Unconditional Security From Noisy Quantum Storage

We consider the implementation of two-party cryptographic primitives based on the sole assumption that no large-scale reliable quantum storage is available to the cheating party. We construct novel protocols for oblivious transfer and bit commitment, and prove that realistic noise levels provide security even against the most general attack. Such unconditional results were previously only known in the so-called bounded-storage model which is a special case of our setting. Our protocols can be implemented with present-day hardware used for quantum key distribution. In particular, no quantum storage is required for the honest parties.

[1]  Robert König,et al.  Universally Composable Privacy Amplification Against Quantum Adversaries , 2004, TCC.

[2]  Ivan Damgård,et al.  A Tight High-Order Entropic Quantum Uncertainty Relation with Applications , 2006, CRYPTO.

[3]  Claude Crépeau,et al.  Quantum Oblivious Transfer , 1994 .

[4]  Larry Carter,et al.  Universal Classes of Hash Functions , 1979, J. Comput. Syst. Sci..

[5]  Serge Fehr,et al.  Composing Quantum Protocols in a Classical Environment , 2009, TCC.

[6]  Andrew Chi-Chih Yao,et al.  Security of quantum protocols against coherent measurements , 1995, STOC '95.

[7]  Salil P. Vadhan,et al.  On Constructing Locally Computable Extractors and Cryptosystems in the Bounded Storage Model , 2003, CRYPTO.

[8]  D. Mayers The Trouble with Quantum Bit Commitment , 1996, quant-ph/9603015.

[9]  Leonid A. Levin,et al.  Pseudo-random generation from one-way functions , 1989, STOC '89.

[10]  Christian Schaffner Simple protocols for oblivious transfer and secure identification in the noisy-quantum-storage model , 2010, 1002.1495.

[11]  Christian Schaffner,et al.  Robust cryptography in the noisy-quantum-storage model , 2008, Quantum Inf. Comput..

[12]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[13]  S. Wehner,et al.  A strong converse for classical channel coding using entangled inputs. , 2009, Physical review letters.

[14]  Ronen Shaltiel,et al.  Recent Developments in Explicit Constructions of Extractors , 2002, Bull. EATCS.

[15]  Jürg Wullschleger,et al.  Robuster Combiners for Oblivious Transfer , 2007, TCC.

[16]  Ronen Shaltiel,et al.  Constant-Round Oblivious Transfer in the Bounded Storage Model , 2004, Journal of Cryptology.

[17]  Hoi-Kwong Lo,et al.  Insecurity of Quantum Secure Computations , 1996, ArXiv.

[18]  Ueli Maurer,et al.  Small accessible quantum information does not imply security. , 2007, Physical review letters.

[19]  Gilles Brassard,et al.  Quantum cryptography: Public key distribution and coin tossing , 2014, Theor. Comput. Sci..

[20]  Stephanie Wehner,et al.  Cryptography in a quantum world , 2008, 0806.3483.

[21]  Ivan Damgård,et al.  Secure identification and QKD in the bounded-quantum-storage model , 2007, Theor. Comput. Sci..

[22]  Louis Salvail,et al.  Computational Collapse of Quantum State with Application to Oblivious Transfer , 2003, TCC.

[23]  Debbie W. Leung,et al.  The Universal Composable Security of Quantum Key Distribution , 2004, TCC.

[24]  Ivan Damgård,et al.  Cryptography in the bounded quantum-storage model , 2005, IEEE Information Theory Workshop on Theory and Practice in Information-Theoretic Security, 2005..

[25]  Rafail Ostrovsky,et al.  Fair Games against an All-Powerful Adversary , 1990, Advances In Computational Complexity Theory.

[26]  Ueli Maurer,et al.  A Provably-Secure Strongly-Randomized Cipher , 1991, EUROCRYPT.

[27]  Barbara M. Terhal,et al.  The Bounded-Storage Model in the Presence of a Quantum Adversary , 2008, IEEE Transactions on Information Theory.

[28]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[29]  Ivan Damgård,et al.  Improving the Security of Quantum Protocols via Commit-and-Open , 2009, CRYPTO.

[30]  Jürg Wullschleger Bitwise Quantum Min-Entropy Sampling and New Lower Bounds for Random Access Codes , 2011, TQC.

[31]  A. Winter,et al.  Higher entropic uncertainty relations for anti-commuting observables , 2007, 0710.1185.

[32]  Andreas J. Winter,et al.  The Quantum Reverse Shannon Theorem and Resource Tradeoffs for Simulating Quantum Channels , 2009, IEEE Transactions on Information Theory.

[33]  Robert König,et al.  Sampling of Min-Entropy Relative to Quantum Knowledge , 2007, IEEE Transactions on Information Theory.

[34]  Oded Goldreich,et al.  How to Solve any Protocol Problem - An Efficiency Improvement , 1987, CRYPTO.

[35]  Robert König,et al.  The Operational Meaning of Min- and Max-Entropy , 2008, IEEE Transactions on Information Theory.

[36]  Raffaele Romano,et al.  An optimal entropic uncertainty relation in a two-dimensional Hilbert space , 2003 .

[37]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.

[38]  Amnon Ta-Shma Short Seed Extractors against Quantum Storage , 2011, SIAM J. Comput..

[39]  Stephen Wiesner,et al.  Conjugate coding , 1983, SIGA.

[40]  Ueli Maurer Conditionally-perfect secrecy and a provably-secure randomized cipher , 2004, Journal of Cryptology.

[41]  Maassen,et al.  Generalized entropic uncertainty relations. , 1988, Physical review letters.

[42]  Dominic Mayers Unconditionally secure quantum bit commitment is impossible , 1997 .

[43]  Christian Schaffner,et al.  Cryptography from noisy storage. , 2007, Physical review letters.

[44]  Jorge Sánches-Ruiz OPTIMAL ENTROPIC UNCERTAINTY RELATION IN TWO-DIMENSIONAL HILBERT SPACE , 1998 .

[45]  Jürg Wullschleger,et al.  Composable Security in the Bounded-Quantum-Storage Model , 2007, ICALP.

[46]  Yan Zong Ding,et al.  Oblivious Transfer in the Bounded Storage Model , 2001, CRYPTO.

[47]  C. King Additivity for unital qubit channels , 2001, quant-ph/0103156.

[48]  Prabha Mandayam,et al.  Achieving the physical limits of the bounded-storage model , 2010, ArXiv.

[49]  Larry Carter,et al.  Universal classes of hash functions (Extended Abstract) , 1977, STOC '77.

[50]  Renato Renner,et al.  Security of quantum key distribution , 2005, Ausgezeichnete Informatikdissertationen.

[51]  Gilles Brassard,et al.  Privacy Amplification by Public Discussion , 1988, SIAM J. Comput..

[52]  Serge Fehr,et al.  Improving the Security of Quantum Protocols , 2009 .

[53]  Hoi-Kwong Lo,et al.  Is Quantum Bit Commitment Really Possible? , 1996, ArXiv.

[54]  C. King The capacity of the quantum depolarizing channel , 2003, IEEE Trans. Inf. Theory.

[55]  Moni Naor,et al.  On Robust Combiners for Oblivious Transfer and Other Primitives , 2005, EUROCRYPT.

[56]  Christian Schaffner,et al.  Cryptography from Noisy Photonic Storage , 2007, ArXiv.

[57]  W. Hoeffding Probability Inequalities for sums of Bounded Random Variables , 1963 .

[58]  H. F. Chau,et al.  Why quantum bit commitment and ideal quantum coin tossing are impossible , 1997 .

[59]  Amir Herzberg,et al.  On Tolerant Cryptographic Constructions , 2005, CT-RSA.

[60]  Andreas J. Winter,et al.  State Discrimination With Post-Measurement Information , 2008, IEEE Transactions on Information Theory.

[61]  Oded Goldreich,et al.  A Sample of Samplers - A Computational Perspective on Sampling (survey) , 1997, Electron. Colloquium Comput. Complex..

[62]  George Savvides,et al.  Interactive hashing and reductions between oblivious transfer variants , 2007 .

[63]  Gilles Brassard,et al.  Practical Quantum Oblivious Transfer , 1991, CRYPTO.