Unconditionally verifiable blind computation

Blind Quantum Computing (BQC) allows a client to have a server carry out a quantum computation for them such that the client's input, output and computation remain private. A desirable property for any BQC protocol is verification, whereby the client can verify with high probability whether the server has followed the instructions of the protocol, or if there has been some deviation resulting in a corrupted output state. A verifiable BQC protocol can be viewed as an interactive proof system leading to consequences for complexity theory. The authors, together with Broadbent, previously proposed a universal and unconditionally secure BQC scheme where the client only needs to be able to prepare single qubits in separable states randomly chosen from a finite set and send them to the server, who has the balance of the required quantum computational resources. In this paper we extend that protocol with new functionality allowing blind computational basis measurements, which we use to construct a new verifiable BQC protocol based on a new class of resource states. We rigorously prove that the probability of failing to detect an incorrect output is exponentially small in a security parameter, while resource overhead remains polynomial in this parameter. The new resource state allows entangling gates to be performed between arbitrary pairs of logical qubits with only constant overhead. This is a significant improvement on the original scheme, which required that all computations to be performed must first be put into a nearest neighbour form, incurring linear overhead in the number of qubits. Such an improvement has important consequences for efficiency and fault-tolerance thresholds.Comment: 46 pages, 10 figures. Additional protocol added which allows arbitrary circuits to be verified with polynomial securit

Direct synthesis and chemical vapor deposition of 2D carbide and nitride MXenes

Two-dimensional (2D) transition metal carbides and nitrides (MXenes) are a large family of materials actively studied for various applications, especially in the field of energy storage. MXenes are commonly synthesized by etching the layered ternary compounds, MAX phases. We demonstrate a direct synthetic route for scalable and atom-economic synthesis of MXenes, including phases that have not been synthesized from MAX phases, by the reactions of metals and metal halides with graphite, methane, or nitrogen. The direct synthesis enables chemical vapor deposition (CVD) growth of MXene carpets and complex spherulite-like morphologies that form through buckling and release of MXene carpet to expose fresh surface for further reaction. The directly synthesized MXenes showed excellent energy storage capacity for Li-ion intercalation.Comment: 9 pages, 4 figure

Extended Functionality in Verifiable Searchable Encryption

Abstract. When outsourcing the storage of sensitive data to an (un-trusted) remote server, a data owner may choose to encrypt the data beforehand to preserve confidentiality. However, it is then difficult to efficiently retrieve specific portions of the data as the server is unable to identify the relevant information. Searchable encryption has been well studied as a solution to this problem, allowing data owners and other au-thorised users to generate search queries which the server may execute over the encrypted data to identify relevant data portions. However, many current schemes lack two important properties: verifia-bility of search results, and expressive queries. We introduce Extended Verifiable Searchable Encryption (eVSE) that permits a user to verify that search results are correct and complete. We also permit verifiabl

cuHE: A Homomorphic Encryption Accelerator Library

We introduce a CUDA GPU library to accelerate evaluations with homomorphic schemes defined over polynomial rings enabled with a number of optimizations including algebraic techniques for efficient evaluation, memory minimization techniques, memory and thread scheduling and low level CUDA hand-tuned assembly optimizations to take full advantage of the mass parallelism and high memory bandwidth GPUs offer. The arithmetic functions constructed to handle very large polynomial operands using number-theoretic transform (NTT) and Chinese remainder theorem (CRT) based methods are then extended to implement the primitives of the leveled homomorphic encryption scheme proposed by Löpez-Alt, Tromer and Vaikuntanathan. To compare the performance of the proposed CUDA library we implemented two applications: the Prince block cipher and homomorphic sorting algorithms on two GPU platforms in single GPU and multiple GPU configurations. We observed a speedup of 25 times and 51 times over the best previous GPU implementation for Prince with single and triple GPUs, respectively. Similarly for homomorphic sorting we obtained 12-41 times speedup depending on the number and size of the sorted elements

On the Power of Amortization in Secret Sharing: dd-Uniform Secret Sharing and CDS with Constant Information Rate

Consider the following secret-sharing problem. Your goal is to distribute a long file $s$ between $n$ servers such that $(d-1)$-subsets cannot recover the file, $(d+1)$-subsets can recover the file, and $d$-subsets should be able to recover $s$ if and only if they appear in some predefined list $L$. How small can the information ratio (i.e., the number of bits stored on a server per each bit of the secret) be? We initiate the study of such $d$-uniform access structures, and view them as a useful scaled-down version of general access structures. Our main result shows that, for constant $d$, any $d$-uniform access structure admits a secret sharing scheme with a *constant* asymptotic information ratio of $c_d$ that does not grow with the number of servers $n$. This result is based on a new construction of $d$-party Conditional Disclosure of Secrets (Gertner et al., JCSS \u2700) for arbitrary predicates over $n$-size domain in which each party communicates at most four bits per secret bit. In both settings, previous results achieved non-constant information ratio which grows asymptotically with $n$ even for the simpler (and widely studied) special case of $d=2$. Moreover, our results provide a unique example for a natural class of access structures $F$ that can be realized with information rate smaller than its bit-representation length $\log |F|$ (i.e., $\Omega( d \log n)$ for $d$-uniform access structures) showing that amortization can beat the representation size barrier. Our main result applies to exponentially long secrets, and so it should be mainly viewed as a barrier against amortizable lower-bound techniques. We also show that in some natural simple cases (e.g., low-degree predicates), amortization kicks in even for quasi-polynomially long secrets. Finally, we prove some limited lower-bounds, point out some limitations of existing lower-bound techniques, and describe some applications to the setting of private simultaneous messages

Zero Knowledge Protocols from Succinct Constraint Detection

We study the problem of constructing proof systems that achieve both soundness and zero knowledge unconditionally (without relying on intractability assumptions). Known techniques for this goal are primarily *combinatorial*, despite the fact that constructions of interactive proofs (IPs) and probabilistically checkable proofs (PCPs) heavily rely on *algebraic* techniques to achieve their properties. We present simple and natural modifications of well-known algebraic IP and PCP protocols that achieve unconditional (perfect) zero knowledge in recently introduced models, overcoming limitations of known techniques. 1. We modify the PCP of Ben-Sasson and Sudan [BS08] to obtain zero knowledge for NEXP in the model of Interactive Oracle Proofs [BCS16,RRR16], where the verifier, in each round, receives a PCP from the prover. 2. We modify the IP of Lund, Fortnow, Karloff, and Nisan [LFKN92] to obtain zero knowledge for #P in the model of Interactive PCPs [KR08], where the verifier first receives a PCP from the prover and then interacts with him. The simulators in our zero knowledge protocols rely on solving a problem that lies at the intersection of coding theory, linear algebra, and computational complexity, which we call the *succinct constraint detection* problem, and consists of detecting dual constraints with polynomial support size for codes of exponential block length. Our two results rely on solutions to this problem for fundamental classes of linear codes: * An algorithm to detect constraints for Reed--Muller codes of exponential length. This algorithm exploits the Raz--Shpilka [RS05] deterministic polynomial identity testing algorithm, and shows, to our knowledge, a first connection of algebraic complexity theory with zero knowledge. * An algorithm to detect constraints for PCPs of Proximity of Reed--Solomon codes [BS08] of exponential degree. This algorithm exploits the recursive structure of the PCPs of Proximity to show that small-support constraints are locally spanned by a small number of small-support constraints

Analysis of Drop Spreading upon Impact on Dual-Textured Surface

Practical applications involving lab-on-a-chip devices in microfluidics demand a variety of manipulation to be done on liquid drops on a solid surface including drop transport from one location to another. Wettability gradient surfaces, featuring a spatial variation of surface wetting along a particular direction on the surface, are commonly used to achieve this goal. In this study, we investigate the spreading process of liquid drops impacting, with velocity U-o in the range 0.3-1.5 m/s, on the junction of a dual-textured surface comprising a textured portion and a smooth portion of different wetting characteristics. Comparisons with the results for drop impact under same impact velocities on the homogeneous (far away from the junction) textured and smooth portions of dual-textured surface are also made to understand the effect of the dual-texture nature of target surface on drop spreading process. The drop spread factor, beta increases with normalized time, tau as tau(0.5) in the initial kinematic phase on all the surfaces whereas for the entire spreading process the power reaches 0.5 as impact velocity is increased. Even though the average spreading velocity, which shows a slight decrease with Uo, does not show any significant difference between the surfaces, the drops impacted on textured surfaces (homogeneous and dual-textured) show a slightly higher deceleration than on the corresponding smooth surfaces. The maximum drop spread and the time taken to attain it are seen to be lower on the textured surfaces; however no difference is seen between the homogeneous and dual-texture portions of the corresponding surfaces

Transition from Cassie to impaled state during drop impact on groove-textured solid surfaces

Liquid drops impacted on textured surfaces undergo a transition from the Cassie state characterized by the presence of air pockets inside the roughness valleys below the drop to an impaled state with at least one of the roughness valleys filled with drop liquid. This occurs when the drop impact velocity exceeds a particular value referred to as the critical impact velocity. The present study investigates such a transition process during water drop impact on surfaces textured with unidirectional parallel grooves referred to as groove-textured surfaces. The process of liquid impalement into a groove in the vicinity of drop impact through de-pinning of the three-phase contact line (TPCL) beneath the drop as well as the critical impact velocity were identified experimentally from high speed video recordings of water drop impact on six different groove-textured surfaces made from intrinsically hydrophilic (stainless steel) as well as intrinsically hydrophobic (PDMS and rough aluminum) materials. The surface energy of various 2-D configurations of liquid-vapor interface beneath the drop near the drop impact point was theoretically investigated to identify the locally stable configurations and establish a pathway for the liquid impalement process. A force balance analysis performed on the liquid-vapor interface configuration just prior to TPCL de-pinning provided an expression for the critical drop impact velocity, U-o,U-cr, beyond which the drop state transitions from the Cassie to an impaled state. The theoretical model predicts that Uo, cr increases with the increase in pillar side angle, a, and intrinsic hydrophobicity whereas it decreases with the increase in groove top width, w, of the groove-textured surface. The quantitative predictions of the theoretical model were found to show good agreement with the experimental measurements of U-o,U-cr plotted against the surface texture geometry factor in our model, {tan(alpha/2)/w}(0.5)

Directional motion of impacting drops on dual-textured surfaces

In this work, we analyze the directional movement of impacting liquid drops on dual-textured solid surfaces comprising two different surface morphologies: a textured surface and a smooth surface. The dynamics of liquid drops impacting onto the junction line between the two parts of the dual-textured surfaces is studied experimentally for varying drop impact velocity. The dual-textured surfaces used here featured a variation in their textures' geometrical parameters as well as their surface chemistry. Two types of liquid drop differing in their surface tension were used. The impact process develops a net horizontal drop velocity towards the higher-wettability surface portion and results in a bulk movement of the impacting drop liquid. The final distance moved by the impacting drop from the junction line decreases with increasing impacting drop Weber number We. A fully theoretical model, employing a balance of forces acting at the drop contact line as well as energy conservation, is formulated to determine the variation, with We, of net horizontal drop velocity and subsequent movement of the impacting drop on the dual-textured surfaces