399 research outputs found
A note on the von Bertalanffy growth function concerning the allocation of surplus energy to reproduction
We propose an extended form of the von Bertalanffy growth
function (VBGF), where the allocation of surplus energy to reproduction is considered. Any function can be used in our model to describe the ratio of energy allocation for reproduction to that for somatic growth. As an example,
two models for energy allocation were derived: a step-function and a logistic function. The extended model can jointly describe growth in adult and juvenile stages. The change in growth rate between the two stages can be either gradual or steep; the latter gives a biphasic VBGF. The
results of curve fitting indicated that a consideration of reproductive energy is meaningful for model extension. By controlling parameter values, our comprehensive model gives
various growth curve shapes ranging from indeterminate to determinate growth. An increase in the number of parameters is unavoidable in practical applications of this new model. Additional information on reproduction will improve the reliability of model estimates
Proofs of Quantumness from Trapdoor Permutations
Assume that Alice can do only classical probabilistic polynomial-time computing while Bob can do quantum polynomial-time computing. Alice and Bob communicate over only classical channels, and finally Bob gets a state with some bit strings and . Is it possible that Alice can know but Bob cannot? Such a task, called {\it remote state preparations}, is indeed possible under some complexity assumptions, and is bases of many quantum cryptographic primitives such as proofs of quantumness, (classical-client) blind quantum computing, (classical) verifications of quantum computing, and quantum money. A typical technique to realize remote state preparations is to use 2-to-1 trapdoor collision resistant hash functions: Alice sends a 2-to-1 trapdoor collision resistant hash function to Bob, and Bob evaluates it coherently, i.e., Bob generates . Bob measures the second register to get the measurement result , and sends to Alice. Bob\u27s post-measurement state is , where . With the trapdoor, Alice can learn from , but due to the collision resistance, Bob cannot. This Alice\u27s advantage can be leveraged to realize the quantum cryptographic primitives listed above. It seems that the collision resistance is essential here. In this paper, surprisingly, we show that the collision resistance is not necessary for a restricted case: we show that (non-verifiable) remote state preparations of secure against {\it classical} probabilistic polynomial-time Bob can be constructed from classically-secure (full-domain) trapdoor permutations. Trapdoor permutations are not likely to imply the collision resistance, because black-box reductions from collision-resistant hash functions to trapdoor permutations are known to be impossible. As an application of our result, we construct proofs of quantumness from classically-secure (full-domain) trapdoor permutations
One-Wayness in Quantum Cryptography
The existence of one-way functions is one of the most fundamental assumptions
in classical cryptography. In the quantum world, on the other hand, there are
evidences that some cryptographic primitives can exist even if one-way
functions do not exist. We therefore have the following important open problem
in quantum cryptography: What is the most fundamental element in quantum
cryptography? In this direction, Brakerski, Canetti, and Qian recently defined
a notion called EFI pairs, which are pairs of efficiently generatable states
that are statistically distinguishable but computationally indistinguishable,
and showed its equivalence with some cryptographic primitives including
commitments, oblivious transfer, and general multi-party computations. However,
their work focuses on decision-type primitives and does not cover search-type
primitives like quantum money and digital signatures. In this paper, we study
properties of one-way state generators (OWSGs), which are a quantum analogue of
one-way functions. We first revisit the definition of OWSGs and generalize it
by allowing mixed output states. Then we show the following results. (1) We
define a weaker version of OWSGs, weak OWSGs, and show that they are equivalent
to OWSGs. (2) Quantum digital signatures are equivalent to OWSGs. (3)
Private-key quantum money schemes (with pure money states) imply OWSGs. (4)
Quantum pseudo one-time pad schemes imply both OWSGs and EFI pairs. (5) We
introduce an incomparable variant of OWSGs, which we call secretly-verifiable
and statistically-invertible OWSGs, and show that they are equivalent to EFI
pairs.Comment: 39 pages, 1 figur
Verifiable Quantum Advantage without Structure
We show the following hold, unconditionally unless otherwise stated, relative
to a random oracle with probability 1:
- There are NP search problems solvable by BQP machines but not BPP machines.
- There exist functions that are one-way, and even collision resistant,
against classical adversaries but are easily inverted quantumly. Similar
separations hold for digital signatures and CPA-secure public key encryption
(the latter requiring the assumption of a classically CPA-secure encryption
scheme). Interestingly, the separation does not necessarily extend to the case
of other cryptographic objects such as PRGs.
- There are unconditional publicly verifiable proofs of quantumness with the
minimal rounds of interaction: for uniform adversaries, the proofs are
non-interactive, whereas for non-uniform adversaries the proofs are two message
public coin.
- Our results do not appear to contradict the Aaronson-Ambanis conjecture.
Assuming this conjecture, there exist publicly verifiable certifiable
randomness, again with the minimal rounds of interaction.
By replacing the random oracle with a concrete cryptographic hash function
such as SHA2, we obtain plausible Minicrypt instantiations of the above
results. Previous analogous results all required substantial structure, either
in terms of highly structured oracles and/or algebraic assumptions in
Cryptomania and beyond.Comment: 46 page
Unconditionally Secure Commitments with Quantum Auxiliary Inputs
We show the following unconditional results on quantum commitments in two
related yet different models:
1. We revisit the notion of quantum auxiliary-input commitments introduced by
Chailloux, Kerenidis, and Rosgen (Comput. Complex. 2016) where both the
committer and receiver take the same quantum state, which is determined by the
security parameter, as quantum auxiliary inputs. We show that
computationally-hiding and statistically-binding quantum auxiliary-input
commitments exist unconditionally, i.e., without relying on any unproven
assumption, while Chailloux et al. assumed a complexity-theoretic assumption,
. On the other hand, we observe that achieving
both statistical hiding and statistical binding at the same time is impossible
even in the quantum auxiliary-input setting. To the best of our knowledge, this
is the first example of unconditionally proving computational security of any
form of (classical or quantum) commitments for which statistical security is
impossible. As intermediate steps toward our construction, we introduce and
unconditionally construct post-quantum sparse pseudorandom distributions and
quantum auxiliary-input EFI pairs which may be of independent interest.
2. We introduce a new model which we call the common reference quantum state
(CRQS) model where both the committer and receiver take the same quantum state
that is randomly sampled by an efficient setup algorithm. We unconditionally
prove that there exist statistically hiding and statistically binding
commitments in the CRQS model, circumventing the impossibility in the plain
model.
We also discuss their applications to zero-knowledge proofs, oblivious
transfers, and multi-party computations.Comment: 42 page
From the Hardness of Detecting Superpositions to Cryptography: Quantum Public Key Encryption and Commitments
Recently, Aaronson et al. (arXiv:2009.07450) showed that detecting
interference between two orthogonal states is as hard as swapping these states.
While their original motivation was from quantum gravity, we show its
applications in quantum cryptography.
1. We construct the first public key encryption scheme from cryptographic
\emph{non-abelian} group actions. Interestingly, the ciphertexts of our scheme
are quantum even if messages are classical. This resolves an open question
posed by Ji et al. (TCC '19). We construct the scheme through a new abstraction
called swap-trapdoor function pairs, which may be of independent interest.
2. We give a simple and efficient compiler that converts the flavor of
quantum bit commitments. More precisely, for any prefix X,Y
{computationally,statistically,perfectly}, if the base scheme is X-hiding and
Y-binding, then the resulting scheme is Y-hiding and X-binding. Our compiler
calls the base scheme only once. Previously, all known compilers call the base
schemes polynomially many times (Cr\'epeau et al., Eurocrypt '01 and Yan,
Asiacrypt '22). For the security proof of the conversion, we generalize the
result of Aaronson et al. by considering quantum auxiliary inputs.Comment: 51 page
Quantum Complexity for Discrete Logarithms and Related Problems
This paper studies the quantum computational complexity of the discrete
logarithm (DL) and related group-theoretic problems in the context of generic
algorithms -- that is, algorithms that do not exploit any properties of the
group encoding.
We establish a generic model of quantum computation for group-theoretic
problems, which we call the quantum generic group model. Shor's algorithm for
the DL problem and related algorithms can be described in this model. We show
the quantum complexity lower bounds and almost matching algorithms of the DL
and related problems in this model. More precisely, we prove the following
results for a cyclic group of prime order.
- Any generic quantum DL algorithm must make depth of
group operations. This shows that Shor's algorithm is asymptotically optimal
among the generic quantum algorithms, even considering parallel algorithms.
- We observe that variations of Shor's algorithm can take advantage of
classical computations to reduce the number of quantum group operations. We
introduce a model for generic hybrid quantum-classical algorithms and show that
these algorithms are almost optimal in this model. Any generic hybrid algorithm
for the DL problem with a total number of group operations must make
quantum group operations of depth .
- When the quantum memory can only store group elements and use quantum
random access memory of group elements, any generic hybrid algorithm must
make either group operations in total or quantum group operations.
As a side contribution, we show a multiple DL problem admits a better
algorithm than solving each instance one by one, refuting a strong form of the
quantum annoying property suggested in the context of password-authenticated
key exchange protocol
A New Approach to Post-Quantum Non-Malleability
We provide the first - construction of
post-quantum non-malleable commitments under the minimal assumption that
- -
exist. We achieve the standard notion of non-malleability
with respect to commitments. Prior constructions required
rounds under the same assumption.
We achieve our results through a new technique for constant-round
non-malleable commitments which is easier to use in the post-quantum setting.
The technique also yields an almost elementary proof of security for
constant-round non-malleable commitments in the classical setting, which may be
of independent interest.
When combined with existing work, our results yield the first constant-round
quantum-secure multiparty computation for both classical and quantum
functionalities ,
under the hardness of quantum fully-homomorphic
encryption and quantum learning with errors
Obfuscation of Pseudo-Deterministic Quantum Circuits
We show how to obfuscate pseudo-deterministic quantum circuits in the
classical oracle model, assuming the quantum hardness of learning with errors.
Given the classical description of a quantum circuit , our obfuscator
outputs a quantum state that can be used to evaluate
repeatedly on arbitrary inputs.
Instantiating the classical oracle using any candidate post-quantum
indistinguishability obfuscator gives us the first candidate construction of
indistinguishability obfuscation for all polynomial-size pseudo-deterministic
quantum circuits. In particular, our scheme is the first candidate obfuscator
for a class of circuits that is powerful enough to implement Shor's algorithm
(SICOMP 1997).
Our approach follows Bartusek and Malavolta (ITCS 2022), who obfuscate
\emph{null} quantum circuits by obfuscating the verifier of an appropriate
classical verification of quantum computation (CVQC) scheme. We go beyond null
circuits by constructing a publicly-verifiable CVQC scheme for quantum
\emph{partitioning} circuits, which can be used to verify the evaluation
procedure of Mahadev's quantum fully-homomorphic encryption scheme (FOCS 2018).
We achieve this by upgrading the one-time secure scheme of Bartusek (TCC 2021)
to a fully reusable scheme, via a publicly-decodable \emph{Pauli functional
commitment}, which we formally define and construct in this work. This
commitment scheme, which satisfies a notion of binding against committers that
can access the receiver's standard and Hadamard basis decoding functionalities,
is constructed by building on techniques of Amos, Georgiou, Kiayias, and
Zhandry (STOC 2020) introduced in the context of equivocal but
collision-resistant hash functions
- …