Near-optimal extractors against quantum storage

We show that Trevisan's extractor and its variants [22,19] are secure against bounded quantum storage adversaries. One instantiation gives the first such extractor to achieve an output length Θ(K-b), where K is the source's entropy and b the adversary's storage, together with a poly-logarithmic seed length. Another instantiation achieves a logarithmic key length, with a slightly smaller output length Θ((K-b)/Kγ) for any γ>0. In contrast, the previous best construction [21] could only extract (K/b)1/15 bits. Some of our constructions have the additional advantage that every bit of the output is a function of only a polylogarithmic number of bits from the source, which is crucial for some cryptographic applications. Our argument is based on bounds for a generalization of quantum random access codes, which we call quantum functional access codes. This is crucial as it lets us avoid the local list-decoding algorithm central to the approach in [21], which was the source of the multiplicative overhead.

[1]  Russell Impagliazzo,et al.  Hard-core distributions for somewhat hard problems , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[2]  Chi-Jen Lu Encryption against Storage-Bounded Adversaries from On-Line Strong Extractors , 2003, Journal of Cryptology.

[3]  Anindya De,et al.  Trevisan's Extractor in the Presence of Quantum Side Information , 2009, SIAM J. Comput..

[4]  Leonid A. Levin,et al.  One way functions and pseudorandom generators , 1987, Comb..

[5]  Ran Raz,et al.  Exponential Separation for One-Way Quantum Communication Complexity, with Applications to Cryptography , 2008, SIAM J. Comput..

[6]  Leonid A. Levin,et al.  A hard-core predicate for all one-way functions , 1989, STOC '89.

[7]  Andris Ambainis,et al.  Dense quantum coding and quantum finite automata , 2002, JACM.

[8]  Luca Trevisan,et al.  Pseudorandom generators without the XOR lemma , 1999, Proceedings. Fourteenth Annual IEEE Conference on Computational Complexity (Formerly: Structure in Complexity Theory Conference) (Cat.No.99CB36317).

[9]  Ashwin Nayak,et al.  Limits on the ability of quantum states to convey classical messages , 2006, JACM.

[10]  Luca Trevisan,et al.  Extractors and pseudorandom generators , 2001, JACM.

[11]  Salil P. Vadhan,et al.  Constructing Locally Computable Extractors and Cryptosystems in the Bounded-Storage Model , 2003, Journal of Cryptology.

[12]  Ueli Maurer,et al.  Optimal Randomizer Efficiency in the Bounded-Storage Model , 2003, Journal of Cryptology.

[13]  Emanuele Viola,et al.  The complexity of constructing pseudorandom generators from hard functions , 2005, computational complexity.

[14]  Ran Raz,et al.  Extracting all the randomness and reducing the error in Trevisan's extractors , 1999, STOC '99.

[15]  E. Prugovec̆ki Information-theoretical aspects of quantum measurement , 1977 .

[16]  Venkatesan Guruswami,et al.  Combinatorial bounds for list decoding , 2002, IEEE Trans. Inf. Theory.

[17]  Amnon Ta-Shma,et al.  Short seed extractors against quantum storage , 2008, STOC '09.

[18]  Noam Nisan,et al.  Hardness vs Randomness , 1994, J. Comput. Syst. Sci..

[19]  Luca Trevisan,et al.  List-decoding using the XOR lemma , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[20]  Ran Raz,et al.  Exponential Separation for One-Way Quantum Communication Complexity, with Applications to Cryptography , 2008, SIAM J. Comput..

[21]  Ueli Maurer Conditionally-perfect secrecy and a provably-secure randomized cipher , 2004, Journal of Cryptology.

[22]  Ronald de Wolf,et al.  A Hypercontractive Inequality for Matrix-Valued Functions with Applications to Quantum Computing and LDCs , 2007, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[23]  Russell Impagliazzo,et al.  Approximately List-Decoding Direct Product Codes and Uniform Hardness Amplification , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[24]  Barbara M. Terhal,et al.  The Bounded-Storage Model in the Presence of a Quantum Adversary , 2008, IEEE Transactions on Information Theory.

[25]  Ran Raz,et al.  On the distribution of the number of roots of polynomials and explicit weak designs , 2003, Random Struct. Algorithms.

[26]  Serge Fehr,et al.  Randomness Extraction Via delta -Biased Masking in the Presence of a Quantum Attacker , 2007, TCC.

[27]  Luca Trevisan,et al.  Extractors Using Hardness Amplification , 2009, APPROX-RANDOM.

[28]  Ueli Maurer,et al.  On the power of quantum memory , 2005, IEEE Transactions on Information Theory.