1,583 research outputs found
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Quantum Bit String Commitment
A bit string commitment protocol securely commits classical bits in such
a way that the recipient can extract only bits of information about the
string. Classical reasoning might suggest that bit string commitment implies
bit commitment and hence, given the Mayers-Lo-Chau theorem, that
non-relativistic quantum bit string commitment is impossible. Not so: there
exist non-relativistic quantum bit string commitment protocols, with security
parameters and , that allow to commit
bits to so that 's probability of successfully cheating when revealing
any bit and 's probability of extracting more than bits of
information about the bit string before revelation are both less than
. With a slightly weakened but still restrictive definition of
security against , can be taken to be for a positive
constant . I briefly discuss possible applications.Comment: Published version. (Refs updated.
Recommended from our members
Are PCPs Inherent in Efficient Arguments?
Starting with Kilian (STOC ‘92), several works have shown how to use probabilistically checkable proofs (PCPs) and cryptographic primitives such as collision-resistant hashing to construct very efficient argument systems (a.k.a. computationally sound proofs), for example with polylogarithmic communication complexity. Ishai et al. (CCC ‘07) raised the question of whether PCPs are inherent in efficient arguments, and to what extent. We give evidence that they are, by showing how to convert any argument system whose soundness is reducible to the security of some cryptographic primitive into a PCP system whose efficiency is related to that of the argument system and the reduction (under certain complexity assumptions).Engineering and Applied Science
The Multireceiver Commitment Schemes
Existing commitment schemes were addressed under the classic two-party scenario. However,
popularity of the secure multi-party computation in today\u27s lush network communication is
motivating us to adopt more sophisticate commitment schemes. In this paper, we study for
the first time multireceiver commitment in unconditionally secure setting, i.e., one
committer promises a group of verifiers a common secret value (in computational setting it is
trivial). We extend the Rivest model for this purpose and present a provably secure generic
construction using multireceiver authentication codes (without secrecy) as a building
block. Two concrete schemes are proposed as its immediate implementations, which are
almost as efficient as an optimal MRA-code. Furthermore, to affirmatively answer the open
question of Pinto, Souto, Matos and Antunes, we present also a generic construction (for
two-party case) using only an A-code with secrecy. Finally, we show the possibility of
constructing multireceiver commitment schemes using other primitives such as verifiable
secret sharing. We leave open problems and believe the work will open doors for more interesting research
On Unconditionally Secure Distributed Oblivious Transfer.
This paper is about the Oblivious Transfer in the distributed model proposed by M.
Naor and B. Pinkas. In this setting a Sender has n secrets and a Receiver is interested
in one of them. During a set up phase, the Sender gives information about the secrets to
m Servers. Afterwards, in a recovering phase, the Receiver can compute the secret she
wishes by interacting with any k of them. More precisely, from the answers received she
computes the secret in which she is interested but she gets no information on the others
and, at the same time, any coalition of k − 1 Servers can neither compute any secret nor
figure out which one the Receiver has recovered.
We present an analysis and new results holding for this model: lower bounds on
the resources required to implement such a scheme (i.e., randomness, memory storage,
communication complexity); some impossibility results for one-round distributed oblivi-
ous transfer protocols; two polynomial-based constructions implementing 1-out-of-n dis-
tributed oblivious transfer, which generalize and strengthen the two constructions for
1-out-of-2 given by Naor and Pinkas; as well as new one-round and two-round distributed
oblivious transfer protocols, both for threshold and general access structures on the set
of Servers, which are optimal with respect to some of the given bounds. Most of these
constructions are basically combinatorial in nature
- …