8 research outputs found
Multiparty Quantum Signature Schemes
Digital signatures are widely used in electronic communications to secure
important tasks such as financial transactions, software updates, and legal
contracts. The signature schemes that are in use today are based on public-key
cryptography and derive their security from computational assumptions. However,
it is possible to construct unconditionally secure signature protocols. In
particular, using quantum communication, it is possible to construct signature
schemes with security based on fundamental principles of quantum mechanics.
Several quantum signature protocols have been proposed, but none of them has
been explicitly generalized to more than three participants, and their security
goals have not been formally defined. Here, we first extend the security
definitions of Swanson and Stinson (2011) so that they can apply also to the
quantum case, and introduce a formal definition of transferability based on
different verification levels. We then prove several properties that multiparty
signature protocols with information-theoretic security -- quantum or classical
-- must satisfy in order to achieve their security goals. We also express two
existing quantum signature protocols with three parties in the security
framework we have introduced. Finally, we generalize a quantum signature
protocol given in Wallden-Dunjko-Kent-Andersson (2015) to the multiparty case,
proving its security against forging, repudiation and non-transferability.
Notably, this protocol can be implemented using any point-to-point quantum key
distribution network and therefore is ready to be experimentally demonstrated.Comment: 22 pages, 4 figure
Unconditionally Secure Cryptography: Signature Schemes, User-Private Information Retrieval, and the Generalized Russian Cards Problem
We focus on three different types of multi-party cryptographic protocols. The first is in the area of unconditionally secure signature schemes, the goal of which is to provide users the ability to electronically sign documents without the reliance on computational assumptions needed in traditional digital signatures. The second is on cooperative protocols in which users help each other maintain privacy while querying a database, called user-private information retrieval protocols. The third is concerned with the generalized Russian cards problem, in which two card players wish to communicate their hands to each other via public announcements without the third player learning the card deal. The latter two problems have close ties to the field of combinatorial designs, and properly fit within the field of combinatorial cryptography. All of these problems have a common thread, in that they are grounded in the information-theoretically secure or unconditionally secure setting
Message Authentication and Recognition Protocols Using Two-Channel Cryptography
We propose a formal model for non-interactive message authentication protocols (NIMAPs) using two channels and analyze all the attacks that can occur in this model. Further, we introduce the notion of hybrid-collision resistant (HCR) hash functions. This leads to a new proposal for a NIMAP based on HCR hash functions. This protocol is as efficient as the best previous
NIMAP while having a very simple structure and not requiring any long strings to be authenticated ahead of
time.
We investigate interactive message authentication protocols (IMAPs) and propose a new IMAP, based on the existence of interactive-collision resistant (ICR) hash functions, a new notion of hash function security. The efficient and easy-to-use structure
of our IMAP makes it very practical in real world ad hoc network scenarios.
We also look at message recognition protocols (MRPs) and prove that there is a one-to-one correspondence between non-interactive MRPs and digital signature schemes with message recovery. Further, we look at an existing recognition protocol and point out its inability to recover in case of a specific adversarial disruption. We improve this protocol by suggesting a variant which is equipped with a resynchronization process.
Moreover, another variant of the protocol is proposed which self-recovers in case of an intrusion. Finally, we propose a new design for message recognition in ad hoc networks which does not make use of hash chains. This new design uses random passwords that are being refreshed in each session, as opposed to precomputed elements of a hash chain
Ideal quantum protocols in the non-ideal physical world
The development of quantum protocols from conception to experimental realizations is one of
the main sources of the stimulating exchange between fundamental and experimental research
characteristic to quantum information processing. In this thesis we contribute to the development
of two recent quantum protocols, Universal Blind Quantum Computation (UBQC) and Quantum
Digital Signatures (QDS). UBQC allows a client to delegate a quantum computation to a more
powerful quantum server while keeping the input and computation private. We analyse the resilience
of the privacy of UBQC under imperfections. Then, we introduce approximate blindness
quantifying any compromise to privacy, and propose a protocol which enables arbitrary levels of
security despite imperfections. Subsequently, we investigate the adaptability of UBQC to alternative
implementations with practical advantages. QDS allow a party to send a message to other
parties which cannot be forged, modified or repudiated. We analyse the security properties of a
first proof-of-principle experiment of QDS, implemented in an optical system. We estimate the
security failure probabilities of our system as a function of protocol parameters, under all but the
most general types of attacks. Additionally, we develop new techniques for analysing transformations
between symmetric sets of states, utilized not only in the security proofs of QDS but in
other applications as well
Practical Quantum Communication
Current communication networks are based on classical physics and classical information-processing. However, for nearly a century, we have known that at its most fundamental level, the universe is governed by the laws of quantum mechanics. With quantum communication, new possibilities arise in our capabilities to transmit and process information which, in many cases, lead to advantages compared to what is classically possible. The entire scope of tasks for which quantum communication can offer improvements has not yet been fully explored, but several quantum protocols are known that can either perform tasks which are impossible with classical resources or can outperform classical protocols. These quantum protocols are well understood from a theoretical point of view, but many of them have never been demonstrated in practice. Thus, in the context of quantum communication, there is a significant gap between theory and experiment that must be removed in order to harness the advantages provided by quantum mechanics in a practical setting.
In this thesis, we develop a series of tools for developing and testing practical quantum communication protocols. Our main technique is a theoretical reformulation of existing quantum communication protocols that converts them into a form in which they can be demonstrated with existing experimental techniques. More precisely, they can be implemented using only coherent states of light and linear optics circuits while still retaining the crucial properties of the original abstract protocols. We use this result to construct practical protocols for the Hidden Matching problem and quantum fingerprinting.
In the case of quantum fingerprinting, we make a thorough analysis of the role played by experimental errors and show that our practical protocol can still be implemented in the presence of these imperfections. In fact, we report a proof of concept experimental demonstration of a quantum fingerprinting system that is capable of transmitting less information than the best known classical protocol for this problem. Our implementation is based on a modified version of a commercial quantum key distribution system using off-the-shelf optical components over telecom wavelengths, and is practical for messages as large as 100 Mbits, even in the presence of experimental imperfections.
Similarly, in the context of cryptography, we propose a multiparty quantum signature protocol that can be implemented from any point-to-point quantum key distribution network, proving its security against forging, repudiation and non-transferability. Crucially, since quantum key distribution is already a practical technology, so is this protocol. However, unlike other tasks in quantum communication, there has not been significant theoretical work on establishing a security model for quantum signature schemes. Consequently, we also constructed a security framework for these schemes and proved several properties that these protocols must satisfy in order to achieve their security goals.
Finally, in addition to proposing new practical protocols, we provide a reliable data analysis technique to verify an important property of many quantum communication protocols: the presence of entanglement. Our technique is based on entanglement witnesses and it does not require the specification of a prior distribution nor the assumption of independent measurements. The technique is suitable to be used with nonlinear entanglement witnesses, which we show can be constructed from any linear witness and evaluated from the same experimental data. We also develop numerical tools necessary to employ this approach in practice, rendering the procedure ready to be applied to current experiments. We demonstrate this by analyzing the data of a photonic experiment generating two-photon states whose entanglement is verified with the use of an accessible nonlinear witness
Hash Families and Cover-Free Families with Cryptographic Applications
This thesis is focused on hash families and cover-free families and their application to
problems in cryptography. We present new necessary conditions for generalized separating
hash families, and provide new explicit constructions. We then consider three cryptographic
applications of hash families and cover-free families. We provide a stronger de nition of
anonymity in the context of shared symmetric key primitives and give a new scheme with
improved anonymity properties. Second, we observe that nding the invalid signatures
in a set of digital signatures that fails batch veri cation is a group testing problem, then
apply and compare many group testing algorithms to solve this problem e ciently. In
particular, we apply group testing algorithms based on cover-free families. Finally, we
construct a one-time signature scheme based on cover-free families with short signatures
Must the Communication Graph of MPC Protocols be an Expander?
Secure multiparty computation (MPC) on incomplete communication networks has been studied within two primary models: (1) Where a partial network is fixed a priori, and thus corruptions can occur dependent on its structure, and (2) Where edges in the communication graph are determined dynamically as part of the protocol. Whereas a rich literature has succeeded in mapping out the feasibility and limitations of graph structures supporting secure computation in the fixed-graph model (including strong classical lower bounds), these bounds do not apply in the latter dynamic-graph setting, which has recently seen exciting new results, but remains relatively unexplored.
In this work, we initiate a similar foundational study of MPC within the dynamic-graph model. As a first step, we investigate the property of graph expansion. All existing protocols (implicitly or explicitly) yield communication graphs which are expanders, but it is not clear whether this is inherent.
Our results consist of two types (for constant fraction of corruptions):
* Upper bounds: We demonstrate secure protocols whose induced communication graphs are not expander graphs, within a wide range of settings (computational, information theoretic, with low locality, even with low locality and adaptive security) each assuming some form of input-independent setup.
* Lower bounds: In the setting without setup and adaptive corruptions, we demonstrate that for certain functionalities, no protocol can maintain a non-expanding communication graph against all adversarial strategies. Our lower bound relies only on protocol correctness (not privacy), and requires a surprisingly delicate argument.
More generally, we provide a formal framework for analyzing the evolving communication graph of MPC protocols, giving a starting point for studying the relation between secure computation and further, more general graph properties
Efficient and unconditionally secure digital signatures and a security analysis of a multireceiver authentication code
Abstract. Digital signatures whose security does not rely on any unproven computational assumption have recently received considerable attention. While these unconditionally secure digital signatures provide a foundation for long term integrity and non-repudiation of data, currently known schemes generally require a far greater amount of memory space for the storage of users ’ secret information than a traditional digital signature. The focus of this paper is on methods for reducing memory requirements of unconditionally secure digital signatures. A major contribution of this paper is to propose two novel unconditionally secure digital signature schemes that have significantly shortened secret information for users. As a specific example, with a typical parameter setting the required memory size for a user is reduced to approximately 1 10 of that in previously known schemes. Another contribution of the paper is to demonstrate an attack on a multireceiver authentication code proposed by Safavi-Naini and Wang, and present a method to fix the problem of the code.