Cryptography In the Bounded Quantum-Storage Model - PowerPoint PPT Presentation

About This Presentation
Title:

Cryptography In the Bounded Quantum-Storage Model

Description:

Cryptography In the Bounded Quantum-Storage Model Ivan Damg rd, Louis Salvail, Christian Schaffner BRICS, University of rhus, DK Serge Fehr CWI, Amsterdam, NL – PowerPoint PPT presentation

Number of Views:171
Avg rating:3.0/5.0
Slides: 19
Provided by: ChristianS158
Category:

less

Transcript and Presenter's Notes

Title: Cryptography In the Bounded Quantum-Storage Model


1
Cryptography In theBounded Quantum-Storage Model
Ivan Damgård, Louis Salvail, Christian
SchaffnerBRICS, University of Århus, DK Serge
Fehr CWI, Amsterdam, NL
  • FOCS 2005 - Pittsburgh
  • Tuesday, October 25th 2005

2
Classical 2-party primitives
  • private
  • oblivious

OT
  • binding
  • hiding

BC
  • OT ) BC
  • OT is complete for two-party cryptography

3
Known Impossibility Results
  • In the classical unconditionally secure model
    without further assumptions

OT
  • In the unconditionally secure model with quantum
    communication
  • Mayers97, Lo-Chau97

BC
4
Classical Bounded-Storage Model
  • random string which players try to store
  • a memory bound applies at a specified moment
  • protocol for OT DHRS, TCC04 memory size of
    honest players k memory of dishonest
    players ltk2
  • Tight bound DM, EC04
  • can be improved by allowing quantum communication

OT
BC
5
Quantum Bounded-Storage Model
  • quantum memory bound applies at a specified
    moment. Besides that, players are unbounded (in
    time and space)
  • unconditional secure against adversaries with
    quantum memory of less then half of the
    transmitted qubits
  • honest players do not need quantum memory at all
  • honest players 0 k dishonest players ltn/2 ltk2
  • ratio 1 k

OT
?
BC
?
6
Agenda
  • Quantum Bounded-Storage Model
  • Protocol for Oblivious Transfer
  • Protocol for Bit Commitment
  • Practicality Issues

7
Quantum Mechanics (Toy Version)
basis
basis
Measurements
with prob. 1 yields 1
with prob. ½ yields 0
with prob. ½ yields 1
8
Quantum Protocol for OT
Bob
Alice
0110
0110
Example honest players
9
Quantum Protocol for OT II
Bob
Alice
0110
0011
?
?
honest players?
private?
10
Obliviousness against dishonest Bob?
Bob
Alice
0110

11
11
Proof of Obliviousness Tools
  • Purification techniques like in the
    Shor-Preskill security proof of BB84
  • Privacy Amplification against Quantum Adversaries
    RK, TCC05
  • new min-entropy based uncertainty relation

OT
?
For a n-qubit register A in state ?A, let P and
P be the probabilities of measuring A in the
-basis respectively -basis. Then it holds P1
P1 1 negl(n).
12
Agenda
  • Quantum Bounded Storage Model
  • Protocol for Oblivious Transfer
  • Protocol for Bit Commitment
  • Practicality Issues

13
Quantum Protocol for Bit Commitment
Verifier
Committer
BC
14
Quantum Protocol for Bit Commitment II
Verifier
Committer
memory bound store lt n/2 qubits
  • one round, non-interactive
  • commit by receiving!
  • unconditionally hiding
  • unconditionally binding as long as Memcommitter lt
    n / 2

BC
) proof uses same tools as for OT !
15
Agenda
  • Quantum Bounded Storage Model
  • Protocol for Oblivious Transfer
  • Protocol for Bit Commitment
  • Practicality Issues

16
Practicality Issues
  • With todays technology, we
  • can transmit quantum bits encoded in photons
  • cannot store them for longer than a few
    milliseconds

OT
BC
  • Problems
  • imperfect sources (multi-pulse emissions)
  • transmission errors

17
Practicality Issues II
  • Our protocols can be modified to
  • resist attacks based on multi-photon emissions
  • tolerate (quantum) noise

OT
?
  • Well within reach of current technology.
  • makes sense over short distances (in contrast
    to QKD)

BC
?
18
Summary
  • Protocols for OT and BC that are
  • efficient, non-interactive
  • unconditionally secure against adversaries with
    bounded quantum memory
  • practical
  • honest players do not need quantum memory
  • fault-tolerant

OT
?
BC
?
Thank you for your attention!
19
Binding Property Proof Idea
Verifier
Committer
BC
?
20
Open Problems and Next Steps
  • Other flavors of OTe.g. 1-out-of-2 Oblivious
    Transfer, String-OT,
  • Better memory bounds
  • Composability? What happens to the memory bound?
  • Better uncertainty relations for more MUB

OT
?
BC
?
21
Quantum 1-2-OT
Bob
Alice
22
Three Ways Out
  • Bound computing power (schemes based on
    complexity assumptions)
  • Noisy communication e.g. CrépeauMorozovWolf04
  • Physical limitations

OT
?
  • Physical limitations
  • e.g. bounded memory size

BC
?
23
Quantum Mechanics II
basis
basis
EPR pairs
prob. ½ 0
prob. ½ 1
24
Agenda
  • Quantum Bounded-Storage Model
  • Protocol for Oblivious Transfer
  • Protocol for Bit Commitment
  • Practicality Issues
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Cryptography In the Bounded Quantum-Storage Model" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!