20 research outputs found
Complete Insecurity of Quantum Protocols for Classical Two-Party Computation
A fundamental task in modern cryptography is the joint computation of a
function which has two inputs, one from Alice and one from Bob, such that
neither of the two can learn more about the other's input than what is implied
by the value of the function. In this Letter, we show that any quantum protocol
for the computation of a classical deterministic function that outputs the
result to both parties (two-sided computation) and that is secure against a
cheating Bob can be completely broken by a cheating Alice. Whereas it is known
that quantum protocols for this task cannot be completely secure, our result
implies that security for one party implies complete insecurity for the other.
Our findings stand in stark contrast to recent protocols for weak coin tossing,
and highlight the limits of cryptography within quantum mechanics. We remark
that our conclusions remain valid, even if security is only required to be
approximate and if the function that is computed for Bob is different from that
of Alice.Comment: v2: 6 pages, 1 figure, text identical to PRL-version (but reasonably
formatted
Secure multiparty quantum computation for summation and multiplication
As a fundamental primitive, Secure Multiparty Summation and Multiplication can be used to build complex secure protocols for other multiparty computations, specially, numerical computations. However, there is still lack of systematical and efficient quantum methods to compute Secure Multiparty Summation and Multiplication. In this paper, we present a novel and efficient quantum approach to securely compute the summation and multiplication of multiparty private inputs, respectively. Compared to classical solutions, our proposed approach can ensure the unconditional security and the perfect privacy protection based on the physical principle of quantum mechanics
Entanglement sampling and applications
A natural measure for the amount of quantum information that a physical
system E holds about another system A = A_1,...,A_n is given by the min-entropy
Hmin(A|E). Specifically, the min-entropy measures the amount of entanglement
between E and A, and is the relevant measure when analyzing a wide variety of
problems ranging from randomness extraction in quantum cryptography, decoupling
used in channel coding, to physical processes such as thermalization or the
thermodynamic work cost (or gain) of erasing a quantum system. As such, it is a
central question to determine the behaviour of the min-entropy after some
process M is applied to the system A. Here we introduce a new generic tool
relating the resulting min-entropy to the original one, and apply it to several
settings of interest, including sampling of subsystems and measuring in a
randomly chosen basis. The sampling results lead to new upper bounds on quantum
random access codes, and imply the existence of "local decouplers". The results
on random measurements yield new high-order entropic uncertainty relations with
which we prove the optimality of cryptographic schemes in the bounded quantum
storage model.Comment: v3: fixed some typos, v2: fixed minor issue with the definition of
entropy and improved presentatio
Quantifying the Leakage of Quantum Protocols for Classical Two-Party Cryptography
We study quantum protocols among two distrustful parties. By adopting a
rather strict definition of correctness - guaranteeing that honest players
obtain their correct outcomes only - we can show that every strictly correct
quantum protocol implementing a non-trivial classical primitive necessarily
leaks information to a dishonest player. This extends known impossibility
results to all non-trivial primitives. We provide a framework for quantifying
this leakage and argue that leakage is a good measure for the privacy provided
to the players by a given protocol. Our framework also covers the case where
the two players are helped by a trusted third party. We show that despite the
help of a trusted third party, the players cannot amplify the cryptographic
power of any primitive. All our results hold even against quantum
honest-but-curious adversaries who honestly follow the protocol but purify
their actions and apply a different measurement at the end of the protocol. As
concrete examples, we establish lower bounds on the leakage of standard
universal two-party primitives such as oblivious transfer.Comment: 38 pages, completely supersedes arXiv:0902.403