1,255 research outputs found
Brandt's fully private auction protocol revisited
International audienceAuctions have a long history, having been recorded as early as 500 B.C. [Kri02]. Nowadays, electronic auctions have been a great success and are increasingly used in various applications, including high performance computing [BAGS02]. Many cryptographic protocols have been proposed to address the various security requirements of these electronic transactions, in particular to ensure privacy. Brandt [Bra06] developed a protocol that computes the winner using homomorphic operations on a distributed ElGamal encryption of the bids. He claimed that it ensures full privacy of the bidders, i.e. no information apart from the winner and the winning price is leaked. We first show that this protocol – when using malleable interactive zero-knowledge proofs – is vulnerable to attacks by dishonest bidders. Such bidders can manipulate the publicly available data in a way that allows the seller to deduce all participants' bids. We provide an efficient parallelized implementation of the protocol and the attack to show its practicality. Additionally we discuss some issues with verifiability as well as attacks on non-repudiation, fairness and the privacy of individual bidders exploiting authentication problems
Computational Indistinguishability between Quantum States and Its Cryptographic Application
We introduce a computational problem of distinguishing between two specific
quantum states as a new cryptographic problem to design a quantum cryptographic
scheme that is "secure" against any polynomial-time quantum adversary. Our
problem, QSCDff, is to distinguish between two types of random coset states
with a hidden permutation over the symmetric group of finite degree. This
naturally generalizes the commonly-used distinction problem between two
probability distributions in computational cryptography. As our major
contribution, we show that QSCDff has three properties of cryptographic
interest: (i) QSCDff has a trapdoor; (ii) the average-case hardness of QSCDff
coincides with its worst-case hardness; and (iii) QSCDff is computationally at
least as hard as the graph automorphism problem in the worst case. These
cryptographic properties enable us to construct a quantum public-key
cryptosystem, which is likely to withstand any chosen plaintext attack of a
polynomial-time quantum adversary. We further discuss a generalization of
QSCDff, called QSCDcyc, and introduce a multi-bit encryption scheme that relies
on similar cryptographic properties of QSCDcyc.Comment: 24 pages, 2 figures. We improved presentation, and added more detail
proofs and follow-up of recent wor
Normalizer Circuits and Quantum Computation
(Abridged abstract.) In this thesis we introduce new models of quantum
computation to study the emergence of quantum speed-up in quantum computer
algorithms.
Our first contribution is a formalism of restricted quantum operations, named
normalizer circuit formalism, based on algebraic extensions of the qubit
Clifford gates (CNOT, Hadamard and -phase gates): a normalizer circuit
consists of quantum Fourier transforms (QFTs), automorphism gates and quadratic
phase gates associated to a set , which is either an abelian group or
abelian hypergroup. Though Clifford circuits are efficiently classically
simulable, we show that normalizer circuit models encompass Shor's celebrated
factoring algorithm and the quantum algorithms for abelian Hidden Subgroup
Problems. We develop classical-simulation techniques to characterize under
which scenarios normalizer circuits provide quantum speed-ups. Finally, we
devise new quantum algorithms for finding hidden hyperstructures. The results
offer new insights into the source of quantum speed-ups for several algebraic
problems.
Our second contribution is an algebraic (group- and hypergroup-theoretic)
framework for describing quantum many-body states and classically simulating
quantum circuits. Our framework extends Gottesman's Pauli Stabilizer Formalism
(PSF), wherein quantum states are written as joint eigenspaces of stabilizer
groups of commuting Pauli operators: while the PSF is valid for qubit/qudit
systems, our formalism can be applied to discrete- and continuous-variable
systems, hybrid settings, and anyonic systems. These results enlarge the known
families of quantum processes that can be efficiently classically simulated.
This thesis also establishes a precise connection between Shor's quantum
algorithm and the stabilizer formalism, revealing a common mathematical
structure in several quantum speed-ups and error-correcting codes.Comment: PhD thesis, Technical University of Munich (2016). Please cite
original papers if possible. Appendix E contains unpublished work on Gaussian
unitaries. If you spot typos/omissions please email me at JLastNames at
posteo dot net. Source: http://bit.ly/2gMdHn3. Related video talk:
https://www.perimeterinstitute.ca/videos/toy-theory-quantum-speed-ups-based-stabilizer-formalism
Posted on my birthda
Arguments of Knowledge via hidden order groups
We study non-interactive arguments of knowledge (AoKs) for commitments in groups of hidden order. We provide protocols whereby a Prover can demonstrate certain properties of and relations between committed sets/multisets, with succinct proofs that are publicly verifiable against the constant-sized commitments. In particular, we provide AoKs for the disjointness of committed sets/multisets in cryptographic accumulators, with a view toward applications to verifiably outsourcing data storage and sharded stateless blockchains.
Recent work ([DGS20]) suggests that the hidden order groups need to be substantially larger in size that previously thought, in order to ensure the desired security level. Thus, in order to keep the communication complexity between the Prover and the the Verifier to a minimum, we have designed the protocols so that the proofs entail a constant number of group elements, independent of the number of the committed sets/multisets rather than just independent of the sizes of these sets/multisets.
If the underlying group of hidden order is an appropriate imaginary quadratic class group or a genus three Jacobian, the argument systems are transparent. Furthermore, since all challenges are public coin, the protocols can be made non-interactive using the Fiat-Shamir heuristic. We build on the techniques from [BBF19] and [Wes18]
- …