400 research outputs found
The Impossibility Of Secure Two-Party Classical Computation
We present attacks that show that unconditionally secure two-party classical
computation is impossible for many classes of function. Our analysis applies to
both quantum and relativistic protocols. We illustrate our results by showing
the impossibility of oblivious transfer.Comment: 10 page
Entropic uncertainty relations and locking: tight bounds for mutually unbiased bases
We prove tight entropic uncertainty relations for a large number of mutually
unbiased measurements. In particular, we show that a bound derived from the
result by Maassen and Uffink for 2 such measurements can in fact be tight for
up to sqrt{d} measurements in mutually unbiased bases. We then show that using
more mutually unbiased bases does not always lead to a better locking effect.
We prove that the optimal bound for the accessible information using up to
sqrt{d} specific mutually unbiased bases is log d/2, which is the same as can
be achieved by using only two bases. Our result indicates that merely using
mutually unbiased bases is not sufficient to achieve a strong locking effect,
and we need to look for additional properties.Comment: 9 pages, RevTeX, v3: complete rewrite, new title, many new results,
v4: minor changes, published versio
06371 Abstracts Collection -- From Security to Dependability
From 10.09.06 to 15.09.06, the Dagstuhl Seminar 06371 ``From Security to Dependability\u27\u27 was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
Quantum private queries
We propose a cheat sensitive quantum protocol to perform a private search on
a classical database which is efficient in terms of communication complexity.
It allows a user to retrieve an item from the server in possession of the
database without revealing which item she retrieved: if the server tries to
obtain information on the query, the person querying the database can find it
out. Furthermore our protocol ensures perfect data privacy of the database,
i.e. the information that the user can retrieve in a single queries is bounded
and does not depend on the size of the database. With respect to the known
(quantum and classical) strategies for private information retrieval, our
protocol displays an exponential reduction both in communication complexity and
in running-time computational complexity.Comment: 4 pages, 1 figur
Fast and secure key distribution using mesoscopic coherent states of light
This work shows how two parties A and B can securely share sequences of
random bits at optical speeds. A and B possess true-random physical sources and
exchange random bits by using a random sequence received to cipher the
following one to be sent. A starting shared secret key is used and the method
can be described as an unlimited one-time-pad extender. It is demonstrated that
the minimum probability of error in signal determination by the eavesdropper
can be set arbitrarily close to the pure guessing level. Being based on the
-ry encryption protocol this method also allows for optical amplification
without security degradation, offering practical advantages over the BB84
protocol for key distribution.Comment: 11 pages and 4 figures. This version updates the one published in PRA
68, 052307 (2003). Minor changes were made in the text and one section on
Mutual Information was adde
Private Outsourcing of Polynomial Evaluation and Matrix Multiplication using Multilinear Maps
{\em Verifiable computation} (VC) allows a computationally weak client to
outsource the evaluation of a function on many inputs to a powerful but
untrusted server. The client invests a large amount of off-line computation and
gives an encoding of its function to the server. The server returns both an
evaluation of the function on the client's input and a proof such that the
client can verify the evaluation using substantially less effort than doing the
evaluation on its own. We consider how to privately outsource computations
using {\em privacy preserving} VC schemes whose executions reveal no
information on the client's input or function to the server. We construct VC
schemes with {\em input privacy} for univariate polynomial evaluation and
matrix multiplication and then extend them such that the {\em function privacy}
is also achieved. Our tool is the recently developed {mutilinear maps}. The
proposed VC schemes can be used in outsourcing {private information retrieval
(PIR)}.Comment: 23 pages, A preliminary version appears in the 12th International
Conference on Cryptology and Network Security (CANS 2013
Quantum cryptography with 3-state systems
We consider quantum cryptographic schemes where the carriers of information
are 3-state particles. One protocol uses four mutually unbiased bases and
appears to provide better security than obtainable with 2-state carriers.
Another possible method allows quantum states to belong to more than one basis.
The security is not better, but many curious features arise.Comment: 11 pages Revte
Possibility, Impossibility and Cheat-Sensitivity of Quantum Bit String Commitment
Unconditionally secure non-relativistic bit commitment is known to be
impossible in both the classical and the quantum worlds. But when committing to
a string of n bits at once, how far can we stretch the quantum limits? In this
paper, we introduce a framework for quantum schemes where Alice commits a
string of n bits to Bob in such a way that she can only cheat on a bits and Bob
can learn at most b bits of information before the reveal phase. Our results
are two-fold: we show by an explicit construction that in the traditional
approach, where the reveal and guess probabilities form the security criteria,
no good schemes can exist: a+b is at least n. If, however, we use a more
liberal criterion of security, the accessible information, we construct schemes
where a=4log n+O(1) and b=4, which is impossible classically. We furthermore
present a cheat-sensitive quantum bit string commitment protocol for which we
give an explicit tradeoff between Bob's ability to gain information about the
committed string, and the probability of him being detected cheating.Comment: 10 pages, RevTex, 2 figure. v2: title change, cheat-sensitivity adde
Estimates for practical quantum cryptography
In this article I present a protocol for quantum cryptography which is secure
against attacks on individual signals. It is based on the Bennett-Brassard
protocol of 1984 (BB84). The security proof is complete as far as the use of
single photons as signal states is concerned. Emphasis is given to the
practicability of the resulting protocol. For each run of the quantum key
distribution the security statement gives the probability of a successful key
generation and the probability for an eavesdropper's knowledge, measured as
change in Shannon entropy, to be below a specified maximal value.Comment: Authentication scheme corrected. Other improvements of presentatio
- …