967 research outputs found
Betting on the Outcomes of Measurements: A Bayesian Theory of Quantum Probability
We develop a systematic approach to quantum probability as a theory of
rational betting in quantum gambles. In these games of chance the agent is
betting in advance on the outcomes of several (finitely many) incompatible
measurements. One of the measurements is subsequently chosen and performed and
the money placed on the other measurements is returned to the agent. We show
how the rules of rational betting imply all the interesting features of quantum
probability, even in such finite gambles. These include the uncertainty
principle and the violation of Bell's inequality among others. Quantum gambles
are closely related to quantum logic and provide a new semantics to it. We
conclude with a philosophical discussion on the interpretation of quantum
mechanics.Comment: 21 pages, 2 figure
Quantum Tokens for Digital Signatures
The fisherman caught a quantum fish. "Fisherman, please let me go", begged
the fish, "and I will grant you three wishes". The fisherman agreed. The fish
gave the fisherman a quantum computer, three quantum signing tokens and his
classical public key. The fish explained: "to sign your three wishes, use the
tokenized signature scheme on this quantum computer, then show your valid
signature to the king, who owes me a favor".
The fisherman used one of the signing tokens to sign the document "give me a
castle!" and rushed to the palace. The king executed the classical verification
algorithm using the fish's public key, and since it was valid, the king
complied.
The fisherman's wife wanted to sign ten wishes using their two remaining
signing tokens. The fisherman did not want to cheat, and secretly sailed to
meet the fish. "Fish, my wife wants to sign ten more wishes". But the fish was
not worried: "I have learned quantum cryptography following the previous story
(The Fisherman and His Wife by the brothers Grimm). The quantum tokens are
consumed during the signing. Your polynomial wife cannot even sign four wishes
using the three signing tokens I gave you".
"How does it work?" wondered the fisherman. "Have you heard of quantum money?
These are quantum states which can be easily verified but are hard to copy.
This tokenized quantum signature scheme extends Aaronson and Christiano's
quantum money scheme, which is why the signing tokens cannot be copied".
"Does your scheme have additional fancy properties?" the fisherman asked.
"Yes, the scheme has other security guarantees: revocability, testability and
everlasting security. Furthermore, if you're at sea and your quantum phone has
only classical reception, you can use this scheme to transfer the value of the
quantum money to shore", said the fish, and swam away.Comment: Added illustration of the abstract to the ancillary file
Quantum mechanics as a theory of probability
We develop and defend the thesis that the Hilbert space formalism of quantum
mechanics is a new theory of probability. The theory, like its classical
counterpart, consists of an algebra of events, and the probability measures
defined on it. The construction proceeds in the following steps: (a) Axioms for
the algebra of events are introduced following Birkhoff and von Neumann. All
axioms, except the one that expresses the uncertainty principle, are shared
with the classical event space. The only models for the set of axioms are
lattices of subspaces of inner product spaces over a field K. (b) Another axiom
due to Soler forces K to be the field of real, or complex numbers, or the
quaternions. We suggest a probabilistic reading of Soler's axiom. (c) Gleason's
theorem fully characterizes the probability measures on the algebra of events,
so that Born's rule is derived. (d) Gleason's theorem is equivalent to the
existence of a certain finite set of rays, with a particular orthogonality
graph (Wondergraph). Consequently, all aspects of quantum probability can be
derived from rational probability assignments to finite "quantum gambles". We
apply the approach to the analysis of entanglement, Bell inequalities, and the
quantum theory of macroscopic objects. We also discuss the relation of the
present approach to quantum logic, realism and truth, and the measurement
problem.Comment: 37 pages, 3 figures. Forthcoming in a Festschrift for Jeffrey Bub,
ed. W. Demopoulos and the author, Springer (Kluwer): University of Western
Ontario Series in Philosophy of Scienc
On the hardness of the hidden subspaces problem with and without noise. Cryptanalysis of Aaronson-Christiano’s quantum money scheme
[ES] El boom de internet ha marcado el comienzo de la era digital y ésta ha traído consigo un desarrollo espectacular de las tecnologías de la información y de las comunicaciones, entre las que la criptografía es la reina. La criptografía de clave pública actual está basada principalmente en dos problemas que la comunidad criptográfica
asume como difíciles: la factorización y el logaritmo discreto. Sin embargo, si se llegase a construir un computador cuántico lo suficientemente potente, esta dificultad no sería tal. Así pues, la computación cuántica pondría en un grave aprieto a la criptografía moderna y, puesto que la trayectoria reciente del campo sugiere que ésta podría convertirse en una realidad en un futuro no muy lejano, la comunidad criptográfica ha comenzado a explorar otras opciones para estar lista en caso de que se logre construir un computador cuántico eficiente. Esto ha dado un im-
pulso a lo que se conoce como criptografía post-cuántica, aquella cuya dificultad no se vería afectada por este nuevo paradigma de computación y que está basada en los llamados problemas resistentes a la computación cuántica. La criptografía post-cuántica ha suscitado mucho interés recientemente y actualmente está en proceso de estandarización, por lo que en el momento de iniciar esta tesis resultaba relevante estudiar problemas supuestamente resistentes al computador cuántico.
La parte central de esta tesis es el análisis de la dificultad del problema de los subespacios ocultos (HSP por sus siglas en inglés) y del problema de los subespacios ocultos con ruido (NHSP), dos problemas resistentes al computador cuántico según sus autores. Además de la relevancia que su supuesta resistencia a la computación
cuántica les confiere, estos dos problemas son también importantes porque en su dificultad se sustenta la seguridad de las dos versiones del primer esquema de dinero cuántico de clave pública que cuenta con una prueba de seguridad. Este primer esquema es el de Aaronson-Christiano, que implementa dinero cuántico — un tipo de dinero que explota las leyes de la mecánica cuántica para crear dinero infalsificable — que cualquiera puede verificar. Los resultados obtenidos acerca de la dificultad del HSP y del NHSP tienen un impacto directo sobre la seguridad del esquema de Aaronson-Christiano, lo cual nos motivó a centrar esta tesis en estos dos problemas.
El Capítulo 3 contiene nuestros resultados acerca del problema de los subespacios ocultos y está fundamentalmente basado en nuestro trabajo [Conde Pena et al.,2015]. Los autores del HSP lo definieron originalmente sobre el cuerpo binario, pero nosotros extendemos la definición a cualquier otro cuerpo finito de orden primo, siempre considerando que la instanciación es la que los autores proponen. Después de modelar el HSP con un sistema de ecuaciones con buenas propiedades, usamos técnicas de criptoanálisis algebraico para explorar el sistema en profundidad. Para el HSP sobre cualquier cuerpo que no sea el binario diseñamos un algoritmo que resuelve de manera eficiente instancias que satisfacen una cierta condición. Utilizando técnicas
distintas, construimos un algoritmo heurístico, sustentado por argumentos teóricos, que resuelve eficientemente instancias del HSP sobre el cuerpo binario. Ambos algo-ritmos comprometen la dificultad del HSP siempre que las instancias del problema sean escogidas como Aaronson-Christiano proponen. Como consecuencia, nuestros
algoritmos vulneran la seguridad de la versión del esquema sin ruido.
El capítulo 4 contiene nuestros resultados acerca del problema de los subespacios ocultos con ruido y está fundamentalmente basado en nuestro trabajo [Conde Pena et al., 2018]. Al igual que con el HSP, extendemos la definición del NHSP a cualquier otro cuerpo de orden primo y consideramos instancias generadas como especifi-
can Aaronson-Christiano. Mostramos que el NHSP se puede reducir al HSP sobre cualquier cuerpo primo que no sea el binario para ciertas instancias, mientras que el NHSP sobre el cuerpo binario se puede resolver con una probabilidad mayor de la asumida por los autores en la conjetura sobre la que la seguridad de su esquema
con ruido se sustenta. Aunque nuestros resultados se obtienen desde un punto de vista puramente no cuántico, durante el desarrollo de esta tesis otro autor demostró que existe una reducción cuántica del NHSP al HSP también en el caso binario. Por tanto, la dificultad del NHSP y la seguridad del esquema de Aaronson-Christiano
con ruido se han visto comprometidas por nuestros descubrimientos acerca del HSP
qBitcoin: A Peer-to-Peer Quantum Cash System
A decentralized online quantum cash system, called qBitcoin, is given. We
design the system which has great benefits of quantization in the following
sense. Firstly, quantum teleportation technology is used for coin transaction,
which prevents from the owner of the coin keeping the original coin data even
after sending the coin to another. This was a main problem in a classical
circuit and a blockchain was introduced to solve this issue. In qBitcoin, the
double-spending problem never happens and its security is guaranteed
theoretically by virtue of quantum information theory. Making a block is time
consuming and the system of qBitcoin is based on a quantum chain, instead of
blocks. Therefore a payment can be completed much faster than Bitcoin. Moreover
we employ quantum digital signature so that it naturally inherits properties of
peer-to-peer (P2P) cash system as originally proposed in Bitcoin.Comment: 11 pages, 2 figure
Quantum Lightning Never Strikes the Same State Twice
Public key quantum money can be seen as a version of the quantum no-cloning
theorem that holds even when the quantum states can be verified by the
adversary. In this work, investigate quantum lightning, a formalization of
"collision-free quantum money" defined by Lutomirski et al. [ICS'10], where
no-cloning holds even when the adversary herself generates the quantum state to
be cloned. We then study quantum money and quantum lightning, showing the
following results:
- We demonstrate the usefulness of quantum lightning by showing several
potential applications, such as generating random strings with a proof of
entropy, to completely decentralized cryptocurrency without a block-chain,
where transactions is instant and local.
- We give win-win results for quantum money/lightning, showing that either
signatures/hash functions/commitment schemes meet very strong recently proposed
notions of security, or they yield quantum money or lightning.
- We construct quantum lightning under the assumed multi-collision resistance
of random degree-2 systems of polynomials.
- We show that instantiating the quantum money scheme of Aaronson and
Christiano [STOC'12] with indistinguishability obfuscation that is secure
against quantum computers yields a secure quantum money schem
Shadow Tomography of Quantum States
We introduce the problem of *shadow tomography*: given an unknown
-dimensional quantum mixed state , as well as known two-outcome
measurements , estimate the probability that
accepts , to within additive error , for each of the
measurements. How many copies of are needed to achieve this, with high
probability? Surprisingly, we give a procedure that solves the problem by
measuring only copies. This means, for example, that we can learn the behavior of an
arbitrary -qubit state, on all accepting/rejecting circuits of some fixed
polynomial size, by measuring only copies of the state.
This resolves an open problem of the author, which arose from his work on
private-key quantum money schemes, but which also has applications to quantum
copy-protected software, quantum advice, and quantum one-way communication.
Recently, building on this work, Brand\~ao et al. have given a different
approach to shadow tomography using semidefinite programming, which achieves a
savings in computation time.Comment: 29 pages, extended abstract appeared in Proceedings of STOC'2018,
revised to give slightly better upper bound (1/eps^4 rather than 1/eps^5) and
lower bounds with explicit dependence on the dimension
- …