209 research outputs found
Oblivious transfer using quantum entanglement
Based on quantum entanglement, an all-or-nothing oblivious transfer protocol
is proposed and is proven to be secure. The distinct merit of the present
protocol lies in that it is not based on quantum bit commitment. More
intriguingly, this OT protocol does not belong to a class of protocols denied
by the Lo's no-go theorem of one-sided two-party secure computation, and thus
its security can be achieved.Comment: 9 pages, 1 figur
Cryptographic Randomized Response Techniques
We develop cryptographically secure techniques to guarantee unconditional
privacy for respondents to polls. Our constructions are efficient and
practical, and are shown not to allow cheating respondents to affect the
``tally'' by more than their own vote -- which will be given the exact same
weight as that of other respondents. We demonstrate solutions to this problem
based on both traditional cryptographic techniques and quantum cryptography.Comment: 21 page
On the Commitment Capacity of Unfair Noisy Channels
Noisy channels are a valuable resource from a cryptographic point of view.
They can be used for exchanging secret-keys as well as realizing other
cryptographic primitives such as commitment and oblivious transfer. To be
really useful, noisy channels have to be consider in the scenario where a
cheating party has some degree of control over the channel characteristics.
Damg\r{a}rd et al. (EUROCRYPT 1999) proposed a more realistic model where such
level of control is permitted to an adversary, the so called unfair noisy
channels, and proved that they can be used to obtain commitment and oblivious
transfer protocols. Given that noisy channels are a precious resource for
cryptographic purposes, one important question is determining the optimal rate
in which they can be used. The commitment capacity has already been determined
for the cases of discrete memoryless channels and Gaussian channels. In this
work we address the problem of determining the commitment capacity of unfair
noisy channels. We compute a single-letter characterization of the commitment
capacity of unfair noisy channels. In the case where an adversary has no
control over the channel (the fair case) our capacity reduces to the well-known
capacity of a discrete memoryless binary symmetric channel
Hashing protocol for distilling multipartite CSS states
We present a hashing protocol for distilling multipartite CSS states by means
of local Clifford operations, Pauli measurements and classical communication.
It is shown that this hashing protocol outperforms previous versions by
exploiting information theory to a full extent an not only applying CNOTs as
local Clifford operations. Using the information-theoretical notion of a
strongly typical set, we calculate the asymptotic yield of the protocol as the
solution of a linear programming problem.Comment: 13 pages, 3 figures, RevTeX
Instantaneous Decentralized Poker
We present efficient protocols for amortized secure multiparty computation
with penalties and secure cash distribution, of which poker is a prime example.
Our protocols have an initial phase where the parties interact with a
cryptocurrency network, that then enables them to interact only among
themselves over the course of playing many poker games in which money changes
hands.
The high efficiency of our protocols is achieved by harnessing the power of
stateful contracts. Compared to the limited expressive power of Bitcoin
scripts, stateful contracts enable richer forms of interaction between standard
secure computation and a cryptocurrency.
We formalize the stateful contract model and the security notions that our
protocols accomplish, and provide proofs using the simulation paradigm.
Moreover, we provide a reference implementation in Ethereum/Solidity for the
stateful contracts that our protocols are based on.
We also adopt our off-chain cash distribution protocols to the special case
of stateful duplex micropayment channels, which are of independent interest. In
comparison to Bitcoin based payment channels, our duplex channel implementation
is more efficient and has additional features
Quantum identification system
A secure quantum identification system combining a classical identification
procedure and quantum key distribution is proposed. Each identification
sequence is always used just once and new sequences are ``refuelled'' from a
shared provably secret key transferred through the quantum channel. Two
identification protocols are devised. The first protocol can be applied when
legitimate users have an unjammable public channel at their disposal. The
deception probability is derived for the case of a noisy quantum channel. The
second protocol employs unconditionally secure authentication of information
sent over the public channel, and thus it can be applied even in the case when
an adversary is allowed to modify public communications. An experimental
realization of a quantum identification system is described.Comment: RevTeX, 4 postscript figures, 9 pages, submitted to Physical Review
Building Oblivious Transfer on Channel Delays
In the information-theoretic setting, where adversaries have unlimited computational power, the fundamental cryptographic primitive Oblivious Transfer (OT) cannot be securely achieved if the parties are communicating over a clear channel. To preserve secrecy and security, the players have to rely on noise in the communication. Noisy channels are therefore a useful tool to model noise behavior and build protocols implementing OT. This paper explores a source of errors that is inherently present in practically any transmission medium, but has been scarcely studied in this context: delays in the communication. In order to have a model for the delays that is both general and comparable to the channels usually used for OT – such as the Binary Symmetric Channel (BSC) – we introduce a new noisy channel, the Binary Discrete-time Delaying Channel (BDDC). We show that such a channel realistically reproduces real-life communication scenarios where delays are hard to predict and we propose a protocol for achieving oblivious transfer over the BDDC. We analyze the security of our construction in the semi-honest setting, showing that our realization of OT substantially decreases the protocol sensitivity to the user’s knowledge of the channel compared to solutions relying on other channel properties, and is very efficient for wide ranges of delay probabilities. The flexibility and generality of the model opens the way for future implementation in media where delays are a fundamental characteristic
Reexamination of Quantum Bit Commitment: the Possible and the Impossible
Bit commitment protocols whose security is based on the laws of quantum
mechanics alone are generally held to be impossible. In this paper we give a
strengthened and explicit proof of this result. We extend its scope to a much
larger variety of protocols, which may have an arbitrary number of rounds, in
which both classical and quantum information is exchanged, and which may
include aborts and resets. Moreover, we do not consider the receiver to be
bound to a fixed "honest" strategy, so that "anonymous state protocols", which
were recently suggested as a possible way to beat the known no-go results are
also covered. We show that any concealing protocol allows the sender to find a
cheating strategy, which is universal in the sense that it works against any
strategy of the receiver. Moreover, if the concealing property holds only
approximately, the cheat goes undetected with a high probability, which we
explicitly estimate. The proof uses an explicit formalization of general two
party protocols, which is applicable to more general situations, and a new
estimate about the continuity of the Stinespring dilation of a general quantum
channel. The result also provides a natural characterization of protocols that
fall outside the standard setting of unlimited available technology, and thus
may allow secure bit commitment. We present a new such protocol whose security,
perhaps surprisingly, relies on decoherence in the receiver's lab.Comment: v1: 26 pages, 4 eps figures. v2: 31 pages, 5 eps figures; replaced
with published version; title changed to comply with puzzling Phys. Rev.
regulations; impossibility proof extended to protocols with infinitely many
rounds or a continuous communication tree; security proof of decoherence
monster protocol expanded; presentation clarifie
Security of quantum bit string commitment depends on the information measure
Unconditionally secure non-relativistic bit commitment is known to be
impossible in both the classical and the quantum world. However, when
committing to a string of n bits at once, how far can we stretch the quantum
limits? In this letter, we introduce a framework of quantum schemes where Alice
commits a string of n bits to Bob, in such a way that she can only cheat on a
bits and Bob can learn at most b bits of information before the reveal phase.
Our results are two-fold: we show by an explicit construction that in the
traditional approach, where the reveal and guess probabilities form the
security criteria, no good schemes can exist: a+b is at least n. If, however,
we use a more liberal criterion of security, the accessible information, we
construct schemes where a=4 log n+O(1) and b=4, which is impossible
classically. Our findings significantly extend known no-go results for quantum
bit commitment.Comment: To appear in PRL. Short version of quant-ph/0504078, long version to
appear separately. Improved security definition and result, one new lemma
that may be of independent interest. v2: added funding reference, no other
change
- …