2,045 research outputs found
Imperfect 1-Out-of-2 Quantum Oblivious Transfer: Bounds, a Protocol, and its Experimental Implementation
Oblivious transfer is an important primitive in modern cryptography.
Applications include secure multiparty computation, oblivious sampling,
e-voting, and signatures.
Information-theoretically secure perfect 1-out-of 2 oblivious transfer is
impossible to achieve. Imperfect variants, where both participants' ability to
cheat is still limited, are possible using quantum means while remaining
classically impossible. Precisely what security parameters are attainable
remains unknown.
We introduce a theoretical framework for studying semi-random quantum
oblivious transfer, which is shown equivalent to regular oblivious transfer in
terms of cheating probabilities. We then use it to derive bounds on cheating.
We also present a protocol with lower cheating probabilities than previous
schemes, together with its optical realisation.Comment: 20 pages, 1 figur
On the Efficiency of Classical and Quantum Secure Function Evaluation
We provide bounds on the efficiency of secure one-sided output two-party
computation of arbitrary finite functions from trusted distributed randomness
in the statistical case. From these results we derive bounds on the efficiency
of protocols that use different variants of OT as a black-box. When applied to
implementations of OT, these bounds generalize most known results to the
statistical case. Our results hold in particular for transformations between a
finite number of primitives and for any error. In the second part we study the
efficiency of quantum protocols implementing OT. While most classical lower
bounds for perfectly secure reductions of OT to distributed randomness still
hold in the quantum setting, we present a statistically secure protocol that
violates these bounds by an arbitrarily large factor. We then prove a weaker
lower bound that does hold in the statistical quantum setting and implies that
even quantum protocols cannot extend OT. Finally, we present two lower bounds
for reductions of OT to commitments and a protocol based on string commitments
that is optimal with respect to both of these bounds
Strong connections between quantum encodings, non-locality and quantum cryptography
Encoding information in quantum systems can offer surprising advantages but
at the same time there are limitations that arise from the fact that measuring
an observable may disturb the state of the quantum system. In our work, we
provide an in-depth analysis of a simple question: What happens when we perform
two measurements sequentially on the same quantum system? This question touches
upon some fundamental properties of quantum mechanics, namely the uncertainty
principle and the complementarity of quantum measurements. Our results have
interesting consequences, for example they can provide a simple proof of the
optimal quantum strategy in the famous Clauser-Horne-Shimony-Holt game.
Moreover, we show that the way information is encoded in quantum systems can
provide a different perspective in understanding other fundamental aspects of
quantum information, like non-locality and quantum cryptography. We prove some
strong equivalences between these notions and provide a number of applications
in all areas.Comment: Version 3. Previous title: "Oblivious transfer, the CHSH game, and
quantum encodings
Converses for Secret Key Agreement and Secure Computing
We consider information theoretic secret key agreement and secure function
computation by multiple parties observing correlated data, with access to an
interactive public communication channel. Our main result is an upper bound on
the secret key length, which is derived using a reduction of binary hypothesis
testing to multiparty secret key agreement. Building on this basic result, we
derive new converses for multiparty secret key agreement. Furthermore, we
derive converse results for the oblivious transfer problem and the bit
commitment problem by relating them to secret key agreement. Finally, we derive
a necessary condition for the feasibility of secure computation by trusted
parties that seek to compute a function of their collective data, using an
interactive public communication that by itself does not give away the value of
the function. In many cases, we strengthen and improve upon previously known
converse bounds. Our results are single-shot and use only the given joint
distribution of the correlated observations. For the case when the correlated
observations consist of independent and identically distributed (in time)
sequences, we derive strong versions of previously known converses
Quantifying the Leakage of Quantum Protocols for Classical Two-Party Cryptography
We study quantum protocols among two distrustful parties. By adopting a
rather strict definition of correctness - guaranteeing that honest players
obtain their correct outcomes only - we can show that every strictly correct
quantum protocol implementing a non-trivial classical primitive necessarily
leaks information to a dishonest player. This extends known impossibility
results to all non-trivial primitives. We provide a framework for quantifying
this leakage and argue that leakage is a good measure for the privacy provided
to the players by a given protocol. Our framework also covers the case where
the two players are helped by a trusted third party. We show that despite the
help of a trusted third party, the players cannot amplify the cryptographic
power of any primitive. All our results hold even against quantum
honest-but-curious adversaries who honestly follow the protocol but purify
their actions and apply a different measurement at the end of the protocol. As
concrete examples, we establish lower bounds on the leakage of standard
universal two-party primitives such as oblivious transfer.Comment: 38 pages, completely supersedes arXiv:0902.403
Secure bit commitment from relativistic constraints
We investigate two-party cryptographic protocols that are secure under
assumptions motivated by physics, namely relativistic assumptions
(no-signalling) and quantum mechanics. In particular, we discuss the security
of bit commitment in so-called split models, i.e. models in which at least some
of the parties are not allowed to communicate during certain phases of the
protocol. We find the minimal splits that are necessary to evade the
Mayers-Lo-Chau no-go argument and present protocols that achieve security in
these split models. Furthermore, we introduce the notion of local versus global
command, a subtle issue that arises when the split committer is required to
delegate non-communicating agents to open the commitment. We argue that
classical protocols are insecure under global command in the split model we
consider. On the other hand, we provide a rigorous security proof in the global
command model for Kent's quantum protocol [Kent 2011, Unconditionally Secure
Bit Commitment by Transmitting Measurement Outcomes]. The proof employs two
fundamental principles of modern physics, the no-signalling property of
relativity and the uncertainty principle of quantum mechanics.Comment: published version, IEEE format, 18 pages, 8 figure
- …