Cryptography In the Bounded Quantum-Storage Model

Slides:



Advertisements
Similar presentations
Polylogarithmic Private Approximations and Efficient Matching
Advertisements

Quantum Cryptography Post Tenebras Lux!
A Tight High-Order Entropic Quantum Uncertainty Relation with Applications Serge Fehr, Christian Schaffner (CWI Amsterdam, NL) Renato Renner (ETH Zürich,
Foundations of Cryptography Lecture 7 Lecturer:Danny Harnik.
Yan Huang, David Evans, Jonathan Katz
Christian Schaffner CWI Amsterdam, Netherlands Position-Based Quantum Cryptography: Impossibility and Constructions Seminar Eindhoven, Netherlands Wednesday,
Rational Oblivious Transfer KARTIK NAYAK, XIONG FAN.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
Tight Bounds for Unconditional Authentication Protocols in the Moni Naor Gil Segev Adam Smith Weizmann Institute of Science Israel Modeland Shared KeyManual.
1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.
Quantum Cryptography ( EECS 598 Presentation) by Amit Marathe.
Introduction to Modern Cryptography, Lecture 12 Secure Multi-Party Computation.
Eran Omri, Bar-Ilan University Joint work with Amos Beimel and Ilan Orlov, BGU Ilan Orlov…!??!!
Short course on quantum computing Andris Ambainis University of Latvia.
Oblivious Transfer and Bit Commitment from Noisy Channels Ivan Damgård BRICS, Århus University.
A Tight High-Order Entropic Quantum Uncertainty Relation with Applications Serge Fehr, Christian Schaffner (CWI Amsterdam, NL) Renato Renner (University.
Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.
Oblivious Transfer based on the McEliece Assumptions
Superdense coding. How much classical information in n qubits? Observe that 2 n  1 complex numbers apparently needed to describe an arbitrary n -qubit.
Oblivious Transfer and Linear Functions Ivan Damgård, Louis Salvail, Christian Schaffner (BRICS, University of Aarhus, Denmark) Serge Fehr (CWI Amsterdam,
BB84 Quantum Key Distribution 1.Alice chooses (4+  )n random bitstrings a and b, 2.Alice encodes each bit a i as {|0>,|1>} if b i =0 and as {|+>,|->}
Quantum Cryptography Prafulla Basavaraja CS 265 – Spring 2005.
On Everlasting Security in the Hybrid Bounded Storage Model Danny Harnik Moni Naor.
Lo-Chau Quantum Key Distribution 1.Alice creates 2n EPR pairs in state each in state |  00 >, and picks a random 2n bitstring b, 2.Alice randomly selects.
EECS 598 Fall ’01 Quantum Cryptography Presentation By George Mathew.
Paraty, Quantum Information School, August 2007 Antonio Acín ICFO-Institut de Ciències Fotòniques (Barcelona) Quantum Cryptography.
CS4600/5600 Biometrics and Cryptography UTC/CSE
Dominique Unruh 3 September 2012 Quantum Cryptography Dominique Unruh.
A Few Simple Applications to Cryptography Louis Salvail BRICS, Aarhus University.
Paraty, Quantum Information School, August 2007 Antonio Acín ICFO-Institut de Ciències Fotòniques (Barcelona) Quantum Cryptography (III)
Christian Schaffner CWI Amsterdam, Netherlands Quantum Cryptography beyond Key Distribution Workshop on Post-Quantum Security Models Paris, France Tuesday,
Composing Quantum Protocols Dominic Mayers Université de Sherbrooke Joint Work with Michael Ben-Or.
Secure two-party computation: a visual way by Paolo D’Arco and Roberto De Prisco.
Improved Non-Committing Encryption with Application to Adaptively Secure Protocols joint work with Dana Dachman-Soled (Columbia Univ.), Tal Malkin (Columbia.
1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.
Software Security Seminar - 1 Chapter 5. Advanced Protocols 조미성 Applied Cryptography.
CHAPTER 15: Quantum cryptography
Device-independent security in quantum key distribution Lluis Masanes ICFO-The Institute of Photonic Sciences arXiv:
Cryptography In the Bounded Quantum-Storage Model Christian Schaffner, BRICS University of Århus, Denmark ECRYPT Autumn School, Bertinoro Wednesday, October.
Cryptography In the Bounded Quantum-Storage Model Christian Schaffner, BRICS University of Århus, Denmark 9 th workshop on QIP 2006, Paris Tuesday, January.
Practical Aspects of Quantum Coin Flipping Anna Pappa Presentation at ACAC 2012.
Quantum Key Distribution Chances and Restrictions Norbert Lütkenhaus Emmy Noether Research Group Institut für Theoretische Physik I Universität Erlangen-Nürnberg.
Introduction to Quantum Key Distribution
Christian Schaffner, PhD student NF-årsfest 2005 A A R H U S U N I V E R S I T E T DAIMI – Department of Computer Science BRICS – Basic Research in Computer.
Entanglement sampling and applications Omar Fawzi (ETH Zürich) Joint work with Frédéric Dupuis (Aarhus University) and Stephanie Wehner (CQT, Singapore)
CS555Topic 251 Cryptography CS 555 Topic 25: Quantum Crpytography.
Quantum Cryptography Slides based in part on “A talk on quantum cryptography or how Alice outwits Eve,” by Samuel Lomonaco Jr. and “Quantum Computing”
Nawaf M Albadia
Christian Schaffner CWI Amsterdam, Netherlands Quantum Cryptography beyond Key Distribution Tropical QKD Waterloo, ON, Canada Wednesday, 16 June 2010.
1 Security of Quantum Key Distribution with Imperfect Devices Hoi-Kwong Lo Dept. of Electrical & Comp. Engineering (ECE); & Dept. of Physics University.
Feasibility and Completeness of Cryptographic Tasks in the Quantum World Hong-Sheng Zhou (U. Maryland) Joint work with Jonathan Katz (U. Maryland) Fang.
On Forward-Secure Storage Stefan Dziembowski Warsaw University and University of Rome La Sapienza.
Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam.
1 Conference key-agreement and secret sharing through noisy GHZ states Kai Chen and Hoi-Kwong Lo Center for Quantum Information and Quantum Control, Dept.
Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam.
Page 1 COMPSCI 290.2: Computer Security “Quantum Cryptography” including Quantum Communication Quantum Computing.
Quantum Cryptography Christian Schaffner
Quantum Cryptography Antonio Acín
Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam.
Cryptography in the Bounded-Quantum-Storage Model Christian Schaffner BRICS, University of Aarhus PhD Defense Friday, April 27 th 2007.
1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.
15-853Page 1 COMPSCI 290.2: Computer Security “Quantum Cryptography” Including Quantum Communication Quantum Computing.
Topic 36: Zero-Knowledge Proofs
COMPSCI 290.2: Computer Security
with Weak Measurements
Unconditional Security of the Bennett 1992 quantum key-distribution protocol over a lossy and noisy channel Kiyoshi Tamaki * *Perimeter Institute for.
Seung Hwan An University of Washington October 18, 2016 PHYS 494
Quantum Cryptography Christian Schaffner
Richard Cleve DC 2117 Introduction to Quantum Information Processing CS 667 / PH 767 / CO 681 / AM 871 Lecture 22 (2009) Richard.
Quantum-security of commitment schemes and hash functions
Presentation transcript:

Cryptography In the Bounded Quantum-Storage Model Ivan Damgård, Louis Salvail, Christian Schaffner BRICS, University of Århus, DK Serge Fehr CWI, Amsterdam, NL FOCS 2005 - Pittsburgh Tuesday, October 25th 2005

Classical 2-party primitives Rabin Oblivious Transfer b b / ? private oblivious OT Bit Commitment b Cb b in Cb? BC binding hiding OT ) BC OT is complete for two-party cryptography

Known Impossibility Results In the classical unconditionally secure model without further assumptions OT In the unconditionally secure model with quantum communication [Mayers97, Lo-Chau97] BC

Classical Bounded-Storage Model random string which players try to store a memory bound applies at a specified moment protocol for OT [DHRS, TCC04]: memory size of honest players: k memory of dishonest players: <k2 Tight bound [DM, EC04] can be improved by allowing quantum communication OT ()  BC

Quantum Bounded-Storage Model quantum memory bound applies at a specified moment. Besides that, players are unbounded (in time and space) unconditional secure against adversaries with quantum memory of less then half of the transmitted qubits honest players do not need quantum memory at all honest players: 0 k dishonest players: <n/2 <k2 ratio: 1 k OT  BC 

Agenda Quantum Bounded-Storage Model Protocol for Oblivious Transfer Protocol for Bit Commitment Practicality Issues

Quantum Mechanics (Toy Version) + basis £ basis Measurements: with prob. 1 yields 1 with prob. ½ yields 0 with prob. ½ yields 1

Quantum Protocol for OT Alice Bob 0110… 0110… memory bound: store < n/2 qubits h is two-universal and BINARY, maps to one bit Example: honest players

Quantum Protocol for OT II Alice Bob 0110… 0011… memory bound: store < n/2 qubits   honest players? private?

Obliviousness against dishonest Bob? Alice Bob 0110… … … 11… memory bound: store < n/2 qubits

Proof of Obliviousness: Tools Purification techniques like in the Shor-Preskill security proof of BB84 Privacy Amplification against Quantum Adversaries [RK, TCC05] new min-entropy based uncertainty relation: OT  For a n-qubit register A in state A, let P+ and P£ be the probabilities of measuring A in the +-basis respectively £-basis. Then it holds P+1 + P£1 · 1 + negl(n).

Agenda Quantum Bounded Storage Model Protocol for Oblivious Transfer Protocol for Bit Commitment Practicality Issues

Quantum Protocol for Bit Commitment Verifier Committer BC memory bound: store < n/2 qubits

Quantum Protocol for Bit Commitment II Verifier Committer memory bound: store < n/2 qubits one round, non-interactive commit by receiving! unconditionally hiding unconditionally binding as long as Memcommitter < n / 2 BC ) proof uses same tools as for OT !

Agenda Quantum Bounded Storage Model Protocol for Oblivious Transfer Protocol for Bit Commitment Practicality Issues

OT BC Practicality Issues With today’s technology, we can transmit quantum bits encoded in photons cannot store them for longer than a few milliseconds OT BC Problems: imperfect sources (multi-pulse emissions) transmission errors

Practicality Issues II Our protocols can be modified to resist attacks based on multi-photon emissions tolerate (quantum) noise OT  BC Well within reach of current technology. makes sense over short distances (in contrast to QKD) 

Thank you for your attention! Summary Protocols for OT and BC that are efficient, non-interactive unconditionally secure against adversaries with bounded quantum memory practical: honest players do not need quantum memory fault-tolerant OT  BC  Thank you for your attention!

Binding Property: Proof Idea Verifier Committer BC  memory bound: store < n/2 qubits

Open Problems and Next Steps Other flavors of OT: e.g. 1-out-of-2 Oblivious Transfer, String-OT, … Better memory bounds Composability? What happens to the memory bound? Better uncertainty relations for more MUB … OT  BC 

Quantum 1-2-OT Alice Bob memory bound: store < 0.4n qubits h is two-universal and BINARY, maps to one bit

Three Ways Out Bound computing power (schemes based on complexity assumptions) Noisy communication [e.g. CrépeauMorozovWolf04] Physical limitations OT  Physical limitations e.g. bounded memory size BC 

Quantum Mechanics II + basis £ basis EPR pairs: prob. ½ : 0 prob. ½ : 0 prob. ½ : 1 prob. 1 : 0

Agenda Quantum Bounded-Storage Model Protocol for Oblivious Transfer Protocol for Bit Commitment Practicality Issues

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.