Results 11  20
of
54
Improving the Security of Quantum Protocols via CommitandOpen
, 2009
"... We consider twoparty quantum protocols starting with a transmission of some random BB84 qubits followed by classical messages. We show a general “compiler” improving the security of such protocols: if the original protocol is secure against an “almost honest ” adversary, then the compiled protoco ..."
Abstract

Cited by 7 (5 self)
 Add to MetaCart
We consider twoparty quantum protocols starting with a transmission of some random BB84 qubits followed by classical messages. We show a general “compiler” improving the security of such protocols: if the original protocol is secure against an “almost honest ” adversary, then the compiled protocol is secure against an arbitrary computationally bounded (quantum) adversary. The compilation preserves the number of qubits sent and the number of rounds up to a constant factor. The compiler also preserves security in the boundedquantumstorage model (BQSM), so if the original protocol was BQSMsecure, the compiled protocol can only be broken by an adversary who has large quantum memory and large computing power. This is in contrast to known BQSMsecure protocols, where security breaks down completely if the adversary has larger quantum memory than expected. We show how our technique can be applied to quantum identification and oblivious transfer protocols.
F.: Classical cryptographic protocols in a quantum world
 In: CRYPTO. LNCS
, 2011
"... Abstract. Cryptographic protocols, such as protocols for secure function evaluation (SFE), have played a crucial role in the development of modern cryptography. The extensive theory of these protocols, however, deals almost exclusively with classical attackers. If we accept that quantum information ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Cryptographic protocols, such as protocols for secure function evaluation (SFE), have played a crucial role in the development of modern cryptography. The extensive theory of these protocols, however, deals almost exclusively with classical attackers. If we accept that quantum information processing is the most realistic model of physically feasible computation, then we must ask: what classical protocols remain secure against quantum attackers? Our main contribution is showing the existence of classical twoparty protocols for the secure evaluation of any polynomialtime function under reasonable computational assumptions (for example, it suffices that the learning with errors problem be hard for quantum polynomial time). Our result shows that the basic twoparty feasibility picture from classical cryptography remains unchanged in a quantum world.
Interactive and Noninteractive Zero Knowledge are Equivalent in the Help Model
, 2007
"... We show that interactive and noninteractive zeroknowledge are equivalent in the ‘help model’ of BenOr and Gutfreund (J. Cryptology, 2003). In this model, the shared reference string is generated by a probabilistic polynomialtime dealer who is given access to the statement to be proven. Our result ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
We show that interactive and noninteractive zeroknowledge are equivalent in the ‘help model’ of BenOr and Gutfreund (J. Cryptology, 2003). In this model, the shared reference string is generated by a probabilistic polynomialtime dealer who is given access to the statement to be proven. Our results do not rely on any unproven complexity assumptions and hold for statistical zero knowledge, for computational zero knowledge restricted to AM, and for quantum zero knowledge when the help is a pure quantum state.
General properties of quantum zeroknowledge proofs
 In Proceedings of the Fifth IACR Theory of Cryptography Conference
, 2008
"... This paper studies the complexity classes QZK and HVQZK, the classes of problems having a quantum computational zeroknowledge proof system and an honestverifier quantum computational zeroknowledge proof system, respectively. The results proved in this paper include: • HVQZK = QZK. • Any problem i ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
This paper studies the complexity classes QZK and HVQZK, the classes of problems having a quantum computational zeroknowledge proof system and an honestverifier quantum computational zeroknowledge proof system, respectively. The results proved in this paper include: • HVQZK = QZK. • Any problem in QZK has a publiccoin quantum computational zeroknowledge proof system. • Any problem in QZK has a quantum computational zeroknowledge proof system of perfect completeness. • Any problem in QZK has a threemessage publiccoin quantum computational zeroknowledge proof system of perfect completeness with polynomially small error in soundness (hence with arbitrarily small constant error in soundness). All the results proved in this paper are unconditional, i.e., they do not rely any computational assumptions such as the existence of quantum oneway functions or permutations. For the classes QPZK, HVQPZK, and QSZK of problems having a quantum perfect zeroknowledge proof system, an honestverifier quantum perfect zeroknowledge proof system, and a quantum statistical zeroknowledge proof system, respectively, the following new properties are proved:
Stronger methods of making quantum interactive proofs perfectly complete
 In ITCS ’13, Proceedings of the 2013 ACM Conference on Innovations in Theoretical Computer Science
, 2013
"... ar ..."
(Show Context)
QuantumSecure CoinFlipping and Applications
, 2009
"... In this paper, we prove a wellknown classical coinflipping protocol secure in the presence of quantum adversaries. More precisely, we show that the protocol implements a natural ideal functionality for coinflipping. The proof uses a recent result of Watrous [Wat06] that allows quantum rewinding ..."
Abstract

Cited by 4 (1 self)
 Add to MetaCart
In this paper, we prove a wellknown classical coinflipping protocol secure in the presence of quantum adversaries. More precisely, we show that the protocol implements a natural ideal functionality for coinflipping. The proof uses a recent result of Watrous [Wat06] that allows quantum rewinding for protocols of a certain form. We then discuss two applications. First, the combination of coinflipping with any noninteractive zeroknowledge protocol leads to an easy transformation from noninteractive zeroknowledge to interactive quantum zeroknowledge. Second, we discuss how our protocol can be applied to a recently proposed method for improving the security of quantum protocols [DFL + 09], resulting in an implementation without setup assumptions.
Quantum Expanders: Motivation and Constructions
 THEORY OF COMPUTING
, 2009
"... We define quantum expanders in a natural way. We give two constructions of quantum expanders, both based on classical expander constructions. The first construction is algebraic, and is based on the construction of Cayley Ramanujan graphs over the group PGL(2,q) given by Lubotzky, Philips and Sarna ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
We define quantum expanders in a natural way. We give two constructions of quantum expanders, both based on classical expander constructions. The first construction is algebraic, and is based on the construction of Cayley Ramanujan graphs over the group PGL(2,q) given by Lubotzky, Philips and Sarnak [29]. The second construction is combinatorial, and is based on a quantum variant of the ZigZag product introduced by Reingold, Vadhan and Wigderson [37]. Both constructions are of constant degree, and the second one is explicit. Using another construction of quantum expanders by Ambainis and Smith [6], we characterize the complexity of comparing and estimating quantum entropies. Specifically, we consider the following task: given two mixed states, each given by a quantum circuit generating it, decide which mixed state has more entropy. We show that this problem is QSZK–complete (where QSZK is the class of languages having a zeroknowledge quantum interactive protocol). This problem is very well motivated from a physical point of view. Our proof follows the classical proof structure that the entropy difference problem is SZK–complete, but crucially depends on the use of quantum expanders.
Transferring proofs of zeroknowledge systems with quantum correlations
 Proceedings of the First Workshop on Quantum Security: QSec’07
, 2007
"... Abstract — The use of quantum correlations to attack security protocols is an important research line deserving growing attention. An important class of cryptographic protocols used as building blocks for several other more complex protocols is zeroknowledge proof systems. One of the properties tha ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
(Show Context)
Abstract — The use of quantum correlations to attack security protocols is an important research line deserving growing attention. An important class of cryptographic protocols used as building blocks for several other more complex protocols is zeroknowledge proof systems. One of the properties that zeroknowledge proof systems are assumed to satisfy is that it is impossible for the verifier to show to a third party that he has interacted with the prover (impossibility of transferring proofs). Herein, it is shown how Bell pairs, together with tamperproofing, can be used to break the impossibility of transferring proofs for an important class of zeroknowledge proof systems. Index Terms — Quantum correlations, quantum attacks, zeroknowledge proof systems.