173 research outputs found
Improving the Security of Quantum Protocols via Commit-and-Open
We consider two-party quantum protocols starting with a transmission of some
random BB84 qubits followed by classical messages. We show a general "compiler"
improving the security of such protocols: if the original protocol is secure
against an "almost honest" adversary, then the compiled protocol is secure
against an arbitrary computationally bounded (quantum) adversary. The
compilation preserves the number of qubits sent and the number of rounds up to
a constant factor. The compiler also preserves security in the
bounded-quantum-storage model (BQSM), so if the original protocol was
BQSM-secure, the compiled protocol can only be broken by an adversary who has
large quantum memory and large computing power. This is in contrast to known
BQSM-secure protocols, where security breaks down completely if the adversary
has larger quantum memory than expected. We show how our technique can be
applied to quantum identification and oblivious transfer protocols.Comment: 21 pages; editorial change (reorganizing of several subsections in
new section 5 about "extensions and generalizations"); added clarifications
about efficient simulation; minor improvement
An All-But-One Entropic Uncertainty Relation, and Application to Password-based Identification
Entropic uncertainty relations are quantitative characterizations of
Heisenberg's uncertainty principle, which make use of an entropy measure to
quantify uncertainty. In quantum cryptography, they are often used as
convenient tools in security proofs. We propose a new entropic uncertainty
relation. It is the first such uncertainty relation that lower bounds the
uncertainty in the measurement outcome for all but one choice for the
measurement from an arbitrarily large (but specifically chosen) set of possible
measurements, and, at the same time, uses the min-entropy as entropy measure,
rather than the Shannon entropy. This makes it especially suited for quantum
cryptography. As application, we propose a new quantum identification scheme in
the bounded quantum storage model. It makes use of our new uncertainty relation
at the core of its security proof. In contrast to the original quantum
identification scheme proposed by Damg{\aa}rd et al., our new scheme also
offers some security in case the bounded quantum storage assumption fails hold.
Specifically, our scheme remains secure against an adversary that has unbounded
storage capabilities but is restricted to non-adaptive single-qubit operations.
The scheme by Damg{\aa}rd et al., on the other hand, completely breaks down
under such an attack.Comment: 33 pages, v
Proofs of partial knowledge and simplified design of witness hiding protocols
Suppose we are given a proof of knowledge P in which a prover demonstrates that he knows a solution to a given problem instance. Suppose also that we have a secret sharing scheme S on n participants. Then under certain assumptions on P and S , we show how to transform P into a witness indistinguishable protocol, in which the prover demonstrates knowledge of the solution to some subset of n problem instances out of a collection of subsets defined by S . For example, using a threshold scheme, the prover can show that he knows at least d out of n solutions without revealing which d instances are involved. If the instances are independently generated, we get a witness hiding protocol, even if P did not have this property. Our results can be used to efficiently implement general forms of group oriented identification and signatures. Our transformation produces a protocol with the same number of rounds as P and communication complexity n times that of P . Our results use no unproven complexity assumptions
On monotone function closure of perfect and statistical zero-knowledge
Assume we are given a language with an honest verifier perfect zero-knowledge proof system. Assume also that the proof system is a move Arthur-Merlin game. The class of such languages includes all random self-reducible language, and also any language with a perfect zero-knowledge non-interactive proof. We show that such a language satisfies a certain closure property, namely that languages constructed from by applying certain monotone functions to statements on membership in have perfect zero-knowledge proof systems. The new set of languages we can build includes itself, but also for example languages consisting of words of which at least are in . A similar closure property is shown to hold for the complement of and for statistical zero-knowledge. The property we need fo
Implementing Information-Theoretically Secure Oblivious Transfer from Packet Reordering
If we assume that adversaries have unlimited computational capabilities, secure computation between mutually distrusting players can not be achieved using an error-free communication medium. However, secure multi-party computation becomes possible when a noisy channel is available to the parties. For instance, the Binary Symmetric Channel (BSC) has been used to implement Oblivious Transfer (OT), a fundamental primitive in secure multi-party computation. Current research is aimed at designing protocols based on real-world noise sources, in order to make the actual use of information-theoretically secure computation a more realistic prospect for the future. In this paper, we introduce a modified version of the recently proposed Binary Discrete-time Delaying Channel (BDDC), a noisy channel based on communication delays. We call our variant Reordering Channel (RC), and we show that it successfully models packet reordering, the common behavior of packet switching networks that results in the reordering of the packets in a stream during their transit over the network. We also show that the protocol implementing oblivious transfer on the BDDC can be adapted to the new channel by using a different sending strategy, and we provide a functioning implementation of this modified protocol. Finally, we present strong experimental evidence that reordering occurrences between two remote Internet hosts are enough for our construction to achieve statistical security against honest-but-curious adversaries
Cryptography in the Bounded Quantum-Storage Model
We initiate the study of two-party cryptographic primitives with unconditional
security, assuming that the adversary’s quantum memory is of bounded size. We show that oblivious
transfer and bit commitment can be implemented in this model using protocols where honest parties
need no quantum memory, whereas an adversarial player needs quantum memory of size at least n/2
in order to break the protocol, where n is the number of qubits transmitted. This is in sharp contrast
to the classical bounded-memory model, where we can only tolerate adversaries with memory of size
quadratic in honest players’ memory size. Our protocols are efficient and noninteractive and can be
implemented using today’s technology. On the technical side, a new entropic uncertainty relation
involving min-entropy is established
Improving the security of quantum protocols via commit-and-open
We consider two-party quantum protocols starting with a transmission
of some random BB84 qubits followed by classical messages. We show a
general compiler improving the security of such protocols: if the
original protocol is secure against an almost honest adversary, then
the compiled protocol is secure against an arbitrary computationally
bounded (quantum) adversary. The compilation preserves the number of
qubits sent and the number of rounds up to a constant factor. The
compiler also preserves security in the bounded-quantum-storage model
(BQSM), so if the original protocol was BQSM-secure, the compiled
protocol can only be broken by an adversary who has large quantum
memory and large computing power. This is in contrast to known
BQSM-secure protocols, where security breaks down completely if the
adversary has larger quantum memory than expected. We show how our
technique can be applied to quantum identification and oblivious
transfer protocols
- …