8 research outputs found

    Multiparty Quantum Signature Schemes

    Get PDF
    Digital signatures are widely used in electronic communications to secure important tasks such as financial transactions, software updates, and legal contracts. The signature schemes that are in use today are based on public-key cryptography and derive their security from computational assumptions. However, it is possible to construct unconditionally secure signature protocols. In particular, using quantum communication, it is possible to construct signature schemes with security based on fundamental principles of quantum mechanics. Several quantum signature protocols have been proposed, but none of them has been explicitly generalized to more than three participants, and their security goals have not been formally defined. Here, we first extend the security definitions of Swanson and Stinson (2011) so that they can apply also to the quantum case, and introduce a formal definition of transferability based on different verification levels. We then prove several properties that multiparty signature protocols with information-theoretic security -- quantum or classical -- must satisfy in order to achieve their security goals. We also express two existing quantum signature protocols with three parties in the security framework we have introduced. Finally, we generalize a quantum signature protocol given in Wallden-Dunjko-Kent-Andersson (2015) to the multiparty case, proving its security against forging, repudiation and non-transferability. Notably, this protocol can be implemented using any point-to-point quantum key distribution network and therefore is ready to be experimentally demonstrated.Comment: 22 pages, 4 figure

    Unconditionally Secure Cryptography: Signature Schemes, User-Private Information Retrieval, and the Generalized Russian Cards Problem

    Get PDF
    We focus on three different types of multi-party cryptographic protocols. The first is in the area of unconditionally secure signature schemes, the goal of which is to provide users the ability to electronically sign documents without the reliance on computational assumptions needed in traditional digital signatures. The second is on cooperative protocols in which users help each other maintain privacy while querying a database, called user-private information retrieval protocols. The third is concerned with the generalized Russian cards problem, in which two card players wish to communicate their hands to each other via public announcements without the third player learning the card deal. The latter two problems have close ties to the field of combinatorial designs, and properly fit within the field of combinatorial cryptography. All of these problems have a common thread, in that they are grounded in the information-theoretically secure or unconditionally secure setting

    Message Authentication and Recognition Protocols Using Two-Channel Cryptography

    Get PDF
    We propose a formal model for non-interactive message authentication protocols (NIMAPs) using two channels and analyze all the attacks that can occur in this model. Further, we introduce the notion of hybrid-collision resistant (HCR) hash functions. This leads to a new proposal for a NIMAP based on HCR hash functions. This protocol is as efficient as the best previous NIMAP while having a very simple structure and not requiring any long strings to be authenticated ahead of time. We investigate interactive message authentication protocols (IMAPs) and propose a new IMAP, based on the existence of interactive-collision resistant (ICR) hash functions, a new notion of hash function security. The efficient and easy-to-use structure of our IMAP makes it very practical in real world ad hoc network scenarios. We also look at message recognition protocols (MRPs) and prove that there is a one-to-one correspondence between non-interactive MRPs and digital signature schemes with message recovery. Further, we look at an existing recognition protocol and point out its inability to recover in case of a specific adversarial disruption. We improve this protocol by suggesting a variant which is equipped with a resynchronization process. Moreover, another variant of the protocol is proposed which self-recovers in case of an intrusion. Finally, we propose a new design for message recognition in ad hoc networks which does not make use of hash chains. This new design uses random passwords that are being refreshed in each session, as opposed to precomputed elements of a hash chain

    Ideal quantum protocols in the non-ideal physical world

    Get PDF
    The development of quantum protocols from conception to experimental realizations is one of the main sources of the stimulating exchange between fundamental and experimental research characteristic to quantum information processing. In this thesis we contribute to the development of two recent quantum protocols, Universal Blind Quantum Computation (UBQC) and Quantum Digital Signatures (QDS). UBQC allows a client to delegate a quantum computation to a more powerful quantum server while keeping the input and computation private. We analyse the resilience of the privacy of UBQC under imperfections. Then, we introduce approximate blindness quantifying any compromise to privacy, and propose a protocol which enables arbitrary levels of security despite imperfections. Subsequently, we investigate the adaptability of UBQC to alternative implementations with practical advantages. QDS allow a party to send a message to other parties which cannot be forged, modified or repudiated. We analyse the security properties of a first proof-of-principle experiment of QDS, implemented in an optical system. We estimate the security failure probabilities of our system as a function of protocol parameters, under all but the most general types of attacks. Additionally, we develop new techniques for analysing transformations between symmetric sets of states, utilized not only in the security proofs of QDS but in other applications as well

    Practical Quantum Communication

    Get PDF
    Current communication networks are based on classical physics and classical information-processing. However, for nearly a century, we have known that at its most fundamental level, the universe is governed by the laws of quantum mechanics. With quantum communication, new possibilities arise in our capabilities to transmit and process information which, in many cases, lead to advantages compared to what is classically possible. The entire scope of tasks for which quantum communication can offer improvements has not yet been fully explored, but several quantum protocols are known that can either perform tasks which are impossible with classical resources or can outperform classical protocols. These quantum protocols are well understood from a theoretical point of view, but many of them have never been demonstrated in practice. Thus, in the context of quantum communication, there is a significant gap between theory and experiment that must be removed in order to harness the advantages provided by quantum mechanics in a practical setting. In this thesis, we develop a series of tools for developing and testing practical quantum communication protocols. Our main technique is a theoretical reformulation of existing quantum communication protocols that converts them into a form in which they can be demonstrated with existing experimental techniques. More precisely, they can be implemented using only coherent states of light and linear optics circuits while still retaining the crucial properties of the original abstract protocols. We use this result to construct practical protocols for the Hidden Matching problem and quantum fingerprinting. In the case of quantum fingerprinting, we make a thorough analysis of the role played by experimental errors and show that our practical protocol can still be implemented in the presence of these imperfections. In fact, we report a proof of concept experimental demonstration of a quantum fingerprinting system that is capable of transmitting less information than the best known classical protocol for this problem. Our implementation is based on a modified version of a commercial quantum key distribution system using off-the-shelf optical components over telecom wavelengths, and is practical for messages as large as 100 Mbits, even in the presence of experimental imperfections. Similarly, in the context of cryptography, we propose a multiparty quantum signature protocol that can be implemented from any point-to-point quantum key distribution network, proving its security against forging, repudiation and non-transferability. Crucially, since quantum key distribution is already a practical technology, so is this protocol. However, unlike other tasks in quantum communication, there has not been significant theoretical work on establishing a security model for quantum signature schemes. Consequently, we also constructed a security framework for these schemes and proved several properties that these protocols must satisfy in order to achieve their security goals. Finally, in addition to proposing new practical protocols, we provide a reliable data analysis technique to verify an important property of many quantum communication protocols: the presence of entanglement. Our technique is based on entanglement witnesses and it does not require the specification of a prior distribution nor the assumption of independent measurements. The technique is suitable to be used with nonlinear entanglement witnesses, which we show can be constructed from any linear witness and evaluated from the same experimental data. We also develop numerical tools necessary to employ this approach in practice, rendering the procedure ready to be applied to current experiments. We demonstrate this by analyzing the data of a photonic experiment generating two-photon states whose entanglement is verified with the use of an accessible nonlinear witness

    Hash Families and Cover-Free Families with Cryptographic Applications

    Get PDF
    This thesis is focused on hash families and cover-free families and their application to problems in cryptography. We present new necessary conditions for generalized separating hash families, and provide new explicit constructions. We then consider three cryptographic applications of hash families and cover-free families. We provide a stronger de nition of anonymity in the context of shared symmetric key primitives and give a new scheme with improved anonymity properties. Second, we observe that nding the invalid signatures in a set of digital signatures that fails batch veri cation is a group testing problem, then apply and compare many group testing algorithms to solve this problem e ciently. In particular, we apply group testing algorithms based on cover-free families. Finally, we construct a one-time signature scheme based on cover-free families with short signatures

    Must the Communication Graph of MPC Protocols be an Expander?

    Get PDF
    Secure multiparty computation (MPC) on incomplete communication networks has been studied within two primary models: (1) Where a partial network is fixed a priori, and thus corruptions can occur dependent on its structure, and (2) Where edges in the communication graph are determined dynamically as part of the protocol. Whereas a rich literature has succeeded in mapping out the feasibility and limitations of graph structures supporting secure computation in the fixed-graph model (including strong classical lower bounds), these bounds do not apply in the latter dynamic-graph setting, which has recently seen exciting new results, but remains relatively unexplored. In this work, we initiate a similar foundational study of MPC within the dynamic-graph model. As a first step, we investigate the property of graph expansion. All existing protocols (implicitly or explicitly) yield communication graphs which are expanders, but it is not clear whether this is inherent. Our results consist of two types (for constant fraction of corruptions): * Upper bounds: We demonstrate secure protocols whose induced communication graphs are not expander graphs, within a wide range of settings (computational, information theoretic, with low locality, even with low locality and adaptive security) each assuming some form of input-independent setup. * Lower bounds: In the setting without setup and adaptive corruptions, we demonstrate that for certain functionalities, no protocol can maintain a non-expanding communication graph against all adversarial strategies. Our lower bound relies only on protocol correctness (not privacy), and requires a surprisingly delicate argument. More generally, we provide a formal framework for analyzing the evolving communication graph of MPC protocols, giving a starting point for studying the relation between secure computation and further, more general graph properties

    Efficient and unconditionally secure digital signatures and a security analysis of a multireceiver authentication code

    No full text
    Abstract. Digital signatures whose security does not rely on any unproven computational assumption have recently received considerable attention. While these unconditionally secure digital signatures provide a foundation for long term integrity and non-repudiation of data, currently known schemes generally require a far greater amount of memory space for the storage of users ’ secret information than a traditional digital signature. The focus of this paper is on methods for reducing memory requirements of unconditionally secure digital signatures. A major contribution of this paper is to propose two novel unconditionally secure digital signature schemes that have significantly shortened secret information for users. As a specific example, with a typical parameter setting the required memory size for a user is reduced to approximately 1 10 of that in previously known schemes. Another contribution of the paper is to demonstrate an attack on a multireceiver authentication code proposed by Safavi-Naini and Wang, and present a method to fix the problem of the code.
    corecore