Security Analysis of Quantum Lightning

Roberts, Bhaskar

doi:10.1007/978-3-030-77886-6_19

Cited by 12 publications

(5 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This scheme's underlying hard problem is that of the multi-collision resistance of its polynomial hash functions of degree 2 over F 2 . The [17] scheme has been cryptanalysed 6 , by Bhaskar in [13], which found a vulnerability in the security of the generation scheme that would allow for the bypassing of multi-collision resistance, when the parameters of the scheme fit a certain condition. Due to the nature of this vulnerability, it may simply be avoided by adjusting the parameters used in the scheme or adjusting the relevant hardness assumptions.…”

Section: A Brief History Of Quantum Money Schemesmentioning

confidence: 99%

Public-key Quantum Money: Cryptanalysis and the State of the Field

Bilyk

2024

Preprint

View full text Add to dashboard Cite

The matter of keeping money, or any item warranting unique verifiable tokens, secure and uncounterfeitable has been one with a long history. Though this may seem less of an issue in the modern day, counterfeiting persists as a real problem with traditional currency options, physical or otherwise. Starting in the 70’s and still developing, the idea has arisen to leverage quantum mechanical properties—foremost of which, in this case, is the extreme difficulty of copying—to create currencies that are much more difficult to counterfeit. This thesis considers the field that is quantum money, covering its origins and focusing on its public-key variant, exploring a key shortcoming of this technology—outside of physical limitations— and contributing to the furthering of the field, through the introduction of a novel efficient attack on a previously secure quantum money scheme.

show abstract

Section: A Brief History Of Quantum Money Schemesmentioning

confidence: 99%

Public-key Quantum Money: Cryptanalysis and the State of the Field

Bilyk

2024

Preprint

View full text Add to dashboard Cite

show abstract

“…Their attack is entirely classical and uses only the serial number given in the banknote. Roberts [23] proposed an attack on the assumption underlying the scheme of [30] for a certain parameter regime. However, as discussed in a later version of [30], the attack does not make the system insecure.…”

Section: Previous Cryptanalysismentioning

confidence: 99%

Cryptanalysis of Three Quantum Money Schemes

Andriyan¹,

Doliskani²,

Gong³

2022

Preprint

View full text Add to dashboard Cite

We investigate the security assumptions behind three public-key quantum money schemes. Aaronson and Christiano proposed a scheme based on hidden subspaces of the vector space F n 2 in 2012. It was conjectured by Pena et al in 2015 that the hard problem underlying the scheme can be solved in quasi-polynomial time. We confirm this conjecture by giving a polynomial time quantum algorithm for the underlying problem. Our algorithm is based on computing the Zariski tangent space of a random point in the hidden subspace. Zhandry proposed a scheme based on multivariate hash functions in 2017. We give a polynomial time quantum algorithm for cloning a money state with high probability. Our algorithm uses the verification circuit of the scheme to produce a banknote from a given serial number. Kane proposed a scheme based on modular forms in 2018. The underlying hard problem in Kane's scheme is cloning a quantum state that represents an eigenvector of a set of Hecke operators. We give a polynomial time quantum reduction from this hard problem to a linear algebra problem. The latter problem is much easier to understand, and we hope that our reduction opens new avenues to future cryptanalyses of this scheme.

show abstract

“…Finally, we show that a variant of quantum lightning cannot have its security black-box reduced to cryptographic games. This maybe an indication of why we are still looking to find a satisfactory assumption under which vanilla quantum lightning is possible [40].…”

Section: Conclusion and Open Problemsmentioning

confidence: 99%

Fiat-Shamir for Proofs Lacks a Proof Even in the Presence of Shared Entanglement

Dupuis¹,

Lamontagne²,

Salvail³

2022

Preprint

View full text Add to dashboard Cite

We explore the cryptographic power of arbitrary shared physical resources. The most general such resource is access to a fresh entangled quantum state at the outset of each protocol execution. We call this the Common Reference Quantum State (CRQS) model, in analogy to the well-known Common Reference String (CRS). The CRQS model is a natural generalization of the CRS model but appears to be more powerful: in the two-party setting, a CRQS can sometimes exhibit properties associated with a Random Oracle queried once by measuring a maximally entangled state in one of many mutually unbiased bases. We formalize this notion as a Weak One-Time Random Oracle (WOTRO), where we only ask of the m-bit output to have some randomness when conditioned on the n-bit input. We show that WOTRO with n − m ∈ ω(lg n) is black-box impossible in the CRQS model, meaning that no protocol can have its security black-box reduced to a cryptographic game. We define a (inefficient) quantum adversary against any WOTRO protocol that can be efficiently simulated in polynomial time, ruling out any reduction to a secure game that only makes black-box queries to the adversary. On the other hand, we introduce a non-game quantum assumption for hash functions that implies WOTRO in the CRQ$ model (where the CRQS consists only of EPR pairs). We first build a statistically secure WOTRO protocol where m = n, then hash the output. The impossibility of WOTRO has the following consequences. First, we show the black-box impossibility of a quantum Fiat-Shamir transform, extending the impossibility result of Bitansky et al. (TCC '13) to the CRQS model. Second, we show a black-box impossibility result for a strenghtened version of quantum lightning (Zhandry, Eurocrypt '19) where quantum bolts have an additional parameter that cannot be changed without generating new bolts.

show abstract

Security Analysis of Quantum Lightning

Cited by 12 publications

References 3 publications

Public-key Quantum Money: Cryptanalysis and the State of the Field

Public-key Quantum Money: Cryptanalysis and the State of the Field

Cryptanalysis of Three Quantum Money Schemes

Fiat-Shamir for Proofs Lacks a Proof Even in the Presence of Shared Entanglement

Contact Info

Product

Resources

About