即使存在共享纠缠,证明的菲亚特-沙米尔也缺乏证明

IF 5.1 2区 物理与天体物理 Q1 PHYSICS, MULTIDISCIPLINARY
Quantum Pub Date : 2024-12-17 DOI:10.22331/q-2024-12-17-1568
Frédéric Dupuis, Philippe Lamontagne, Louis Salvail
{"title":"即使存在共享纠缠,证明的菲亚特-沙米尔也缺乏证明","authors":"Frédéric Dupuis, Philippe Lamontagne, Louis Salvail","doi":"10.22331/q-2024-12-17-1568","DOIUrl":null,"url":null,"abstract":"We explore the cryptographic power of arbitrary shared physical resources. The most general such resource is access to a fresh entangled quantum state at the outset of each protocol execution. We call this the $\\textit{Common Reference Quantum State (CRQS)}$ model, in analogy to the well-known $\\textit{Common Reference String (CRS)}$. The CRQS model is a natural generalization of the CRS model but appears to be more powerful: in the two-party setting, a CRQS can sometimes exhibit properties associated with a Random Oracle queried once by measuring a maximally entangled state in one of many mutually unbiased bases. We formalize this notion as a $\\textit{Weak One-Time Random Oracle (WOTRO)}$, where we only ask of the $m$-bit output to have some randomness when conditioned on the $n$-bit input.<br/> We show that when $n-m\\in\\omega(\\lg n)$, any protocol for WOTRO in the CRQS model can be attacked by an (inefficient) adversary. Moreover, our adversary is efficiently simulatable, which rules out the possibility of proving the computational security of a scheme by a fully black-box reduction to a cryptographic game assumption. On the other hand, we introduce a non-game quantum assumption for hash functions that implies WOTRO in the CRQS model (where the CRQS consists only of EPR pairs). We first build a statistically secure WOTRO protocol where $m=n$, then hash the output.<br/> The impossibility of WOTRO has the following consequences. First, we show the fully-black-box impossibility of a $quantum$ Fiat-Shamir transform, extending the impossibility result of Bitansky et al. (TCC 2013) to the CRQS model. Second, we show a fully-black-box impossibility result for a strenghtened version of quantum lightning (Zhandry, Eurocrypt 2019) where quantum bolts have an additional parameter that cannot be changed without generating new bolts. Our results also apply to $2$-message protocols in the plain model.","PeriodicalId":20807,"journal":{"name":"Quantum","volume":"9 1","pages":""},"PeriodicalIF":5.1000,"publicationDate":"2024-12-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Fiat-Shamir for Proofs Lacks a Proof Even in the Presence of Shared Entanglement\",\"authors\":\"Frédéric Dupuis, Philippe Lamontagne, Louis Salvail\",\"doi\":\"10.22331/q-2024-12-17-1568\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We explore the cryptographic power of arbitrary shared physical resources. The most general such resource is access to a fresh entangled quantum state at the outset of each protocol execution. We call this the $\\\\textit{Common Reference Quantum State (CRQS)}$ model, in analogy to the well-known $\\\\textit{Common Reference String (CRS)}$. The CRQS model is a natural generalization of the CRS model but appears to be more powerful: in the two-party setting, a CRQS can sometimes exhibit properties associated with a Random Oracle queried once by measuring a maximally entangled state in one of many mutually unbiased bases. We formalize this notion as a $\\\\textit{Weak One-Time Random Oracle (WOTRO)}$, where we only ask of the $m$-bit output to have some randomness when conditioned on the $n$-bit input.<br/> We show that when $n-m\\\\in\\\\omega(\\\\lg n)$, any protocol for WOTRO in the CRQS model can be attacked by an (inefficient) adversary. Moreover, our adversary is efficiently simulatable, which rules out the possibility of proving the computational security of a scheme by a fully black-box reduction to a cryptographic game assumption. On the other hand, we introduce a non-game quantum assumption for hash functions that implies WOTRO in the CRQS model (where the CRQS consists only of EPR pairs). We first build a statistically secure WOTRO protocol where $m=n$, then hash the output.<br/> The impossibility of WOTRO has the following consequences. First, we show the fully-black-box impossibility of a $quantum$ Fiat-Shamir transform, extending the impossibility result of Bitansky et al. (TCC 2013) to the CRQS model. Second, we show a fully-black-box impossibility result for a strenghtened version of quantum lightning (Zhandry, Eurocrypt 2019) where quantum bolts have an additional parameter that cannot be changed without generating new bolts. Our results also apply to $2$-message protocols in the plain model.\",\"PeriodicalId\":20807,\"journal\":{\"name\":\"Quantum\",\"volume\":\"9 1\",\"pages\":\"\"},\"PeriodicalIF\":5.1000,\"publicationDate\":\"2024-12-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Quantum\",\"FirstCategoryId\":\"101\",\"ListUrlMain\":\"https://doi.org/10.22331/q-2024-12-17-1568\",\"RegionNum\":2,\"RegionCategory\":\"物理与天体物理\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"PHYSICS, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Quantum","FirstCategoryId":"101","ListUrlMain":"https://doi.org/10.22331/q-2024-12-17-1568","RegionNum":2,"RegionCategory":"物理与天体物理","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"PHYSICS, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

摘要

本文章由计算机程序翻译,如有差异,请以英文原文为准。
Fiat-Shamir for Proofs Lacks a Proof Even in the Presence of Shared Entanglement
We explore the cryptographic power of arbitrary shared physical resources. The most general such resource is access to a fresh entangled quantum state at the outset of each protocol execution. We call this the $\textit{Common Reference Quantum State (CRQS)}$ model, in analogy to the well-known $\textit{Common Reference String (CRS)}$. The CRQS model is a natural generalization of the CRS model but appears to be more powerful: in the two-party setting, a CRQS can sometimes exhibit properties associated with a Random Oracle queried once by measuring a maximally entangled state in one of many mutually unbiased bases. We formalize this notion as a $\textit{Weak One-Time Random Oracle (WOTRO)}$, where we only ask of the $m$-bit output to have some randomness when conditioned on the $n$-bit input.
We show that when $n-m\in\omega(\lg n)$, any protocol for WOTRO in the CRQS model can be attacked by an (inefficient) adversary. Moreover, our adversary is efficiently simulatable, which rules out the possibility of proving the computational security of a scheme by a fully black-box reduction to a cryptographic game assumption. On the other hand, we introduce a non-game quantum assumption for hash functions that implies WOTRO in the CRQS model (where the CRQS consists only of EPR pairs). We first build a statistically secure WOTRO protocol where $m=n$, then hash the output.
The impossibility of WOTRO has the following consequences. First, we show the fully-black-box impossibility of a $quantum$ Fiat-Shamir transform, extending the impossibility result of Bitansky et al. (TCC 2013) to the CRQS model. Second, we show a fully-black-box impossibility result for a strenghtened version of quantum lightning (Zhandry, Eurocrypt 2019) where quantum bolts have an additional parameter that cannot be changed without generating new bolts. Our results also apply to $2$-message protocols in the plain model.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Quantum
Quantum Physics and Astronomy-Physics and Astronomy (miscellaneous)
CiteScore
9.20
自引率
10.90%
发文量
241
审稿时长
16 weeks
期刊介绍: Quantum is an open-access peer-reviewed journal for quantum science and related fields. Quantum is non-profit and community-run: an effort by researchers and for researchers to make science more open and publishing more transparent and efficient.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信