6,410 research outputs found
Semantic Security and Indistinguishability in the Quantum World
At CRYPTO 2013, Boneh and Zhandry initiated the study of quantum-secure
encryption. They proposed first indistinguishability definitions for the
quantum world where the actual indistinguishability only holds for classical
messages, and they provide arguments why it might be hard to achieve a stronger
notion. In this work, we show that stronger notions are achievable, where the
indistinguishability holds for quantum superpositions of messages. We
investigate exhaustively the possibilities and subtle differences in defining
such a quantum indistinguishability notion for symmetric-key encryption
schemes. We justify our stronger definition by showing its equivalence to novel
quantum semantic-security notions that we introduce. Furthermore, we show that
our new security definitions cannot be achieved by a large class of ciphers --
those which are quasi-preserving the message length. On the other hand, we
provide a secure construction based on quantum-resistant pseudorandom
permutations; this construction can be used as a generic transformation for
turning a large class of encryption schemes into quantum indistinguishable and
hence quantum semantically secure ones. Moreover, our construction is the first
completely classical encryption scheme shown to be secure against an even
stronger notion of indistinguishability, which was previously known to be
achievable only by using quantum messages and arbitrary quantum encryption
circuits.Comment: 37 pages, 2 figure
Investigating SRAM PUFs in large CPUs and GPUs
Physically unclonable functions (PUFs) provide data that can be used for
cryptographic purposes: on the one hand randomness for the initialization of
random-number generators; on the other hand individual fingerprints for unique
identification of specific hardware components. However, today's off-the-shelf
personal computers advertise randomness and individual fingerprints only in the
form of additional or dedicated hardware.
This paper introduces a new set of tools to investigate whether intrinsic
PUFs can be found in PC components that are not advertised as containing PUFs.
In particular, this paper investigates AMD64 CPU registers as potential PUF
sources in the operating-system kernel, the bootloader, and the system BIOS;
investigates the CPU cache in the early boot stages; and investigates shared
memory on Nvidia GPUs. This investigation found non-random non-fingerprinting
behavior in several components but revealed usable PUFs in Nvidia GPUs.Comment: 25 pages, 6 figures. Code in appendi
Quantum Proofs
Quantum information and computation provide a fascinating twist on the notion
of proofs in computational complexity theory. For instance, one may consider a
quantum computational analogue of the complexity class \class{NP}, known as
QMA, in which a quantum state plays the role of a proof (also called a
certificate or witness), and is checked by a polynomial-time quantum
computation. For some problems, the fact that a quantum proof state could be a
superposition over exponentially many classical states appears to offer
computational advantages over classical proof strings. In the interactive proof
system setting, one may consider a verifier and one or more provers that
exchange and process quantum information rather than classical information
during an interaction for a given input string, giving rise to quantum
complexity classes such as QIP, QSZK, and QMIP* that represent natural quantum
analogues of IP, SZK, and MIP. While quantum interactive proof systems inherit
some properties from their classical counterparts, they also possess distinct
and uniquely quantum features that lead to an interesting landscape of
complexity classes based on variants of this model.
In this survey we provide an overview of many of the known results concerning
quantum proofs, computational models based on this concept, and properties of
the complexity classes they define. In particular, we discuss non-interactive
proofs and the complexity class QMA, single-prover quantum interactive proof
systems and the complexity class QIP, statistical zero-knowledge quantum
interactive proof systems and the complexity class \class{QSZK}, and
multiprover interactive proof systems and the complexity classes QMIP, QMIP*,
and MIP*.Comment: Survey published by NOW publisher
Dimension Extractors and Optimal Decompression
A *dimension extractor* is an algorithm designed to increase the effective
dimension -- i.e., the amount of computational randomness -- of an infinite
binary sequence, in order to turn a "partially random" sequence into a "more
random" sequence. Extractors are exhibited for various effective dimensions,
including constructive, computable, space-bounded, time-bounded, and
finite-state dimension. Using similar techniques, the Kucera-Gacs theorem is
examined from the perspective of decompression, by showing that every infinite
sequence S is Turing reducible to a Martin-Loef random sequence R such that the
asymptotic number of bits of R needed to compute n bits of S, divided by n, is
precisely the constructive dimension of S, which is shown to be the optimal
ratio of query bits to computed bits achievable with Turing reductions. The
extractors and decompressors that are developed lead directly to new
characterizations of some effective dimensions in terms of optimal
decompression by Turing reductions.Comment: This report was combined with a different conference paper "Every
Sequence is Decompressible from a Random One" (cs.IT/0511074, at
http://dx.doi.org/10.1007/11780342_17), and both titles were changed, with
the conference paper incorporated as section 5 of this new combined paper.
The combined paper was accepted to the journal Theory of Computing Systems,
as part of a special issue of invited papers from the second conference on
Computability in Europe, 200
Online Learning with Switching Costs and Other Adaptive Adversaries
We study the power of different types of adaptive (nonoblivious) adversaries
in the setting of prediction with expert advice, under both full-information
and bandit feedback. We measure the player's performance using a new notion of
regret, also known as policy regret, which better captures the adversary's
adaptiveness to the player's behavior. In a setting where losses are allowed to
drift, we characterize ---in a nearly complete manner--- the power of adaptive
adversaries with bounded memories and switching costs. In particular, we show
that with switching costs, the attainable rate with bandit feedback is
. Interestingly, this rate is significantly worse
than the rate attainable with switching costs in the
full-information case. Via a novel reduction from experts to bandits, we also
show that a bounded memory adversary can force
regret even in the full information case, proving that switching costs are
easier to control than bounded memory adversaries. Our lower bounds rely on a
new stochastic adversary strategy that generates loss processes with strong
dependencies
- …