Journal of Cryptology

, Volume 28, Issue 1, pp 161–175 | Cite as

Quantum Private Information Retrieval has Linear Communication Complexity

  • Ämin Baumeler
  • Anne Broadbent


In private information retrieval (PIR), a client queries an \(n\)-bit database in order to retrieve an entry of her choice, while maintaining privacy of her query value. Chor et al. [J ACM 45(6):965–981, 1998] showed that, in the information-theoretical setting, a linear amount of communication is required for classical PIR protocols (thus the trivial protocol is optimal). This linear lower bound was shown by Nayak [FOCS 1999, pp. 369–376, 1999] to hold also in the quantum setting. Here, we extend Nayak’s result by considering approximate privacy, and requiring security only against specious adversaries, which are, in analogy to classical honest-but-curious adversaries, the weakest reasonable quantum adversaries. We show that, even in this weakened scenario, quantum private information retrieval (QPIR) requires \(n\) qubits of communication. From this follows that Le Gall’s recent QPIR protocol with sublinear communication complexity [Theory Comput. 8(1):369–374, 2012] is not information-theoretically private, against the weakest reasonable cryptographic adversary.


Private information retrieval Quantum cryptography  Specious adversaries Quantum semi-honest 



We are grateful to Gus Gutoski, Robert König, and Ashwin Nayak for helpful discussions, and to the anonymous referees for helpful comments. Furthermore, we thank Sébastien Gambs for introducing us to PIR. Ä. B. thanks the Institute for Quantum Computing (IQC) and the University of Waterloo for hosting him for a six-month visit, during which these results were established. This work was performed, while A. B. was at the Department of Combinatorics and Optimization, and at the Institute for Quantum Computing (IQC), University of Waterloo. This work was supported by the Canadian Institute for Advanced Research (CIFAR), NSERC Frequency and Industry Canada.


  1. 1.
    Ä. Baumeler, Quantum private information retrieval. Master’s Thesis, ETH Zürich, 2012.
  2. 2.
    C.H. Bennett, G. Brassard, Quantum cryptography: public key distribution and coin tossing, in Proceedings of the International Conference on Computers, Systems, and Signal Processing 1984, pp. 175–180Google Scholar
  3. 3.
    A. Chailloux, I. Kerenidis, Optimal bounds for quantum bit commitment, in Proceedings of the 52th Annual Symposium on Foundations of Computer Science, FOCS 2011, pp. 354–362Google Scholar
  4. 4.
    B. Chor, E. Kushilevitz, O. Goldreich, M. Sudan, Private information retrieval. J. ACM 45(6), 965–981 (1998)Google Scholar
  5. 5.
    F. Dupuis, J.B. Nielsen, L. Salvail, Secure two-party quantum evaluation of unitaries against specious adversaries, in Proceedings of the 30th Annual Conference on Advances in Cryptology, CRYPTO ‘10, (Springer, Berlin, 2010), pp. 685–706Google Scholar
  6. 6.
    V. Giovannetti, S. Lloyd, L. Maccone, Quantum private queries. Phys. Rev. Lett. 100(23), 230502 (2008)Google Scholar
  7. 7.
    G. Gutoski, J. Watrous, Toward a general theory of quantum games, in Proceedings of the 39th Annual ACM Symposium on Theory of Computing, STOC 2007, pp. 565–574Google Scholar
  8. 8.
    R. Jain, J. Radhakrishnan, P. Sen, A property of quantum relative entropy with an application to privacy in quantum communication, J. ACM 56(6), 33 (2009). Preliminary version in FOCS ‘02Google Scholar
  9. 9.
    M. Jakobi, C. Simon, N. Gisin, J.-D. Bancal, C. Branciard, N. Walenta, H. Zbinden, Practical private database queries based on a quantum-key-distribution protocol. Phys. Rev. A  83, 022301 (2011)Google Scholar
  10. 10.
    I. Kerenidis, R. de Wolf, Exponential lower bound for 2-query locally decodable codes via a quantum argument. J. Comput. Syst. Sci. 9(3), 395–420 (2004)Google Scholar
  11. 11.
    I. Kerenidis, R. de Wolf, Quantum symmetrically-private information retrieval, in Inf. Process. Lett. 90, 109–114 (2004)Google Scholar
  12. 12.
    I. Kremer, Quantum communication. Master’s Thesis, The Hebrew University of Jerusalem, 1995.
  13. 13.
    F. Le Gall, Quantum private information retrieval with sublinear communication complexity. Theory Comput. 8(1), 369–374 (2012)Google Scholar
  14. 14.
    H.-K. Lo, H.F. Chau, Is quantum bit commitment really possible? Phys. Rev. Lett. 78(17), 3410–3413 (1997)Google Scholar
  15. 15.
    D. Mayers, Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Lett. 78(17), 3414–3417 (1997)Google Scholar
  16. 16.
    A. Nayak, Optimal lower bounds for quantum automata and random access codes, in Proceedings of the 40th Annual Symposium on Foundations of Computer Science, FOCS 1999, pp. 369–376 (1999)Google Scholar
  17. 17.
    P. Shor, Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)Google Scholar
  18. 18.
    W.K. Wootters, W.H. Zurek, A single quantum cannot be cloned. Nature 299(5886), 802–803 (1982)Google Scholar

Copyright information

© International Association for Cryptologic Research 2014

Authors and Affiliations

  1. 1.Faculty of InformaticsUniversità della Svizzera italianaLuganoSwitzerland
  2. 2.Department of Mathematics and StatisticsUniversity of OttawaOttawaCanada

Personalised recommendations