48,895 research outputs found

    On Finding Quantum Multi-collisions

    Get PDF
    A kk-collision for a compressing hash function HH is a set of kk distinct inputs that all map to the same output. In this work, we show that for any constant kk, Θ(N12(112k1))\Theta\left(N^{\frac{1}{2}(1-\frac{1}{2^k-1})}\right) quantum queries are both necessary and sufficient to achieve a kk-collision with constant probability. This improves on both the best prior upper bound (Hosoyamada et al., ASIACRYPT 2017) and provides the first non-trivial lower bound, completely resolving the problem

    Improving Quantum Query Complexity of Boolean Matrix Multiplication Using Graph Collision

    Full text link
    The quantum query complexity of Boolean matrix multiplication is typically studied as a function of the matrix dimension, n, as well as the number of 1s in the output, \ell. We prove an upper bound of O (n\sqrt{\ell}) for all values of \ell. This is an improvement over previous algorithms for all values of \ell. On the other hand, we show that for any \eps < 1 and any \ell <= \eps n^2, there is an \Omega(n\sqrt{\ell}) lower bound for this problem, showing that our algorithm is essentially tight. We first reduce Boolean matrix multiplication to several instances of graph collision. We then provide an algorithm that takes advantage of the fact that the underlying graph in all of our instances is very dense to find all graph collisions efficiently

    Quantum Query Complexity of Multilinear Identity Testing

    Get PDF
    Motivated by the quantum algorithm in \cite{MN05} for testing commutativity of black-box groups, we study the following problem: Given a black-box finite ring R=r1,...,rkR=\angle{r_1,...,r_k} where {r1,r2,...,rk}\{r_1,r_2,...,r_k\} is an additive generating set for RR and a multilinear polynomial f(x1,...,xm)f(x_1,...,x_m) over RR also accessed as a black-box function f:RmRf:R^m\to R (where we allow the indeterminates x1,...,xmx_1,...,x_m to be commuting or noncommuting), we study the problem of testing if ff is an \emph{identity} for the ring RR. More precisely, the problem is to test if f(a1,a2,...,am)=0f(a_1,a_2,...,a_m)=0 for all aiRa_i\in R. We give a quantum algorithm with query complexity O(m(1+α)m/2kmm+1)O(m(1+\alpha)^{m/2} k^{\frac{m}{m+1}}) assuming k(1+1/α)m+1k\geq (1+1/\alpha)^{m+1}. Towards a lower bound, we also discuss a reduction from a version of mm-collision to this problem. We also observe a randomized test with query complexity 4mmk4^mmk and constant success probability and a deterministic test with kmk^m query complexity.Comment: 12 page

    On Quantum Query Complexities of Collision-Finding in Non-Uniform Random Functions

    Get PDF
    Collision resistance and collision finding are now extensively exploited in Cryptography, especially in the case of quantum computing. For any function f:[M][N]f:[M]\to[N] with f(x)f(x) uniformly distributed over [N][N], Zhandry has shown that the number Θ(N1/3)\Theta(N^{1/3}) of queries is both necessary and sufficient for finding a collision in ff with constant probability. However, there is still a gap between the upper and the lower bounds of query complexity in general non-uniform distributions. In this paper, we investigate the quantum query complexity of collision-finding problem with respect to general non-uniform distributions. Inspired by previous work, we pose the concept of collision domain and a new parameter γ\gamma that heavily depends on the underlying non-uniform distribution. We then present a quantum algorithm that uses O(γ1/6)O(\gamma^{1/6}) quantum queries to find a collision for any non-uniform random function. By making a transformation of a problem in non-uniform setting into a problem in uniform setting, we are also able to show that Ω(γ1/6log1/2γ)\Omega(\gamma^{1/6}\log^{-1/2}\gamma) quantum queries are necessary in collision-finding in any non-uniform random function. The upper bound and the lower bound in this work indicates that the proposed algorithm is nearly optimal with query complexity in general non-uniform case
    corecore