42,446 research outputs found
Classical Knowledge for Quantum Security
We propose a decision procedure for analysing security of quantum
cryptographic protocols, combining a classical algebraic rewrite system for
knowledge with an operational semantics for quantum distributed computing. As a
test case, we use our procedure to reason about security properties of a
recently developed quantum secret sharing protocol that uses graph states. We
analyze three different scenarios based on the safety assumptions of the
classical and quantum channels and discover the path of an attack in the
presence of an adversary. The epistemic analysis that leads to this and similar
types of attacks is purely based on our classical notion of knowledge.Comment: extended abstract, 13 page
Making Quantum Local Verifiers Simulable with Potential Applications to Zero-Knowledge
Recently Chen and Movassagh proposed the quantum Merkle tree, which is a
quantum analogue of the well-known classical Merkle tree. It gives a succinct
verification protocol for quantum state commitment. Although they only proved
security against semi-honest provers, they conjectured its general security.
Using the proposed quantum Merkle tree, they gave a quantum analogue of
Kilian's succinct argument for NP, which is based on probabilistically
checkable proofs (PCPs). A nice feature of Kilian's argument is that it can be
extended to a zero-knowledge succinct argument for NP, if the underlying PCP is
zero-knowledge. Hence, a natural question is whether one can also make the
quantum succinct argument by Chen and Movassagh zero-knowledge as well.
This work makes progress on this problem. We generalize the recent result of
Broadbent and Grilo to show that any local quantum verifier can be made
simulable with a minor reduction in completeness and soundness. Roughly
speaking, a local quantum verifier is simulable if in the yes case, the local
views of the verifier can be computed without knowing the actual quantum proof;
it can be seen as the quantum analogue of the classical zero-knowledge PCPs.
Hence we conjecture that applying the proposed succinct quantum argument of
Chen and Movassagh to a simulable local verifier is indeed zero-knowledge
How to Base Security on the Perfect/Statistical Binding Property of Quantum Bit Commitment?
The concept of quantum bit commitment was introduced in the early 1980s for the purpose of basing bit commitments solely on principles of quantum theory. Unfortunately, such unconditional quantum bit commitments still turn out to be impossible. As a compromise like in classical cryptography, Dumais et al. [Paul Dumais et al., 2000] introduce the conditional quantum bit commitments that additionally rely on complexity assumptions. However, in contrast to classical bit commitments which are widely used in classical cryptography, up until now there is relatively little work towards studying the application of quantum bit commitments in quantum cryptography. This may be partly due to the well-known weakness of the general quantum binding that comes from the possible superposition attack of the sender of quantum commitments, making it unclear whether quantum commitments could be useful in quantum cryptography.
In this work, following Yan et al. [Jun Yan et al., 2015] we continue studying using (canonical non-interactive) perfectly/statistically-binding quantum bit commitments as the drop-in replacement of classical bit commitments in some well-known constructions. Specifically, we show that the (quantum) security can still be established for zero-knowledge proof, oblivious transfer, and proof-of-knowledge. In spite of this, we stress that the corresponding security analyses are by no means trivial extensions of their classical analyses; new techniques are needed to handle possible superposition attacks by the cheating sender of quantum bit commitments.
Since (canonical non-interactive) statistically-binding quantum bit commitments can be constructed from quantum-secure one-way functions, we hope using them (as opposed to classical commitments) in cryptographic constructions can reduce the round complexity and weaken the complexity assumption simultaneously
Dispelling Myths on Superposition Attacks: Formal Security Model and Attack Analyses
It is of folkloric belief that the security of classical cryptographic
protocols is automatically broken if the Adversary is allowed to perform
superposition queries and the honest players forced to perform actions
coherently on quantum states. Another widely held intuition is that enforcing
measurements on the exchanged messages is enough to protect protocols from
these attacks.
However, the reality is much more complex. Security models dealing with
superposition attacks only consider unconditional security. Conversely,
security models considering computational security assume that all supposedly
classical messages are measured, which forbids by construction the analysis of
superposition attacks. Boneh and Zhandry have started to study the quantum
computational security for classical primitives in their seminal work at
Crypto'13, but only in the single-party setting. To the best of our knowledge,
an equivalent model in the multiparty setting is still missing.
In this work, we propose the first computational security model considering
superposition attacks for multiparty protocols. We show that our new security
model is satisfiable by proving the security of the well-known One-Time-Pad
protocol and give an attack on a variant of the equally reputable Yao Protocol
for Secure Two-Party Computations. The post-mortem of this attack reveals the
precise points of failure, yielding highly counter-intuitive results: Adding
extra classical communication, which is harmless for classical security, can
make the protocol become subject to superposition attacks. We use this newly
imparted knowledge to construct the first concrete protocol for Secure
Two-Party Computation that is resistant to superposition attacks. Our results
show that there is no straightforward answer to provide for either the
vulnerabilities of classical protocols to superposition attacks or the adapted
countermeasures.Comment: 46 page
- …