Quantum Proofs

Quantum information and computation provide a fascinating twist on the notion of proofs in computational complexity theory. For instance, one may consider a quantum computational analogue of the complexity class \class{NP}, known as QMA, in which a quantum state plays the role of a proof (also called a certificate or witness), and is checked by a polynomial-time quantum computation. For some problems, the fact that a quantum proof state could be a superposition over exponentially many classical states appears to offer computational advantages over classical proof strings. In the interactive proof system setting, one may consider a verifier and one or more provers that exchange and process quantum information rather than classical information during an interaction for a given input string, giving rise to quantum complexity classes such as QIP, QSZK, and QMIP* that represent natural quantum analogues of IP, SZK, and MIP. While quantum interactive proof systems inherit some properties from their classical counterparts, they also possess distinct and uniquely quantum features that lead to an interesting landscape of complexity classes based on variants of this model. In this survey we provide an overview of many of the known results concerning quantum proofs, computational models based on this concept, and properties of the complexity classes they define. In particular, we discuss non-interactive proofs and the complexity class QMA, single-prover quantum interactive proof systems and the complexity class QIP, statistical zero-knowledge quantum interactive proof systems and the complexity class \class{QSZK}, and multiprover interactive proof systems and the complexity classes QMIP, QMIP*, and MIP*.Comment: Survey published by NOW publisher

Why Philosophers Should Care About Computational Complexity

One might think that, once we know something is computable, how efficiently it can be computed is a practical question with little further philosophical importance. In this essay, I offer a detailed case that one would be wrong. In particular, I argue that computational complexity theory---the field that studies the resources (such as time, space, and randomness) needed to solve computational problems---leads to new perspectives on the nature of mathematical knowledge, the strong AI debate, computationalism, the problem of logical omniscience, Hume's problem of induction, Goodman's grue riddle, the foundations of quantum mechanics, economic rationality, closed timelike curves, and several other topics of philosophical interest. I end by discussing aspects of complexity theory itself that could benefit from philosophical analysis.Comment: 58 pages, to appear in "Computability: G\"odel, Turing, Church, and beyond," MIT Press, 2012. Some minor clarifications and corrections; new references adde

Averting economic collapse and the solipsism bias

We study the behavior of experimental subjects who have to make a sequence of risky investment decisions in the presence of network externalities. Subjects follow a simple heuristic-investing after positive experiences and reducing their propensity to invest after a failure. This result contrasts with the theoretical findings of Jeitschko and Taylor [Jeitschko, T.D., Taylor, C., 2001. Local discouragement and global collapse: A theory of coordination avalanches. Amer. Econ. Rev. 91 (1), 208-224] in which even agents who have only good experiences eventually stop investing because they account for the fact that others with worse experiences will quit. This can trigger sudden economic collapse-a coordination avalanche-even in the most efficient Bayesian equilibrium. In the experiment, subjects follow their own experiences and disregard the possible bad experiences of others-thus exhibiting behavior that we term "solipsism bias." Solipsism results in sustained investment activity and thus averts complete collapse. (c) 2005 Elsevier Inc. All rights reserved

A Study of Separations in Cryptography: New Results and New Models

For more than 20 years, black-box impossibility results have been used to argue the infeasibility of constructing certain cryptographic primitives (e.g., key agreement) from others (e.g., one-way functions). In this dissertation we further extend the frontier of this field by demonstrating several new impossibility results as well as a new framework for studying a more general class of constructions. Our first two results demonstrate impossibility of black-box constructions of two commonly used cryptographic primitives. In our first result we study the feasibility of black-box constructions of predicate encryption schemes from standard assumptions and demonstrate strong limitations on the types of schemes that can be constructed. In our second result we study black-box constructions of constant-round zero-knowledge proofs from one-way permutations and show that, under commonly believed complexity assumptions, no such constructions exist. A widely recognized limitation of black-box impossibility results, however, is that they say nothing about the usefulness of (known) non-black-box techniques. This state of affairs is unsatisfying as we would at least like to rule out constructions using the set of techniques we have at our disposal. With this motivation in mind, in the final result of this dissertation we propose a new framework for black-box constructions with a non-black-box flavor, specifically, those that rely on zero-knowledge proofs relative to some oracle. Our framework is powerful enough to capture a large class of known constructions, however we show that the original black-box separation of key agreement from one-way functions still holds even in this non-black-box setting that allows for zero-knowledge proofs

A precise computational approach to knowledge

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2006.Includes bibliographical references (p. 100-103).The seminal work of Goldwasser, Micali and Rackoff put forward a computational approach to knowledge in interactive systems, providing the foundation of modern Cryptography. Their notion bounds the knowledge of a player in terms of his potential computational power (technically defined as polynomial-time computation). In this thesis, we put forward a stronger notion that precisely bounds the knowledge gained by a player in an interaction in terms of the actual computation he has performed (which can be considerably less than any arbitrary polynomial-time computation). Our approach not only remains valid even if P = NP, but is most meaningful when modeling knowledge of computationally easy properties. As such, it broadens the applicability of Cryptography and weakens the complexity theoretic assumptions on which Cryptography can be based.by Rafael Pass.Ph.D

Quantification of information flow in cyber physical systems

In Cyber Physical Systems (CPSs), traditional security mechanisms such as cryptography and access control are not enough to ensure the security of the system since complex interactions between the cyber portion and physical portion happen frequently. In particular, the physical infrastructure is inherently observable; aggregated physical observations can lead to unintended cyber information leakage. Information flow analysis, which aims to control the way information flows among different entities, is better suited for CPSs than the access control security mechanism. However, quantifying information leakage in CPSs can be challenging due to the flow of implicit information between the cyber portion, the physical portion, and the outside world. Within algorithmic theory, the online problem considers inputs that arrive one by one and deals with extracting the algorithmic solution through an advice tape without knowing some parts of the input. This dissertation focuses on statistical methods to quantify information leakage in CPSs due to algorithmic leakages, especially CPSs that allocate constrained resources. The proposed framework is based on the advice tape concept of algorithmically quantifying information leakage and statistical analysis. With aggregated physical observations, the amount of information leakage of the constrained resource due to the cyber algorithm can be quantified through the proposed algorithms. An electric smart grid has been used as an example to develop confidence intervals of information leakage within a real CPS. The characteristic of the physical system, which is represented as an invariant, is also considered and influences the information quantification results. The impact of this work is that it allows the user to express an observer\u27s uncertainty about a secret as a function of the revealed part. Thus, it can be used as an algorithmic design in a CPS to allocate resources while maximizing the uncertainty of the information flow to an observer --Abstract, page iii

Parametrisierte Algorithmen für Ganzzahlige Lineare Programme und deren Anwendungen für Zuweisungsprobleme

This thesis is concerned with solving NP-hard problems. We consider two prominent strategies of coping with such computationally hard questions efficiently. The first approach aims to design approximation algorithms, that is, we are content to find good, but non-optimal solutions in polynomial time. The second strategy is called Fixed-Parameter Tractability (FPT) and considers parameters of the instance to capture the hardness of the problem and by that, obtain efficient algorithms with respect to the remaining input. This thesis employs both strategies jointly to develop efficient approximation and exact algorithms using parameterization and modeling the problem as structured integer linear programs (ILPs), which can be solved in FPT. In the first part of this work, we concentrate on these well-structured ILPs. On the one hand, we develop an efficient algorithm for block-structured integer linear programs called n-fold ILPs. On the other hand, we investigate the similarly block-structured 2-stage stochastic ILPs and prove conditional lower bounds regarding the running time of any algorithm solving them that match the best known upper bounds. We also prove the tightness of certain structural parameters called sensitivity and proximity for ILPs which arise from combinatorial questions such as allocation problems. The second part utilizes n-fold ILPs and structural properties to add to and improve upon known results for Scheduling and Bin Packing problems. We design exact FPT algorithms for the Scheduling With Clique Incompatibilities, Bin Packing, and Multiple Knapsack problems. Further, we provide constant-factor approximation algorithms and polynomial time approximation schemes (PTAS) for the Class Constraint Scheduling problems. Broadening our scope, we also investigate this problem and the closely related Cardinality Constraint Scheduling problem in the online setting and derive lower bounds for the approximation ratios as well as a PTAS for them. Altogether, this thesis contributes to the knowledge about structured ILPs, proves their limits and reaffirms their usefulness for a plethora of allocation problems. In doing so, various new and improved algorithms with respect to the running time or approximation quality emerge

Relativistic quantum cryptography

In this thesis we explore the benefits of relativistic constraints for cryptography. We first revisit non-communicating models and its applications in the context of interactive proofs and cryptography. We propose bit commitment protocols whose security hinges on communication constraints and investigate its limitations. We explain how some non-communicating models can be justified by special relativity and study the limitations of such models. In particular, we present a framework for analysing security of multiround relativistic protocols. The second part of the thesis is dedicated to analysing specific protocols. We start by considering a recently proposed two-round quantum bit commitment protocol. We propose a fault-tolerant variant of the protocol, present a complete security analysis and report on an experimental implementation performed in collaboration with an experimental group at the University of Geneva. We also propose a new, multiround classical bit commitment protocol and prove its security against classical adversaries. This demonstrates that in the classical world an arbitrarily long commitment can be achieved even if the agents are restricted to occupy a finite region of space. Moreover, the protocol is easy to implement and we report on an experiment performed in collaboration with the Geneva group.Comment: 123 pages, 9 figures, many protocols, a couple of theorems, certainly not enough commas. PhD thesis supervised by Stephanie Wehner at Centre for Quantum Technologies, Singapor