All known constructions of classical or quantum commitments require at least one-way functions. Are one-way functions really necessary for commitments? In this paper, we show that non-interactive quantum commitments (for classical messages) with computational hiding and statistical binding exist if pseudorandom quantum states exist. Pseudorandom quantum states are sets of quantum states that are efficiently generated but computationally indistinguishable from Haar random states [Z. Ji, Y.-K. Liu, and F. Song, CRYPTO 2018]. It is known that pseudorandom quantum states exist even if BQP=QMA (relative to a quantum oracle) [W. Kretschmer, TQC 2021], which means that pseudorandom quantum states can exist even if no quantum-secure classical cryptographic primitive exists. Our result therefore shows that quantum commitments can exist even if no quantum-secure classical cryptographic primitive exists. In particular, quantum commitments can exist even if no quantum-secure one-way function exists. We also show that one-time secure signatures with quantum public keys exist if pseudorandom quantum states exist. In the classical setting, the existence of signatures is equivalent to the existence of one-way functions. Our result, on the other hand, suggests that quantum signatures can exist even if no quantum-secure classical cryptographic primitive (including quantum-secure one-way functions) exists.
相關內容
Quantum computing is evolving so quickly that forces us to revisit, rewrite, and update the basis of the theory. Basic Quantum Algorithms revisits the first quantum algorithms. It started in 1985 with Deutsch trying to evaluate a function at two domain points simultaneously. Then, Deutsch and Jozsa created in 1992 a quantum algorithm that determines whether a Boolean function is constant or balanced. In the next year, Bernstein and Vazirani realized that the same algorithm can be used to find a specific Boolean function in the set of linear Boolean functions. In 1994, Simon presented a new quantum algorithm that determines whether a function is one-to-one or two-to-one exponentially faster than any classical algorithm for the same problem. In the same year, Shor created two new quantum algorithms for factoring integers and calculating discrete logarithms, threatening the cryptography methods widely used nowadays. In 1995, Kitaev described an alternative version for Shor's algorithms that proved useful in many other applications. In the following year, Grover created a quantum search algorithm quadratically faster than its classical counterpart. In this work, all those remarkable algorithms are described in detail with a focus on the circuit model.
We propose a new family of discrete-spacetime quantum walks capable to propagate on any arbitrary triangulations. Moreover we also extend and generalize the duality principle introduced by one of the authors, linking continuous local deformations of a given triangulation and the inhomogeneity of the local unitaries that guide the quantum walker. We proved that in the formal continuous limit, in both space and time, this new family of quantum walks converges to the (1+2)D massless Dirac equation on curved manifolds. We believe that this result has relevance in both modelling/simulating quantum transport on discrete curved structures, such as fullerene molecules or dynamical causal triangulation, and in addressing fast and efficient optimization problems in the context of the curved space optimization methods.
How well can we approximate a quantum channel output state using a random codebook with a certain size? In this work, we study the quantum soft covering problem. Namely, we use a random codebook with codewords independently sampled from a prior distribution and send it through a classical-quantum channel to approximate the target state. When using a random codebook sampled from an independent and identically distributed prior with a rate above the quantum mutual information, we show that the expected trace distance between the codebook-induced state and the target state decays with exponent given by the sandwiched R\'enyi information. On the other hand, when the rate of the codebook size is below the quantum mutual information, the trace distance converges to one exponentially fast. We obtain similar results when using a random constant composition codebook, whereas the sandwiched Augustin information expresses the error exponent. In addition to the above large deviation analysis, our results also hold in the moderate deviation regime. That is, we show that even when the rate of the codebook size approaches the quantum mutual information moderately quickly, the trace distance still vanishes asymptotically.
The Quantum CONGEST model is a variant of the CONGEST model, where messages consist of $O(\log(n))$ qubits. We give a general framework for implementing quantum query algorithms in Quantum CONGEST, using the concept of parallel-queries. We apply our framework for distributed quantum queries in two settings: when data is distributed over the network, and graph theoretical problems where the network defines the input. The first is slightly unusual in CONGEST but our results follow almost directly. The second is more traditional for the CONGEST model but here we require some classical CONGEST steps to get our results. In the setting with distributed data, we show how a network can schedule a meeting in one of $k$ dates using $\tilde{O}(\sqrt{kD}+D)$ rounds, with $D$ the network diameter. We also give an efficient algorithm for element distinctness: if all nodes are given numbers, then the nodes can find any duplicates in $\tilde{O}(n^{2/3}D^{1/3})$ rounds. We also generalize the protocol for the distributed Deutsch-Jozsa problem from the two-party setting considered in [arXiv:quant-ph/9802040] to general networks, giving a novel separation between exact classical and exact quantum protocols in CONGEST. When the input is the network structure itself, we almost directly recover the $O(\sqrt{nD})$ round diameter computation algorithm of Le Gall and Magniez [arXiv:1804.02917]. We also compute the radius in the same number of rounds, and give an $\epsilon$-additive approximation of the average eccentricity in $\tilde{O}(D+D^{3/2}/\epsilon)$ rounds. Finally, we give quantum speedups for the problems of cycle detection and girth computation. We detect whether a graph has a cycle of length at most $k$ in $O(D+(Dn)^{1/2-1/\Theta(k)})$ rounds. We also give a $\tilde{O}(D+(Dn)^{1/2-1/\Theta(g)})$ round algorithm for finding the girth $g$, beating the known classical lower bound.
A user who does not have a quantum computer but wants to perform quantum computations may delegate his computation to a quantum cloud server. In order that the delegation works, it must be assured that no evil server can obtain any important information on the computation. The blind protocol was proposed as a way for the user to protect his information from the unauthorized actions of the server. Among the blind protocols proposed thus far, a protocol with two servers sharing entanglement, while it does not require to a user any quantum resource, does not allow the servers to communicate even after the computation. In this paper, we propose a protocol, by extend this two-server protocol to multiple servers, which remains secure even if some servers communicate with each other after the computation. Dummy gates and a circuit modeled after brickwork states play a crucial role in the new protocol.
Differential privacy has been an exceptionally successful concept when it comes to providing provable security guarantees for classical computations. More recently, the concept was generalized to quantum computations. While classical computations are essentially noiseless and differential privacy is often achieved by artificially adding noise, near-term quantum computers are inherently noisy and it was observed that this leads to natural differential privacy as a feature. In this work we discuss quantum differential privacy in an information theoretic framework by casting it as a quantum divergence. A main advantage of this approach is that differential privacy becomes a property solely based on the output states of the computation, without the need to check it for every measurement. This leads to simpler proofs and generalized statements of its properties as well as several new bounds for both, general and specific, noise models. In particular, these include common representations of quantum circuits and quantum machine learning concepts. Here, we focus on the difference in the amount of noise required to achieve certain levels of differential privacy versus the amount that would make any computation useless. Finally, we also generalize the classical concepts of local differential privacy, R\'enyi differential privacy and the hypothesis testing interpretation to the quantum setting, providing several new properties and insights.
We propose to use channel inversion power control (CIPC) to achieve one-way ultra-reliable and low-latency communications (URLLC), where only the transmission in one direction requires ultra reliability and low latency. Based on channel reciprocity, our proposed CIPC schemes guarantee the power of received signal that is used to decode the information to be a constant value $Q$, by varying the transmit signal and power, which relaxes the assumption of knowing channel state information (CSI) at the user. Thus, the CIPC schemes eliminate the overhead of CSI feedback, reduce communication latency, and explore the benefits of multiple antennas to significantly improve transmission reliability. We derive analytical expressions for the packet loss probability of the proposed CIPC schemes, based on which we determine a closed interval and a convex set for optimizing $Q$ in CIPC with imperfect and perfect channel reciprocity, respectively. Our results show that CIPC is an effective means to achieve one-way URLLC. The tradeoff among reliability, latency, and required resources (e.g., transmit antennas) is further revealed, which provides novel principles for designing one-way URLLC systems.
Redactable signature allows anyone to remove parts of a signed message without invalidating the signature. The need to prove the validity of digital documents issued by governments is increasing. When governments disclose documents, they must remove private information concerning individuals. Redactable signature is useful for such a situation. However, in most redactable signature schemes, to remove parts of the signed message, we need pieces of information for each part we want to remove. If a signed message consists of l elements, the number of elements in an original signature is at least linear in l. As far as we know, in some redactable signature schemes, the number of elements in an original signature is constant, regardless of the number of elements in a message to be signed. However, these constructions have drawbacks in that the use of the random oracle model or generic group model. In this paper, we construct an efficient redactable signature to overcome these drawbacks. Our redactable signature is obtained by combining set-commitment proposed in the recent work by Fuchsbauer et al. (JoC 2019) and digital signatures.
Secret sharing was firstly proposed in 1979 by Shamir and Blakley respectively. To avoid deficiencies of original schemes, researchers presented improvement schemes, among which the multi-secret sharing scheme (MSS) is significant. There are three categories of MSSs, however, we focus on multi-stage secret sharing scheme (MSSS) recovering secrets with any order in this work. By observing inhomogeneous linear recursions (ILRs) in the literature, we conclude a general formula and divide ILRs into two types according to different variables in them. Utilizing these two kinds of ILRs, we propose four verifiable MSSSs with Ajtai's function, which is a lattice-based function. Our schemes have the following advantages. Firstly, our schemes can detect cheat of the dealer and participants, and are multi-use. Secondly, we have several ways to restore secrets. Thirdly, we can turn our schemes into other types of MSSs due to the universality of our method. Fourthly, since we utilize a lattice-based function to mask shares, our schemes can resist the attack from the quantum computer with computational security. Finally, although our schemes need more memory consumption than some known schemes, we need much less time consumption, which makes our schemes more suitable facing limited computing power.
Deep structured models are widely used for tasks like semantic segmentation, where explicit correlations between variables provide important prior information which generally helps to reduce the data needs of deep nets. However, current deep structured models are restricted by oftentimes very local neighborhood structure, which cannot be increased for computational complexity reasons, and by the fact that the output configuration, or a representation thereof, cannot be transformed further. Very recent approaches which address those issues include graphical model inference inside deep nets so as to permit subsequent non-linear output space transformations. However, optimization of those formulations is challenging and not well understood. Here, we develop a novel model which generalizes existing approaches, such as structured prediction energy networks, and discuss a formulation which maintains applicability of existing inference techniques.
注冊地址: 北京市海淀區羊坊店路18號2幢3層301-191