Separating Two-Round Secure Computation From Oblivious Transfer

We consider the question of minimizing the round complexity of protocols for secure multiparty computation (MPC) with security against an arbitrary number of semi-honest parties. Very recently, Garg and Srinivasan (Eurocrypt 2018) and Benhamouda and Lin (Eurocrypt 2018) constructed such 2-round MPC protocols from minimal assumptions. This was done by showing a round preserving reduction to the task of secure 2-party computation of the oblivious transfer functionality (OT). These constructions made a novel non-black-box use of the underlying OT protocol. The question remained whether this can be done by only making black-box use of 2-round OT. This is of theoretical and potentially also practical value as black-box use of primitives tends to lead to more efficient constructions. Our main result proves that such a black-box construction is impossible, namely that non-black-box use of OT is necessary. As a corollary, a similar separation holds when starting with any 2-party functionality other than OT. As a secondary contribution, we prove several additional results that further clarify the landscape of black-box MPC with minimal interaction. In particular, we complement the separation from 2-party functionalities by presenting a complete 4-party functionality, give evidence for the difficulty of ruling out a complete 3-party functionality and for the difficulty of ruling out black-box constructions of 3-round MPC from 2-round OT, and separate a relaxed "non-compact" variant of 2-party homomorphic secret sharing from 2-round OT

Quantum Security for the Physical Layer

The physical layer describes how communication signals are encoded and transmitted across a channel. Physical security often requires either restricting access to the channel or performing periodic manual inspections. In this tutorial, we describe how the field of quantum communication offers new techniques for securing the physical layer. We describe the use of quantum seals as a unique way to test the integrity and authenticity of a communication channel and to provide security for the physical layer. We present the theoretical and physical underpinnings of quantum seals including the quantum optical encoding used at the transmitter and the test for non-locality used at the receiver. We describe how the envisioned quantum physical sublayer senses tampering and how coordination with higher protocol layers allow quantum seals to influence secure routing or tailor data management methods. We conclude by discussing challenges in the development of quantum seals, the overlap with existing quantum key distribution cryptographic services, and the relevance of a quantum physical sublayer to the future of communication security.Comment: 7 pages, 6 figure

Introduction to Quantum Information Processing

As a result of the capabilities of quantum information, the science of quantum information processing is now a prospering, interdisciplinary field focused on better understanding the possibilities and limitations of the underlying theory, on developing new applications of quantum information and on physically realizing controllable quantum devices. The purpose of this primer is to provide an elementary introduction to quantum information processing, and then to briefly explain how we hope to exploit the advantages of quantum information. These two sections can be read independently. For reference, we have included a glossary of the main terms of quantum information.Comment: 48 pages, to appear in LA Science. Hyperlinked PDF at http://www.c3.lanl.gov/~knill/qip/prhtml/prpdf.pdf, HTML at http://www.c3.lanl.gov/~knill/qip/prhtm

Reflections upon separability and distillability

We present an abstract formulation of the so-called Innsbruck-Hannover programme that investigates quantum correlations and entanglement in terms of convex sets. We present a unified description of optimal decompositions of quantum states and the optimization of witness operators that detect whether a given state belongs to a given convex set. We illustrate the abstract formulation with several examples, and discuss relations between optimal entanglement witnesses and n-copy non-distillable states with non-positive partial transpose.Comment: 12 pages, 7 figures, proceedings of the ESF QIT Conference Gdansk, July 2001, submitted to special issue of J. Mod. Op

Security versus Reliability Analysis of Opportunistic Relaying

Physical-layer security is emerging as a promising paradigm of securing wireless communications against eavesdropping between legitimate users, when the main link spanning from source to destination has better propagation conditions than the wiretap link from source to eavesdropper. In this paper, we identify and analyze the tradeoffs between the security and reliability of wireless communications in the presence of eavesdropping attacks. Typically, the reliability of the main link can be improved by increasing the source's transmit power (or decreasing its date rate) to reduce the outage probability, which unfortunately increases the risk that an eavesdropper succeeds in intercepting the source message through the wiretap link, since the outage probability of the wiretap link also decreases when a higher transmit power (or lower date rate) is used. We characterize the security-reliability tradeoffs (SRT) of conventional direct transmission from source to destination in the presence of an eavesdropper, where the security and reliability are quantified in terms of the intercept probability by an eavesdropper and the outage probability experienced at the destination, respectively. In order to improve the SRT, we then propose opportunistic relay selection (ORS) and quantify the attainable SRT improvement upon increasing the number of relays. It is shown that given the maximum tolerable intercept probability, the outage probability of our ORS scheme approaches zero for $N \to \infty$, where $N$ is the number of relays. Conversely, given the maximum tolerable outage probability, the intercept probability of our ORS scheme tends to zero for $N \to \infty$.Comment: 9 pages. IEEE Transactions on Vehicular Technology, 201