Two-message quantum interactive proofs and the quantum separability problem

Suppose that a polynomial-time mixed-state quantum circuit, described as a sequence of local unitary interactions followed by a partial trace, generates a quantum state shared between two parties. One might then wonder, does this quantum circuit produce a state that is separable or entangled? Here, we give evidence that it is computationally hard to decide the answer to this question, even if one has access to the power of quantum computation. We begin by exhibiting a two-message quantum interactive proof system that can decide the answer to a promise version of the question. We then prove that the promise problem is hard for the class of promise problems with "quantum statistical zero knowledge" (QSZK) proof systems by demonstrating a polynomial-time Karp reduction from the QSZK-complete promise problem "quantum state distinguishability" to our quantum separability problem. By exploiting Knill's efficient encoding of a matrix description of a state into a description of a circuit to generate the state, we can show that our promise problem is NP-hard with respect to Cook reductions. Thus, the quantum separability problem (as phrased above) constitutes the first nontrivial promise problem decidable by a two-message quantum interactive proof system while being hard for both NP and QSZK. We also consider a variant of the problem, in which a given polynomial-time mixed-state quantum circuit accepts a quantum state as input, and the question is to decide if there is an input to this circuit which makes its output separable across some bipartite cut. We prove that this problem is a complete promise problem for the class QIP of problems decidable by quantum interactive proof systems. Finally, we show that a two-message quantum interactive proof system can also decide a multipartite generalization of the quantum separability problem.Comment: 34 pages, 6 figures; v2: technical improvements and new result for the multipartite quantum separability problem; v3: minor changes to address referee comments, accepted for presentation at the 2013 IEEE Conference on Computational Complexity; v4: changed problem names; v5: updated references and added a paragraph to the conclusion to connect with prior work on separability testin

Quantum interactive proofs and the complexity of separability testing

We identify a formal connection between physical problems related to the detection of separable (unentangled) quantum states and complexity classes in theoretical computer science. In particular, we show that to nearly every quantum interactive proof complexity class (including BQP, QMA, QMA(2), and QSZK), there corresponds a natural separability testing problem that is complete for that class. Of particular interest is the fact that the problem of determining whether an isometry can be made to produce a separable state is either QMA-complete or QMA(2)-complete, depending upon whether the distance between quantum states is measured by the one-way LOCC norm or the trace norm. We obtain strong hardness results by proving that for each n-qubit maximally entangled state there exists a fixed one-way LOCC measurement that distinguishes it from any separable state with error probability that decays exponentially in n.Comment: v2: 43 pages, 5 figures, completely rewritten and in Theory of Computing (ToC) journal forma

Secure Authentication in the Grid: A Formal Analysis of DNP3: SAv5

Most of the world’s power grids are controlled remotely. Their control messages are sent over potentially insecure channels, driving the need for an authentication mechanism. The main communication mechanism for power grids and other utilities is defined by an IEEE standard, referred to as DNP3; this includes the Secure Authentication v5 (SAv5) protocol, which aims to ensure that messages are authenticated. We provide the first security analysis of the complete DNP3: SAv5 protocol. Previous work has considered the message-passing sub-protocol of SAv5 in isolation, and considered some aspects of the intended security properties. In contrast, we formally model and analyse the complex composition of the protocol’s three sub-protocols. In doing so, we consider the full state machine, and the possibility of cross-protocol attacks. Furthermore, we model fine-grained security properties that closely match the standard’s intended security properties. For our analysis, we leverage the Tamarin prover for the symbolic analysis of security protocols. Our analysis shows that the core DNP3: SAv5 design meets its intended security properties. Notably, we show that a previously reported attack does not apply to the standard. However, our analysis also leads to several concrete recommendations for improving future versions of the standard

Automatically Detecting the Misuse of Secrets: Foundations, Design Principles, and Applications

We develop foundations and several constructions for security protocols that can automatically detect, without false positives, if a secret (such as a key or password) has been misused. Such constructions can be used, e.g., to automatically shut down compromised services, or to automatically revoke misused secrets to minimize the effects of compromise. Our threat model includes malicious agents, (temporarily or permanently) compromised agents, and clones. Previous works have studied domain-specific partial solutions to this problem. For example, Google’s Certificate Transparency aims to provide infrastructure to detect the misuse of a certificate authority’s signing key, logs have been used for detecting endpoint compromise, and protocols have been proposed to detect cloned RFID/smart cards. Contrary to these existing approaches, for which the designs are interwoven with domain-specific considerations and which usually do not enable fully automatic response (i.e., they need human assessment), our approach shows where automatic action is possible. Our results unify, provide design rationales, and suggest improvements for the existing domain-specific solutions. Based on our analysis, we construct several mechanisms for the detection of misuse. Our mechanisms enable automatic response, such as revoking keys or shutting down services, thereby substantially limiting the impact of a compromise. In several case studies, we show how our mechanisms can be used to substantially increase the security guarantees of a wide range of systems, such as web logins, payment systems, or electronic door locks. For example, we propose and formally verify an improved version of Cloudflare’s Keyless SSL protocol that enables key misuse detection

Disparate data integration case for connected factories using timestamps

Manufacturing data integration of machine, process, and sensor data from the shop floor remains an important issue to achieve the anticipated business value of fully connected factories. Integrated manufacturing data has been a hallmark of Industry 4.0 initiatives, because integrated data precipitates better decision-making for cost, schedule, and system optimizations.  In this paper, we extend work on optimizing manufacturing costs, describing an algorithm using timestamps to integrate previously unassociated quality and test information, enabling us to better identify and eliminate redundant tests.  Results are provided and discussed, and we suggest the approach described may be valuable for some types of heterogeneous manufacturing data integration where timestamps and event chronologies are available

Factor determinante en la calificación fiscal en las denuncias por violencia psicológica, Segunda Fiscalía Provincial Penal Corporativa de Huaraz, 2020

La presente tesis se denomina “Cuál es el factor determinante en la calificación fiscal en las denuncias por violencia psicológica, en la segunda fiscalía provincial penal corporativa de Huaraz, 2020”, de tal manera que, su objetivo general fue, Determinar cuál es el factor determinante en la decisión fiscal, en las denuncias por violencia psicológica en la segunda fiscalía provincial penal corporativa de Huaraz. Es así que se desarrolló bajo el método cuantitativo el cual estuvo basado en la aplicación de una encuesta que fue dirigida a fiscales del distrito fiscal de Ancash. Luego de análisis se determinó que en aquellos donde existe una denuncia por violencia familiar bajo la modalidad de violencia psicológica, el factor determinante viene a ser la pericia psicológica, toda vez que los fiscales encuestados, sostuvieron en su mayoría, que solo se basan en la pericia para calificar el hecho como delito o no, cosa errada, sin embargo, ya que consideramos que es necesario recurrir a otros medios de prueba para esclarecer los hechos de forma más correcta

Secure Authentication in the Grid: A Formal Analysis of DNP3 SAv5

Most of the world's power grids are controlled remotely. Their control messages are sent over potentially insecure channels, driving the need for an authentication mechanism. The main communication mechanism for power grids and other utilities is defined by an IEEE standard, referred to as DNP3; this includes the Secure Authentication v5 (SAv5) protocol, which aims to ensure that messages are authenticated. We provide the first security analysis of the complete DNP3: SAv5 protocol. Previous work has considered the message-passing sub-protocol of SAv5 in isolation, and considered some aspects of the intended security properties. In contrast, we formally model and analyse the complex composition of the protocol's sub-protocols. In doing so, we consider the full state machine, the protocol's asymmetric mode, and the possibility of cross-protocol attacks. Furthermore, we model fine-grained security properties that closely match the standard's intended security properties. For our analysis, we leverage the Tamarin prover for the symbolic analysis of security protocols. Our analysis shows that the core DNP3: SAv5 design meets its intended security properties. Notably, we show that a previously reported attack does not apply to the standard. However, our analysis also leads to several concrete recommendations for improving future versions of the standard

Automatically Detecting the Misuse of Secrets: Foundations, Design Principles, and Applications

We develop foundations and several constructions for security protocols that can automatically detect, without false positives, if a secret (such as a key or password) has been misused. Such constructions can be used, e.g., to automatically shut down compromised services, or to automatically revoke misused secrets to minimize the effects of compromise. Our threat model includes malicious agents, (temporarily or permanently) compromised agents, and clones. Previous works have studied domain-specific partial solutions to this problem. For example, Google's Certificate Transparency aims to provide infrastructure to detect the misuse of a certificate authority's signing key, logs have been used for detecting endpoint compromise, and protocols have been proposed to detect cloned RFID/smart cards. Contrary to these existing approaches, for which the designs are interwoven with domain-specific considerations and which usually do not enable fully automatic response (i.e., they need human assessment), our approach shows where automatic action is possible. Our results unify, provide design rationales, and suggest improvements for the existing domain-specific solutions. Based on our analysis, we construct several mechanisms for the detection of misuse. Our mechanisms enable automatic response, such as revoking keys or shutting down services, thereby substantially limiting the impact of a compromise. In several case studies, we show how our mechanisms can be used to substantially increase the security guarantees of a wide range of systems, such as web logins, payment systems, or electronic door locks. For example, we propose and formally verify an improved version of Cloudflare's Keyless SSL protocol that enables key misuse detection