Limits of privacy amplification against non-signalling memory attacks

Abstract: The task of privacy amplification, in which Alice holds some partially secret information with respect to an adversary Eve and wishes to distill it until it is completely secret, is known to be solvable almost optimally both in the classical and quantum world. Unfortunately, when considering an adversary who is only limited by non-signalling constraints such a statement cannot be made in general. We here prove that under the natural assumptions of time-ordered non-signalling system, which allow past subsystems to signal future subsystems (using the device's memory for example), super-polynomial privacy amplification by any hashing is impossible. This is in great relevance when considering practical device independent key distribution protocols which assume a super-quantum adversary.