3 research outputs found
Unbounded-error quantum computation with small space bounds
We prove the following facts about the language recognition power of quantum
Turing machines (QTMs) in the unbounded error setting: QTMs are strictly more
powerful than probabilistic Turing machines for any common space bound
satisfying . For "one-way" Turing machines, where the
input tape head is not allowed to move left, the above result holds for
. We also give a characterization for the class of languages
recognized with unbounded error by real-time quantum finite automata (QFAs)
with restricted measurements. It turns out that these automata are equal in
power to their probabilistic counterparts, and this fact does not change when
the QFA model is augmented to allow general measurements and mixed states.
Unlike the case with classical finite automata, when the QFA tape head is
allowed to remain stationary in some steps, more languages become recognizable.
We define and use a QTM model that generalizes the other variants introduced
earlier in the study of quantum space complexity.Comment: A preliminary version of this paper appeared in the Proceedings of
the Fourth International Computer Science Symposium in Russia, pages
356--367, 200
Order-Preserving Symmetric Encryption
We initiate the cryptographic study of order-preserving symmetric encryption (OPE), a primitive suggested in the database community by Agrawal et al. (SIGMOD ā04) for allowing efficient range queries on encrypted data. Interestingly, we first show that a straightforward relaxation of standard security notions for encryption such as indistinguishability against chosen-plaintext attack (IND-CPA) is unachievable by a practical OPE scheme. Instead, we propose a security notion in the spirit of pseudorandom functions (PRFs) and related primitives asking that an OPE scheme look āas-random-as-possible ā subject to the order-preserving constraint. We then design an efficient OPE scheme and prove its security under our notion based on pseudorandomness of an underlying blockcipher. Our construction is based on a natural relation we uncover between a random order-preserving function and the hypergeometric probability distribution. In particular, it makes black-box use of an efficient sampling algorithm for the latter.