754 research outputs found

    Quantum Copy-Protection and Quantum Money

    Get PDF
    Forty years ago, Wiesner proposed using quantum states to create money that is physically impossible to counterfeit, something that cannot be done in the classical world. However, Wiesner's scheme required a central bank to verify the money, and the question of whether there can be unclonable quantum money that anyone can verify has remained open since. One can also ask a related question, which seems to be new: can quantum states be used as copy-protected programs, which let the user evaluate some function f, but not create more programs for f? This paper tackles both questions using the arsenal of modern computational complexity. Our main result is that there exist quantum oracles relative to which publicly-verifiable quantum money is possible, and any family of functions that cannot be efficiently learned from its input-output behavior can be quantumly copy-protected. This provides the first formal evidence that these tasks are achievable. The technical core of our result is a "Complexity-Theoretic No-Cloning Theorem," which generalizes both the standard No-Cloning Theorem and the optimality of Grover search, and might be of independent interest. Our security argument also requires explicit constructions of quantum t-designs. Moving beyond the oracle world, we also present an explicit candidate scheme for publicly-verifiable quantum money, based on random stabilizer states; as well as two explicit schemes for copy-protecting the family of point functions. We do not know how to base the security of these schemes on any existing cryptographic assumption. (Note that without an oracle, we can only hope for security under some computational assumption.)Comment: 14-page conference abstract; full version hasn't appeared and will never appear. Being posted to arXiv mostly for archaeological purposes. Explicit money scheme has since been broken by Lutomirski et al (arXiv:0912.3825). Other quantum money material has been superseded by results of Aaronson and Christiano (coming soon). Quantum copy-protection ideas will hopefully be developed in separate wor

    セキュアRFIDタグチップの設計論

    Get PDF
    In this thesis, we focus on radio frequency identification (RFID) tag. We design, implement, and evaluate hardware performance of a secure tag that runs the authentication protocol based on cryptographic algorithms. The cryptographic algorithm and the pseudorandom number generator are required to be implemented in the tag. To realize the secure tag, we tackle the following four steps: (A) decision of hardware architecture for the authentication protocol, (B) selection of the cryptographic algorithm, (C) establishment of a pseudorandom number generating method, and (D) implementation and performance evaluation of a silicon chip on an RFID system.(A) The cryptographic algorithm and the pseudorandom number generator are repeatedly called for each authentication. Therefore, the impact of the time needed for the cryptographic processes on the hardware performance of the tag can be large. While low-area requirements have been mainly discussed in the previous studies, it is needed to discuss the hardware architecture for the authentication protocol from the viewpoint of the operating time. In this thesis, in order to decide the hardware architecture, we evaluate hardware performance in the sense of the operating time. As a result, the parallel architecture is suitable for hash functions that are widely used for tag authentication protocols.(B) A lot of cryptographic algorithms have been developed and hardware performance of the algorithms have been evaluated on different conditions. However, as the evaluation results depend on the conditions, it is hard to compare the previous results. In addition, the interface of the cryptographic circuits has not been paid attention. In this thesis, in order to select a cryptographic algorithm, we design the interface of the cryptographic circuits to meet with the tag, and evaluate hardware performance of the circuits on the same condition. As a result, the lightweight hash function SPONGENT-160 achieves well-balanced hardware performance.(C) Implementation of a pseudorandom number generator based on the performance evaluation results on (B) can be a method to generate pseudorandom number on the tag. On the other hand, as the cryptographic algorithm and the pseudorandom number generator are not used simultaneously on the authentication protocol. Therefore, if the cryptographic circuit could be used for pseudorandom number generation, the hardware resource on the tag can be exploited efficiently. In this thesis, we propose a pseudorandom number generating method using a hash function that is a cryptographic component of the authentication protocol. Through the evaluation of our proposed method, we establish a lightweight pseudorandom number generating method for the tag.(D) Tag authentication protocols using a cryptographic algorithm have been developed in the previous studies. However, hardware implementation and performance evaluation of a tag, which runs authentication processes, have not been studied. In this thesis, we design and do a single chip implementation of an analog front-end block and a digital processing block including the results on (A), (B), and (C). Then, we evaluate hardware performance of the tag. As a result, we show that a tag, which runs the authentication protocol based on cryptographic algorithms, is feasible.電気通信大学201

    Наносхеми для криптографічних модулів

    Get PDF
    The possibility of introducing non-emitting nanoscales on the basis of quantum cellularautomata has been investigated. It practically neutralizes electromagnetic attacks. The method ofprotection from external interferences and observations of electromagnetic radiation (attacks) isproposed in the work. The power consumption of cryptographic modules has been reduced by five orders.Secure encryption of cryptographic information is providedИсследована возможность введения неизлучающие наносхем на базе квантовых ячеистых автоматов. Этопрактически нейтрализует электромагнитные атакию. Предложен метод защиты от посторонних вмешательстви наблюдений электромагнитного излучения (атак). На пять порядков снижено энергопотреблениекриптографических модулей. Обеспечено помехоустойчивое шифрования криптографической информацииДосліджено можливість запровадження невипромінюючих наносхем на базі квантових коміркових автоматів.Це практично нейтралізує електромагнітні атакию. Запропоновано метод захисту від сторонніх втручань таспостережень електромагнітного випромінювання (атак). На п’ять порядків знижено енергоспоживання криптографічних модулів. Забезпечено завадостійке шифрування криптографічної інформаці

    Grein. A New Non-Linear Cryptoprimitive

    Get PDF
    In this thesis, we will study a new stream cipher, Grein, and a new cryptoprimitive used in this cipher. The second chapter gives a brief introduction to cryptography in general. The third chapter looks at stream ciphers in general, and explains the advantages and disadvantages of stream ciphers compared to block ciphers. In the fourth chapter the most important building blocks used in stream ciphers are explained. The reader is excepted to know elementary abstract algebra, as much of the results in this chapter depend on it. In the fifth chapter, the stream cipher Grain is introduced. In chapter six, the new stream cipher, Grein, is introduced. Here, we look at the different components used in the cipher, and how they operate together. In chapter seven, we introduce an alteration to the Grein cryptosystem, which hopefully have some advantagesMaster i InformatikkMAMN-INFINF39

    IUS/payload communication system simulator configuration definition study

    Get PDF
    The requirements and specifications for a general purpose payload communications system simulator to be used to emulate those communications system portions of NASA and DOD payloads/spacecraft that will in the future be carried into earth orbit by the shuttle are discussed. For the purpose of on-orbit checkout, the shuttle is required to communicate with the payloads while they are physically located within the shuttle bay (attached) and within a range of 20 miles from the shuttle after they have been deployed (detached). Many of the payloads are also under development (and many have yet to be defined), actual payload communication hardware will not be available within the time frame during which the avionic hardware tests will be conducted. Thus, a flexible payload communication system simulator is required
    corecore