Joint measurement of multiple noncommuting parameters

Although quantum metrology allows us to make precision measurements beyond the standard quantum limit, it mostly works on the measurement of only one observable due to the Heisenberg uncertainty relation on the measurement precision of noncommuting observables for one system. In this paper, we study the schemes of joint measurement of multiple observables which do not commute with each other using the quantum entanglement between two systems. We focus on analyzing the performance of a SU(1,1) nonlinear interferometer on fulfilling the task of joint measurement. The results show that the information encoded in multiple noncommuting observables on an optical field can be simultaneously measured with a signal-to-noise ratio higher than the standard quantum limit, and the ultimate limit of each observable is still the Heisenberg limit. Moreover, we find a resource conservation rule for the joint measurement

Interference between two independent multi-temporal-mode thermal fields

We construct a general theoretical model for analyzing the intensity correlation of the field formed by mixing two independent multi-temporal-mode thermal fields. In the model, we use the intensity correlation function g(2) to characterize the mode property of the mixed thermal field. We find that g(2) of the mixed field is always less than that of the individual thermal field with less average mode number unless the two thermal fields are identical in mode property. The amount of drop in g(2) of the interference field depends on the relative overlap between the mode structures of two thermal fields and their relative strength. We successfully derive the analytical expressions of the upper bound and lower limit for g(2) of the interference field. Moreover, we verify the theoretical analysis by performing a series of experiments when the mode structures of two independent thermal fields are identical, orthogonal, and partially overlapped, respectively. The experimental results agree with theoretical predictions. Our investigation is useful for analyzing the signals carried by the intensity correlation of thermal fields

Improved Attacks on LowMC with Algebraic Techniques

The LowMC family of SPN block cipher proposed by Albrecht et al. was designed specifically for MPC-/FHE-/ZKP-friendly use cases. It is especially used as the underlying block cipher of PICNIC, one of the alternate third-round candidate digital signature algorithms for NIST post-quantum cryptography standardization. The security of PICNIC is highly related to the difficulty of recovering the secret key of LowMC from a given plaintext/ciphertext pair, which raises new challenges for security evaluation under extremely low data complexity. In this paper, we improve the attacks on LowMC under low data complexity, i.e. 1 or 2 chosen plaintext/ciphertext pairs. For the difference enumeration attack with 2 chosen plaintexts, we propose new algebraic methods to better exploit the nonlinear relation inside the introduced variables based on the attack framework proposed by Liu et al. at ASIACRYPT 2022. With this technique, we significantly extend the number of attack rounds for LowMC with partial nonlinear layers and improve the success probability from around 0.5 to over 0.9. The security margin of some instances can be reduced to only 3/4 rounds. For the key-recovery attack using a single plaintext, we adopt a different linearization strategy to reduce the huge memory consumption caused by the polynomial methods for solving multivariate equation systems. The memory complexity reduces drastically for all 5-/6-round LowMC instances with full nonlinear layers at the sacrifice of a small factor of time complexity. For 5-round LowMC instances with a block size of 129, the memory complexity decreases from $2^{86.46}$ bits to $2^{48.18}$ bits while the time complexity even slightly reduces. Our results indicate that the security for different instances of LowMC under extremely low data complexity still needs further exploration

Improved Attacks on LowMC with Algebraic Techniques

The LowMC family of SPN block cipher proposed by Albrecht et al. was designed specifically for MPC-/FHE-/ZKP-friendly use cases. It is especially used as the underlying block cipher of PICNIC, one of the alternate third-round candidate digital signature algorithms for NIST post-quantum cryptography standardization. The security of PICNIC is highly related to the difficulty of recovering the secret key of LowMC from a given plaintext/ciphertext pair, which raises new challenges for security evaluation under extremely low data complexity. In this paper, we improve the attacks on LowMC under low data complexity, i.e. 1 or 2 chosen plaintext/ciphertext pairs. For the difference enumeration attack with 2 chosen plaintexts, we propose new algebraic methods to better exploit the nonlinear relation inside the introduced variables based on the attack framework proposed by Liu et al. at ASIACRYPT 2022. With this technique, we significantly extend the number of attack rounds for LowMC with partial nonlinear layers and improve the success probability from around 0.5 to over 0.9. The security margin of some instances can be reduced to only 3/4 rounds. For the key-recovery attack using a single plaintext, we adopt a different linearization strategy to reduce the huge memory consumption caused by the polynomial methods for solving multivariate equation systems. The memory complexity reduces drastically for all 5-/6-round LowMC instances with full nonlinear layers at the sacrifice of a small factor of time complexity. For 5-round LowMC instances with a block size of 129, the memory complexity decreases from 286.46 bits to 248.18 bits while the time complexity even slightly reduces. Our results indicate that the security for different instances of LowMC under extremely low data complexity still needs further exploration

SmartCiteCon: Implicit Citation Context Extraction from Academic Literature Using Unsupervised Learning

We introduce SmartCiteCon (SCC), a Java API for extracting both explicit and implicit citation context from academic literature in English. The tool is built on a Support Vector Machine (SVM) model trained on a set of 7,058 manually annotated citation context sentences, curated from 34,000 papers in the ACL Anthology. The model with 19 features achieves F1=85.6%. SCC supports PDF, XML, and JSON files out-of-box, provided that they are conformed to certain schemas. The API supports single document processing and batch processing in parallel. It takes about 12–45 seconds on average depending on the format to process a document on a dedicated server with 6 multithreaded cores. Using SCC, we extracted 11.8 million citation context sentences from ∼33.3k PMC papers in the CORD19 dataset, released on June 13, 2020. The source code is released at https://gitee.com/irlab/SmartCiteCon

Optimum quantum resource distribution for phase measurement and quantum information tapping in a dual-beam SU(1,1) interferometer

Quantum entanglement is a resource in quantum metrology that can be distributed to two conjugate physical quantities for the enhancement of their measurement sensitivity. This is demonstrated in the joint measurement of phase and amplitude modulation signals in quantum dense metrology schemes. We can also devote all the quantum resource to phase measurement only, leading to the optimum sensitivity enhancement. In this paper, we experimentally implement a dual-beam sensing scheme in an SU(1,1) interferometer for the optimum quantum enhancement of phase measurement sensitivity. We demonstrate a 3.9-dB improvement in signal-to-noise ratio over the optimum classical method, and this is 3-dB better than the traditional single-beam scheme. Furthermore, such as cheme also realizes a quantum optical tap of quantum entangled fields and has the full advantages of an SU(1,1) interferometer, such as detection loss tolerance, making it more suitable for practical applications in quantum metrology and quantum information

Versatile and precise quantum state engineering by using nonlinear interferometers

The availability of photon states with well-defined temporal modes is crucial for photonic quantum technologies. Ever since the inception of generating photonic quantum states through pulse pumped spontaneous parametric processes, many exquisite efforts have been put on improving the modal purity of the photon states to achieve single-mode operation. However, because the nonlinear interaction and linear dispersion are often mixed in parametric processes, limited successes have been achieved so far only at some specific wavelengths with sophisticated design. In this paper, we resort to a different approach by exploiting an active filtering mechanism originated from interference fringe of nonlinear interferometer. The nonlinear interferometer is realized in a sequential array of nonlinear medium, with a gap in between made of a linear dispersive medium, in which the precise modal control is realized without influencing the phase matching of the parametric process. As a proof-of-principle demonstration of the capability, we present a photon pairs source using a two-stage nonlinear interferometer formed by two identical nonlinear fibers with a standard single mode fiber in between. The results show that spectrally correlated two-photon state via four wave mixing in a single piece nonlinear fiber is modified into factorable state and heralded single-photons with high modal purity and high heralding efficiency are achievable. This novel quantum interferometric method, which can improve the quality of the photon states in almost all the aspects such as modal purity, heralding efficiency, and flexibility in wavelength selection, is proved to be effective and easy to realize

Integral Attack on the Full FUTURE Block Cipher

FUTURE is a recently proposed lightweight block cipher that achieved a remarkable hardware performance due to careful design decisions. FUTURE is an Advanced Encryption Standard (AES)-like Substitution-Permutation Network (SPN) with 10 rounds, whose round function consists of four components, i.e., SubCell, MixColumn, ShiftRow and AddRoundKey. Unlike AES, it is a 64-bit-size block cipher with a 128-bit secret key, and the state can be arranged into 16 cells. Therefore, the operations of FUTURE including its S-box is defined over $\mathbb{F}_2^4$. The previous studies have shown that the integral properties of 4-bit S-boxes are usually weaker than larger-size S-boxes, thus the number of rounds of FUTURE, i.e., 10 rounds only, might be too aggressive to provide enough resistance against integral cryptanalysis. In this paper, we mount the integral cryptanalysis on FUTURE. With state-of-the-art detection techniques, we identify several integral distinguishers of 7 rounds of FUTURE. By extending this 7-round distinguisher by 3 forward rounds, we manage to recover all the 128 bits secret keys from the full FUTURE cipher without the full codebook for the first time. To further achieve better time complexity, we also present a key recovery attack on full FUTURE with full codebook. Both attacks have better time complexity than existing results

On the Field-Based Division Property: Applications to MiMC, Feistel MiMC and GMiMC (Full Version)

Recent practical applications using advanced cryptographic protocols such as multi-party computations (MPC) and zero-knowledge proofs (ZKP) have prompted a range of novel symmetric primitives described over large finite fields, characterized as arithmetization-oriented AO ciphers. Such designs, aiming to minimize the number of multiplications over fields, have a high risk of being vulnerable to algebraic attacks, especially to the higher-order differential attack. Thus, it is significant to carefully evaluate the growth of their algebraic degree. However, the degree estimation for AO ciphers has been a challenge for cryptanalysts due to the lack of general and accurate methods. In this paper, we extend the division property, a state-of-the-art framework for finding the upper bound of the algebraic degree over binary fields, to the scope of $\mathbb{F}_{2^n}$. It is a generic method to detect the algebraic degree for AO ciphers, even applicable to Feistel ciphers which have no better bounds than the trivial exponential one. In this general division property, our idea is to evaluate whether the polynomial representation of a block cipher contains some specific monomials. With a deep investigation of the arithmetical feature, we introduce the propagation rules of monomials for field-based operations, which can be efficiently modeled using the bit-vector theory of SMT. Then the new searching tool for degree estimation can be constructed due to the relationship between the algebraic degree and the exponents of monomials. We apply our new framework to some important AO ciphers, including Feistel MiMC, GMiMC, and MiMC. For Feistel MiMC, we show that the algebraic degree grows significantly slower than the native exponential bound. For the first time, we present a secret-key higher-order differential distinguisher for up to 124 rounds, much better than the 83-round distinguisher for Feistel MiMC permutation proposed at CRYPTO 2020. We also exhibit a full-round zero-sum distinguisher with a data complexity of $2^{251}$. Our method can be further extended for the general Feistel structure with more branches and exhibit higher-order differential distinguishers against the practical instance of GMiMC for up to 50 rounds. For MiMC in SP-networks, our results correspond to the exact algebraic degree proved by Bouvier et al. We also point out that the number of rounds in MiMC\u27s specification is not sufficient to guarantee the security against the higher-order differential attack for MiMC-like schemes with different exponents. The investigation of different exponents provides some guidance on the cipher design