Unconditionally verifiable blind computation

Blind Quantum Computing (BQC) allows a client to have a server carry out a quantum computation for them such that the client's input, output and computation remain private. A desirable property for any BQC protocol is verification, whereby the client can verify with high probability whether the server has followed the instructions of the protocol, or if there has been some deviation resulting in a corrupted output state. A verifiable BQC protocol can be viewed as an interactive proof system leading to consequences for complexity theory. The authors, together with Broadbent, previously proposed a universal and unconditionally secure BQC scheme where the client only needs to be able to prepare single qubits in separable states randomly chosen from a finite set and send them to the server, who has the balance of the required quantum computational resources. In this paper we extend that protocol with new functionality allowing blind computational basis measurements, which we use to construct a new verifiable BQC protocol based on a new class of resource states. We rigorously prove that the probability of failing to detect an incorrect output is exponentially small in a security parameter, while resource overhead remains polynomial in this parameter. The new resource state allows entangling gates to be performed between arbitrary pairs of logical qubits with only constant overhead. This is a significant improvement on the original scheme, which required that all computations to be performed must first be put into a nearest neighbour form, incurring linear overhead in the number of qubits. Such an improvement has important consequences for efficiency and fault-tolerance thresholds.Comment: 46 pages, 10 figures. Additional protocol added which allows arbitrary circuits to be verified with polynomial securit

Rotational 3D Printing of Sensor Devices using Reactive Ink Chemistries

This paper charts progress in three key areas of a project supported by both UK government and UK industry to manufacture novel sensor devices using rotary 3D printing technology and innovative ink chemistries; (1) the development of an STL file slicing algorithm that returns constant Z height 2D contour data at a resolution that matches the given print head setup, allowing digital images to be generated of the correct size without the need for scaling; (2) the development of image transformation algorithms which allow images to be printed at higher resolutions using tilted print heads and; (3) the formulation of multi part reaction inks which combine and react on the substrate to form solid material layers with a finite thickness. A Direct Light Projection (DLP) technique demonstrated the robustness of the slice data by constructing fine detailed three dimensional test pieces which were comparable to identical parts built in an identical way from slice data obtained using commercial software. Material systems currently under investigation include plaster, stiff polyamides and epoxy polymers and conductive metallic’s. Early experimental results show conductivities of silver approaching 1.42x105 Siemens/m.Mechanical Engineerin

Unforgeable Quantum Encryption

We study the problem of encrypting and authenticating quantum data in the presence of adversaries making adaptive chosen plaintext and chosen ciphertext queries. Classically, security games use string copying and comparison to detect adversarial cheating in such scenarios. Quantumly, this approach would violate no-cloning. We develop new techniques to overcome this problem: we use entanglement to detect cheating, and rely on recent results for characterizing quantum encryption schemes. We give definitions for (i.) ciphertext unforgeability , (ii.) indistinguishability under adaptive chosen-ciphertext attack, and (iii.) authenticated encryption. The restriction of each definition to the classical setting is at least as strong as the corresponding classical notion: (i) implies INT-CTXT, (ii) implies IND-CCA2, and (iii) implies AE. All of our new notions also imply QIND-CPA privacy. Combining one-time authentication and classical pseudorandomness, we construct schemes for each of these new quantum security notions, and provide several separation examples. Along the way, we also give a new definition of one-time quantum authentication which, unlike all previous approaches, authenticates ciphertexts rather than plaintexts.Comment: 22+2 pages, 1 figure. v3: error in the definition of QIND-CCA2 fixed, some proofs related to QIND-CCA2 clarifie

British research in accounting and finance (2001–2007): the 2008 research assessment exercise

No abstract available

Quantum authentication with key recycling

We show that a family of quantum authentication protocols introduced in [Barnum et al., FOCS 2002] can be used to construct a secure quantum channel and additionally recycle all of the secret key if the message is successfully authenticated, and recycle part of the key if tampering is detected. We give a full security proof that constructs the secure channel given only insecure noisy channels and a shared secret key. We also prove that the number of recycled key bits is optimal for this family of protocols, i.e., there exists an adversarial strategy to obtain all non-recycled bits. Previous works recycled less key and only gave partial security proofs, since they did not consider all possible distinguishers (environments) that may be used to distinguish the real setting from the ideal secure quantum channel and secret key resource.Comment: 38+17 pages, 13 figures. v2: constructed ideal secure channel and secret key resource have been slightly redefined; also added a proof in the appendix for quantum authentication without key recycling that has better parameters and only requires weak purity testing code

Reachability in Higher-Order-Counters

Higher-order counter automata (\HOCS) can be either seen as a restriction of higher-order pushdown automata (\HOPS) to a unary stack alphabet, or as an extension of counter automata to higher levels. We distinguish two principal kinds of \HOCS: those that can test whether the topmost counter value is zero and those which cannot. We show that control-state reachability for level $k$ \HOCS with $0$-test is complete for \mbox{$(k-2)$}-fold exponential space; leaving out the $0$-test leads to completeness for \mbox{$(k-2)$}-fold exponential time. Restricting \HOCS (without $0$-test) to level $2$, we prove that global (forward or backward) reachability analysis is \PTIME-complete. This enhances the known result for pushdown systems which are subsumed by level $2$ \HOCS without $0$-test. We transfer our results to the formal language setting. Assuming that \PTIME \subsetneq \PSPACE \subsetneq \mathbf{EXPTIME}, we apply proof ideas of Engelfriet and conclude that the hierarchies of languages of \HOPS and of \HOCS form strictly interleaving hierarchies. Interestingly, Engelfriet's constructions also allow to conclude immediately that the hierarchy of collapsible pushdown languages is strict level-by-level due to the existing complexity results for reachability on collapsible pushdown graphs. This answers an open question independently asked by Parys and by Kobayashi.Comment: Version with Full Proofs of a paper that appears at MFCS 201

Directed Percolation and Generalized Friendly Walkers

We show that the problem of directed percolation on an arbitrary lattice is equivalent to the problem of m directed random walkers with rather general attractive interactions, when suitably continued to m=0. In 1+1 dimensions, this is dual to a model of interacting steps on a vicinal surface. A similar correspondence with interacting self-avoiding walks is constructed for isotropic percolation.Comment: 4 pages, 3 figures, to be published in Phys. Rev. Let

Percolation and jamming in random sequential adsorption of linear segments on square lattice

We present the results of study of random sequential adsorption of linear segments (needles) on sites of a square lattice. We show that the percolation threshold is a nonmonotonic function of the length of the adsorbed needle, showing a minimum for a certain length of the needles, while the jamming threshold decreases to a constant with a power law. The ratio of the two thresholds is also nonmonotonic and it remains constant only in a restricted range of the needles length. We determine the values of the correlation length exponent for percolation, jamming and their ratio

Improving the economic value of photographic screening for optical coherence tomography-detectable macular oedema : a prospective, multicentre, UK study

Peer reviewedPublisher PD

Delegating Quantum Computation in the Quantum Random Oracle Model

A delegation scheme allows a computationally weak client to use a server's resources to help it evaluate a complex circuit without leaking any information about the input (other than its length) to the server. In this paper, we consider delegation schemes for quantum circuits, where we try to minimize the quantum operations needed by the client. We construct a new scheme for delegating a large circuit family, which we call "C+P circuits". "C+P" circuits are the circuits composed of Toffoli gates and diagonal gates. Our scheme is non-interactive, requires very little quantum computation from the client (proportional to input length but independent of the circuit size), and can be proved secure in the quantum random oracle model, without relying on additional assumptions, such as the existence of fully homomorphic encryption. In practice the random oracle can be replaced by an appropriate hash function or block cipher, for example, SHA-3, AES. This protocol allows a client to delegate the most expensive part of some quantum algorithms, for example, Shor's algorithm. The previous protocols that are powerful enough to delegate Shor's algorithm require either many rounds of interactions or the existence of FHE. The protocol requires asymptotically fewer quantum gates on the client side compared to running Shor's algorithm locally. To hide the inputs, our scheme uses an encoding that maps one input qubit to multiple qubits. We then provide a novel generalization of classical garbled circuits ("reversible garbled circuits") to allow the computation of Toffoli circuits on this encoding. We also give a technique that can support the computation of phase gates on this encoding. To prove the security of this protocol, we study key dependent message(KDM) security in the quantum random oracle model. KDM security was not previously studied in quantum settings.Comment: 41 pages, 1 figures. Update to be consistent with the proceeding versio