9 research outputs found
Information-Theoretic Conditions for Two-Party Secure Function Evaluation
The standard security definition of unconditional secure function evaluation, which is based on the ideal/real model paradigm, has the disadvantage of being overly complicated to work with in practice. On the other hand, simpler ad-hoc definitions tailored to special scenarios have often been flawed. Motivated by this unsatisfactory situation, we give an information-theoretic security definition of secure function evaluation which is very simple yet provably equivalent to the standard, simulation-based definitions
A Tight High-Order Entropic Quantum Uncertainty Relation With Applications
We derive a new entropic quantum uncertainty relation involving min-entropy.
The relation is tight and can be applied in various quantum-cryptographic
settings.
Protocols for quantum 1-out-of-2 Oblivious Transfer and quantum Bit
Commitment are presented and the uncertainty relation is used to prove the
security of these protocols in the bounded quantum-storage model according to
new strong security definitions.
As another application, we consider the realistic setting of Quantum Key
Distribution (QKD) against quantum-memory-bounded eavesdroppers. The
uncertainty relation allows to prove the security of QKD protocols in this
setting while tolerating considerably higher error rates compared to the
standard model with unbounded adversaries. For instance, for the six-state
protocol with one-way communication, a bit-flip error rate of up to 17% can be
tolerated (compared to 13% in the standard model).
Our uncertainty relation also yields a lower bound on the min-entropy key
uncertainty against known-plaintext attacks when quantum ciphers are composed.
Previously, the key uncertainty of these ciphers was only known with respect to
Shannon entropy.Comment: 21 pages; editorial changes, additional applicatio
On the Composability of Statistically Secure Random Oblivious Transfer
We show that random oblivious transfer protocols that are statistically secure according to a definition based on a list of information-theoretical properties are also statistically universally composable. That is, they are simulatable secure with an unlimited adversary, an unlimited simulator, and an unlimited environment machine. Our result implies that several previous oblivious transfer protocols in the literature that were proven secure under weaker, non-composable definitions of security can actually be used in arbitrary statistically secure applications without lowering the security
Can't Touch This: unconditional tamper evidence from short keys
Storing data on an external server with information-theoretic security, while
using a key shorter than the data itself, is impossible. As an alternative, we
propose a scheme that achieves information-theoretically secure tamper
evidence: The server is able to obtain information about the stored data, but
not while staying undetected. Moreover, the client only needs to remember a key
whose length is much shorter than the data.
We provide a security proof for our scheme, based on an entropic uncertainty
relation, similar to QKD proofs. Our scheme works if Alice is able to
(reversibly) randomise the message to almost-uniformity with only a short key.
By constructing an explicit attack we show that short-key unconditional tamper
evidence cannot be achieved without this randomisability
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
On Unconditionally Secure Distributed Oblivious Transfer.
This paper is about the Oblivious Transfer in the distributed model proposed by M.
Naor and B. Pinkas. In this setting a Sender has n secrets and a Receiver is interested
in one of them. During a set up phase, the Sender gives information about the secrets to
m Servers. Afterwards, in a recovering phase, the Receiver can compute the secret she
wishes by interacting with any k of them. More precisely, from the answers received she
computes the secret in which she is interested but she gets no information on the others
and, at the same time, any coalition of k â 1 Servers can neither compute any secret nor
ïŹgure out which one the Receiver has recovered.
We present an analysis and new results holding for this model: lower bounds on
the resources required to implement such a scheme (i.e., randomness, memory storage,
communication complexity); some impossibility results for one-round distributed oblivi-
ous transfer protocols; two polynomial-based constructions implementing 1-out-of-n dis-
tributed oblivious transfer, which generalize and strengthen the two constructions for
1-out-of-2 given by Naor and Pinkas; as well as new one-round and two-round distributed
oblivious transfer protocols, both for threshold and general access structures on the set
of Servers, which are optimal with respect to some of the given bounds. Most of these
constructions are basically combinatorial in nature
Cryptography in the Bounded-Quantum-Storage Model
This thesis initiates the study of cryptographic protocols in the
bounded-quantum-storage model. On the practical side, simple protocols for
Rabin Oblivious Transfer, 1-2 Oblivious Transfer and Bit Commitment are
presented. No quantum memory is required for honest players, whereas the
protocols can only be broken by an adversary controlling a large amount of
quantum memory. The protocols are efficient, non-interactive and can be
implemented with today's technology.
On the theoretical side, new entropic uncertainty relations involving
min-entropy are established and used to prove the security of protocols
according to new strong security definitions. For instance, in the realistic
setting of Quantum Key Distribution (QKD) against quantum-memory-bounded
eavesdroppers, the uncertainty relation allows to prove the security of QKD
protocols while tolerating considerably higher error rates compared to the
standard model with unbounded adversaries.Comment: PhD Thesis, BRICS, University of Aarhus, Denmark, 128 page
Information-Theoretic Conditions for Two-Party Secure Function Evaluation
The standard security definition of unconditional secure function evaluation, which is based on the ideal/real model paradigm, has the disadvantage of being overly complicated to work with in practice. On th