701,012 research outputs found
Increasing the power of the verifier in Quantum Zero Knowledge
In quantum zero knowledge, the assumption was made that the verifier is only
using unitary operations. Under this assumption, many nice properties have been
shown about quantum zero knowledge, including the fact that Honest-Verifier
Quantum Statistical Zero Knowledge (HVQSZK) is equal to Cheating-Verifier
Quantum Statistical Zero Knowledge (QSZK) (see [Wat02,Wat06]).
In this paper, we study what happens when we allow an honest verifier to flip
some coins in addition to using unitary operations. Flipping a coin is a
non-unitary operation but doesn't seem at first to enhance the cheating
possibilities of the verifier since a classical honest verifier can flip coins.
In this setting, we show an unexpected result: any classical Interactive Proof
has an Honest-Verifier Quantum Statistical Zero Knowledge proof with coins.
Note that in the classical case, honest verifier SZK is no more powerful than
SZK and hence it is not believed to contain even NP. On the other hand, in the
case of cheating verifiers, we show that Quantum Statistical Zero Knowledge
where the verifier applies any non-unitary operation is equal to Quantum
Zero-Knowledge where the verifier uses only unitaries.
One can think of our results in two complementary ways. If we would like to
use the honest verifier model as a means to study the general model by taking
advantage of their equivalence, then it is imperative to use the unitary
definition without coins, since with the general one this equivalence is most
probably not true. On the other hand, if we would like to use quantum zero
knowledge protocols in a cryptographic scenario where the honest-but-curious
model is sufficient, then adding the unitary constraint severely decreases the
power of quantum zero knowledge protocols.Comment: 17 pages, 0 figures, to appear in FSTTCS'0
Power Allocation in MIMO Wiretap Channel with Statistical CSI and Finite-Alphabet Input
In this paper, we consider the problem of power allocation in MIMO wiretap
channel for secrecy in the presence of multiple eavesdroppers. Perfect
knowledge of the destination channel state information (CSI) and only the
statistical knowledge of the eavesdroppers CSI are assumed. We first consider
the MIMO wiretap channel with Gaussian input. Using Jensen's inequality, we
transform the secrecy rate max-min optimization problem to a single
maximization problem. We use generalized singular value decomposition and
transform the problem to a concave maximization problem which maximizes the sum
secrecy rate of scalar wiretap channels subject to linear constraints on the
transmit covariance matrix. We then consider the MIMO wiretap channel with
finite-alphabet input. We show that the transmit covariance matrix obtained for
the case of Gaussian input, when used in the MIMO wiretap channel with
finite-alphabet input, can lead to zero secrecy rate at high transmit powers.
We then propose a power allocation scheme with an additional power constraint
which alleviates this secrecy rate loss problem, and gives non-zero secrecy
rates at high transmit powers
Power Estimation Technique for DSP Architectures.
The main goal of power estimation is to optimize the power consumption of a electronic design. Power is a strongly pattern dependent function. Input statistics greatly influence on average power. We solve the pattern dependence problem for intellectual property (IP) designs. In this paper, we present a power macro-modeling technique for digital signal processing (DSP) architectures in terms of the statistical knowledge of their primary inputs. During the power estimation procedure, the sequence of an input stream is generated by a genetic algorithm using input metrics. Then, a Monte Carlo zero delay simulation is performed and a power dissipation macro-model function is built from power dissipation results. From then on, this macro-model function can be used to estimate power dissipation of the system just by using the statistics of the macro-block’s primary in puts. In experiments with the DSP system, the average error is 26%
Outage Efficient Strategies for Network MIMO with Partial CSIT
We consider a multi-cell MIMO downlink (network MIMO) where base-stations
(BS) with antennas connected to a central station (CS) serve
single-antenna user terminals (UT). Although many works have shown the
potential benefits of network MIMO, the conclusion critically depends on the
underlying assumptions such as channel state information at transmitters (CSIT)
and backhaul links. In this paper, by focusing on the impact of partial CSIT,
we propose an outage-efficient strategy. Namely, with side information of all
UT's messages and local CSIT, each BS applies zero-forcing (ZF) beamforming in
a distributed manner. For a small number of UTs (), the ZF beamforming
creates parallel MISO channels. Based on the statistical knowledge of these
parallel channels, the CS performs a robust power allocation that
simultaneously minimizes the outage probability of all UTs and achieves a
diversity gain of per UT. With a large number of UTs (),
we propose a so-called distributed diversity scheduling (DDS) scheme to select
a subset of \Ks UTs with limited backhaul communication. It is proved that
DDS achieves a diversity gain of B\frac{K}{\Ks}(M-\Ks+1), which scales
optimally with the number of cooperative BSs as well as UTs. Numerical
results confirm that even under realistic assumptions such as partial CSIT and
limited backhaul communications, network MIMO can offer high data rates with a
sufficient reliability to individual UTs.Comment: 26 pages, 8 figures, submitted to IEEE Trans. on Signal Processin
Quantum Distinguishing Complexity, Zero-Error Algorithms, and Statistical Zero Knowledge
We define a new query measure we call quantum distinguishing complexity, denoted QD(f) for a Boolean function f. Unlike a quantum query algorithm, which must output a state close to |0> on a 0-input and a state close to |1> on a 1-input, a "quantum distinguishing algorithm" can output any state, as long as the output states for any 0-input and 1-input are distinguishable.
Using this measure, we establish a new relationship in query complexity: For all total functions f, Q_0(f)=O~(Q(f)^5), where Q_0(f) and Q(f) denote the zero-error and bounded-error quantum query complexity of f respectively, improving on the previously known sixth power relationship.
We also define a query measure based on quantum statistical zero-knowledge proofs, QSZK(f), which is at most Q(f). We show that QD(f) in fact lower bounds QSZK(f) and not just Q(f). QD(f) also upper bounds the (positive-weights) adversary bound, which yields the following relationships for all f: Q(f) >= QSZK(f) >= QD(f) = Omega(Adv(f)). This sheds some light on why the adversary bound proves suboptimal bounds for problems like Collision and Set Equality, which have low QSZK complexity.
Lastly, we show implications for lifting theorems in communication complexity. We show that a general lifting theorem for either zero-error quantum query complexity or for QSZK would imply a general lifting theorem for bounded-error quantum query complexity
Two-message quantum interactive proofs and the quantum separability problem
Suppose that a polynomial-time mixed-state quantum circuit, described as a
sequence of local unitary interactions followed by a partial trace, generates a
quantum state shared between two parties. One might then wonder, does this
quantum circuit produce a state that is separable or entangled? Here, we give
evidence that it is computationally hard to decide the answer to this question,
even if one has access to the power of quantum computation. We begin by
exhibiting a two-message quantum interactive proof system that can decide the
answer to a promise version of the question. We then prove that the promise
problem is hard for the class of promise problems with "quantum statistical
zero knowledge" (QSZK) proof systems by demonstrating a polynomial-time Karp
reduction from the QSZK-complete promise problem "quantum state
distinguishability" to our quantum separability problem. By exploiting Knill's
efficient encoding of a matrix description of a state into a description of a
circuit to generate the state, we can show that our promise problem is NP-hard
with respect to Cook reductions. Thus, the quantum separability problem (as
phrased above) constitutes the first nontrivial promise problem decidable by a
two-message quantum interactive proof system while being hard for both NP and
QSZK. We also consider a variant of the problem, in which a given
polynomial-time mixed-state quantum circuit accepts a quantum state as input,
and the question is to decide if there is an input to this circuit which makes
its output separable across some bipartite cut. We prove that this problem is a
complete promise problem for the class QIP of problems decidable by quantum
interactive proof systems. Finally, we show that a two-message quantum
interactive proof system can also decide a multipartite generalization of the
quantum separability problem.Comment: 34 pages, 6 figures; v2: technical improvements and new result for
the multipartite quantum separability problem; v3: minor changes to address
referee comments, accepted for presentation at the 2013 IEEE Conference on
Computational Complexity; v4: changed problem names; v5: updated references
and added a paragraph to the conclusion to connect with prior work on
separability testin
Efficient noninteractive certification of RSA moduli and beyond
In many applications, it is important to verify that an RSA public key (N; e) speci es a
permutation over the entire space ZN, in order to prevent attacks due to adversarially-generated
public keys. We design and implement a simple and e cient noninteractive zero-knowledge
protocol (in the random oracle model) for this task. Applications concerned about adversarial
key generation can just append our proof to the RSA public key without any other modi cations
to existing code or cryptographic libraries. Users need only perform a one-time veri cation of
the proof to ensure that raising to the power e is a permutation of the integers modulo N. For
typical parameter settings, the proof consists of nine integers modulo N; generating the proof
and verifying it both require about nine modular exponentiations.
We extend our results beyond RSA keys and also provide e cient noninteractive zero-
knowledge proofs for other properties of N, which can be used to certify that N is suitable
for the Paillier cryptosystem, is a product of two primes, or is a Blum integer. As compared to
the recent work of Auerbach and Poettering (PKC 2018), who provide two-message protocols for
similar languages, our protocols are more e cient and do not require interaction, which enables
a broader class of applications.https://eprint.iacr.org/2018/057First author draf
- …