90 research outputs found
A Quantum solution to the Byzantine agreement problem
We present a solution to an old and timely problem in distributed computing.
Like Quantum Key Distribution (QKD), quantum channels make it possible to
achieve taks classically impossible. However, unlike QKD, here the goal is not
secrecy but agreement, and the adversary is not outside but inside the game,
and the resources require qutrits.Comment: 4 pages, 1 figur
Multipartite Continuous Variable Solution for the Byzantine Agreement Problem
We demonstrate that the Byzantine Agreement (detectable broadcast) is also
solvable in the continuous-variable scenario with multipartite entangled
Gaussian states and Gaussian operations (homodyne detection). Within this
scheme we find that Byzantine Agreement requires a minimum amount of
entanglement in the multipartite states used in order to achieve a solution. We
discuss realistic implementations of the protocol, which consider the
possibility of having inefficient homodyne detectors, not perfectly correlated
outcomes, and noise in the preparation of the resource states. The proposed
protocol is proven to be robust and efficiently applicable under such non-ideal
conditions.Comment: This paper supersedes and extends arXiv:quant-ph/0507249, title
changed to match the published version, 11 pages, 3 figures, published
versio
Solving the liar detection problem using the four-qubit singlet state
A method for solving the Byzantine agreement problem [M. Fitzi, N. Gisin, and
U. Maurer, Phys. Rev. Lett. 87, 217901 (2001)] and the liar detection problem
[A. Cabello, Phys. Rev. Lett. 89, 100402 (2002)] is introduced. The main
advantages of this protocol are that it is simpler and is based on a four-qubit
singlet state already prepared in the laboratory.Comment: REVTeX4, 4 page
On the Communication Complexity of Secure Computation
Information theoretically secure multi-party computation (MPC) is a central
primitive of modern cryptography. However, relatively little is known about the
communication complexity of this primitive.
In this work, we develop powerful information theoretic tools to prove lower
bounds on the communication complexity of MPC. We restrict ourselves to a
3-party setting in order to bring out the power of these tools without
introducing too many complications. Our techniques include the use of a data
processing inequality for residual information - i.e., the gap between mutual
information and G\'acs-K\"orner common information, a new information
inequality for 3-party protocols, and the idea of distribution switching by
which lower bounds computed under certain worst-case scenarios can be shown to
apply for the general case.
Using these techniques we obtain tight bounds on communication complexity by
MPC protocols for various interesting functions. In particular, we show
concrete functions that have "communication-ideal" protocols, which achieve the
minimum communication simultaneously on all links in the network. Also, we
obtain the first explicit example of a function that incurs a higher
communication cost than the input length in the secure computation model of
Feige, Kilian and Naor (1994), who had shown that such functions exist. We also
show that our communication bounds imply tight lower bounds on the amount of
randomness required by MPC protocols for many interesting functions.Comment: 37 page
Detecting genuine multipartite continuous-variable entanglement
We derive necessary conditions in terms of the variances of position and
momentum linear combinations for all kinds of separability of a multi-party
multi-mode continuous-variable state. Their violations can be sufficient for
genuine multipartite entanglement, provided the combinations contain both
conjugate variables of all modes. Hence a complete state determination, for
example by detecting the entire correlation matrix of a Gaussian state, is not
needed.Comment: 13 pages, 3 figure
Greenberger-Horne-Zeilinger-like proof of Bell's theorem involving observers who do not share a reference frame
Vaidman described how a team of three players, each of them isolated in a
remote booth, could use a three-qubit Greenberger-Horne-Zeilinger state to
always win a game which would be impossible to always win without quantum
resources. However, Vaidman's method requires all three players to share a
common reference frame; it does not work if the adversary is allowed to
disorientate one player. Here we show how to always win the game, even if the
players do not share any reference frame. The introduced method uses a 12-qubit
state which is invariant under any transformation
(where , where is a
unitary operation on a single qubit) and requires only single-qubit
measurements. A number of further applications of this 12-qubit state are
described.Comment: REVTeX4, 6 pages, 1 figur
Communication-Efficient MPC for General Adversary Structures
Abstract. A multiparty computation (MPC) protocol allows a set of players to compute a function of their inputs while keeping the inputs private and at the same time securing the correctness of the output. Most MPC protocols assume that the adversary can corrupt up to a fixed fraction of the number of players. Hirt and Maurer initiated the study of MPC under more general corruption patterns, in which the adversary is allowed to corrupt any set of players in some pre-defined collection of sets [6]. In this paper we consider this important direction of research and present significantly improved communication complexity of MPC protocols for general adversary structures. More specifically, ours is the first unconditionally secure protocol that achieves linear communication in the size of multiplicative Monotone Span Program representing the adversary structure in the malicious setting against any Q2 adversary structure, whereas all previous protocols were at least cubic
Hydra: Fast Isomorphic State Channels
State channels are an attractive layer-two solution for improving the throughput and latency of blockchains. They offer optimistic offchain settlement of payments and expedient offchain evolution of smart contracts between multiple parties without imposing any additional assumptions beyond those of the underlying blockchain. In the case of disputes, or if a party fails to respond, cryptographic evidence collected in the offchain channel is used to settle the last confirmed state onchain, such that in-progress contracts can be continued under mainchain consensus.
A serious disadvantage present in current layer-two state channel protocols is that existing layer-one smart contract infrastructure and contract code cannot be reused offchain without change.
In this paper, we introduce Hydra, an isomorphic multi-party state channel. Hydra simplifies offchain protocol and smart contract development by directly adopting the layer-one smart contract system, in this way allowing the same code to be used both on- and offchain.
Taking advantage of the extended UTxO model, we develop a fast off-chain protocol for evolution of Hydra heads (our isomorphic state channels) that has smaller round complexity than all previous proposals and enables the state channel processing to advance on-demand, concurrently and asynchronously.
We establish strong security properties for the protocol, and we present and evaluate extensive simulation results that demonstrate that Hydra approaches the physical limits of the network in terms of transaction confirmation time and throughput while keeping storage requirements at the lowest possible. Finally, our experimental methodology may be of independent interest in the general context of evaluating consensus protocols
MPC with Synchronous Security and Asynchronous Responsiveness
Two paradigms for secure MPC are synchronous and asynchronous
protocols. While synchronous protocols tolerate more corruptions and allow every party to give its input, they are very slow because the speed depends on the conservatively assumed worst-case delay of the network. In contrast, asynchronous protocols allow parties to obtain output as fast as the actual network allows, a property called responsiveness, but unavoidably have lower resilience and parties with slow network connections cannot give input.
It is natural to wonder whether it is possible to leverage synchronous MPC protocols to achieve responsiveness, hence obtaining the advantages of both paradigms: full security with responsiveness up to corruptions, and extended security (full security or security with unanimous abort) with no responsiveness up to corruptions. We settle the question by providing matching feasibility and impossibility results:
-For the case of unanimous abort as extended security, there is an MPC protocol if and only if .
-For the case of full security as extended security, there is an MPC protocol if and only if and . In particular, setting allows to achieve a fully secure MPC for honest majority, which in addition benefits from having substantial responsiveness
Secure MPC: Laziness Leads to GOD
Motivated by what we call honest but lazy‚ parties in the context of secure multi party computation, we revisit the notion of multi-key FHE schemes (MFHE). In MFHE, any message encrypted using a public key can be expanded so that the resulting ciphertext is encrypted with respect to a set of public keys . Such expanded ciphertexts can be homomorphically evaluated with respect to any circuit to generate a ciphertext . Then, this ciphertext can be partially decrypted using a secret key (corresponding to the public key ) to produce a partial decryption . Finally, these partial decryptions can be combined to recover the output. However, this definition of MFHE works only for -out-of- access structures and, thus, each node in the system is a point of failure. In the context of honest but lazy‚ parties, it is necessary to be able to decrypt even when only given a subset of partial decryptions (say out of ). In order to solve this problem, we introduce a new notion of multi-key FHE designed to handle arbitrary access patterns that can reconstruct the output. We call it a threshold multi-key FHE scheme (TMFHE). \\
Our main contributions are the following:
We formally define and construct TMFHE for any access structure given by a monotone boolean formula, assuming LWE.
We construct the first simulation-extractable multi-string NIZK from polynomially hard LWE.
We use TMFHE and our multi-string NIZK to obtain the first round-optimal (three round) MPC protocol in the plain model with guaranteed output delivery secure against malicious adversaries or, more generally, mixed adversaries (which supports honest but lazy‚ parties), assuming LWE.
Our MPC protocols simultaneously achieve security against the maximum number of corruptions under which guaranteed output delivery is achievable, depth-proportional communication complexity, and reusability
- …