Computational Security of Quantum Encryption

  • Gorjan Alagic
  • Anne BroadbentEmail author
  • Bill Fefferman
  • Tommaso Gagliardoni
  • Christian SchaffnerEmail author
  • Michael St. Jules
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10015)


Quantum-mechanical devices have the potential to transform cryptography. Most research in this area has focused either on the information-theoretic advantages of quantum protocols or on the security of classical cryptographic schemes against quantum attacks. In this work, we initiate the study of another relevant topic: the encryption of quantum data in the computational setting. In this direction, we establish quantum versions of several fundamental classical results. First, we develop natural definitions for private-key and public-key encryption schemes for quantum data. We then define notions of semantic security and indistinguishability, and, in analogy with the classical work of Goldwasser and Micali, show that these notions are equivalent. Finally, we construct secure quantum encryption schemes from basic primitives. In particular, we show that quantum-secure one-way functions imply IND-CCA1-secure symmetric-key quantum encryption, and that quantum-secure trapdoor one-way permutations imply semantically-secure public-key quantum encryption.


Encryption Scheme Side Information Quantum Data Choose Ciphertext Attack Semantic Security 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



G. A. was supported by a Sapere Aude grant of the Danish Council for Independent Research, the ERC Starting Grant “QMULT” and the CHIST-ERA project “CQC”. A. B. was supported by Canada’s NSERC. B. F. was supported by the Department of Defense. T. G. was supported by the German Federal Ministry of Education and Research (BMBF) within CRISP and CROSSING. C. S. was supported by a 7th framework EU SIQS and a NWO VIDI grant. M. S. was supported by the Ontario Graduate Scholarship Program. T. G. and C. S. would like to thank COST Action IC1306 for networking support. A. B., G. A., T. G., and C. S. would like to thank the organizers of the Dagstuhl Seminar 15371 “Quantum Cryptanalysis” for providing networking and useful interactions and support during the writing of this paper.


  1. 1.
    Aaronson, S.: Quantum copy-protection and quantum money. In: 24th Annual IEEE Conference on Computational Complexity, CCC 2009, pp. 229–242. IEEE (2009)Google Scholar
  2. 2.
    Aaronson, S., Christiano, P.: Quantum money from hidden subspaces. In: Proceedings of the Forty-Fourth Annual ACM Symposium on Theory of Computing, pp. 41–60. ACM (2012)Google Scholar
  3. 3.
    Adcock, M., Cleve, R.: A quantum Goldreich-Levin theorem with cryptographic applications. In: Alt, H., Ferreira, A. (eds.) STACS 2002. LNCS, vol. 2285, pp. 323–334. Springer, Heidelberg (2002). doi: 10.1007/3-540-45841-7_26 CrossRefGoogle Scholar
  4. 4.
    Aharonov, D., Kitaev, A., Nisan, N.: Quantum circuits with mixed states. In: Proceedings of the Thirtieth Annual ACM Symposium on Theory of computing, pp. 20–30. ACM (1998)Google Scholar
  5. 5.
    Alagic, G., Broadbent, A., Fefferman, B., Gagliardoni, T., Schaffner, C., Jules, M.S.: Computational security of quantum encryption (2016). Google Scholar
  6. 6.
    Alléaume, R., Branciard, C., Bouda, J., Debuisschert, T., Dianati, M., Gisin, N., Godfrey, M., Grangier, P., Länger, T., Lütkenhaus, N., Monyk, C., Painchault, P., Peev, M., Poppe, A., Pornin, T., Rarity, J., Renner, R., Ribordy, G., Riguidel, M., Salvail, L., Shields, A., Weinfurter, H., Zeilinger, A.: Using quantum key distribution for cryptographic purposes: a survey. Theoret. Comput. Sci. 560, 62–81 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Ambainis, A., Mosca, M., Tapp, A., de Wolf, R.: Private quantum channels. In: 41st Annual Symposium on Foundations of Computer Science, Proceedings, pp. 547–553 (2000)Google Scholar
  8. 8.
    Ben-Or, M., Crépeau, C., Gottesman, D., Hassidim, A., Smith, A.: Secure multiparty quantum computation with (only) a strict honest majority. In: 47th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2006, pp. 249–260. IEEE (2006)Google Scholar
  9. 9.
    Bennett, C., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: Proceedings of the International Conference on Computers, Systems, and Signal Processing, pp. 175–179 (1984)Google Scholar
  10. 10.
    Bernstein, D.J., Buchmann, J., Dahmen, E. (eds.): Post-Quantum Cryptography. Springer, Berlin (2009)zbMATHGoogle Scholar
  11. 11.
    Boneh, D., Dagdelen, Ö., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random oracles in a quantum world. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 41–69. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25385-0_3 CrossRefGoogle Scholar
  12. 12.
    Boneh, D., Zhandry, M.: Secure signatures and chosen ciphertext security in a quantum computing world. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 361–379. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40084-1_21 CrossRefGoogle Scholar
  13. 13.
    Oscar Boykin, P., Roychowdhury, V.: Optimal encryption of quantum bits. Phys. Rev. A 67(4), 042317 (2003)CrossRefGoogle Scholar
  14. 14.
    Broadbent, A.: Delegating private quantum computations. Can. J. Phys. 93(9), 941–946 (2015)CrossRefGoogle Scholar
  15. 15.
    Broadbent, A., Fitzsimons, J., Kashefi, E.: Universal blind quantum computation. In: 50th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2009, pp. 517–526. IEEE (2009)Google Scholar
  16. 16.
    Broadbent, A., Gutoski, G., Stebila, D.: Quantum one-time programs. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 344–360. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-40084-1_20 CrossRefGoogle Scholar
  17. 17.
    Broadbent, A., Jeffery, S.: Quantum homomorphic encryption for circuits of low \(T\)-gate complexity. In: CRYPTO 2015, pp. 609–629 (2015). doi: 10.1007/978-3-662-48000-7_30 Google Scholar
  18. 18.
    Broadbent, A., Schaffner, C.: Quantum cryptography beyond quantum key distribution. Des. Codes Crypt. 78, 351–382 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Desrosiers, S.P.: Entropic security in quantum cryptography. Quantum Inf. Process. 8(4), 331–345 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Diffie, W., Hellman, M.: Quantum entropic security and approximate quantum encryption. IEEE Trans. Inf. Theory 56(7), 3455–3464 (2010)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  22. 22.
    Dupuis, F., Nielsen, J.B., Salvail, L.: Secure two-party quantum evaluation of unitaries against specious adversaries. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 685–706. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14623-7_37 CrossRefGoogle Scholar
  23. 23.
    Dupuis, F., Nielsen, J.B., Salvail, L.: Actively secure two-party evaluation of any quantum operation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 794–811. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-32009-5_46 CrossRefGoogle Scholar
  24. 24.
    Fehr, S., Katz, J., Song, F., Zhou, H.-S., Zikas, V.: Feasibility and completeness of cryptographic tasks in the quantum world. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 281–296. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36594-2_16 CrossRefGoogle Scholar
  25. 25.
    Gagliardoni, T., Hülsing, A., Schaffner, C.: Semantic security and indistinguishability in the quantum world. In: Advances in Cryptology - CRYPTO 2016 - 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14–18, 2016, Proceedings, Part III, pp. 60–89 (2016).
  26. 26.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, STOC 2008, New York, NY, USA, pp. 197–206. ACM (2008)Google Scholar
  27. 27.
    Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing, STOC 1989, New York, NY, USA, pp. 25–32. ACM (1989)Google Scholar
  28. 28.
    Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004)CrossRefzbMATHGoogle Scholar
  29. 29.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  30. 30.
    Goldwasser, S., Micali, S.: Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)MathSciNetCrossRefzbMATHGoogle Scholar
  31. 31.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28, 1364–1396 (1999)MathSciNetCrossRefzbMATHGoogle Scholar
  32. 32.
    Hayden, P., Leung, D., Shor, P.W., Winter, A.: Randomizing quantum states: constructions and applications. Commun. Math. Phys. 250(2), 371–391 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  33. 33.
    Kashefi, E., Kerenidis, I.: Statistical zero knowledge and quantum one-way functions. Theoret. Comput. Sci. 378(1), 101–116 (2007)MathSciNetCrossRefzbMATHGoogle Scholar
  34. 34.
    Koshiba, T.: Security notions for quantum public-key cryptography. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. J90–A(5), 367–375 (2007)Google Scholar
  35. 35.
    Leung, D.W.: Quantum Vernam cipher. Quantum Inf. Comput. 2(1), 14–34 (2002)MathSciNetzbMATHGoogle Scholar
  36. 36.
    Moore, C., Russell, A., Vazirani, U.: A classical one-way function to confound quantum adversaries. eprint arXiv:quant-ph/0701115, January 2007
  37. 37.
    Mosca, M., Stebila, D.: Quantum coins. Error-Correcting Codes Finite Geometries Crypt. 523, 35–47 (2010)MathSciNetCrossRefzbMATHGoogle Scholar
  38. 38.
    Okamoto, T., Tanaka, K., Uchiyama, S.: Quantum public-key cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 147–165. Springer, Heidelberg (2000). doi: 10.1007/3-540-44598-6_9 CrossRefGoogle Scholar
  39. 39.
    Peikert, C., Waters, B.: Lossy trapdoor functions and their applications. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, STOC 2008, New York, NY, USA, pp. 187–196. ACM (2008)Google Scholar
  40. 40.
    Shannon, C.E.: Communication theory of secrecy systems. Bell Syst. Tech. J. 28(4), 656–715 (1949)MathSciNetCrossRefzbMATHGoogle Scholar
  41. 41.
    Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: FOCS 1994, pp. 124–134. IEEE Computer Society Press (1994)Google Scholar
  42. 42.
    Song, F.: A note on quantum security for post-quantum cryptography. In: Mosca, M. (ed.) PQCrypto 2014. LNCS, vol. 8772, pp. 246–265. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-11659-4_15 Google Scholar
  43. 43.
    Unruh, D.: Universally composable quantum multi-party computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 486–505. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13190-5_25 CrossRefGoogle Scholar
  44. 44.
    Unruh, D.: Revocable quantum timed-release encryption. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 129–146. Springer, Heidelberg (2014). doi: 10.1007/978-3-642-55220-5_8 CrossRefGoogle Scholar
  45. 45.
    Unruh, D.: Non-interactive zero-knowledge proofs in the quantum random oracle model. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 755–784. Springer, Heidelberg (2015). doi: 10.1007/978-3-662-46803-6_25 Google Scholar
  46. 46.
    Velema, M.: Classical encryption and authentication under quantum attacks. Master’s thesis, Master of Logic, University of Amsterdam (2013).
  47. 47.
    Wiesner, S.: Conjugate coding. ACM Sigact News 15(1), 78–88 (1983)CrossRefzbMATHGoogle Scholar
  48. 48.
    Wootters, W.K., Zurek, W.H.: A single quantum cannot be cloned. Nature 299(5886), 802–803 (1982)CrossRefGoogle Scholar
  49. 49.
    Xiang, C., Yang, L.: Indistinguishability, semantic security for quantum encryption scheme. In: Proceedings of SPIE, vol. 8554, p. 85540G–8 (2012)Google Scholar
  50. 50.
    Zhandry, M.: How to construct quantum random functions. In: FOCS 2012, pp. 679–687. IEEE (2012)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Gorjan Alagic
    • 1
  • Anne Broadbent
    • 2
    Email author
  • Bill Fefferman
    • 3
  • Tommaso Gagliardoni
    • 4
  • Christian Schaffner
    • 5
    Email author
  • Michael St. Jules
    • 2
  1. 1.Department of Mathematical SciencesUniversity of CopenhagenCopenhagenDenmark
  2. 2.Department of Mathematics and StatisticsUniversity of OttawaOttawaCanada
  3. 3.Joint Center for Quantum Information and Computer Science (QuICS)University of MarylandCollege ParkUSA
  4. 4.CryptoplexityTU DarmstadtDarmstadtGermany
  5. 5.QuSoftUniversity of Amsterdam and CWIAmsterdamThe Netherlands

Personalised recommendations