On the impossibility of non-static quantum bit commitment between two parties

Recently, Choi \emph{et al}. proposed an assumption on Mayers-Lo-Chau (MLC) no-go theorem that the state of the entire quantum system is invariable to both participants before the unveiling phase. This means that the theorem is only applicable to static quantum bit commitment (QBC). This paper find that the assumption is unnecessary and the MLC no-go theorem can be applied to not only static QBC, but also non-static one. A non-static QBC protocol proposed by Choi \emph{et al.} is briefly reviewed and analyzed to work as a supporting example. In addition, a novel way to prove the impossibility of the two kinds of QBC is given.

💡 Research Summary

The paper revisits the Mayers‑Lo‑Chau (MLC) no‑go theorem for quantum bit commitment (QBC) and challenges a recent claim that the theorem only applies to “static” protocols, i.e., protocols where the joint quantum state of the two parties is fixed before the unveiling phase. The authors demonstrate that the static‑state assumption is unnecessary: the MLC impossibility result holds for both static and non‑static QBC, where the receiver’s (Bob’s) initial quantum state may be random and unknown to the committer (Alice).

First, the authors restate the core of the MLC proof. If the protocol is perfectly concealing, the reduced density matrices seen by Bob after the commitment, ρ_B⁰ and ρ_B¹, must be identical for any possible initial state |ϕ_i^B⟩. By the Gisin‑Hughston‑Jozsa‑Wootters theorem, this identity implies the existence of a local unitary S_A acting only on Alice’s subsystem that maps the joint state corresponding to bit 0 to that of bit 1, regardless of Bob’s initial state. Consequently, Alice can change her committed bit at will without detection, violating the binding property. The authors formalize this argument with explicit matrix notation (equations (1)–(4) in the paper) and show that the construction of S_A does not depend on the particular |ϕ_i^B⟩, thereby extending the MLC argument to non‑static settings.

The paper then analyses the non‑static QBC protocol proposed by Choi et al. (2018). That protocol introduces a trusted third party (TTP) who shares N Bell pairs |ψ⁻⟩ with Alice, performs random projective measurements, and later reveals the measurement outcomes. Alice commits a bit by applying one of four unitary operators (M, N for bit 0; J, K for bit 1) to her half of the entangled states, using an auxiliary qubit to randomize the choice. In the unveiling phase, Alice discloses which operators she used, and the TTP reveals its measurement results so that Bob can verify consistency. The authors argue that this scheme is essentially a quantum secret‑sharing protocol rather than a genuine two‑party QBC, because the TTP supplies the quantum resources and participates in the verification. Moreover, if the TTP is removed, the protocol reduces to a standard non‑static QBC scenario. In that case, the authors show that perfect concealing forces the same algebraic condition (a_{ij}^{0}a_{iq}^{0*}=a_{ij}^{1}a_{iq}^{1*}) derived earlier, which in turn guarantees the existence of a local unitary S_A that lets Alice flip the bit, thereby breaking binding. Hence the Choi protocol does not evade the MLC impossibility.

Beyond reproducing the classic “concealing ⇒ not binding” direction, the authors present a complementary proof strategy: assume a protocol is binding and then demonstrate that it cannot be perfectly (or even unconditionally) concealing. They invoke Uhlmann’s theorem to argue that for any fixed Bob state, if the protocol were binding then there would be no local unitary connecting the purifications of ρ_B⁰ and ρ_B¹. However, the same theorem guarantees the existence of such a unitary whenever the two reduced states are identical. Therefore, a binding protocol must necessarily produce distinct reduced states for at least one Bob input, violating the concealing condition. This “binding ⇒ not concealing” argument works for both static and non‑static protocols and provides a symmetric perspective on the impossibility.

In conclusion, the paper establishes that the MLC no‑go theorem is universally applicable: any two‑party quantum bit commitment protocol, whether the joint state is static or allowed to vary, cannot simultaneously satisfy both binding and concealing. The non‑static protocol of Choi et al. is shown to be insecure when the TTP is omitted and, with the TTP, it is more accurately described as a quantum secret‑sharing scheme. The new proof technique further reinforces the fundamental incompatibility of the two security properties, solidifying the impossibility of unconditional quantum bit commitment in the most general setting.