quantum one-time programs
DESCRIPTION
Quantum one-time programs. Anne Broadbent Gus Gutoski Douglas Stebila. extended abstract: Cryptology ePrint Archive, Report 2013/343 full version (old): arXiv:1211.1080 [quant-ph]. August 9, 2013, QCrypt, Waterloo. What is a one-time program?. What is a one-time program?. - PowerPoint PPT PresentationTRANSCRIPT
Quantum one-time programsAnne Broadbent
Gus GutoskiDouglas Stebila
extended abstract: Cryptology ePrint Archive, Report 2013/343full version (old): arXiv:1211.1080 [quant-ph]
August 9, 2013, QCrypt, Waterloo
What is a one-time program?
What is a one-time program?
What is a one-time program?
What is a one-time program?
BANG!
What is a one-time program?
OTPs cannot be achieved by software
Does quantum information suffice?
Ux Ux*
What about secure hardware?
Secure hardware: one-time memory
Secure hardware: one-time memory
Secure hardware: one-time memory
BANG!
Secure hardware: one-time memory
Advantages of one-time memories
Non-interactive two-party computation
one-waycommunication
Non-interactive two-party computation
Non-interactive two-party computation
Non-interactive two-party computation
BANG!
Non-interactive two-party computation
Why NI2PC?
Quantum one-time programs
one-waycommunication
Quantum one-time programs
Quantum one-time programs
Quantum one-time programs
What’s known about classical OTPs
Our primary result:
Our primary result... in more detail
|i
|i|i
Our primary result... in more detail
|i
|i|i
Our primary result... in more detail
B|i
|i|i
Our primary result... in more detail
B
|i
|i|i
Completeness requirement
C
Security requirement
SIMULATOR
Security requirement
|i
|i|i
Overview: honest receiver
1. Use OTMs to build a reactive COTP
|i
|i
|i
From OTMs to COTPs...
|i
|i
|i
...and from COTPs to reactive COTPs
|i
|i
|i
2. Quantum authentication schemes
TAMPERING
3. Quantum computing on authentica-ted data (QCAD)
Life is not that easy
Life is not that easy
Life is not that easy
See Michael Ben-Or’s talkfrom Wednesday
Schemes that admit QCAD
Schemes that admit QCAD
See Michael Ben-Or’s talkfrom Wednesday
4. COTP for classical interaction
AB
C
4. COTP for classical interaction
BA
C
How does the receivernon-interactively (de-)authenticate
his input without learningthe key??
5. Teleport-through-(de)-authentication
trash
A QOTP consists of:
|i|i
teleportauth
A
teleportde-auth
Security: a simulator for our QOTP
|i|i
|i
SIMULATOR
Simulator in pictures
|i|i
|i
A
Trivial one-time programs
Trivial one-time programs
f
Unlockable classical functions
Unlockable quantum channels
The end
BANG!
extended abstract: Cryptology ePrint Archive, Report 2013/343full version (old): arXiv:1211.1080 [quant-ph]