arxiv: 2605.04650 · v1 · submitted 2026-05-06 · 🪐 quant-ph

Recognition: 2 theorem links

· Lean Theorem

Unconditional Authentication in Quantum Key Distribution via Hybrid Entangled Physical Unclonable Functions

Nicolas Laurent-Puig , Mina Doosti , Adriano Innocenzi , Eleni Diamanti

Authors on Pith no claims yet

Pith reviewed 2026-05-08 17:48 UTC · model grok-4.3

classification 🪐 quant-ph

keywords quantum key distributionphysical unclonable functionsauthenticationinformation-theoretic securityentanglementquantum networksinitial key generation

0 comments

The pith

Hybrid entangled PUFs generate an information-theoretically secure initial key for QKD under minimal hardware assumptions.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper establishes that a protocol combining physical unclonable functions with quantum entanglement can produce an initial authentication key that is secure against unbounded adversaries. This key is generated without relying on pre-shared secrets or strong assumptions about the hardware. The resulting authentication allows a complete entanglement-based QKD session to run with information-theoretic security end to end. By removing the pre-shared secret requirement, the method addresses a long-standing practical obstacle to deploying QKD in networks. The demonstration uses only lightweight, readily available hardware assumptions while preserving the unconditional security guarantees of QKD.

Core claim

The central claim is that the hybrid entangled PUF protocol produces an information-theoretically secure initial key under only minimal explicit hardware assumptions, which in turn permits an experimental fully ITS-authenticated entanglement-based QKD protocol that eliminates any need for pre-shared secrets.

What carries the argument

The hybrid entangled Physical Unclonable Function (PUF) protocol, which binds classical PUF challenge-response pairs to entangled quantum states to extract an initial authentication key.

If this is right

A complete entanglement-based QKD protocol can be executed with information-theoretic security using only the hybrid PUF for authentication.
No pre-shared secret is required at the start of the protocol.
The security holds under minimal explicit hardware assumptions rather than stronger device-independent or trusted setups.
The same PUF-based initial key can support subsequent QKD rounds without additional classical authentication overhead.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

Quantum network protocols that currently depend on trusted initial keys could adopt the same PUF mechanism to reduce setup complexity.
The approach may extend to other quantum communication tasks that need authenticated classical channels, such as quantum teleportation or conference key agreement.
If the minimal hardware assumptions prove robust against real-world side-channel attacks, the method lowers the barrier to field deployment compared with schemes requiring secure key distribution infrastructure.
Integration with existing QKD hardware could be tested by replacing the pre-shared secret step with the entangled PUF exchange and measuring the resulting key rate and error rates.

Load-bearing premise

The responses from the hybrid entangled PUF produce an information-theoretically secure initial key even when the hardware satisfies only minimal explicit assumptions.

What would settle it

An experiment in which an eavesdropper extracts the full initial key from observed PUF responses and quantum measurements, or in which the authentication step fails to detect a man-in-the-middle attack on the classical channel, would refute the claim.

Figures

Figures reproduced from arXiv: 2605.04650 by Adriano Innocenzi, Eleni Diamanti, Mina Doosti, Nicolas Laurent-Puig.

**Figure 1.** Figure 1: Experimental setup. A Ti:Sapphire laser (Coherent view at source ↗

**Figure 2.** Figure 2: This stability is due to the high fidelity of the en view at source ↗

**Figure 2.** Figure 2: Experimental performance of the HEPUFauthenticated QKD protocol. Upper: Evolution of QBER as a function of the raw-key length for attenuation levels of 30, 40, and 50 dB. Solid lines represent Scenario 1, while dashed lines represent Scenario 2. Bottom: SKR in bits per second versus channel attenuation. Blue markers denote Scenario 1 and red markers denote Scenario 2. Solid line represent simulation using… view at source ↗

**Figure 3.** Figure 3: Experimental density matrix of the state produced view at source ↗

read the original abstract

Quantum Key Distribution (QKD) enables Information-Theoretically Secure (ITS) key exchange, robust even against future quantum computing threats. However, a fundamental limitation of QKD is the requirement for an authenticated classical channel, which necessitates a pre-shared secret key. In this work, we address this challenge by adopting a Hybrid Entangled Physical Unclonable Function (PUF) protocol for authentication. We demonstrate that this PUF-based method generates an ITS initial key under minimal explicit hardware assumptions. This approach allows us to experimentally perform a fully ITS-authenticated entanglement-based QKD protocol that relies solely on such assumptions, effectively eliminating the need for pre-shared secrets. This represents a significant step towards the practical realization of quantum network protocols using lightweight, readily available hardware assumptions, without weakening security guarantees.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper proposes using a hybrid entangled physical unclonable function (PUF) protocol to generate an information-theoretically secure (ITS) initial key for authenticating the classical channel in an entanglement-based QKD setup. This is claimed to enable a fully ITS-authenticated QKD protocol without any pre-shared secrets, relying only on minimal explicit hardware assumptions such as physical unclonability and entanglement fidelity. The work includes an experimental demonstration of the protocol.

Significance. If the security reduction from PUF properties to an ITS initial key holds with explicit bounds, the result would address a longstanding practical barrier in QKD by removing the need for pre-shared authentication keys while preserving information-theoretic security. This could enable more deployable quantum network protocols using lightweight hardware, provided the claims are supported by rigorous analysis rather than assumption.

major comments (2)

[Security analysis] Security analysis section: The central claim that the hybrid entangled PUF generates an ITS initial key (zero mutual information with any eavesdropper) under only minimal hardware assumptions lacks a formal reduction, explicit min-entropy bounds, or adversary model accounting for quantum queries to the physical device. This is load-bearing because the subsequent QKD authentication inherits its ITS guarantee from this initial key; without it, the unconditional authentication claim does not follow from the stated assumptions.
[Protocol and Experiment] Protocol description and experimental results: The manuscript does not provide concrete entropy calculations or a reduction showing uniform bit extraction with information-theoretic security (as opposed to computational hardness) from the PUF responses. The experimental demonstration therefore cannot yet be said to support the ITS claim without these details.

minor comments (2)

[Protocol description] Notation for the hybrid PUF construction is introduced without a clear diagram or step-by-step extraction procedure, making it difficult to follow how entanglement is combined with the PUF response.
[Introduction] The abstract and introduction use the term 'unconditional' interchangeably with 'ITS' without clarifying the precise security model (e.g., whether it assumes bounded quantum memory or perfect unclonability).

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for the thorough review and valuable feedback. The comments highlight important aspects of the security analysis that require clarification and strengthening. We address each major comment below and will incorporate revisions to provide the requested formal elements while preserving the manuscript's core contributions.

read point-by-point responses

Referee: The central claim that the hybrid entangled PUF generates an ITS initial key (zero mutual information with any eavesdropper) under only minimal hardware assumptions lacks a formal reduction, explicit min-entropy bounds, or adversary model accounting for quantum queries to the physical device. This is load-bearing because the subsequent QKD authentication inherits its ITS guarantee from this initial key; without it, the unconditional authentication claim does not follow from the stated assumptions.

Authors: We agree that a more explicit formal reduction strengthens the presentation. The current analysis derives the ITS property from the physical unclonability assumption combined with the measured entanglement fidelity of the hybrid state, which bounds the eavesdropper's information via the no-cloning theorem and quantum state distinguishability. In the revision we will add an explicit adversary model that includes quantum queries to the PUF, together with concrete min-entropy bounds expressed in terms of the observed fidelity. This will make the reduction to zero mutual information fully rigorous under the stated hardware assumptions. revision: yes
Referee: The manuscript does not provide concrete entropy calculations or a reduction showing uniform bit extraction with information-theoretic security (as opposed to computational hardness) from the PUF responses. The experimental demonstration therefore cannot yet be said to support the ITS claim without these details.

Authors: The experimental results demonstrate the generation and use of the PUF responses in the QKD protocol, with security grounded in the theoretical properties of the entangled state rather than computational assumptions. To address the request for explicit calculations, the revised manuscript will include min-entropy estimates derived directly from the measured entanglement visibility and a description of the randomness extractor (universal hash) that achieves information-theoretically secure uniform extraction. These additions will clarify that the bit extraction inherits ITS guarantees from the PUF properties. revision: yes

Circularity Check

0 steps flagged

No circularity: ITS initial-key claim rests on external hardware assumptions rather than self-referential definitions or fits.

full rationale

The abstract and provided context present the hybrid entangled PUF as generating an ITS initial key under minimal explicit hardware assumptions (unclonability, entanglement fidelity), with the subsequent QKD authentication inheriting security from that key. No equations, parameter-fitting procedures, self-citations, or uniqueness theorems are visible that would reduce the security guarantee to a tautology or to the paper's own inputs by construction. The derivation chain therefore remains self-contained against external physical benchmarks.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

The central claim rests on the domain assumption that the hybrid entangled PUF hardware can produce an ITS authentication key from minimal explicit assumptions; no free parameters or invented entities are stated in the abstract.

axioms (1)

domain assumption Hybrid entangled PUFs generate an information-theoretically secure initial key under minimal explicit hardware assumptions.
This assumption is required for the protocol to achieve unconditional authentication without pre-shared secrets.

pith-pipeline@v0.9.0 · 5439 in / 1119 out tokens · 40176 ms · 2026-05-08T17:48:54.248705+00:00 · methodology

discussion (0)

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

IndisputableMonolith.Foundation (entire forcing chain — J-cost, φ, 8-tick, D=3, c/ℏ/G) reality_from_one_distinction unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

We demonstrate that this PUF-based method generates an ITS initial key under minimal explicit hardware assumptions... Wegman-Carter authentication scheme... ε_QKD ≤ ε_PA + ε_PE + ε_EC + ε_A.
IndisputableMonolith.Cost / FunctionalEquation (J-cost, cosh forcing) washburn_uniqueness_aczel unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

From the Leftover Hash Lemma: l ≤ H_min^{ε_stat}(V|E) − 2 log₂(1/ε_stat), and ε_HEPUF ≤ ((1/2 + δ√(1+4δ²)/2))^m.

What do these tags mean?

matches: The paper's claim is directly supported by a theorem in the formal canon.
supports: The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends: The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses: The paper appears to rely on the theorem as machinery.
contradicts: The paper's claim conflicts with a theorem or certificate in the canon.
unclear: Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

20 extracted references · 7 canonical work pages

[1]

Three sets of QWP-HWP-QWP rotate the final state to the desired one

Af- ter filtering the photons with a dichroic mirror and 1100 nm long pass filters, they are coupled to single mode fibers with a 12 mm focal lens. Three sets of QWP-HWP-QWP rotate the final state to the desired one. A set of HWP-QWP-FPBS is used to map each photon’s polarization to the spatial degree of freedom. The fibers are connected to superconductin...

2030
[2]

C. H. Bennett and G. Brassard, Quantum cryptography: Public key distribution and coin tossing, inProceedings of IEEE International Conference on Computers, Systems and Signal Processing, Vol. 175 (New York, 1984) p. 8

1984
[3]

Gisin, G

N. Gisin, G. Ribordy, W. Tittel, and H. Zbinden, Quantum cryptography, Reviews of Modern Physics74, 145 (2002)

2002
[4]

Scarani, H

V. Scarani, H. Bechmann-Pasquinucci, N. J. Cerf, M. Duˇ sek, N. L¨ utkenhaus, and M. Peev, The security of practical quantum key distribution, Reviews of Modern Physics81, 1301 (2009)

2009
[5]

Mosca, Cybersecurity in an era with quantum comput- ers: Will we be ready?, IEEE Security & Privacy16, 38 (2018)

M. Mosca, Cybersecurity in an era with quantum comput- ers: Will we be ready?, IEEE Security & Privacy16, 38 (2018)

2018
[6]

Renner and R

R. Renner and R. Wolf, The debate over qkd: A rebuttal to the nsa’s objections, arXiv preprint arXiv:2307.15116 (2023)

work page arXiv 2023
[7]

M. N. Wegman and J. L. Carter, New hash functions and their use in authentication and set equality, Journal of Computer and System Sciences22, 265 (1981)

1981
[8]

D. J. Bernstein and T. Lange, Post-quantum cryptography, Nature549, 188 (2017)

2017
[9]

Pappu, B

R. Pappu, B. Recht, J. Taylor, and N. Gershenfeld, Physi- cal one-way functions, Science297, 2026 (2002)

2026
[10]

Arapinis, M

M. Arapinis, M. Delavar, M. Doosti, and E. Kashefi, Quan- tum physical unclonable functions: Possibilities and impos- sibilities, Quantum5, 475 (2021)

2021
[11]

Goswami, M

S. Goswami, M. Doosti, and E. Kashefi, Hybrid authen- tication protocols for advanced quantum networks (2025), arXiv:2504.11552

work page arXiv 2025
[12]

Tomamichel and A

M. Tomamichel and A. Leverrier, A largely self-contained and complete security proof for quantum key distribution, Quantum1, 14 (2017)

2017
[13]

Gottesman and I

D. Gottesman and I. Chuang, Quantum digital signatures, arXiv preprint quant-ph/0105032 (2001)

work page arXiv 2001
[14]

Marconot, D

J. Marconot, D. Hely, and F. Pebay-Peyroula, Conception and evaluation of secure circuits for strong digital puf, SN Computer Science1, 10.1007/s42979-020-00274-0 (2020)

work page doi:10.1007/s42979-020-00274-0 2020
[15]

Renner, Security of quantum key distribution (2006), arXiv:quant-ph/0512258 [quant-ph]

R. Renner, Security of quantum key distribution (2006), arXiv:quant-ph/0512258 [quant-ph]

work page arXiv 2006
[16]

C.-H. F. Fung, X. Ma, and H. F. Chau, Practical issues in quantum-key-distribution postprocessing, Physical Review A81, 10.1103/physreva.81.012318 (2010)

work page doi:10.1103/physreva.81.012318 2010
[17]

dos Santos Martins, N

L. dos Santos Martins, N. Laurent-Puig, P. Lefebvre, S. Neves, and E. Diamanti, Realizing a compact, high- fidelity, telecom-wavelength source of multipartite entan- gled photons, Opt. Express33, 53468 (2025)

2025
[18]

Wisiol and M

N. Wisiol and M. Margraf, Why attackers lose: design and security analysis of arbitrarily large xor arbiter pufs, Jour- nal of Cryptographic Engineering9, 221–230 (2019)

2019
[19]

Chakraborty, M

K. Chakraborty, M. Doosti, Y. Ma, M. Arapinis, and E. Kashefi, Quantum Lock: A Provable Quantum Commu- nication Advantage, arXiv:2110.09469 [quant-ph] (2021), arXiv: 2110.09469

work page arXiv 2021
[20]

T. Kim, M. Fiorentino, and F. N. C. Wong, Phase-stable source of polarization-entangled photons using a polariza- tion sagnac interferometer, Phys. Rev. A73, 012316 (2006). 7 I. HEPUF ARCHITECTURE In this section, we detail the internal structure of the HEPUF [10]. The device is composed of a classicalp- randomness PUF [18] inside a tamper-proof box, whic...

2006