Unforgeable Quantum Encryption

We study the problem of encrypting and authenticating quantum data in the presence of adversaries making adaptive chosen plaintext and chosen ciphertext queries. Classically, security games use string copying and comparison to detect adversarial cheating in such scenarios. Quantumly, this approach would violate no-cloning. We develop new techniques to overcome this problem: we use entanglement to detect cheating, and rely on recent results for characterizing quantum encryption schemes. We give definitions for (i.) ciphertext unforgeability , (ii.) indistinguishability under adaptive chosen-ciphertext attack, and (iii.) authenticated encryption. The restriction of each definition to the classical setting is at least as strong as the corresponding classical notion: (i) implies INT-CTXT, (ii) implies IND-CCA2, and (iii) implies AE. All of our new notions also imply QIND-CPA privacy. Combining one-time authentication and classical pseudorandomness, we construct schemes for each of these new quantum security notions, and provide several separation examples. Along the way, we also give a new definition of one-time quantum authentication which, unlike all previous approaches, authenticates ciphertexts rather than plaintexts.

[1]  Andris Ambainis,et al.  Private quantum channels , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[2]  Gorjan Alagic,et al.  Quantum Non-malleability and Authentication , 2016, CRYPTO.

[3]  Stacey Jeffery,et al.  Quantum Homomorphic Encryption for Circuits of Low T-gate Complexity , 2014, CRYPTO.

[4]  Yehuda Lindell,et al.  Introduction to Modern Cryptography (Chapman & Hall/Crc Cryptography and Network Security Series) , 2007 .

[5]  Thomas Shrimpton A Characterization of Authenticated-Encryption as a Form of Chosen-Ciphertext Security , 2004, IACR Cryptol. ePrint Arch..

[6]  Andreas J. Winter,et al.  Coding theorem and strong converse for quantum channels , 1999, IEEE Trans. Inf. Theory.

[7]  Anne Broadbent,et al.  Efficient Simulation for Quantum Message Authentication , 2016, ICITS.

[8]  Louis Salvail,et al.  Actively Secure Two-Party Evaluation of Any Quantum Operation , 2012, CRYPTO.

[9]  Yehuda Lindell,et al.  Introduction to Modern Cryptography, Second Edition , 2014 .

[10]  Scott Aaronson,et al.  Improved Simulation of Stabilizer Circuits , 2004, ArXiv.

[11]  Mark Zhandry,et al.  New Security Notions and Feasibility Results for Authentication of Quantum Data , 2016, CRYPTO.

[12]  Christian Schaffner,et al.  Quantum Homomorphic Encryption for Polynomial-Sized Circuits , 2016, CRYPTO.

[13]  Tommaso Gagliardoni,et al.  Computational Security of Quantum Encryption , 2016, ICITS.

[14]  Thierry Paul,et al.  Quantum computation and quantum information , 2007, Mathematical Structures in Computer Science.

[15]  Tommaso Gagliardoni,et al.  Semantic Security and Indistinguishability in the Quantum World , 2015, IACR Cryptol. ePrint Arch..

[16]  Andris Ambainis,et al.  Nonmalleable encryption of quantum information , 2008, 0808.0353.

[17]  Isaac L. Chuang,et al.  Quantum Computation and Quantum Information (10th Anniversary edition) , 2011 .

[18]  Adam D. Smith,et al.  Authentication of quantum messages , 2001, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[19]  Elad Eban,et al.  Interactive Proofs For Quantum Computations , 2017, 1704.04487.

[20]  F. Brandão,et al.  Local random quantum circuits are approximate polynomial-designs: numerical results , 2012, 1208.0692.

[21]  Chanathip Namprempre,et al.  Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm , 2000, Journal of Cryptology.

[22]  Louis Salvail,et al.  Secure Two-Party Quantum Evaluation of Unitaries against Specious Adversaries , 2010, CRYPTO.

[23]  Debbie W. Leung,et al.  The Universal Composable Security of Quantum Message Authentication with Key Recyling , 2016, 1610.09434.

[24]  Christopher Portmann,et al.  Quantum Authentication with Key Recycling , 2016, EUROCRYPT.

[25]  D. Gottesman The Heisenberg Representation of Quantum Computers , 1998, quant-ph/9807006.

[26]  Mark Zhandry,et al.  Secure Signatures and Chosen Ciphertext Security in a Quantum Computing World , 2013, CRYPTO.

[27]  Mark Zhandry,et al.  Quantum-Secure Message Authentication Codes , 2013, IACR Cryptol. ePrint Arch..

[28]  Daniel Gottesman Uncloneable encryption , 2003, Quantum Inf. Comput..

[29]  Debbie W. Leung,et al.  Quantum data hiding , 2002, IEEE Trans. Inf. Theory.