1,2\}$. 4:   If $T=1$ 5:     $\mathcal{P}$ measures $\tilde{M}$ on the state $\varphi$ for an outcome $m\in \{0,1\}$.

• Protocol 3: Description of the simplified single-round protocol.

Definition 14

(Simplified device [5] (Definition 6.4)). A simplified device is a tuple $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$ that receives $k\in {\mathcal{K}}_{\mathcal{F}}$ as input and specified by the following:

1. 

$\varphi ={\left\{{\varphi }_y\right\}}_{y\in \mathcal{Y}}\subseteq \mathit{Pos}\left({\mathcal{H}}_D\right)$ is a family of positive semidefinite operators on an arbitrary space ${\mathcal{H}}_D$ such that ${\sum }_y\mathit{Tr}\left({\tilde{\varphi }}_y\right)\le 1$;

2. 

$\tilde{\Pi }$ and $\tilde{M}$ are defined as the sets ${\left\{{\tilde{\Pi }}_y\right\}}_y,{\left\{{\tilde{M}}_y\right\}}_y$, respectively, such that for each $y\in \mathcal{Y}$, the operators, ${\tilde{M}}_y=\{{\tilde{M}}_y^0,{\tilde{M}}_y^1=\mathbb{1}-{\tilde{M}}_y^0\}$ and ${\tilde{\Pi }}_y=\{{\tilde{\Pi }}_y^0,{\tilde{\Pi }}_y^1,{\tilde{\Pi }}_y^2=\mathbb{1}-{\tilde{\Pi }}_y^0-{\tilde{\Pi }}_y^1\}$, are projective measurements on ${\mathcal{H}}_D$.

Definition 15

(Simplified device construction [5]). Given a general device as in Definition 11 $D=(\varphi ,\Pi ,M)$, we construct a simplified device $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$ in the following manner:

• The device $\tilde{D}$ measures $y\in \mathcal{Y}$ like the general device D would.
• The measurement $\tilde{\Pi }=\{{\tilde{\Pi }}_y^0,{\tilde{\Pi }}_y^1,{\tilde{\Pi }}_y^2\}$ is defined as follows:

  –

  Perform the measurement ${\left\{{\Pi }_y^{(b,x)}\right\}}_{b\in \{0,1\},x\in \mathcal{X}}$ for an outcome $(b,x)$.

  –

  If ${\mathrm{Chk}}_k(b,x,y)=1$, the constructed device returns b corresponding to the projection ${\tilde{\Pi }}_y^b\in \{{\tilde{\Pi }}_y^0,{\tilde{\Pi }}_y^1\}$.

  –

  If ${\mathrm{Chk}}_k(b,x,y)=0$, the constructed device returns 2, corresponding to the projection ${\tilde{\Pi }}_y^2$.

• The measurement $\tilde{M}=\{{\tilde{M}}_y^0,{\tilde{M}}_y^1\}$ is defined as follows:

  $$\begin{array}{cc}\hfill {\tilde{M}}_y^0=\sum _{(u,d)\in V_{y,1}}{M}_y^{(u,d)},& {\tilde{M}}_y^1=\mathbb{1}-{\tilde{M}}_y^0,\hfill \end{array}$$
  where $V_{y,1}$ is valid answers for the equation test, meaning the outcome $\tilde{M}=0$ corresponds to a valid response $(u,d)$ in the equation test.

The above construction of a simplified device maintains important properties of the general device. Firstly, the simplified device fulfills the same cryptographic assumption as the general one. This is stated in the following corollary.

Corollary 2.

Given a general efficient device $D=(\varphi ,\Pi ,M)$, a simplified device $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$ constructed according to Definition 15 is also efficient. Hence, the cryptographic assumption described in Lemma 10 holds also for $\tilde{D}$ as well.

Secondly, the entropy produced by the simplified device in the simplified single-round protocol, Protocol 3, is identical to that produced by the general device in single round protocol, Protocol 2. A general device executing Protocol 2 defines a probability distribution of $\widehat{\pi }$ over $\{0,1,2\}$. Using the same general device to construct a simplified one, via Definition 15, leads to the same distribution for $\tilde{\Pi }$ when executing Protocol 3. This results in the following corollary.

Corollary 3.

Given a general efficient device $D=(\varphi ,\Pi ,M)$ and a simplified device $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$ constructed according to Definition 15, we have for all k,

$$H{\left(\widehat{\pi }\right|EY)}^{\mathrm{General}}=H{\left(\tilde{\Pi }\right|EY)}^{\mathrm{Simplified}},$$

where $H{\left(\widehat{\pi }\right|EY)}^{\mathit{General}}$ is the entropy produced by Protocol 2 using the general device D, and $H{\left(\tilde{\Pi }\right|EY)}^{\mathit{Simplified}}$ is the entropy produced in Protocol 3 using the simplified device $\tilde{D}$. Both entropies are evaluated on the purification of the state ϕ.

The above corollary tells us that we can reduce the analysis of the entropy created by the general device to that of the simplified one, hence justifying its construction and the following sections.

3.1.2. Reduction to Qubits

In order to provide a clear understanding of the quantum uncertainty that arises from two measurements, it is beneficial to examine the square overlap between those measurements (Definition 4). The Bloch sphere representation, which pertains to Hilbert spaces of two dimensions, offers a lucid illustration of this concept.

Throughout this section, it is demonstrated that the devices under investigation, under specific conditions, can be expressed as a convex combination of devices, each operating on a single qubit. Working in a qubit subspace then allows one to make definitive statements regarding the entropy of the measurement outcomes produced by the device. We remark that this is in complete analogy with the proof techniques used when studying DI protocols in the non-local setting, in which one reduces the analysis to that of two single qubit devices [33] (Lemma 1).

Lemma 11.

Let $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$ be a simplified device (Definition 14), acting within a Hilbert space $\mathcal{H}$ of a countable dimension, with the additional assumption that $\tilde{\Pi }$ consists of only two outcomes and let Γ be a Hermitian projection that commutes with both $\tilde{\Pi }$ and $\tilde{M}$. Given an operator $F=f(\tilde{M},\Gamma )$ constructed from some non-commutative polynomial of two variables f, let $S_{\tilde{D}}=\langle {f(\tilde{M},\Gamma )}_{\varphi }\rangle$ be the expectation value of F.

Then, there exists a set of Hermitian projections ${\left\{B_j\right\}}_j$, acting within the same Hilbert space $\mathcal{H}$, satisfying the following conditions

$$\begin{array}{c}\left(1\right)\forall j,Rank\left(B_j\right)\le 2\hfill \\ \\ \left(2\right)\sum _j{B}_j=\mathbb{1}\hfill \\ \\ \left(3\right)\forall j,[\tilde{\Pi },B_j]=[\tilde{M},B_j]=[\Gamma ,B_j]=0\hfill \end{array}$$

(16)

such that

$$S_{\tilde{D}}=\sum _j\mathrm{Pr}\left(j\right)S_{{\tilde{D}}_j},$$

where $\mathrm{Pr}\left(j\right)=\mathrm{Tr}\left(B_j\varphi \right)$, and $S_{{\tilde{D}}_j}$ is the expectation value of F given the state ${\displaystyle \frac{B_j\varphi B_j}{\mathrm{Tr}\left[B_j\varphi B_j\right]}}$, corresponding to the simplified device ${\tilde{D}}_j=({\displaystyle \frac{B_j\varphi B_j}{\mathrm{Tr}\left[B_j\varphi B_j\right]}},\tilde{\Pi },\tilde{M})$. That is, $S_{{\tilde{D}}_j}={\langle f(\tilde{M},\Gamma )\rangle }_{B_j\varphi B_j/\mathrm{Tr}\left[B_j\varphi B_j\right]}$.

Proof. 

As an immediate result of Lemma 3, there exists a basis in which $\tilde{\Pi },\tilde{M}$ and $\Gamma$ are a $2\times 2$ block diagonal. In this basis, we take the projection on every block j as $B_j$. This satisfies the conditions in Conditions (16). Furthermore,

$$S_{\tilde{D}}=\mathrm{Tr}\left(\sum _{j}F{B}_j\varphi B_j\right)=\sum _j\mathrm{Pr}\left(j\right)\mathrm{Tr}\left(F{\displaystyle \frac{B_j\varphi B_j}{\mathrm{Tr}\left(B_j\varphi B_j\right)}}\right)=\sum _j\mathrm{Pr}\left(j\right)S_{{\tilde{D}}_j}.$$

□

Note that the simplified device ${\tilde{D}}_j=({\displaystyle \frac{B_j\varphi B_j}{\mathrm{Tr}\left[B_j\varphi B_j\right]}},\tilde{\Pi },\tilde{M})$ yields the same expectation values to those of the simplified device ${\tilde{D}}_j=({\displaystyle \frac{B_j\varphi B_j}{\mathrm{Tr}\left[B_j\varphi B_j\right]}},B_j\tilde{\Pi }{B}_j,B_j\tilde{M}{B}_j)$. The resulting operation is therefore, effectively, performed in a space of a single qubit. In addition, due to the symmetry of $\tilde{\Pi }$ and $\tilde{M}$ in this proof, the lemma also holds for an observable constructed from $\tilde{\Pi }$ and $\Gamma$ instead of $\tilde{M}$ and $\Gamma$, i.e., $S_{\tilde{D}}={f(\tilde{\Pi },\Gamma )}_{\varphi }$.

The simplified protocol permits the use of the uncertainty principle, appearing in Lemma 5, in a vivid way since it has a geometrical interpretation on the Bloch sphere; recall Figure 3. Under the assumption that $\tilde{\Pi }$ has two outcomes (this has yet to be justified) we can represent $\tilde{\Pi }$ and $\tilde{M}$ as two Bloch vectors with some angle between them that corresponds to their square overlap—the smaller the square overlap, the closer the angle is to $\pi /2$. In the ideal case, the square overlap is $1/2$, which means that in some basis, the two measurements are the standard and the Hadamard measurements. If one is able to confirm that $\mathrm{Pr}(\tilde{M}=0)=1$, the only possible distribution on the outcomes of $\tilde{\Pi }$ is a uniform one, which has the maximal entropy.

$\tilde{\Pi }$, however, has three outcomes and not two, rendering the reduction to qubits unjustified. We can nonetheless argue that the state being used in the protocol is very close to some other state which produces only the first two outcomes. The entropy of both states can then be related using Equation (6). The ideas described here, are combined and explained thoroughly in the main proof shown in the following subsection.

3.1.3. Conditional Entropy Bound

The main proof of this subsection is performed with respect to a simplified device constructed from a standard one using Definition 15.

Before proceeding with the proof, we define the winning probability in both challenges.

Definition 16.

Given a simplified device (with implicit key k) $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$, for a given $y\in \mathcal{Y}$, we define the ${\tilde{\Pi }}_y$ and ${\tilde{M}}_y$ winning probabilities, respectively, as

$${\omega }_p^y:={\displaystyle \frac{\mathrm{Tr}\left((\mathbb{1}-{\tilde{\Pi }}_y^2){\varphi }_y\right)}{\mathrm{Tr}\left({\varphi }_y\right)}};{\omega }_m^y:={\displaystyle \frac{\mathrm{Tr}\left({\tilde{M}}_y^0{\varphi }_y\right)}{\mathrm{Tr}\left({\varphi }_y\right)}}.$$

Likewise, the winning probabilities of Π and M as

$${\omega }_p:=\sum _y\mathrm{Tr}\left((\mathbb{1}-{\tilde{\Pi }}_y^2){\varphi }_y\right);{\omega }_m:=\sum _y\mathrm{Tr}\left({\tilde{M}}_y^0{\varphi }_y\right).$$

Recall that ${\varphi }_y$ are sub-normalized.

We are now ready to prove our main technical lemma.

Lemma 12.

Let $\tilde{D}=(\varphi ,\tilde{\Pi },\tilde{M})$ be a simplified device as in Definition 14, constructed from an efficient general device $D=\left(\varphi ,\Pi ,M\right)$ in the manner depicted in Definition 15. Let ${\Phi }_y\in {\mathcal{H}}_D\otimes {\mathcal{H}}_E$ be a purification of ${\varphi }_y$ (respecting the sub-normalization of ${\varphi }_y$) and $\Phi ={\left\{{\Phi }_y\right\}}_{y\in \mathcal{Y}}$. For all $c\in (1/2,1]$ and some negligible function $\xi \left(\lambda \right)$, the following inequality holds:

$$\begin{array}{cc}\hfill H{\left(\tilde{\Pi }\right|E,Y)}_{\Phi }\ge & max\left\{0,1-\sqrt{2}A\left(c\right)\sqrt[4]{1-{\omega }_p}-A\left(c\right)\sqrt{1-{\omega }_m}\right\}\hfill \\ \hfill & \times ({log}_2(1/c)-h({\omega }_m-2\sqrt{1-{\omega }_p}-\sqrt{2}A\left(c\right)\sqrt[4]{1-{\omega }_p}-A\left(c\right)\sqrt{1-{\omega }_m}))\hfill \\ \hfill & -\sqrt{1-{\omega }_p}{log}_2\left(3\right)-(1+\sqrt{1-{\omega }_p})h\left({\displaystyle \frac{\sqrt{1-{\omega }_p}}{1+\sqrt{1-{\omega }_p}}}\right)-\xi \left(\lambda \right),\hfill \end{array}$$

(17)

where $h(·)$ is the binary entropy function and

$$A\left(c\right):=10/{(2c-1)}^2.$$

(18)

Proof. 

For every $y\in \mathcal{Y}$, we introduce the state

$${\Psi }_y:={\displaystyle \frac{({\tilde{\Pi }}_y^0+{\tilde{\Pi }}_y^1){\Phi }_y({\tilde{\Pi }}_y^0+{\tilde{\Pi }}_y^1)}{\mathrm{Tr}\left(({\tilde{\Pi }}_y^0+{\tilde{\Pi }}_y^1){\Phi }_y\right)}}$$

in order to reduce the problem to a convex combination of two-dimensional ones as described in Section 3.1.2. We provide a lower bound for the entropy $H{\left(\tilde{\Pi }\right|E,Y)}_{{\Psi }_y}$ and by the continuity of entropies, a lower bound for $H{\left(\tilde{\Pi }\right|E,Y)}_{{\Phi }_y}$ is then derived. The proof proceeds in steps.

• Let

  $$U_y^0={\tilde{\Pi }}_y^0-({\tilde{\Pi }}_y^1+{\tilde{\Pi }}_y^2);U_y^1={\tilde{M}}_y^0-{\tilde{M}}_y^1.$$
  Using Jordan’s lemma, Lemma 2, there exists an orthonormal basis where the operators are $2\times 2$-block diagonal. Let ${\Gamma }_y$ be the Hermitian projection on blocks where the square overlap of $U_y^0$ and $U_y^1$ is bound by c (good blocks). Note that ${\Gamma }_y$ also commutes with both unitaries.
• Using Lemma 8 we bound the probability to be in subspace where the square overlap of $\Pi$ and M is larger than c (bad blocks).

  $$\mathrm{Tr}\left((\mathbb{1}-{\Gamma }_y){\Psi }_y\right)\le {\displaystyle \frac{2\mu +10\sqrt{\mathrm{Tr}\left({\tilde{M}}_y^1{\Psi }_y\right)}}{{(2c-1)}^2}}=A\left(c\right)({\displaystyle \frac{1}{5}}\mu +\sqrt{\mathrm{Tr}\left({\tilde{M}}_y^1{\Psi }_y\right)}),$$

  (19)

  where $A\left(c\right)$ is given by Equation (18) and

  $$\begin{array}{cc}\hfill \mu & :=|{\displaystyle \frac{1}{2}}-\mathrm{Tr}\left({\tilde{M}}_y^0{\tilde{\Pi }}_y^0{\Psi }_y{\tilde{\Pi }}_y^0\right)-\mathrm{Tr}\left({\tilde{M}}_y^0{\tilde{\Pi }}_y^1{\Psi }_y{\tilde{\Pi }}_y^1\right)|\hfill \\ \hfill & ={\displaystyle \frac{1}{2}}|\sum _{b\in \{0,1\}}\mathrm{Tr}\left({\tilde{\Pi }}_y^b{\Psi }_y{\tilde{\Pi }}_y^b\right)-2\sum _{b\in \{0,1\}}\mathrm{Tr}\left({\tilde{M}}_y^0{\tilde{\Pi }}_y^b{\Psi }_y{\tilde{\Pi }}_y^b\right)|\hfill \\ \hfill & ={\displaystyle \frac{1}{2}}|\sum _{b\in \{0,1\}}\mathrm{Tr}\left({\tilde{M}}_y^0{\tilde{\Pi }}_y^b{\Psi }_y{\tilde{\Pi }}_y^b\right)-\sum _{b\in \{0,1\}}\mathrm{Tr}\left((\mathbb{1}-{\tilde{M}}_y^0){\tilde{\Pi }}_y^b{\Psi }_y{\tilde{\Pi }}_y^b\right)|.\hfill \end{array}$$
  Due to Lemma 10 and Corollary 2, $\mu$ is negligible in the security parameter $\lambda$. Thus, for some negligible function $\eta$,

  $$\mathrm{Tr}\left((\mathbb{1}-{\Gamma }_y){\Psi }_y\right)\le A\left(c\right)\sqrt{\mathrm{Tr}\left({\tilde{M}}_y^1{\Psi }_y\right)}+\eta \left(\lambda \right).$$

  (20)
• Note that $\Phi$ is the state of the device (and the adversary), not $\Psi$. Hence, we cannot, a priori, relate $\mathrm{Tr}\left({\tilde{M}}_y^1{\Psi }_y\right)$ to the winning probabilities of the device. We therefore want to translate Equation (20) to the quantities observed in the application of Protocol 3 when using the simplified device $\tilde{D}$. That is, we would like to use the values ${\omega }_p,{\omega }_m$ given in Definition 16 in our equations:

  $$\begin{array}{cc}\hfill \sqrt{\mathrm{Tr}\left({\tilde{M}}_y^1{\Psi }_y\right)}& =\sqrt{\mathrm{Tr}\left({\tilde{M}}_y^1({\Psi }_y-{\Phi }_y)\right)+\mathrm{Tr}\left({\tilde{M}}_y^1{\Phi }_y\right)}\hfill \\ \hfill & \le \sqrt{\mathrm{Tr}\left(\right|{\Psi }_y-{\Phi }_y\left|\right)}+\sqrt{\mathrm{Tr}\left({\tilde{M}}_y^1{\Phi }_y\right)}\hfill \\ \hfill & \le \sqrt{2\sqrt{\mathrm{Tr}\left({\tilde{\Pi }}_y^2{\Phi }_y\right)}}+\sqrt{\mathrm{Tr}\left({\tilde{M}}_y^1{\Phi }_y\right)}\hfill \\ \hfill & =\sqrt{2\sqrt{1-{\omega }_p^y}}+\sqrt{1-{\omega }_m^y},\hfill \end{array}$$

  where in the last inequality, we use the gentle measurement lemma [31] (Lemma 9.4.1). The last equation, combined with Equation (20), immediately yields

  $$\mathrm{Tr}\left({\Gamma }_y{\Psi }_y\right)\ge 1-A\left(c\right)(\sqrt{2}\sqrt[4]{1-{\omega }_p^y}+\sqrt{1-{\omega }_m^y})-\eta \left(\lambda \right).$$

  (21)
• In a similar manner, for later use, we must find a lower bound on $\mathrm{Tr}\left({\tilde{M}}_y^0{\Psi }_y\right)$ using quantities that can be observed from the simplified protocol. To that end, we again use the gentle measurement lemma:

  $$\begin{array}{cc}\hfill \mathrm{Tr}\left({\tilde{M}}_y^0{\Phi }_y\right)& =\mathrm{Tr}\left({\tilde{M}}_y^0({\Phi }_y-{\Psi }_y)\right)+\mathrm{Tr}\left({\tilde{M}}_y^0{\Psi }_y\right)\hfill \\ \hfill & \le 2\sqrt{(\mathbb{1}-{\tilde{\Pi }}_y^2){\Phi }_y}+\mathrm{Tr}\left({\tilde{M}}_y^0{\Psi }_y\right).\hfill \end{array}$$
  Using the definitions of ${\omega }_m^y,{\omega }_p^y$,

  $$\begin{array}{cc}& \phantom{\Rightarrow }{\omega }_m^y\le 2\sqrt{1-{\omega }_p^y}+\mathrm{Tr}\left({\tilde{M}}_y^0{\Psi }_y\right)\hfill \\ & \Rightarrow \mathrm{Tr}\left({\tilde{M}}_y^0{\Psi }_y\right)\ge {\omega }_m^y-2\sqrt{1-{\omega }_p^y}.\hfill \end{array}$$

  (22)
• We proceed by providing a bound on the conditional entropy, given that ${\Gamma }_y=0$, using the uncertainty principle in Lemma 5. Conditioned on being in a good subspace (which happens with probability $\mathrm{Pr}({\Gamma }_y=0)$), the square overlap of $\tilde{\Pi }$ and $\tilde{M}$ is upper bounded by c. We can then bound the entropy of $\tilde{\Pi }$ using the entropy of $\tilde{M}$:

  $$\begin{array}{cc}\hfill H{\left(\tilde{\Pi }\right|E,Y=y,\Gamma =0)}_{{\Psi }_y}& \ge {log}_2(1/c)-H{\left(\tilde{M}\right|Y=y,\Gamma =0)}_{{\Psi }_y}\hfill \\ \hfill & ={log}_2(1/c)-h\left(\mathrm{Pr}{({\tilde{M}}_y=0|{\Gamma }_y=0)}_{{\Psi }_y}\right).\hfill \end{array}$$
  Since we have a lower bound on $\mathrm{Tr}\left({\tilde{M}}_y^0{\Psi }_y\right)$, we proceed by working in the regime where the binary entropy function is strictly decreasing. To that end, it is henceforth assumed that the argument of the binary entropy function, and all of its subsequent lower bounds, are larger than $1/2$. By using the inequality

  $$\mathrm{Pr}({\tilde{M}}_y=0|{\Gamma }_y=0)\ge \mathrm{Pr}({\tilde{M}}_y=0)+\mathrm{Pr}({\Gamma }_y=0)-1,$$

  (23)

  we obtain

  $$-h\left(\mathrm{Pr}({\tilde{M}}_y=0|{\Gamma }_y=0)\right)\ge -h(\mathrm{Pr}({\tilde{M}}_y=0)+\mathrm{Pr}({\Gamma }_y=0)-1).$$
  Therefore,

  $$H{\left(\tilde{\Pi }\right|E,Y=y,\Gamma =0)}_{{\Psi }_y}\ge {log}_2(1/c)-h(\mathrm{Pr}({\tilde{M}}_y=0)+\mathrm{Pr}({\Gamma }_y=0)-1).$$

  (24)
• We now want to bound the value $H{\left(\tilde{\Pi }\right|E,Y)}_{{\Psi }_y}$, i.e., without conditioning on the event ${\Gamma }_y=0$. We write,

  $$\begin{array}{cc}\hfill H{\left(\tilde{\Pi }\right|E,Y=y)}_{{\Psi }_y}& \ge H{\left(\tilde{\Pi }\right|E,Y=y,{\Gamma }_y)}_{{\Psi }_y}\hfill \\ \hfill & =\mathrm{Pr}({\Gamma }_y=0)H{\left(\tilde{\Pi }\right|E,Y=y,{\Gamma }_y=0)}_{{\Psi }_y}+\hfill \\ \hfill & \mathrm{Pr}({\Gamma }_y=1)H{\left(\tilde{\Pi }\right|E,Y=y,{\Gamma }_y=1)}_{{\Psi }_y}\hfill \\ \hfill & \ge \mathrm{Pr}({\Gamma }_y=0)H{\left(\tilde{\Pi }\right|E,Y=y,{\Gamma }_y=0)}_{{\Psi }_y}.\hfill \end{array}$$
  This allows us to use Equations (21) and (24) to bound each term, respectively, on the right-hand side of the last inequality with

  $$\begin{array}{c}\hfill \begin{array}{cc}\hfill H{\left(\tilde{\Pi }\right|E,Y=y)}_{{\Psi }_y}& \ge (1-A\left(c\right)(\sqrt{2}\sqrt[4]{1-{\omega }_p^y}+\sqrt{1-{\omega }_m^y})-\eta \left(\lambda \right))\hfill \\ \hfill & \phantom{\ge }\times ({\log }_2(1/c)-h(\mathrm{Pr}({\tilde{M}}_y=0)+\mathrm{Pr}({\Gamma }_y=0)-1)).\hfill \end{array}\end{array}$$
  We use Equation (21) a second time together with Equation (22) to lower bound both probability terms in the argument of the binary entropy function and get

  $$\begin{array}{c}\hfill \begin{array}{cc}\hfill H{\left(\tilde{\Pi }\right|E,Y=y)}_{{\Psi }_y}& \ge (1-A\left(c\right)(\sqrt{2}\sqrt[4]{1-{\omega }_p^y}+\sqrt{1-{\omega }_m^y})-\eta \left(\lambda \right))\times \hfill \\ \hfill & ({log}_2(1/c)-h({\omega }_m^y-2\sqrt{1-{\omega }_p^y}-\sqrt{2}A\left(c\right)\sqrt[4]{1-{\omega }_p^y}\hfill \\ \hfill & -A\left(c\right)\sqrt{1-{\omega }_m^y}-\eta \left(\lambda \right)\left)\right).\hfill \end{array}\end{array}$$
• Now, taking the expectation over y on both sides of the inequality and using Lemma 4:

  $$\begin{array}{c}\hfill \begin{array}{cc}\hfill H{\left(\tilde{\Pi }\right|E,Y)}_{\Psi }& \ge (1-\sqrt{2}A\left(c\right)\sqrt[4]{1-{\omega }_p}-A\left(c\right)\sqrt{1-{\omega }_m}-\eta \left(\lambda \right))\times \hfill \\ \hfill & ({log}_2(1/c)-h({\omega }_m-2\sqrt{1-{\omega }_p}-\sqrt{2}A\left(c\right)\sqrt[4]{1-{\omega }_p}\hfill \\ \hfill & -A\left(c\right)\sqrt{1-{\omega }_m}-\eta \left(\lambda \right)\left)\right).\hfill \end{array}\end{array}$$

  (25)
• Using Equation (2), we can extract $\eta \left(\lambda \right)$ from the argument of the binary entropy function in Equation (25) such that for some negligible function $\xi \left(\lambda \right)$,

  $$\begin{array}{c}\hfill \begin{array}{cc}\hfill H{\left(\tilde{\Pi }\right|E,Y)}_{\Psi }& \ge (1-\sqrt{2}A\left(c\right)\sqrt[4]{1-{\omega }_p}-A\left(c\right)\sqrt{1-{\omega }_m})\times \hfill \\ \hfill & ({log}_2(1/c)-h({\omega }_m-2\sqrt{1-{\omega }_p}-\sqrt{2}A\left(c\right)\sqrt[4]{1-{\omega }_p}\hfill \\ \hfill & -A\left(c\right)\sqrt{1-{\omega }_m}\left)\right)-\xi \left(\lambda \right).\hfill \end{array}\end{array}$$

  (26)
• Using the continuity bound in Equation (7) with ${\parallel \Psi -\Phi \parallel }_1/2\le \sqrt{1-{\omega }_p}$ yields

  $$\begin{array}{cc}\hfill \left|H{\left(\tilde{\Pi }\right|E,Y)}_{\Psi }-H{\left(\tilde{\Pi }\right|E,Y)}_{\Phi }\right|& \le \sqrt{1-{\omega }_p}{log}_2\left(3\right)\hfill \\ \hfill & +(1+\sqrt{1-{\omega }_p})h\left({\displaystyle \frac{\sqrt{1-{\omega }_p}}{1+\sqrt{1-{\omega }_p}}}\right).\hfill \end{array}$$

  (27)
• Combining Equation (26) with Equation (27), we conclude that the lemma holds.

□

For brevity, denote the bound in Equation (17) as

$$H\left(\tilde{\Pi }\right|Y,E)\ge g({\omega }_p,{\omega }_m,c)-\xi \left(\lambda \right).$$

Seeing that this inequality holds for all values $c\in (1/2,1]$, for each winning probability pair $({\omega }_p,{\omega }_m)$ we can pick an optimal value of c to maximize the inequality. We do this implicitly and rewrite the bound as

$$g({\omega }_p,{\omega }_m):=\underset{c\in (1/2,1]}{max}g({\omega }_p,{\omega }_m,c).$$

(28)

Doing so yields the graph in Figure 4a.

In the protocol, later on, the verifier chooses whether to abort or not, depending on the overall winning probability $\omega$:

$$\begin{array}{c}\hfill \begin{array}{cc}\hfill \omega & :=\mathrm{Pr}(W=1)\hfill \\ & =\mathrm{Pr}(T=0)\mathrm{Pr}(W=1|T=0)+\mathrm{Pr}(T=1\left)\mathrm{Pr}\right(W=1|T=1)\hfill \\ & =\underset{1-\beta }{\underbrace{\mathrm{Pr}(T=0)}}·{\omega }_p+\underset{\beta }{\underbrace{\mathrm{Pr}(T=1)}}·{\omega }_m.\hfill \end{array}\end{array}$$

We therefore define for every $\beta \in (0,1)$, another bound on the entropy, that depends only on $\omega$ (assuming $\omega \ge 1/2$) as

$$g(\omega ;\beta ):=\underset{{\omega }_p}{min}g({\omega }_p,{\omega }_m={\displaystyle \frac{\omega -(1-\beta ){\omega }_p}{\beta }}).$$

(29)

The optimal $\beta$ can be found numerically. We plot the bound in Equation (29) in Figure 4b (neglecting the negligible element $\xi \left(\lambda \right)$).

3.2. Entropy Accumulation

Combining Lemma 12 with Corollary 3, we now hold a lower bound for the von Neumann entropy of Protocol 3—we can connect any winning probability $\omega$ to a lower bound on the entropy of the pre-image test. This allows us to proceed with the task of entropy accumulation. To lower bound the total amount of smooth min-entropy accumulated throughout the entire execution of Protocol 1, we use the entropy accumulation theorem (EAT), stated as Theorem 1.

To use the EAT, we need to first define the channels corresponding to Protocol 1 followed by a proof that they are in fact EAT channels. In the notation of Definition 6, we make the following choice of channels:

$${\mathcal{M}}_i:R_{i-1}\to R_i\underset{O_i}{\underbrace{{\widehat{\Pi }}_i{\widehat{M}}_i}}\underset{S_i}{\underbrace{K_i{T}_i{G}_i}},$$

and set $Q_i=W_i$.

Lemma 13.

The channels ${\{{\mathcal{M}}_i:R_{i-1}\to R_i{\widehat{\Pi }}_i{\widehat{M}}_i{K}_i{T}_i{G}_i\}}_{i\in \left[n\right]}$ defined by the CPTP map describing the i-th round of Protocol 1 as implemented by the computationally bounded untrusted device $\tilde{D}$ and the verifier are EAT channels according to Definition 6.

Proof. 

To prove that the constructed channels ${\left\{{\mathcal{M}}_i\right\}}_{i\in \left[n\right]}$ are EAT channels, we need to show that the conditions are fulfilled:

• ${\left\{O_i\right\}}_{i\in \left[n\right]}={\left\{{\widehat{\Pi }}_i\right\}{\widehat{M}}_i}_{i\in \left[n\right]}$, ${\left\{S_i\right\}}_{i\in \left[n\right]}={\left\{K_i{T}_i{G}_i\right\}}_{i\in \left[n\right]}$ and ${\left\{Q_i\right\}}_{i\in \left[n\right]}={\left\{W_i\right\}}_{i\in \left[n\right]}$ are all finite-dimensional classical systems. ${\left\{R_i\right\}}_{i\in \left[n\right]}$ are arbitrary quantum systems. Finally, we have

  $$d_O=d_{{\widehat{\Pi }}_i}·d_{{\widehat{M}}_i}=\left|\{0,1,2\}\right|·\left|\{0,1\}\right|=6<\infty .$$
• For any $i\in \left[n\right]$ and any input state ${\sigma }_{R_{i-1}}$, $W_i$ is a function of the classical values ${\widehat{\Pi }}_i{\widehat{M}}_i{K}_i{T}_i{G}_i$. Hence, the marginal ${\sigma }_{O_i{S}_i}$ is unchanged when deriving $W_i$ from it.
• For any initial state ${\rho }_{R_{0}E}^{in}$ and the resulting final state ${\rho }_{\mathbf{OSQ}E}={\rho }_{\Pi \mathbf{M}\mathbf{K}\mathbf{T}\mathbf{G}\mathbf{W}E}$, the Markov chain conditions

  $${\left(\widehat{\Pi }\widehat{M}\right)}_1,\cdots ,{\left(\widehat{\Pi }\widehat{M}\right)}_{i-1}\leftrightarrow {\left(KTG\right)}_1,\cdots ,{\left(KTG\right)}_{i-1},E\leftrightarrow {\left(KTG\right)}_i$$

  trivially hold for all $i\in \left[n\right]$, as $K_i,T_i$ and $G_i$ are chosen independently from everything else.

□

Lemma 14.

Let $\beta ,\omega ,\gamma \in (0,1)$ and $g(\omega ;\beta )$ be the function in Equation (29). Let p be a probability distribution over $\mathcal{W}=\{\perp ,0,1\}$ such that $\gamma =1-p(\perp )$ and $\omega =p\left(1\right)/\gamma$. Define $\Sigma \left(p\right)=\left\{{\sigma }_{R_{i-1}{R}^{\prime }}:{\mathcal{M}}_i{\left(\sigma \right)}_{W_i}=p\right\}$. Then, there exists a negligible function $\xi \left(\lambda \right)$ such that

$$(g(\omega ;\beta )-\xi \left(\lambda \right))(1-\beta \gamma )\le \underset{{\sigma }_{R_{i-1}{R}^{\prime }}\in \Sigma \left(p\right)}{inf}H{\left({\widehat{\Pi }}_i{\widehat{M}}_i\right|K_i{T}_i{G}_i{R}^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}.$$

(30)

In particular, this implies that for every $\beta \in (0,1)$, the function

$$f_{\min }:=\left(p\right)(g(\omega ;\beta )-\xi \left(\lambda \right))(1-\beta \gamma )$$

(31)

satisfies Definition 7 and is therefore a min-trade-off function.

Proof. 

Due to Lemma 12 and the consequent Equation (29), the following holds for any polynomial-sized state $\sigma$ (not necessarily efficient):

$$\begin{array}{cc}\hfill g(\omega ;\beta )-\xi \left(\lambda \right)& \le H{\left({\widehat{\Pi }}_i\right|Y_i{K}_i,T_i=0,R^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}\hfill \\ \hfill & \begin{array}{cc}\hfill & \le {\displaystyle \frac{1}{\mathrm{Pr}(T_i=0)}}\left[\mathrm{Pr}(T_i=0)H{\left({\widehat{\Pi }}_i\right|Y_i{K}_i,T_i=0,R^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}\right.\hfill \\ \hfill & \phantom{={\displaystyle \frac{1}{\mathrm{Pr}(T_i=0)}}}+\left.\mathrm{Pr}(T_i=1)H{\left({\widehat{\Pi }}_i\right|Y_i{K}_i,T_i=1,R^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}\right]\hfill \end{array}\hfill \\ \hfill & ={\displaystyle \frac{1}{\mathrm{Pr}(T_i=0)}}H{\left({\widehat{\Pi }}_i\right|Y_i{K}_i{T}_i{R}^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}\hfill \\ \hfill & ={\displaystyle \frac{1}{1-\beta \gamma }}H{\left({\widehat{\Pi }}_i\right|Y_i{K}_i{T}_i{R}^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}\hfill \\ \hfill & \le {\displaystyle \frac{1}{1-\beta \gamma }}H{\left({\widehat{\Pi }}_i{\widehat{M}}_i\right|K_i{T}_i{R}^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}\hfill \\ \hfill & ={\displaystyle \frac{1}{1-\beta \gamma }}H{\left({\widehat{\Pi }}_i{\widehat{M}}_i\right|K_i{T}_i{G}_i{R}^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}.\hfill \end{array}$$

For the last equality, note that the device only knows which test to perform while being unaware if it is for a generation round or not. Therefore, once T is given, G does not provide any additional information. □

Using Theorem 1, we can bound the smooth min-entropy resulting in the application of Protocol 1:

$$H_{\min }^{{\epsilon }_s}{\left(\widehat{\mathbf{\Pi }}\widehat{\mathbf{M}}\right|\mathbf{KTG})}_{{\rho }_{|\Omega }}\ge n{f}_{\min }-\mu \sqrt{n},$$

(32)

where $f_{\min }$ is given by Equation (31). We simplify the right-hand side in Equation (32) to a single entropy accumulation rate ${\mu }_{\mathrm{opt}}$, and a negligible reduction $\xi \left(\lambda \right)$:

$$H_{\min }^{\epsilon }{\left(\widehat{\mathbf{\Pi }}\widehat{\mathbf{M}}\right|KTG)}_{{\rho }_{|\Omega }}\ge n({\mu }_{\mathrm{opt}}(n,\omega ,\gamma ,{\epsilon }_s,p_{\Omega };\beta )-\xi \left(\lambda \right)).$$

(33)

Note that the differential of $f_{\min }$ is unbounded. This prevents us from using the EAT due to Equation (14). This issue is addressed by defining a new min-trade-off function ${\tilde{f}}_{\min }$ such that

$${\tilde{f}}_{\min }(\omega ;{\omega }_0)=\left\{\begin{array}{cc}{f}_{\min }\left(\omega \right)\hfill & \omega \le {\omega }_0\hfill \\ {\displaystyle \frac{d}{d\omega }}{\left.f_{\min }\left(\omega \right)\right|}_{\omega ={\omega }_0}(\omega -{\omega }_0)+f_{\min }\left({\omega }_0\right)\hfill & \mathrm{otherwise}\hfill \end{array}\right..$$

(34)

We provide a number of plots for ${\mu }_{\mathrm{opt}}$ as a function of $\omega$ for various values of n in Figure 5. We remark that we did not fully optimize the code to derive the plots, and one can probably derive tighter plots.

3.3. Randomness Rates

In the previous subsection, we derive a lower bound on $H_{\min }^{\epsilon }{\left(\widehat{\mathbf{\Pi }}\widehat{\mathbf{M}}\right|KTG)}_{{\rho }_{|\Omega }}$. However, our ultimate goal is to provide a bound on the designated source of randomness, namely $H_{\min }^{{\epsilon }_s}{\left(\widehat{\mathbf{\Pi }}\right|\mathbf{KTG}E)}_{{\rho }_{|\Omega }}$. The following result, Theorem 2, formalizes this guarantee and constitutes the main theorem of this work. It gives a concrete lower bound on the min-entropy of the protocol’s output, conditioned on the adversary’s information, under a computational assumption on the device. While Theorem 1 provides the general entropy accumulation framework applicable to our setting, the core technical difficulty lies in establishing the single-round von Neumann entropy bound proved in Lemma 12. This bound captures the contribution of the cryptographic structure and enables the application of Theorem 1, ultimately leading to the main result in Theorem 2.

Theorem 2.

Let D be a device executing Protocol 1, and let ρ denote the joint quantum state generated at the end of the protocol. Let $\omega \in [0,1]$ be a fixed threshold specifying the minimum fraction of successfully passed equation test rounds required for the verifier not to abort. Let Ω denote the event that the device achieves a test score of at least ω on the test rounds, and define $p_{\Omega }:=\mathrm{Pr}[\Omega ]$. (This dependence on $p_{\Omega }$ reflects a known limitation of the entropy accumulation theorem: the bound applies only conditionally, and the probability of passing the test (i.e., $p_{\Omega }$) is not provided by the theorem itself. However, in practice, $p_{\Omega }$ can be estimated or lower bounded using concentration inequalities.) Let ${\rho }_{|\Omega }$ denote the state ρ conditioned on the event Ω, and let ${\epsilon }_s>0$ be a smoothness parameter. Then, the following bound holds:

$$\begin{array}{c}\hfill \begin{array}{cc}\hfill H_{\min }^{{\epsilon }_s}{(\widehat{\mathbf{\Pi }}\mid \mathbf{KTG}E)}_{{\rho }_{|\Omega }}& \ge n\left({\mu }_{\mathrm{opt}}(n,\omega ,\gamma ,{\epsilon }_s/4,p_{\Omega };\beta )-\xi \left(\lambda \right)-\gamma \right)\hfill \\ \hfill & \phantom{\ge }-2log\left(7\right)\sqrt{1-2log\left({\displaystyle \frac{{\epsilon }_s}{4}}·p_{\Omega }\right)}-3log\left(1-\sqrt{1-{({\epsilon }_s/4)}^2}\right).\hfill \end{array}\end{array}$$

(35)

Proof. 

We begin with entropy chain rule [34] (Theorem 6.1)

$$\begin{array}{c}\hfill \begin{array}{cc}\hfill H_{\min }^{{\epsilon }_s}{\left(\widehat{\mathbf{\Pi }}\right|\mathbf{KTG}E)}_{{\rho }_{|\Omega }}& \ge H_{\min }^{{\displaystyle \frac{{\epsilon }_s}{4}}}{\left(\widehat{\mathbf{\Pi }}\widehat{\mathbf{M}}\right|\mathbf{KTG}E)}_{{\rho }_{|\Omega }}-H_{\max }^{{\displaystyle \frac{{\epsilon }_s}{4}}}{\left(\widehat{\mathbf{M}}\right|\mathbf{KTG}E)}_{{\rho }_{|\Omega }}\hfill \\ \hfill & -3log(1-\sqrt{1-{({\epsilon }_s/4)}^2}).\hfill \end{array}\end{array}$$

The first term on the right-hand side is given in Equation (33); it remains to find an upper bound for the second term. Let us start from

$$H_{\max }^{{\displaystyle \frac{{\epsilon }_s}{4}}}{\left(\widehat{\mathbf{M}}\right|\mathbf{KGT}E)}_{{\rho }_{|\Omega }}\le H_{\max }^{{\displaystyle \frac{{\epsilon }_s}{4}}}{\left(\widehat{\mathbf{M}}\right|\mathbf{T}E)}_{{\rho }_{|\Omega }}.$$

We then use the EAT again in order to bound $H_{\max }^{{\displaystyle \frac{{\epsilon }_s}{4}}}{\left(\widehat{\mathbf{M}}\right|\mathbf{T}E)}_{{\rho }_{|\Omega }}$. We identify the EAT channels with $\mathbf{O}\to \widehat{\mathbf{M}},\mathbf{S}\to \mathbf{T}$ and $E\to E$. The Markov conditions then trivially hold, and the max-trade-off function reads

$$f_{\max }\left(p\right)\ge \underset{{\sigma }_{R_{i-1}{R}^{\prime }}:{\mathcal{M}}_i{\left(\sigma \right)}_{W_i}=\omega }{sup}H{\left({\widehat{M}}_i\right|T_i{R}^{\prime })}_{{\mathcal{M}}_i\left(\sigma \right)}.$$

Since the following distributions are satisfied for all $i\in \left[n\right]$

$$\begin{array}{cc}\hfill \mathrm{Pr}[{\widehat{M}}_i=\perp |T_i=0]& =1,\hfill \\ \hfill \mathrm{Pr}[{\widehat{M}}_i\in \{0,1\}|T_i=1]& =1,\hfill \\ \hfill \mathrm{Pr}[T_i=1]& =\gamma ,\hfill \end{array}$$

the max-trade-off function is simply $f_{\max }\left(p\right)=\gamma$ (thus ${∥\nabla f_{\max }∥}_{\infty }=0)$. We therefore get

$$H_{\max }^{{\displaystyle \frac{{\epsilon }_s}{4}}}{\left(\widehat{\mathbf{M}}\right|\mathbf{T}E)}_{{\rho }_{|\Omega }}\le \gamma n+2log\left(7\right)\sqrt{1-2log({\displaystyle \frac{{\epsilon }_s}{4}}·p_{\Omega })}.$$

□

We wish to make a final remark. One could repeat the above analysis under the assumption that Y and X are leaked, to obtain a stronger security statement (this is, however, not performed in previous works). In this case, $Y_i$ and $X_i$ should be part of the output $O_i$ of the channel. Then, the dimension of $O_i$ scales exponentially with $\lambda$, which worsens the accumulation rate ${\mu }_{\mathrm{opt}}$ since this results in exponential factors in Equation (13). In that case, ${\mu }_{\mathrm{opt}}$ becomes a monotonically decreasing function of $\lambda$ and we obtain a certain trade-off between the two elements in the following expression:

$${\mu }_{\mathrm{opt}}(n,\omega ,\gamma ,{\epsilon }_s,p_{\Omega },\lambda ;\beta )-\xi \left(\lambda \right).$$

This means that there is an optimal value of $\lambda$ that maximizes the entropy and to find it, one requires an explicit bound on $\xi \left(\lambda \right)$.

3.4. Generalization to Computational CHSH

It is worth considering a couple of recent works in which the proof techniques, introduced in the current one, may be generalized. In [14] a test of quantumness is developed for a family of protocols with a concrete example in the form of the KCVY Protocol [11]. In [15], explicit bounds are provided on compiled non-local games and more specifically, a compiled CHSH game where a classical verifier acts both as a verifier and one of the players in a standard CHSH game while the second player is a quantum device.

Both of these works use computational problems which bear a strong resemblance to the standard non-local CHSH game. Furthermore, ref [15] (Lemma 34) and ref [14] (Theorem 4.7) provide an upper bound on the anti-commutation relations of the challenges the prover receives as a function of the winning probability in the protocol—This potentially allows the use of the Entropic uncertainty principle Lemma 5. As an example, in an optimal winning probability, the anti-commutator is negligibly close to zero (it is also worth mentioning that this is a similar condition that must also be met in the standard non-local CHSH game).

Similarly to the upper bound on the projection on “bad blocks” in Equation (19), one could use the lemma to provide a similar bound using a Markov inequality. Assuming now that the subspaces we are working with have measurements whose square overlap is bound by c, one may use the statistics of each measurements, geometrical arguments (along with rigidity) and entropic uncertainty relations, to provide a lower bound on the entropies of each measurement. It is worth noting that even with an honest prover, the von Neumann entropy will be $\approx h\left(0.15\right)$. This could potentially be remedied by introducing a third measurement but regardless, once a lower bound on the von Neumann entropy is found, similar steps to those of Section 3.2 can be followed.

4. Conclusions and Outlook

By utilizing a combination of results from quantum information theory and post-quantum cryptography, we have shown that entropy accumulation is feasible when interacting with a single device. While this was previously performed in [5] using ad hoc techniques, we provide a flexible framework that builds on well-studied tools and follows similar steps to those used in DI protocols based on the violation of Bell inequalities using two devices [27]. Prior to our work, it was believed that such an approach cannot be taken (see the discussion in [5]). We remark that while we focused on randomness certification in the current manuscript, one could now easily extend the analysis to randomness expansion, amplification and key distribution using the same standard techniques applied when working with two devices [19,27].

Furthermore, even though we carried out the proof here specifically for the computational challenge derived from a NTCF, the methods that we establish are modular and can be generalized to other protocols with different cryptographic assumptions. For example, in two recent works [14,15], the winning probability in various “computational games” is tied to the anti-commutator of the measurements used by the device that plays the game (see [15] (Lemma 38) and [14] (Theorem 4.7) in particular). Thus, their results can be used to derive a bound on the conditional von Neumann entropy as we do in Lemma 12. From there onward, the final bound on the accumulated smooth min-entropy is derived exactly as in our work.

Apart from the theoretical contribution, the new proof method allows us to derive explicit bounds for a finite number of rounds of the protocol, in contrast to asymptotic statements. Thus, one can use the bounds to study the practicality of DI randomness certification protocols based on computational assumptions.

For the current protocol, in order to obtain a positive rate, the number of repetitions n required, as seen in Figure 5, is too demanding for actual implementation. In addition, the necessary observed winning probability is extremely high. We pinpoint the “source of the problem” to the min-trade-off function presented in Figure 4 and provide below a number of suggestions as to how one might improve the derived bounds. In general, however, we expect that for other protocols (e.g., those suggested in [14,15]), one could derive better min-trade-off functions that will bring us closer to the regime of experimentally relevant protocols. In fact, our framework allows us to compare different protocols via their min-trade-off functions and thus can be used as a tool for benchmarking new protocols.

Beyond these directions, the suggestions raised in the review point toward further refinements that may help reduce the round complexity. In particular, one could explore variants of the entropy accumulation framework that allow for memory-aware entropy tracking or dynamically weighted contributions across rounds. Another possibility is to structure the protocol in layers, separating fast verification from more costly entropy collection. While we do not pursue these directions here, our framework is compatible with such modifications and could serve as a foundation for their analysis.

We conclude with several open questions.

• In both the original analysis performed in [5] and our work, the cryptographic assumption needs to hold even when the (efficient) device has an (inefficient) “advice state”. Including the advice states is necessary when using the entropy accumulation in its current form, due to the usage of a min-trade-off function (see Equation (30)). One fundamental question is therefore whether this is necessary in all DI protocols based on the post-quantum computational assumptions or not.
• As mentioned above, what makes the protocol considered here potentially unfeasible for experimental implementations is its min-trade-off function. Ideally, one would like to both decrease the winning probability needed in order to certify entropy as well as the derivative of the function, which is currently too large. The derivative impacts the second-order term of the accumulated entropy, and this is why we observe the need for a large number of rounds in the protocol—many orders of magnitude more than in the DI setup with two devices. Any improvement of Lemma 12 may be useful; when looking into the details of the proof, there is indeed some room for it.
• Once one is interested in non-asymptotic statements and actual implementations, the unknown negligible function $\xi \left(\lambda \right)$ needs to be better understood. The assumption is that $\xi \left(\lambda \right)=0$ as $\lambda \to \infty$, but in any given execution, one does fix a finite $\lambda$. Some more explicit statements should then be made regarding $\xi \left(\lambda \right)$ and incorporated into the final bound.
• In the current manuscript, we worked with the EAT presented in [25]. A generalized version, that allows for potentially more complex protocols, appears in [26]. All of our lemmas and theorems can also be derived using [26] without any modifications. An interesting question is whether there are DI protocols with a single device that can exploit the more general structure of [26].