1,463 research outputs found
Computational Distinguishability of Quantum Channels
The computational problem of distinguishing two quantum channels is central
to quantum computing. It is a generalization of the well-known satisfiability
problem from classical to quantum computation. This problem is shown to be
surprisingly hard: it is complete for the class QIP of problems that have
quantum interactive proof systems, which implies that it is hard for the class
PSPACE of problems solvable by a classical computation in polynomial space.
Several restrictions of distinguishability are also shown to be hard. It is
no easier when restricted to quantum computations of logarithmic depth, to
mixed-unitary channels, to degradable channels, or to antidegradable channels.
These hardness results are demonstrated by finding reductions between these
classes of quantum channels. These techniques have applications outside the
distinguishability problem, as the construction for mixed-unitary channels is
used to prove that the additivity problem for the classical capacity of quantum
channels can be equivalently restricted to the mixed unitary channels.Comment: Ph.D. Thesis, 178 pages, 35 figure
Classical Verification of Quantum Computations
We present the first protocol allowing a classical computer to interactively
verify the result of an efficient quantum computation. We achieve this by
constructing a measurement protocol, which enables a classical verifier to use
a quantum prover as a trusted measurement device. The protocol forces the
prover to behave as follows: the prover must construct an n qubit state of his
choice, measure each qubit in the Hadamard or standard basis as directed by the
verifier, and report the measurement results to the verifier. The soundness of
this protocol is enforced based on the assumption that the learning with errors
problem is computationally intractable for efficient quantum machines
On the Computational Hardness Needed for Quantum Cryptography
In the classical model of computation, it is well established that one-way functions (OWF) are minimal for computational cryptography: They are essential for almost any cryptographic application that cannot be realized with respect to computationally unbounded adversaries. In the quantum setting, however, OWFs appear not to be essential (Kretschmer 2021; Ananth et al., Morimae and Yamakawa 2022), and the question of whether such a minimal primitive exists remains open.
We consider EFI pairs - efficiently samplable, statistically far but computationally indistinguishable pairs of (mixed) quantum states. Building on the work of Yan (2022), which shows equivalence between EFI pairs and statistical commitment schemes, we show that EFI pairs are necessary for a large class of quantum-cryptographic applications. Specifically, we construct EFI pairs from minimalistic versions of commitments schemes, oblivious transfer, and general secure multiparty computation, as well as from QCZK proofs from essentially any non-trivial language. We also construct quantum computational zero knowledge (QCZK) proofs for all of QIP from any EFI pair.
This suggests that, for much of quantum cryptography, EFI pairs play a similar role to that played by OWFs in the classical setting: they are simple to describe, essential, and also serve as a linchpin for demonstrating equivalence between primitives
Quantum interactive proofs and the complexity of separability testing
We identify a formal connection between physical problems related to the
detection of separable (unentangled) quantum states and complexity classes in
theoretical computer science. In particular, we show that to nearly every
quantum interactive proof complexity class (including BQP, QMA, QMA(2), and
QSZK), there corresponds a natural separability testing problem that is
complete for that class. Of particular interest is the fact that the problem of
determining whether an isometry can be made to produce a separable state is
either QMA-complete or QMA(2)-complete, depending upon whether the distance
between quantum states is measured by the one-way LOCC norm or the trace norm.
We obtain strong hardness results by proving that for each n-qubit maximally
entangled state there exists a fixed one-way LOCC measurement that
distinguishes it from any separable state with error probability that decays
exponentially in n.Comment: v2: 43 pages, 5 figures, completely rewritten and in Theory of
Computing (ToC) journal forma
Why Quantum Bit Commitment And Ideal Quantum Coin Tossing Are Impossible
There had been well known claims of unconditionally secure quantum protocols
for bit commitment. However, we, and independently Mayers, showed that all
proposed quantum bit commitment schemes are, in principle, insecure because the
sender, Alice, can almost always cheat successfully by using an
Einstein-Podolsky-Rosen (EPR) type of attack and delaying her measurements. One
might wonder if secure quantum bit commitment protocols exist at all. We answer
this question by showing that the same type of attack by Alice will, in
principle, break any bit commitment scheme. The cheating strategy generally
requires a quantum computer. We emphasize the generality of this ``no-go
theorem'': Unconditionally secure bit commitment schemes based on quantum
mechanics---fully quantum, classical or quantum but with measurements---are all
ruled out by this result. Since bit commitment is a useful primitive for
building up more sophisticated protocols such as zero-knowledge proofs, our
results cast very serious doubt on the security of quantum cryptography in the
so-called ``post-cold-war'' applications. We also show that ideal quantum coin
tossing is impossible because of the EPR attack. This no-go theorem for ideal
quantum coin tossing may help to shed some lights on the possibility of
non-ideal protocols.Comment: We emphasize the generality of this "no-go theorem". All bit
commitment schemes---fully quantum, classical and quantum but with
measurements---are shown to be necessarily insecure. Accepted for publication
in a special issue of Physica D. About 18 pages in elsart.sty. This is an
extended version of an earlier manuscript (quant-ph/9605026) which has
appeared in the proceedings of PHYSCOMP'9
- …