Classical Cryptographic Protocols in a Quantum World

Cryptographic protocols, such as protocols for secure function evaluation (SFE), have played a crucial role in the development of modern cryptography. The extensive theory of these protocols, however, deals almost exclusively with classical attackers. If we accept that quantum information processing is the most realistic model of physically feasible computation, then we must ask: what classical protocols remain secure against quantum attackers? Our main contribution is showing the existence of classical two-party protocols for the secure evaluation of any polynomial-time function under reasonable computational assumptions (for example, it suffices that the learning with errors problem be hard for quantum polynomial time). Our result shows that the basic two-party feasibility picture from classical cryptography remains unchanged in a quantum world.

[1]  Alexandra Kolla,et al.  Making Classical Honest Verifier Zero Knowledge Protocols Secure against Quantum Attacks , 2008, ICALP.

[2]  Gilles Brassard,et al.  Quantum Bit Commitment and Coin Tossing Protocols , 1990, CRYPTO.

[3]  Moni Naor,et al.  Bit commitment using pseudorandomness , 1989, Journal of Cryptology.

[4]  Yehuda Lindell,et al.  Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation , 2001, Journal of Cryptology.

[5]  Yehuda Lindell General Composition and Universal Composability in Secure Multiparty Computation , 2008, Journal of Cryptology.

[6]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[7]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[8]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[9]  Donald Beaver,et al.  On Deniability in Quantum Key Exchange , 2002, EUROCRYPT.

[10]  Mihir Bellare,et al.  The Security of Triple Encryption and a Framework for Code-Based Game-Playing Proofs , 2006, EUROCRYPT.

[11]  Silvio Micali,et al.  The Knowledge Complexity of Interactive Proof Systems , 1989, SIAM J. Comput..

[12]  Martin Grohe The complexity of homomorphism and constraint satisfaction problems seen from the other side , 2007, JACM.

[13]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[14]  Silvio Micali,et al.  Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems , 1991, JACM.

[15]  Moni Naor,et al.  Games for exchanging information , 2008, STOC.

[16]  Dominique Unruh,et al.  Quantum Proofs of Knowledge , 2012, IACR Cryptol. ePrint Arch..

[17]  Dennis Hofheinz,et al.  Simulatable security and polynomially bounded concurrent composability , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[18]  Jonathan Katz On achieving the "best of both worlds" in secure multiparty computation , 2007, STOC '07.

[19]  Jonathan Katz,et al.  Feasibility and Completeness of Cryptographic Tasks in the Quantum World , 2013, TCC.

[20]  Louis Salvail,et al.  Two Provers in Isolation , 2011, ASIACRYPT.

[21]  M. Ben-Or,et al.  General Security Definition and Composability for Quantum & Classical Protocols , 2004, quant-ph/0409062.

[22]  Adam D. Smith,et al.  Secure multi-party quantum computation , 2002, STOC '02.

[23]  Dominique Unruh,et al.  Simulatable security for quantum protocols. (arXiv:quant-ph/0409125v2 CROSS LISTED) , 2004, quant-ph/0409125.

[24]  Avinatan Hassidim,et al.  Secure Multiparty Quantum Computation with (Only) a Strict Honest Majority , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[25]  Louis Salvail,et al.  Actively Secure Two-Party Evaluation of Any Quantum Operation , 2012, CRYPTO.

[26]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[27]  I. Chuang,et al.  Quantum Computation and Quantum Information: Introduction to the Tenth Anniversary Edition , 2010 .

[28]  Ivan Damgård,et al.  Cryptography in the Bounded-Quantum-Storage Model , 2008, SIAM J. Comput..

[29]  Dominic Mayers Unconditionally secure quantum bit commitment is impossible , 1997 .

[30]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[31]  Gilles Brassard,et al.  Practical Quantum Oblivious Transfer , 1991, CRYPTO.

[32]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[33]  Serge Fehr,et al.  Security and Composability of Randomness Expansion from Bell Inequalities , 2011, ArXiv.

[34]  Louis Salvail,et al.  Computational Collapse of Quantum State with Application to Oblivious Transfer , 2003, TCC.

[35]  Debbie W. Leung,et al.  The Universal Composable Security of Quantum Key Distribution , 2004, TCC.

[36]  Andrew Chi-Chih Yao,et al.  Quantum Circuit Complexity , 1993, FOCS.

[37]  Giulio Chiribella,et al.  Memory effects in quantum channel discrimination. , 2008, Physical review letters.

[38]  Amit Sahai,et al.  New notions of security: achieving universal composability without trusted setup , 2004, STOC '04.

[39]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2009, JACM.

[40]  Dominique Unruh,et al.  Universally Composable Quantum Multi-party Computation , 2009, EUROCRYPT.

[41]  Gus Gutoski,et al.  Toward a general theory of quantum games , 2006, STOC '07.

[42]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[43]  Hoi-Kwong Lo,et al.  Is Quantum Bit Commitment Really Possible? , 1996, ArXiv.

[44]  H. F. Chau,et al.  Why quantum bit commitment and ideal quantum coin tossing are impossible , 1997 .

[45]  Manuel Blum,et al.  How to Prove a Theorem So No One Else Can Claim It , 2010 .

[46]  Adi Shamir,et al.  Witness indistinguishable and witness hiding protocols , 1990, STOC '90.

[47]  Peter W. Shor,et al.  Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[48]  Shor,et al.  Simple proof of security of the BB84 quantum key distribution protocol , 2000, Physical review letters.

[49]  Yehuda Lindell,et al.  Information-Theoretically Secure Protocols and Security under Composition , 2010, SIAM J. Comput..

[50]  Amit Sahai,et al.  How to play almost any mental game over the net - concurrent composition via super-polynomial simulation , 2005, 46th Annual IEEE Symposium on Foundations of Computer Science (FOCS'05).

[51]  Dominic Mayers,et al.  Unconditional security in quantum cryptography , 1998, JACM.

[52]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[53]  Lo,et al.  Unconditional security of quantum key distribution over arbitrarily long distances , 1999, Science.

[54]  Ivan Damgård,et al.  Improving the Security of Quantum Protocols via Commit-and-Open , 2009, CRYPTO.

[55]  Peter W. Shor,et al.  Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer , 1995, SIAM Rev..

[56]  John Watrous Zero-Knowledge against Quantum Attacks , 2009, SIAM J. Comput..

[57]  Dominique Unruh,et al.  Concurrent Composition in the Bounded Quantum Storage Model , 2011, EUROCRYPT.

[58]  Ivan Damgård,et al.  Secure identification and QKD in the bounded-quantum-storage model , 2007, Theor. Comput. Sci..

[59]  Louis Salvail,et al.  Secure Two-Party Quantum Evaluation of Unitaries against Specious Adversaries , 2010, CRYPTO.

[60]  Ran Canetti,et al.  Universally Composable Security with Global Setup , 2007, TCC.

[61]  Serge Fehr,et al.  Composing Quantum Protocols in a Classical Environment , 2009, TCC.

[62]  Adam D. Smith,et al.  Approximate Quantum Error-Correcting Codes and Secret Sharing Schemes , 2005, EUROCRYPT.

[63]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[64]  Gus Gutoski On a measure of distance for quantum strategies , 2010, 1008.4636.

[65]  Adi Shamir,et al.  Zero Knowledge Proofs of Knowledge in Two Rounds , 1989, CRYPTO.

[66]  Ivan Damgård,et al.  Quantum-Secure Coin-Flipping and Applications , 2009, ASIACRYPT.

[67]  Rafael Pass,et al.  Simulation in Quasi-Polynomial Time, and Its Application to Protocol Composition , 2003, EUROCRYPT.

[68]  Louis Salvail,et al.  Perfectly Concealing Quantum Bit Commitment from any Quantum One-Way Permutation , 2000, EUROCRYPT.