19 research outputs found
Classical Cryptographic Protocols in a Quantum World
Cryptographic protocols, such as protocols for secure function evaluation
(SFE), have played a crucial role in the development of modern cryptography.
The extensive theory of these protocols, however, deals almost exclusively with
classical attackers. If we accept that quantum information processing is the
most realistic model of physically feasible computation, then we must ask: what
classical protocols remain secure against quantum attackers?
Our main contribution is showing the existence of classical two-party
protocols for the secure evaluation of any polynomial-time function under
reasonable computational assumptions (for example, it suffices that the
learning with errors problem be hard for quantum polynomial time). Our result
shows that the basic two-party feasibility picture from classical cryptography
remains unchanged in a quantum world.Comment: Full version of an old paper in Crypto'11. Invited to IJQI. This is
authors' copy with different formattin
Improving the security of quantum protocols via commit-and-open
We consider two-party quantum protocols starting with a transmission
of some random BB84 qubits followed by classical messages. We show a
general compiler improving the security of such protocols: if the
original protocol is secure against an almost honest adversary, then
the compiled protocol is secure against an arbitrary computationally
bounded (quantum) adversary. The compilation preserves the number of
qubits sent and the number of rounds up to a constant factor. The
compiler also preserves security in the bounded-quantum-storage model
(BQSM), so if the original protocol was BQSM-secure, the compiled
protocol can only be broken by an adversary who has large quantum
memory and large computing power. This is in contrast to known
BQSM-secure protocols, where security breaks down completely if the
adversary has larger quantum memory than expected. We show how our
technique can be applied to quantum identification and oblivious
transfer protocols
Asynchronous Multi-Party Quantum Computation
Multi-party quantum computation (MPQC) allows a set of parties to securely compute a quantum circuit over private quantum data. Current MPQC protocols rely on the fact that the network is synchronous, i.e., messages sent are guaranteed to be delivered within a known fixed delay upper bound, and unfortunately completely break down even when only a single message arrives late.
Motivated by real-world networks, the seminal work of Ben-Or, Canetti and Goldreich (STOC\u2793) initiated the study of multi-party computation for classical circuits over asynchronous networks, where the network delay can be arbitrary. In this work, we begin the study of asynchronous multi-party quantum computation (AMPQC) protocols, where the circuit to compute is quantum.
Our results completely characterize the optimal achievable corruption threshold: we present an n-party AMPQC protocol secure up to t < n/4 corruptions, and an impossibility result when t ? n/4 parties are corrupted. Remarkably, this characterization differs from the analogous classical setting, where the optimal corruption threshold is t < n/3
Improving the Security of Quantum Protocols via Commit-and-Open
We consider two-party quantum protocols starting with a transmission of some
random BB84 qubits followed by classical messages. We show a general "compiler"
improving the security of such protocols: if the original protocol is secure
against an "almost honest" adversary, then the compiled protocol is secure
against an arbitrary computationally bounded (quantum) adversary. The
compilation preserves the number of qubits sent and the number of rounds up to
a constant factor. The compiler also preserves security in the
bounded-quantum-storage model (BQSM), so if the original protocol was
BQSM-secure, the compiled protocol can only be broken by an adversary who has
large quantum memory and large computing power. This is in contrast to known
BQSM-secure protocols, where security breaks down completely if the adversary
has larger quantum memory than expected. We show how our technique can be
applied to quantum identification and oblivious transfer protocols.Comment: 21 pages; editorial change (reorganizing of several subsections in
new section 5 about "extensions and generalizations"); added clarifications
about efficient simulation; minor improvement
Classical cryptographic protocols in a quantum world
Cryptographic protocols, such as protocols for secure function evaluation (SFE), have played a crucial role in the development of modern cryptography. The extensive theory of these protocols, however, deals almost exclusively with classical attackers. If we accept that quantum information processing is the most realistic model of physically feasible computation, then we must ask: what classical protocols remain secure against quantum attackers? Our main contribution is showing the existence of classical two-party protocols for the secure evaluation of any polynomial-time function under reasonable computational assumptions (for example, it suffices that the learning with errors problem be hard for quantum polynomial time). Our result shows that the basic two-party feasibility picture from classical cryptography remains unchanged in a quantum world
Zero-Knowledge Proof Systems for QMA
© 2016 IEEE. Prior work has established that all problems in NP admit classical zero-knowledge proof systems, and under reasonable hardness assumptions for quantum computations, these proof systems can be made secure against quantum attacks. We prove a result representing a further quantum generalization of this fact, which is that every problem in the complexity class QMA has a quantum zero-knowledge proof system. More specifically, assuming the existence of an unconditionally binding and quantum computationally concealing commitment scheme, we prove that every problem in the complexity class QMA has a quantum interactive proof system that is zero-knowledge with respect to efficient quantum computations. Our QMA proof system is sound against arbitrary quantum provers, but only requires an honest prover to perform polynomial-time quantum computations, provided that it holds a quantum witness for a given instance of the QMA problem under consideration
Asynchronous Multi-Party Quantum Computation
Multi-party quantum computation (MPQC) allows a set of parties to securely compute a quantum circuit over private quantum data. Current MPQC protocols rely on the fact that the network is synchronous, i.e., messages sent are guaranteed to be delivered within a known fixed delay upper bound, and unfortunately completely break down even when only a single message arrives late.
Motivated by real-world networks, the seminal work of Ben-Or, Canetti and Goldreich (STOC\u2793) initiated the study of multi-party computation for classical circuits over asynchronous networks, where the network delay can be arbitrary. In this work, we begin the study of asynchronous multi-party quantum computation (AMPQC) protocols, where the circuit to compute is quantum.
Our results completely characterize the optimal achievable corruption threshold: we present an -party AMPQC protocol secure up to corruptions, and an impossibility result when parties are corrupted. Remarkably, this characterization differs from the analogous classical setting, where the optimal corruption threshold is