Quantum Attacks on Classical Proof Systems: The Hardness of Quantum Rewinding

Ambainis, Andris; Rosmanis, Ansis; Unruh, Dominique

doi:10.1109/focs.2014.57

Cited by 117 publications

(62 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, its classical security proof requires certain techniques such as rewinding and reprogramming the random oracle which do not necessarily apply in the quantum setting. Quantum rewinding is possible in some restricted cases [33,36], but it has been shown to be insecure in general [1]. Further, since random oracles model hash functions which, in a real world implementation, could be evaluated in superposition by a quantum adversary, we require quantum random oracles which can be queried in superposition.…”

Section: Introductionmentioning

confidence: 99%

A Post-quantum Digital Signature Scheme Based on Supersingular Isogenies

Yoo

Azarderakhsh

Jalali

et al. 2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Section: Introductionmentioning

confidence: 99%

A Post-quantum Digital Signature Scheme Based on Supersingular Isogenies

Yoo

Azarderakhsh

Jalali

et al. 2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

“…Hence, measurements on an EPR state result in shared randomness which is guaranteed to be unknown to any eavesdropper. 11 In a similar vein, one can argue that the measurement outcomes of Alice and Bob while successfully playing the CHSH game cannot be known to any adversary even if this adversary has built the devices herself and is possibly still entangled with them.…”

Section: Device-independent Cryptographymentioning

confidence: 99%

“…However, [11] show limitations to this technique (so that, in fact-relative to an oracle-there exists classical protocols that are insecure against quantum adversaries). See also [85].…”

Section: Zero-knowledge Against Quantum Adversaries: "Quantum Rewinding"mentioning

confidence: 99%

Quantum cryptography beyond quantum key distribution

Broadbent

Schaffner

2015

Des. Codes Cryptogr.

187

112

View full text Add to dashboard Cite

Quantum cryptography is the art and science of exploiting quantum mechanical effects in order to perform cryptographic tasks. While the most well-known example of this discipline is quantum key distribution (QKD), there exist many other applications such as quantum money, randomness generation, secure two-and multi-party computation and delegated quantum computation. Quantum cryptography also studies the limitations and challenges resulting from quantum adversaries-including the impossibility of quantum bit commitment, the difficulty of quantum rewinding and the definition of quantum security models for classical primitives. In this review article, aimed primarily at cryptographers unfamiliar with the quantum world, we survey the area of theoretical quantum cryptography, with an emphasis on the constructions and limitations beyond the realm of QKD.

show abstract

“…Unruh [159] has considered quantum proofs of knowledge, making use of the quantum rewinding lemma and a different rewinding technique to prove interesting results concerning this notion. Ambainis, Rosmanis, and Unruh [13] have proved limitations on the applicability of these rewinding techniques, which indeed appear to be rather limited when compared to their classical counterparts. In addition to the close quantum states problem (and its complement), there are a few other promise problems known to be complete for the class QSZK.…”

Section: Chapter Notesmentioning

confidence: 99%

Quantum Proofs

Vidick

Watrous

2016

FNT in Theoretical Computer Science

View full text Add to dashboard Cite

Quantum information and computation provide a fascinating twist on the notion of proofs in computational complexity theory. For instance, one may consider a quantum computational analogue of the complexity class \class{NP}, known as QMA, in which a quantum state plays the role of a proof (also called a certificate or witness), and is checked by a polynomial-time quantum computation. For some problems, the fact that a quantum proof state could be a superposition over exponentially many classical states appears to offer computational advantages over classical proof strings. In the interactive proof system setting, one may consider a verifier and one or more provers that exchange and process quantum information rather than classical information during an interaction for a given input string, giving rise to quantum complexity classes such as QIP, QSZK, and QMIP* that represent natural quantum analogues of IP, SZK, and MIP. While quantum interactive proof systems inherit some properties from their classical counterparts, they also possess distinct and uniquely quantum features that lead to an interesting landscape of complexity classes based on variants of this model. In this survey we provide an overview of many of the known results concerning quantum proofs, computational models based on this concept, and properties of the complexity classes they define. In particular, we discuss non-interactive proofs and the complexity class QMA, single-prover quantum interactive proof systems and the complexity class QIP, statistical zero-knowledge quantum interactive proof systems and the complexity class \class{QSZK}, and multiprover interactive proof systems and the complexity classes QMIP, QMIP*, and MIP*.Comment: Survey published by NOW publisher

show abstract

Quantum Attacks on Classical Proof Systems: The Hardness of Quantum Rewinding

Cited by 117 publications

References 40 publications

A Post-quantum Digital Signature Scheme Based on Supersingular Isogenies

A Post-quantum Digital Signature Scheme Based on Supersingular Isogenies

Quantum cryptography beyond quantum key distribution

Quantum Proofs

Contact Info

Product

Resources

About