58 research outputs found
Quantum Lazy Sampling and Game-Playing Proofs for Quantum Indifferentiability
Game-playing proofs constitute a powerful framework for non-quantum
cryptographic security arguments, most notably applied in the context of
indifferentiability. An essential ingredient in such proofs is lazy sampling of
random primitives. We develop a quantum game-playing proof framework by
generalizing two recently developed proof techniques. First, we describe how
Zhandry's compressed quantum oracles~(Crypto'19) can be used to do quantum lazy
sampling of a class of non-uniform function distributions. Second, we observe
how Unruh's one-way-to-hiding lemma~(Eurocrypt'14) can also be applied to
compressed oracles, providing a quantum counterpart to the fundamental lemma of
game-playing. Subsequently, we use our game-playing framework to prove quantum
indifferentiability of the sponge construction, assuming a random internal
function
Constraints on Multipartite Quantum Entropies
The von Neumann entropy plays a vital role in quantum information theory. As the Shannon entropydoes in classical information theory, the von Neumann entropy determines the capacities of quan-tum channels. Quantum entropies of composite quantum systems are important for future quantumnetwork communication their characterization is related to the so calledquantum marginal problem.Furthermore, they play a role in quantum thermodynamics. In this thesis the set of quantum entropiesof multipartite quantum systems is the main object of interest. The problem of characterizing this setis not new – however, progress has been sparse, indicating that the problem may be considered hardand that new methods might be needed. Here, a variety of different and complementary aprroachesare taken.First, I look at global properties. It is known that the von Neumann entropy region – just likeits classical counterpart – forms aconvex cone. I describe the symmetries of this cone and highlightgeometric similarities and differences to the classical entropy cone.In a different approach, I utilize thelocalgeometric properties ofextremal raysof a cone. I showthat quantum states whose entropy lies on such an extremal ray of the quantum entropy cone have avery simple structure.As the set of all quantum states is very complicated, I look at a simple subset calledstabilizerstates. I improve on previously known results by showing that under a technical condition on the localdimension, entropies of stabilizer states respect an additional class of information inequalities that isvalid for random variables from linear codes.In a last approach I find a representation-theoretic formulation of the classical marginal problemsimplifying the comparison with its quantum mechanical counterpart. This novel correspondenceyields a simplified formulation of the group characterization of classical entropies (IEEE Trans. Inf.Theory, 48(7):1992–1995, 2002) in purely combinatorial terms
Weak approximate unitary designs and applications to quantum encryption
Unitary t-designs are the bread and butter of quantum information theory and beyond. An important issue in practice is that of efficiently constructing good approximations of such unitary t-designs. Building on results by Aubrun (Comm. Math. Phys. 2009), we prove that sampling dtpoly(t,logd,1/ϵ) unitaries from an exact t-design provides with positive probability an ϵ-approximate t-design, if the error is measured in one-to-one norm distance of the corresponding t-twirling channels. As an application, we give a partially derandomized construction of a quantum encryption scheme that has roughly the same key size and security as the quantum one-time pad, but possesses the additional property of being non-malleable against adversaries without quantum side information
Limitations on Uncloneable Encryption and Simultaneous One-Way-to-Hiding
We study uncloneable quantum encryption schemes for classical messages as
recently proposed by Broadbent and Lord. We focus on the information-theoretic
setting and give several limitations on the structure and security of these
schemes: Concretely, 1) We give an explicit cloning-indistinguishable attack
that succeeds with probability where is related to the
largest eigenvalue of the resulting quantum ciphertexts. 2) For a uniform
message distribution, we partially characterize the scheme with the minimal
success probability for cloning attacks. 3) Under natural symmetry conditions,
we prove that the rank of the ciphertext density operators has to grow at least
logarithmically in the number of messages to ensure uncloneable security. 4)
The \emph{simultaneous} one-way-to-hiding (O2H) lemma is an important technique
in recent works on uncloneable encryption and quantum copy protection. We give
an explicit example which shatters the hope of reducing the multiplicative
"security loss" constant in this lemma to below 9/8.Comment: v2 and v3: several fixes, including a missing attribution to
Broadbent and Lor
The Measure-and-Reprogram Technique 2.0: Multi-Round Fiat-Shamir and More
We revisit recent works by Don, Fehr, Majenz and Schaffner and by Liu and
Zhandry on the security of the Fiat-Shamir transformation of -protocols
in the quantum random oracle model (QROM). Two natural questions that arise in
this context are: (1) whether the results extend to the Fiat-Shamir
transformation of multi-round interactive proofs, and (2) whether Don et al.'s
loss in security is optimal.
Firstly, we answer question (1) in the affirmative. As a byproduct of solving
a technical difficulty in proving this result, we slightly improve the result
of Don et al., equipping it with a cleaner bound and an even simpler proof. We
apply our result to digital signature schemes showing that it can be used to
prove strong security for schemes like MQDSS in the QROM. As another
application we prove QROM-security of a non-interactive OR proof by Liu, Wei
and Wong.
As for question (2), we show via a Grover-search based attack that Don et
al.'s quadratic security loss for the Fiat-Shamir transformation of
-protocols is optimal up to a small constant factor. This extends to
our new multi-round result, proving it tight up to a factor that depends on the
number of rounds only, i.e. is constant for any constant-round interactive
proof.Comment: 22 page
Coarse-Graining Can Beat the Rotating Wave Approximation in Quantum Markovian Master Equations
We present a first-principles derivation of the Markovian semi-group master equation without invoking the rotating wave approximation (RWA). Instead we use a time coarse-graining approach which leaves us with a free timescale parameter, which we can optimize. Comparing this approach to the standard RWA-based Markovian master equation, we find that significantly better agreement is possible using the coarse-graining approach, for a three-level model coupled to a bath of oscillators, whose exact dynamics we can solve for at zero temperature. The model has the important feature that the RWA has a non-trivial effect on the dynamics of the populations. We show that the two different master equations can exhibit strong qualitative differences for the population of the energy eigenstates even for such a simple model. The RWA-based master equation misses an important feature which the coarse-graining based scheme does not. By optimizing the coarse-graining timescale the latter scheme can be made to approach the exact solution much more closely than the RWA-based master equation
Quantum non-malleability and authentication
Abstract: In encryption, non-malleability is a highly desirable property: it ensures that adversaries cannot manipulate the plaintext by acting on the ciphertext. Ambainis et al. gave a definition of non-malleability for the encryption of quantum data. In this work, we show that this definition is too weak, as it allows adversaries to ``inject'' plaintexts of their choice into the ciphertext. We give a new definition of quantum non-malleability which resolves this problem. Our definition is expressed in terms of entropic quantities, considers stronger adversaries, and does not assume secrecy. Rather, we prove that quantum non-malleability implies secrecy; this is in stark contrast to the classical setting, where the two properties are completely independent. For unitary schemes, our notion of non-malleability is equivalent to encryption with a two-design (and hence also to the definition of Ambainis et al.).
Our techniques also yield new results regarding the closely-related task of quantum authentication. We show that ``total authentication'' (a notion recently proposed by Garg et al.) can be satisfied with two-designs, a significant improvement over their eight-design-based construction. We also show that, under a mild adaptation of the rejection procedure, both total authentication and our notion of non-malleability yield quantum authentication as defined by Dupuis et al
- …