689 research outputs found
On the Efficiency of Classical and Quantum Secure Function Evaluation
We provide bounds on the efficiency of secure one-sided output two-party
computation of arbitrary finite functions from trusted distributed randomness
in the statistical case. From these results we derive bounds on the efficiency
of protocols that use different variants of OT as a black-box. When applied to
implementations of OT, these bounds generalize most known results to the
statistical case. Our results hold in particular for transformations between a
finite number of primitives and for any error. In the second part we study the
efficiency of quantum protocols implementing OT. While most classical lower
bounds for perfectly secure reductions of OT to distributed randomness still
hold in the quantum setting, we present a statistically secure protocol that
violates these bounds by an arbitrarily large factor. We then prove a weaker
lower bound that does hold in the statistical quantum setting and implies that
even quantum protocols cannot extend OT. Finally, we present two lower bounds
for reductions of OT to commitments and a protocol based on string commitments
that is optimal with respect to both of these bounds
Communication Complexity and Secure Function Evaluation
We suggest two new methodologies for the design of efficient secure
protocols, that differ with respect to their underlying computational models.
In one methodology we utilize the communication complexity tree (or branching
for f and transform it into a secure protocol. In other words, "any function f
that can be computed using communication complexity c can be can be computed
securely using communication complexity that is polynomial in c and a security
parameter". The second methodology uses the circuit computing f, enhanced with
look-up tables as its underlying computational model. It is possible to
simulate any RAM machine in this model with polylogarithmic blowup. Hence it is
possible to start with a computation of f on a RAM machine and transform it
into a secure protocol.
We show many applications of these new methodologies resulting in protocols
efficient either in communication or in computation. In particular, we
exemplify a protocol for the "millionaires problem", where two participants
want to compare their values but reveal no other information. Our protocol is
more efficient than previously known ones in either communication or
computation
Physical Foundations of Landauer's Principle
We review the physical foundations of Landauer's Principle, which relates the
loss of information from a computational process to an increase in
thermodynamic entropy. Despite the long history of the Principle, its
fundamental rationale and proper interpretation remain frequently
misunderstood. Contrary to some misinterpretations of the Principle, the mere
transfer of entropy between computational and non-computational subsystems can
occur in a thermodynamically reversible way without increasing total entropy.
However, Landauer's Principle is not about general entropy transfers; rather,
it more specifically concerns the ejection of (all or part of) some correlated
information from a controlled, digital form (e.g., a computed bit) to an
uncontrolled, non-computational form, i.e., as part of a thermal environment.
Any uncontrolled thermal system will, by definition, continually re-randomize
the physical information in its thermal state, from our perspective as
observers who cannot predict the exact dynamical evolution of the microstates
of such environments. Thus, any correlations involving information that is
ejected into and subsequently thermalized by the environment will be lost from
our perspective, resulting directly in an irreversible increase in total
entropy. Avoiding the ejection and thermalization of correlated computational
information motivates the reversible computing paradigm, although the
requirements for computations to be thermodynamically reversible are less
restrictive than frequently described, particularly in the case of stochastic
computational operations. There are interesting possibilities for the design of
computational processes that utilize stochastic, many-to-one computational
operations while nevertheless avoiding net entropy increase that remain to be
fully explored.Comment: 42 pages, 15 figures, extended postprint of a paper published in the
10th Conf. on Reversible Computation (RC18), Leicester, UK, Sep. 201
All Complete Functionalities are Reversible
Crepeau and Santha, in 1991, posed the question of reversibility of functionalities, that is, which functionalities when used in one direction, could securely implement the identical functionality in the reverse direction. Wolf and Wullschleger, in 2006, showed that oblivious transfer is reversible. We study the problem of reversibility among 2-party SFE functionalities, which also enable general multi-party computation, in the information-theoretic setting.
We show that any functionality that enables general multi-party computation, when used in both directions, is reversible. In fact, we show that any such functionality can securely realize oblivious transfer when used in an a priori fixed direction. This result enables secure computation using physical setups that parties can only use in a particular direction due to inherent asymmetries in them
Non-interactive XOR quantum oblivious transfer: optimal protocols and their experimental implementations
Oblivious transfer (OT) is an important cryptographic primitive. Any
multi-party computation can be realised with OT as building block. XOR
oblivious transfer (XOT) is a variant where the sender Alice has two bits, and
a receiver Bob obtains either the first bit, the second bit, or their XOR. Bob
should not learn anything more than this, and Alice should not learn what Bob
has learnt. Perfect quantum OT with information-theoretic security is known to
be impossible. We determine the smallest possible cheating probabilities for
unrestricted dishonest parties in non-interactive quantum XOT protocols using
symmetric pure states, and present an optimal protocol, which outperforms
classical protocols. We also "reverse" this protocol, so that Bob becomes
sender of a quantum state and Alice the receiver who measures it, while still
implementing oblivious transfer from Alice to Bob. Cheating probabilities for
both parties stay the same as for the unreversed protocol. We optically
implemented both the unreversed and the reversed protocols, and cheating
strategies, noting that the reversed protocol is easier to implement.Comment: 21 pages, 6 figure
Generalized Entropies
We study an entropy measure for quantum systems that generalizes the von
Neumann entropy as well as its classical counterpart, the Gibbs or Shannon
entropy. The entropy measure is based on hypothesis testing and has an elegant
formulation as a semidefinite program, a type of convex optimization. After
establishing a few basic properties, we prove upper and lower bounds in terms
of the smooth entropies, a family of entropy measures that is used to
characterize a wide range of operational quantities. From the formulation as a
semidefinite program, we also prove a result on decomposition of hypothesis
tests, which leads to a chain rule for the entropy.Comment: 21 page
On the Transformation Capability of Feasible Mechanisms for Programmable Matter
We study theoretical models of programmable matter systems, consisting of n spherical modules kept together by magnetic or electrostatic forces and able to perform two minimal mechanical operations (movements): rotate and/or slide. The goal is for an initial shape A to transform to some target shape B by a sequence of movements. Most of the paper focuses on transformability (feasibility) questions. When only rotation is available, we prove that deciding whether two given shapes can transform to each other, is in P. Under the additional restriction of maintaining global connectivity, we prove inclusion in PSPACE and explore minimum seeds that can make otherwise infeasible transformations feasible. Allowing both rotations and slidings yields universality: any two connected shapes of the same order can be transformed to each other without breaking connectivity, in O(n2) sequential and O(n) parallel time (both optimal). We finally provide a type of distributed transformation
- …