1,333 research outputs found
LIPIcs, Volume 251, ITCS 2023, Complete Volume
LIPIcs, Volume 251, ITCS 2023, Complete Volum
Split-State Non-Malleable Codes and Secret Sharing Schemes for Quantum Messages
Non-malleable codes are fundamental objects at the intersection of
cryptography and coding theory. These codes provide security guarantees even in
settings where error correction and detection are impossible, and have found
applications to several other cryptographic tasks. Roughly speaking, a
non-malleable code for a family of tampering functions guarantees that no
adversary can tamper (using functions from this family) the encoding of a given
message into the encoding of a related distinct message. Non-malleable secret
sharing schemes are a strengthening of non-malleable codes which satisfy
additional privacy and reconstruction properties.
We first focus on the -split-state tampering model, one of the strongest
and most well-studied adversarial tampering models. Here, a codeword is split
into two parts which are stored in physically distant servers, and the
adversary can then independently tamper with each part using arbitrary
functions. This model can be naturally extended to the secret sharing setting
with several parties by having the adversary independently tamper with each
share.
Previous works on non-malleable coding and secret sharing in the split-state
tampering model only considered the encoding of \emph{classical} messages.
Furthermore, until the recent work by Aggarwal, Boddu, and Jain (arXiv 2022),
adversaries with quantum capabilities and \emph{shared entanglement} had not
been considered, and it is a priori not clear whether previous schemes remain
secure in this model.
In this work, we introduce the notions of split-state non-malleable codes and
secret sharing schemes for quantum messages secure against quantum adversaries
with shared entanglement. We also present explicit constructions of such
schemes that achieve low-error non-malleability
Implementing any Linear Combination of Unitaries on Intermediate-term Quantum Computers
We develop three new methods to implement any Linear Combination of Unitaries
(LCU), a powerful quantum algorithmic tool with diverse applications. While the
standard LCU procedure requires several ancilla qubits and sophisticated
multi-qubit controlled operations, our methods consume significantly fewer
quantum resources. The first method (Single-Ancilla LCU) estimates expectation
values of observables with respect to any quantum state prepared by an LCU
procedure while requiring only a single ancilla qubit, and quantum circuits of
shorter depths. The second approach (Analog LCU) is a simple, physically
motivated, continuous-time analogue of LCU, tailored to hybrid qubit-qumode
systems. The third method (Ancilla-free LCU) requires no ancilla qubit at all
and is useful when we are interested in the projection of a quantum state
(prepared by the LCU procedure) in some subspace of interest. We apply the
first two techniques to develop new quantum algorithms for a wide range of
practical problems, ranging from Hamiltonian simulation, ground state
preparation and property estimation, and quantum linear systems. Remarkably,
despite consuming fewer quantum resources they retain a provable quantum
advantage. The third technique allows us to connect discrete and
continuous-time quantum walks with their classical counterparts. It also
unifies the recently developed optimal quantum spatial search algorithms in
both these frameworks, and leads to the development of new ones. Additionally,
using this method, we establish a relationship between discrete-time and
continuous-time quantum walks, making inroads into a long-standing open
problem.Comment: 72+16 pages, 3 Figure
Optimality of Glauber dynamics for general-purpose Ising model sampling and free energy approximation
Recently, Eldan, Koehler, and Zeitouni (2020) showed that Glauber dynamics
mixes rapidly for general Ising models so long as the difference between the
largest and smallest eigenvalues of the coupling matrix is at most for any fixed . We give evidence that Glauber dynamics
is in fact optimal for this "general-purpose sampling" task. Namely, we give an
average-case reduction from hypothesis testing in a Wishart negatively-spiked
matrix model to approximately sampling from the Gibbs measure of a general
Ising model for which the difference between the largest and smallest
eigenvalues of the coupling matrix is at most for any fixed
. Combined with results of Bandeira, Kunisky, and Wein (2019)
that analyze low-degree polynomial algorithms to give evidence for the hardness
of the former spiked matrix problem, our results in turn give evidence for the
hardness of general-purpose sampling improving on Glauber dynamics. We also
give a similar reduction to approximating the free energy of general Ising
models, and again infer evidence that simulated annealing algorithms based on
Glauber dynamics are optimal in the general-purpose setting.Comment: 19 page
On the Inherent Anonymity of Gossiping
Detecting the source of a gossip is a critical issue, related to identifying
patient zero in an epidemic, or the origin of a rumor in a social network.
Although it is widely acknowledged that random and local gossip communications
make source identification difficult, there exists no general quantification of
the level of anonymity provided to the source. This paper presents a principled
method based on -differential privacy to analyze the inherent
source anonymity of gossiping for a large class of graphs. First, we quantify
the fundamental limit of source anonymity any gossip protocol can guarantee in
an arbitrary communication graph. In particular, our result indicates that when
the graph has poor connectivity, no gossip protocol can guarantee any
meaningful level of differential privacy. This prompted us to further analyze
graphs with controlled connectivity. We prove on these graphs that a large
class of gossip protocols, namely cobra walks, offers tangible differential
privacy guarantees to the source. In doing so, we introduce an original proof
technique based on the reduction of a gossip protocol to what we call a random
walk with probabilistic die out. This proof technique is of independent
interest to the gossip community and readily extends to other protocols
inherited from the security community, such as the Dandelion protocol.
Interestingly, our tight analysis precisely captures the trade-off between
dissemination time of a gossip protocol and its source anonymity.Comment: Full version of DISC2023 pape
Nonlocal games and their device-independent quantum applications
Device-independence is a property of certain protocols that allows one to ensure their proper execution given only classical interaction with devices and assuming the correctness of the laws of physics. This scenario describes the most general form of cryptographic security, in which no trust is placed in the hardware involved; indeed, one may even take it to have been prepared by an adversary.
Many quantum tasks have been shown to admit device-independent protocols by augmentation with "nonlocal games". These are games in which noncommunicating parties jointly attempt to fulfil some conditions imposed by a referee. We introduce examples of such games and examine the optimal strategies of players who are allowed access to different possible shared resources, such as entangled quantum states. We then study their role in self-testing, private random number generation, and secure delegated quantum computation. Hardware imperfections are naturally incorporated in the device-independent scenario as adversarial, and we thus also perform noise robustness analysis where feasible.
We first study a generalization of the Mermin–Peres magic square game to arbitrary rectangular dimensions. After exhibiting some general properties, these "magic rectangle" games are fully characterized in terms of their optimal win probabilities for quantum strategies. We find that for m×n magic rectangle games with dimensions m,n≥3, there are quantum strategies that win with certainty, while for dimensions 1×n quantum strategies do not outperform classical strategies. The final case of dimensions 2×n is richer, and we give upper and lower bounds that both outperform the classical strategies. As an initial usage scenario, we apply our findings to quantum certified randomness expansion to find noise tolerances and rates for all magic rectangle games. To do this, we use our previous results to obtain the winning probabilities of games with a distinguished input for which the devices give a deterministic outcome and follow the analysis of C. A. Miller and Y. Shi [SIAM J. Comput. 46, 1304 (2017)].
Self-testing is a method to verify that one has a particular quantum state from purely classical statistics. For practical applications, such as device-independent delegated verifiable quantum computation, it is crucial that one self-tests multiple Bell states in parallel while keeping the quantum capabilities required of one side to a minimum. We use our 3×n magic rectangle games to obtain a self-test for n Bell states where one side needs only to measure single-qubit Pauli observables. The protocol requires small input sizes [constant for Alice and O(log n) bits for Bob] and is robust with robustness O(n⁵/²√ε), where ε is the closeness of the ideal (perfect) correlations to those observed. To achieve the desired self-test, we introduce a one-side-local quantum strategy for the magic square game that wins with certainty, we generalize this strategy to the family of 3×n magic rectangle games, and we supplement these nonlocal games with extra check rounds (of single and pairs of observables).
Finally, we introduce a device-independent two-prover scheme in which a classical verifier can use a simple untrusted quantum measurement device (the client device) to securely delegate a quantum computation to an untrusted quantum server. To do this, we construct a parallel self-testing protocol to perform device-independent remote state preparation of n qubits and compose this with the unconditionally secure universal verifiable blind quantum computation (VBQC) scheme of J. F. Fitzsimons and E. Kashefi [Phys. Rev. A 96, 012303 (2017)]. Our self-test achieves a multitude of desirable properties for the application we consider, giving rise to practical and fully device-independent VBQC. It certifies parallel measurements of all cardinal and intercardinal directions in the XY-plane as well as the computational basis, uses few input questions (of size logarithmic in n for the client and a constant number communicated to the server), and requires only single-qubit measurements to be performed by the client device
Structured Semidefinite Programming for Recovering Structured Preconditioners
We develop a general framework for finding approximately-optimal
preconditioners for solving linear systems. Leveraging this framework we obtain
improved runtimes for fundamental preconditioning and linear system solving
problems including the following. We give an algorithm which, given positive
definite with
nonzero entries, computes an -optimal
diagonal preconditioner in time , where is the
optimal condition number of the rescaled matrix. We give an algorithm which,
given that is either the pseudoinverse
of a graph Laplacian matrix or a constant spectral approximation of one, solves
linear systems in in time. Our diagonal
preconditioning results improve state-of-the-art runtimes of
attained by general-purpose semidefinite programming, and our solvers improve
state-of-the-art runtimes of where is the
current matrix multiplication constant. We attain our results via new
algorithms for a class of semidefinite programs (SDPs) we call
matrix-dictionary approximation SDPs, which we leverage to solve an associated
problem we call matrix-dictionary recovery.Comment: Merge of arXiv:1812.06295 and arXiv:2008.0172
A Local-to-Global Theorem for Congested Shortest Paths
Amiri and Wargalla (2020) proved the following local-to-global theorem in
directed acyclic graphs (DAGs): if is a weighted DAG such that for each
subset of 3 nodes there is a shortest path containing every node in ,
then there exists a pair of nodes such that there is a shortest
-path containing every node in .
We extend this theorem to general graphs. For undirected graphs, we prove
that the same theorem holds (up to a difference in the constant 3). For
directed graphs, we provide a counterexample to the theorem (for any constant),
and prove a roundtrip analogue of the theorem which shows there exists a pair
of nodes such that every node in is contained in the union of a
shortest -path and a shortest -path.
The original theorem for DAGs has an application to the -Shortest Paths
with Congestion (()-SPC) problem. In this problem, we are given a
weighted graph , together with node pairs ,
and a positive integer . We are tasked with finding paths such that each is a shortest path from to , and every
node in the graph is on at most paths , or reporting that no such
collection of paths exists.
When the problem is easily solved by finding shortest paths for each
pair independently. When , the -SPC problem recovers
the -Disjoint Shortest Paths (-DSP) problem, where the collection of
shortest paths must be node-disjoint. For fixed , -DSP can be solved in
polynomial time on DAGs and undirected graphs. Previous work shows that the
local-to-global theorem for DAGs implies that -SPC on DAGs whenever
is constant. In the same way, our work implies that -SPC can be
solved in polynomial time on undirected graphs whenever is constant.Comment: Updated to reflect reviewer comment
A New Deterministic Algorithm for Fully Dynamic All-Pairs Shortest Paths
We study the fully dynamic All-Pairs Shortest Paths (APSP) problem in
undirected edge-weighted graphs. Given an -vertex graph with
non-negative edge lengths, that undergoes an online sequence of edge insertions
and deletions, the goal is to support approximate distance queries and
shortest-path queries. We provide a deterministic algorithm for this problem,
that, for a given precision parameter , achieves approximation factor
, and has amortized update time
per operation, where is the ratio of longest to
shortest edge length. Query time for distance-query is
, and query time for
shortest-path query is , where is the path that the algorithm returns. To the best of our
knowledge, even allowing any -approximation factor, no adaptive-update
algorithms with better than amortized update time and better than
query time were known prior to this work. We also note that our
guarantees are stronger than the best current guarantees for APSP in
decremental graphs in the adaptive-adversary setting.Comment: arXiv admin note: text overlap with arXiv:2109.0562
Fast Algorithms for Separable Linear Programs
In numerical linear algebra, considerable effort has been devoted to
obtaining faster algorithms for linear systems whose underlying matrices
exhibit structural properties. A prominent success story is the method of
generalized nested dissection~[Lipton-Rose-Tarjan'79] for separable matrices.
On the other hand, the majority of recent developments in the design of
efficient linear program (LP) solves do not leverage the ideas underlying these
faster linear system solvers nor consider the separable structure of the
constraint matrix.
We give a faster algorithm for separable linear programs. Specifically, we
consider LPs of the form , where the
graphical support of the constraint matrix is -separable. These include flow problems on planar graphs
and low treewidth matrices among others. We present an time algorithm for these LPs, where is
the relative accuracy of the solution.
Our new solver has two important implications: for the -multicommodity
flow problem on planar graphs, we obtain an algorithm running in
time in the high accuracy regime; and when the
support of is -separable with , our
algorithm runs in time, which is nearly optimal. The latter
significantly improves upon the natural approach of combining interior point
methods and nested dissection, whose time complexity is lower bounded by
, where is the
matrix multiplication constant. Lastly, in the setting of low-treewidth LPs, we
recover the results of [DLY,STOC21] and [GS,22] with significantly simpler data
structure machinery.Comment: 55 pages. To appear at SODA 202
- …