Unconditionally Secure Bit Commitment by Transmitting Measurement Outcomes

We propose a new unconditionally secure bit commitment scheme based on Minkowski causality and the properties of quantum information. The receiving party sends a number of randomly chosen BB84 qubits to the committer at a given point in space-time. The committer carries out measurements in one of the two BB84 bases, depending on the committed bit value, and transmits the outcomes securely at light speed in opposite directions to remote agents. These agents unveil the bit by returning the outcomes to adjacent agents of the receiver. The security proofs rely only on simple properties of quantum information and the impossibility of superluminal signalling.

💡 Research Summary

The paper introduces a relativistic quantum bit‑commitment protocol that achieves unconditional security using only simple quantum resources and the causal structure of Minkowski space‑time. The protocol proceeds as follows: Bob prepares N independent qubits in randomly chosen BB84 states (|0⟩, |1⟩, |+⟩, |−⟩) and sends them to Alice so that they arrive at a designated space‑time point P. To commit to bit 0, Alice measures each incoming qubit in the computational (Z) basis; to commit to bit 1, she measures in the diagonal (X) basis. The measurement outcomes are then transmitted over secure classical channels at (or near) light speed to two spatially separated agents of Alice located at points Q₀ and Q₁, which are light‑like separated from P in opposite directions.

During the unveiling phase, Alice’s agents at Q₀ and Q₁ simultaneously reveal the recorded outcomes to Bob’s agents at the same locations. Bob checks that the two revealed strings are identical and that they are statistically consistent with the list of states he originally sent, given the basis implied by the claimed bit value. If the checks pass, the commitment is accepted; any inconsistency signals cheating.

Security against Bob is trivial: until Alice decides to unveil, Bob has no information about which basis she used, because the only data he receives are the classical outcomes that travel only after the measurement. Hence the hiding property is perfect.

Security against Alice relies on Minkowski causality. The two unveiling points Q₀ and Q₁ are spacelike separated; any operation performed on the forward light‑cone of P that influences the data at Q₀ cannot affect the data at Q₁, and vice‑versa. Suppose Alice tried to keep both commitments viable by employing a strategy that gives her success probabilities p₀ and p₁ for unveiling 0 and 1 respectively, with p₀ + p₁ > 1 + δ for some δ > 0. Because of the causal separation, she would need to produce at Q₀ data consistent with a 0‑commitment and at Q₁ data consistent with a 1‑commitment simultaneously. This would require, for each qubit, knowledge of a pair of outcomes belonging to complementary bases, which is forbidden by the no‑cloning and measurement disturbance principles. By choosing N large enough, the probability that she can correctly guess a compatible pair for every qubit can be made arbitrarily small, bounding her cheating probability by δ. Thus the binding property holds unconditionally.

The protocol’s practical advantages are notable. It requires no entanglement, no collective measurements, and no quantum memory on either side; only single‑qubit preparation (by Bob) and single‑qubit measurement (by Alice) are needed. Secure classical communication can be realized with pre‑shared one‑time pads or refreshed via quantum key distribution. The scheme tolerates detector inefficiencies: Alice may simply report which qubits were successfully detected and measured, and the security analysis still applies as long as the reporting is timely (essentially at P). Small deviations from ideal light‑speed signalling or finite separation of the laboratories merely shift the exact point at which the commitment becomes binding from P to a nearby point in its future light cone, without breaking security.

Compared with earlier relativistic schemes, this method avoids the need for pre‑shared data between distant agents (as in Kent 2005) and eliminates the requirement for quantum channels between the agents (as in Kent 2011). It therefore represents a minimal‑resource, experimentally feasible route to unconditional bit commitment.

The authors also discuss extensions: the protocol can be generalized to other state sets, higher‑dimensional qudits, or multiple unveiling locations; it can be chained to achieve longer‑term commitments; and it fits within a broader class of relativistic quantum cryptographic tasks such as quantum tagging and position‑based authentication. Full security and efficiency analyses for these extensions remain open research directions.

In summary, by exploiting the impossibility of superluminal signalling together with elementary properties of BB84 measurements, the paper demonstrates that unconditionally secure bit commitment is achievable with very modest quantum technology, marking a significant step forward for relativistic quantum cryptography.