Towards the Impossibility of Non-Signalling Privacy Amplification from Time-Like Ordering Constraints

In the past few years there was a growing interest in proving the security of cryptographic protocols, such as key distribution protocols, from the sole assumption that the systems of Alice and Bob cannot signal to each other. This can be achieved by making sure that Alice and Bob perform their measurements in a space-like separated way (and therefore signalling is impossible according to the non-signalling postulate of relativity theory) or even by shielding their apparatus. Unfortunately, it was proven in [E. Haenggi, R. Renner, and S. Wolf. The impossibility of non-signaling privacy amplification] that, no matter what hash function we use, privacy amplification is impossible if we only impose non-signalling conditions between Alice and Bob and not within their systems. In this letter we reduce the gap between the assumptions of Haenggi et al. and the physical relevant assumptions, from an experimental point of view, which say that the systems can only signal forward in time within the systems of Alice and Bob. We consider a set of assumptions which is very close to the conditions above and prove that the impossibility result of Haenggi et al. still holds.

💡 Research Summary

The paper addresses a fundamental limitation of privacy amplification when the only security assumption is non‑signalling between the two honest parties, Alice and Bob. Earlier work by Haenggi, Renner, and Wolf showed that if one assumes only that Alice and Bob cannot signal to each other, but places no restrictions on signalling inside each party’s laboratory, then no hash function can extract a secret key that is statistically close to uniform. This result, however, rests on an extremely weak physical model that is far from what is achievable in real experiments. In practice, the devices used by Alice and Bob are constrained by the causal structure of spacetime: information can only propagate forward in time within each device, and backward‑in‑time signalling is forbidden. The present work bridges the gap between the abstract non‑signalling model and the physically realistic “forward‑in‑time signalling” constraint.

The authors first formalize a time‑ordered non‑signalling model. In this model the overall protocol is divided into a sequence of measurement rounds. In round i Alice and Bob receive local inputs (x_i) and (y_i) and produce outputs (a_i) and (b_i). The crucial constraint is that the joint conditional distribution (P(a_i,b_i|x_{\le i},y_{\le i})) may depend on all previous inputs and outputs but must be independent of any future inputs. This is a natural expression of the fact that each device can only send signals forward in its own time direction, while still forbidding any instantaneous (space‑like) signalling between the two parties.

To demonstrate that privacy amplification remains impossible under these more realistic constraints, the authors construct an explicit adversarial strategy that respects the time‑ordered non‑signalling conditions. The strategy is built on a family of “time‑ordered correlation boxes”. Each box shares a hidden random bit (r_i) between Alice and Bob in round i. The outputs are defined as \