Post-quantum cryptographic hardware primitives

The development and implementation of post-quantum cryptosystems have become a pressing issue in the design of secure computing systems, as general quantum computers have become more feasible in the last two years. In this work, we introduce a set of hardware post-quantum cryptographic primitives (PCPs) consisting of four frequently used security components, i.e., public-key cryptosystem (PKC), key exchange (KEX), oblivious transfer (OT), and zero-knowledge proof (ZKP). In addition, we design a high speed polynomial multiplier to accelerate these primitives. These primitives will aid researchers and designers in constructing quantum-proof secure computing systems in the post-quantum era.Published versio

Quantum violations in the Instrumental scenario and their relations to the Bell scenario

The causal structure of any experiment implies restrictions on the observable correlations between measurement outcomes, which are different for experiments exploiting classical, quantum, or post-quantum resources. In the study of Bell nonlocality, these differences have been explored in great detail for more and more involved causal structures. Here, we go in the opposite direction and identify the simplest causal structure which exhibits a separation between classical, quantum, and post-quantum correlations. It arises in the so-called Instrumental scenario, known from classical causal models. We derive inequalities for this scenario and show that they are closely related to well-known Bell inequalities, such as the Clauser-Horne-Shimony-Holt inequality, which enables us to easily identify their classical, quantum, and post-quantum bounds as well as strategies violating the first two. The relations that we uncover imply that the quantum or post-quantum advantages witnessed by the violation of our Instrumental inequalities are not fundamentally different from those witnessed by the violations of standard inequalities in the usual Bell scenario. However, non-classical tests in the Instrumental scenario require fewer input choices than their Bell scenario counterpart, which may have potential implications for device-independent protocols.Comment: 12 pages, 3 figures. Comments welcome! v4: published version in Quantum journa

Random Oracles in a Quantum World

The interest in post-quantum cryptography - classical systems that remain secure in the presence of a quantum adversary - has generated elegant proposals for new cryptosystems. Some of these systems are set in the random oracle model and are proven secure relative to adversaries that have classical access to the random oracle. We argue that to prove post-quantum security one needs to prove security in the quantum-accessible random oracle model where the adversary can query the random oracle with quantum states. We begin by separating the classical and quantum-accessible random oracle models by presenting a scheme that is secure when the adversary is given classical access to the random oracle, but is insecure when the adversary can make quantum oracle queries. We then set out to develop generic conditions under which a classical random oracle proof implies security in the quantum-accessible random oracle model. We introduce the concept of a history-free reduction which is a category of classical random oracle reductions that basically determine oracle answers independently of the history of previous queries, and we prove that such reductions imply security in the quantum model. We then show that certain post-quantum proposals, including ones based on lattices, can be proven secure using history-free reductions and are therefore post-quantum secure. We conclude with a rich set of open problems in this area.Comment: 38 pages, v2: many substantial changes and extensions, merged with a related paper by Boneh and Zhandr

A post-quantum theory of classical gravity?

We present a consistent theory of classical gravity coupled to quantum field theory. The dynamics is linear in the density matrix, completely positive and trace-preserving, and reduces to Einstein's equations in the classical limit. The constraints of general relativity are imposed as a symmetry on the equations of motion. The assumption that gravity is classical necessarily modifies the dynamical laws of quantum mechanics -- the theory must be fundamentally stochastic involving finite sized and probabilistic jumps in space-time and in the quantum field. Nonetheless the quantum state of the system can remain pure conditioned on the classical degrees of freedom. The measurement postulate of quantum mechanics is not needed since the interaction of the quantum degrees of freedom with classical space-time necessarily causes collapse of the wave-function. More generally, we derive a form of classical-quantum dynamics using a non-commuting divergence which has as its limit deterministic classical Hamiltonian evolution, and which doesn't suffer from the pathologies of the semi-classical theory.Comment: "It's very difficult to find a black cat in a dark room, especially if there is no cat.

Lattice-Based proof of a shuffle

In this paper we present the first fully post-quantum proof of a shuffle for RLWE encryption schemes. Shuffles are commonly used to construct mixing networks (mix-nets), a key element to ensure anonymity in many applications such as electronic voting systems. They should preserve anonymity even against an attack using quantum computers in order to guarantee long-term privacy. The proof presented in this paper is built over RLWE commitments which are perfectly binding and computationally hiding under the RLWE assumption, thus achieving security in a post-quantum scenario. Furthermore we provide a new definition for a secure mixing node (mix-node) and prove that our construction satisfies this definition.Peer ReviewedPostprint (author's final draft