Fast Quantum Byzantine Agreement: Difference between revisions

Here we will sketch the outline of the protocol by Ben-Or [[Quantum Byzantine Agreement#References|(3)]] that solve Byzantine Agreement using quantum resources. A very nice summary of this protocol is also presented in [[Quantum Byzantine Agreement#References|(1)]]. The main idea of this protocol is for each player to classically send its proposed value/decision (a valid message) to every other player and then collaborate to determine what a majority of honest players proposed. In the case where adversaries make this difficult, a `good-enough' random coin is globally flipped (protocol for random coin flip using quantum resources explained below), which is then classically post-processed to reach agreement among the honest parties. More precisely, the protocol is outlined as follows. Each round consists of the following steps:

'''Quantum Oblivious Common Coin subroutine:''' The heart of this protocol comes from the quantum enhanced [[Oblivious Common Coin]]. At the end of this subroutine, each player outputs a random bit, such that with at least probability $p$  (called the fairness) $v_i = x$ for all players $i$ and all $x \in \{0,1\}$. Intuitively, this subroutines tosses a common coin, where all players get either heads or tails with probability at least $p$ each, but there may be executions (which occur with at most probability $1-2p$) where all players do not get the same output and no common coin is actually tossed. Since the players do not know whether the outcomes are all equal or not, this type of coin tossing is referred to as oblivious common coin tossing. In particular, using quantum resources, this task can be achieved in constant rounds (in the defined model). The implementation of this subroutine makes use of a weakened version of Verifiable Quantum Secret Sharing.