56 research outputs found
Quantifying the Leakage of Quantum Protocols for Classical Two-Party Cryptography
We study quantum protocols among two distrustful parties. By adopting a
rather strict definition of correctness - guaranteeing that honest players
obtain their correct outcomes only - we can show that every strictly correct
quantum protocol implementing a non-trivial classical primitive necessarily
leaks information to a dishonest player. This extends known impossibility
results to all non-trivial primitives. We provide a framework for quantifying
this leakage and argue that leakage is a good measure for the privacy provided
to the players by a given protocol. Our framework also covers the case where
the two players are helped by a trusted third party. We show that despite the
help of a trusted third party, the players cannot amplify the cryptographic
power of any primitive. All our results hold even against quantum
honest-but-curious adversaries who honestly follow the protocol but purify
their actions and apply a different measurement at the end of the protocol. As
concrete examples, we establish lower bounds on the leakage of standard
universal two-party primitives such as oblivious transfer.Comment: 38 pages, completely supersedes arXiv:0902.403
Functional Encryption in the Bounded Storage Models
Functional encryption is a powerful paradigm for public-key encryption which
allows for controlled access to encrypted data. This primitive is generally
impossible in the standard setting so we investigate possibilities in the
bounded quantum storage model (BQSM) and the bounded classical storage model
(BCSM). In these models, ciphertexts potentially disappear which nullifies
impossibility results and allows us to obtain positive outcomes.
Firstly, in the BQSM, we construct information-theoretically secure
functional encryption with where
can be set to any value less than . Here
denotes the number of times that an adversary is restricted to
--qubits of quantum memory in the protocol and denotes
the required quantum memory to run the protocol honestly. We then show that our
scheme is optimal by proving that it is impossible to attain
information-theoretically secure functional encryption with . However, by assuming the existence of
post-quantum one-way functions, we can do far better and achieve functional
encryption with classical keys and with and .
Secondly, in the BCSM, we construct functional
encryption assuming the existence of virtual weak
grey-box obfuscation. Here, the pair indicates the
required memory to run honestly and the needed memory to break security,
respectively. This memory gap is optimal and the assumption is minimal. In
particular, we also construct virtual weak
grey-box obfuscation assuming functional
encryption.Comment: 30 page
Defeating classical bit commitments with a quantum computer
It has been recently shown by Mayers that no bit commitment scheme is secure
if the participants have unlimited computational power and technology. However
it was noticed that a secure protocol could be obtained by forcing the cheater
to perform a measurement. Similar situations had been encountered previously in
the design of Quantum Oblivious Transfer. The question is whether a classical
bit commitment could be used for this specific purpose. We demonstrate that,
surprisingly, classical unconditionally concealing bit commitments do not help.Comment: 13 pages. Supersedes quant-ph/971202
How to Sign Quantum Messages
Signing quantum messages has been shown to be impossible even under
computational assumptions. We show that this result can be circumvented by
relying on verification keys that change with time or that are large quantum
states. Correspondingly, we give two new approaches to sign quantum
information. The first approach assumes quantum-secure one-way functions (QOWF)
to obtain a time-dependent signature scheme where the algorithms take into
account time. The keys are classical but the verification key needs to be
continually updated. The second construction uses fixed quantum verification
keys and achieves information-theoretic secure signatures against adversaries
with bounded quantum memory i.e. in the bounded quantum storage model.
Furthermore, we apply our time-dependent signatures to authenticate keys in
quantum public key encryption schemes and achieve indistinguishability under
chosen quantum key and ciphertext attack (qCKCA).Comment: 22 page
A brief review on the impossibility of quantum bit commitment
The desire to obtain an unconditionally secure bit commitment protocol in
quantum cryptography was expressed for the first time thirteen years ago. Bit
commitment is sufficient in quantum cryptography to realize a variety of
applications with unconditional security. In 1993, a quantum bit commitment
protocol was proposed together with a security proof. However, a basic flaw in
the protocol was discovered by Mayers in 1995 and subsequently by Lo and Chau.
Later the result was generalized by Mayers who showed that unconditionally
secure bit commitment is impossible. A brief review on quantum bit commitment
which focuses on the general impossibility theorem and on recent attempts to
bypass this result is provided.Comment: 11 page
- …