Abstract
We introduce a computational problem of distinguishing between two specific quantum states as a new cryptographic problem to design a quantum cryptographic scheme that is “secure” against any polynomial-time quantum adversary. Our problem, QSCDff, is to distinguish between two types of random coset states with a hidden permutation over the symmetric group of finite degree. This naturally generalizes the commonly-used distinction problem between two probability distributions in computational cryptography. As our major contribution, we show that QSCDff has three properties of cryptographic interest: (i) QSCDff has a trapdoor; (ii) the average-case hardness of QSCDff coincides with its worst-case hardness; and (iii) QSCDff is computationally at least as hard as the graph automorphism problem in the worst case. These cryptographic properties enable us to construct a quantum public-key cryptosystem which is likely to withstand any chosen plaintext attack of a polynomial-time quantum adversary. We further discuss a generalization of QSCDff, called QSCDcyc, and introduce a multi-bit encryption scheme that relies on similar cryptographic properties of QSCDcyc.
Article PDF
Similar content being viewed by others
References
M. Adcock, R. Cleve, A quantum Goldreich-Levin theorem with cryptographic applications, in Proceedings of the 19th Annual Symposium on Theoretical Aspects of Computer Science. LNCS, vol. 2285 (Springer, Berlin, 2002), pp. 323–334
D. Aharonov, A. Ta-Shma, Adiabatic quantum state generation. SIAM J. Comput. 37(1), 47–82 (2007)
M. Ajtai, Generating hard instances of lattice problems (extended abstract), in Proceedings of the 28th Annual ACM Symposium on Theory of Computing (1996), pp. 99–108
M. Ajtai, C. Dwork, A public-key cryptosystem with worst-case/average-case equivalence, in Proceedings of the 29th Annual ACM Symposium on Theory of Computing (1997), pp. 284–293. See also ECCC TR96-065
V. Arvind, P.P. Kurur, Graph isomorphism is in SPP. Inf. Comput. 204(5), 835–852 (2006)
D. Bacon, A.M. Childs, W. van Dam, From optimal measurement to efficient quantum algorithms for the hidden subgroup problem over semidirect product groups, in Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science (2005), pp. 469–478
M. Bellare, A. Desai, D. Pointcheval, P. Rogaway, Relations among notions of security for public-key encryption schemes, in Advances in Cryptology—CRYPTO’98 (Springer, Berlin, 1998), pp. 26–45
C.H. Bennett, G. Brassard, Quantum cryptography: public key distribution and coin tossing, in Proceedings of IEEE International Conference on Computers, Systems, and Signal Processing (1984), pp. 175–179
M. Blum, S. Micali, How to generate cryptographically strong sequences of pseudo-random bits. SIAM J. Comput. 13(4), 850–864 (1984)
A. Bogdanov, L. Trevisan, On worst-case to average-case reductions for NP problems. SIAM J. Comput. 36(4), 1119–1159 (2006)
D. Boneh, R.J. Lipton, Quantum cryptanalysis of hidden linear functions (extended abstract), in Advances in Cryptology—CRYPTO’95. LNCS, vol. 963 (Springer, Berlin, 1995), pp. 424–437
M. Crâsmaru, C. Glaßer, K.W. Regan, S. Sengupta, A protocol for serializing unique strategies, in Proceedings of the 29th International Symposium on Mathematical Foundations of Computer Science. LNCS, vol. 3153 (Springer, Berlin, 2004), pp. 660–672
C. Crépeau, P. Dumais, D. Mayers, L. Salvail, Computational collapse of quantum state with application to oblivious transfer, in Proceedings of the 1st Theory of Cryptography Conference. LNCS, vol. 2951 (Springer, Berlin, 2004), pp. 374–393
C. Crépeau, F. Légaré, L. Salvail, How to convert the flavor of a quantum bit commitment, in Advances in Cryptology—EUROCRYPT’01. LNCS, vol. 2045 (Springer, Berlin, 2001), pp. 60–77
I. Damgård, S. Fehr, L. Salvail, Zero-knowledge proofs and string commitments withstanding quantum attacks, in Advances in Cryptology—CRYPTO’04. LNCS, vol. 3152 (Springer, Berlin, 2004), pp. 254–272
S.-P. Desrosier, De la cryptographie sur les corps quadratiques rels. Master’s thesis, Université McGill, Montréal, 2002
W. Diffie, M.E. Hellman, New directions in cryptography. IEEE Trans. Inf. Theory IT-22(6), 644–654 (1976)
P. Dumais, D. Mayers, L. Salvail, Perfectly concealing quantum bit commitment from any quantum one-way permutation, in Advances in Cryptology—EUROCRYPT 2000. LNCS, vol. 1807 (Springer, Berlin, 2000), pp. 300–315
M. Ettinger, P. Høyer, On quantum algorithms for noncommutative hidden subgroups. Adv. Appl. Math. 25, 239–251 (2000)
S. Goldwasser, S. Micali, Probabilistic encryption. J. Comput. Syst. Sci. 28(2), 270–299 (1984)
S. Goldwasser, M. Sipser, Private coins versus public coins in interactive proof system, in Advances in Computing Research, ed. by S. Micali. Randomness and Computation, vol. 5 (JAI Press, London, 1989), pp. 73–90
M. Grigni, L.J. Schulman, M. Vazirani, U. Vazirani, Quantum mechanical algorithms for the nonabelian hidden subgroup problem. Combinatorica 24(1), 137–154 (2004)
J. Grollmann, A.L. Selman, Complexity measures for public-key cryptosystems. SIAM J. Comput. 17(2), 309–335 (1988)
S. Hallgren, Polynomial-time quantum algorithms for Pell’s equation and the principal ideal problem. Journal of the ACM 54(1) (2007)
S. Hallgren, C. Moore, M. Rötteler, A. Russell, P. Sen, Limitations of quantum coset states for graph isomorphism, in Proceedings of the 38th ACM Symposium on Theory of Computing (2006), pp. 604–617. See also quant-ph/0511148 and quant-ph/0511149
S. Hallgren, A. Russell, A. Ta-Shma, The hidden subgroup problem and quantum computation using group representations. SIAM J. Comput. 32(4), 916–934 (2003)
M. Hayashi, A. Kawachi, H. Kobayashi, Quantum measurements for hidden subgroup problems with optimal sample complexity. Quantum Inf. Comput. 8, 345–358 (2008)
W. Höffding, Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58(301), 13–30 (1963)
R. Impagliazzo, M. Naor, Efficient cryptographic schemes provably as secure as subset sum. J. Cryptol. 9(4), 199–216 (1996)
A. Kawachi, T. Koshiba, H. Nishimura, T. Yamakami, Computational indistinguishability between quantum states and its cryptographic application, in Advances in Cryptology—EUROCRYPT’05. LNCS, vol. 3494 (Springer, Berlin, 2005), pp. 268–284
A. Kawachi, C. Portmann, On the power of quantum encryption keys, in Proceedings of the 2nd International Workshop on Post-Quantum Cryptography. LNCS, vol. 5299 (Springer, Berlin, 2008), pp. 165–180
J. Kempe, A. Shalev, The hidden subgroup problem and permutation group theory, in Proceedings of the 16th ACM-SIAM Symposium on Discrete Algorithms (2005), pp. 1118–1125
A. Kitaev, Quantum measurements and the Abelian stabilizer problem (1995). quant-ph/9511026
H. Kobayashi, Non-interactive quantum perfect and statistical zero-knowledge, in Proceedings of the 14th Annual International Conference on Algorithms and Computation. LNCS, vol. 2906 (Springer, Berlin, 2003), pp. 178–188
J. Köbler, U. Schöning, J. Torán, The Graph Isomorphism Problem: Its Structural Complexity (Birkhäuser Boston, Cambridge, 1993)
G. Kuperberg, A subexponential-time quantum algorithm for the dihedral hidden subgroup problem. SIAM J. Comput. 35(1), 170–188 (2005)
H.-K. Lo, H.F. Chau, Is quantum bit commitment really possible? Phys. Rev. Lett. 78(17), 3410–3413 (1997)
E.M. Luks, Permutation groups and polynomial-time computation, in Groups and Computation, ed. by L. Finklestein, W.M. Kantor. DIMACS Series in Discrete Mathematics and Theoretical Computer Science, vol. 5 (Am. Math. Soc., Providence, 1993), pp. 139–175
D. Mayers, Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Lett. 78(17), 3414–3417 (1997)
D. Mayers, Unconditional security in quantum cryptography. J. ACM 48(3), 351–406 (2001)
D. Micciancio, O. Regev, Worst-case to average-case reductions based on Gaussian measure. SIAM J. Comput. 37(1), 267–302 (2007)
C. Moore, A. Russell, The symmetric group defies strong Fourier sampling: Part II (2005). quant-ph/0501066
C. Moore, D. Rockmore, A. Russell, L.J. Schulman, The hidden subgroup problem in affine groups: basis selection in Fourier sampling, in Proceedings of the 15th ACM–SIAM Symposium on Discrete Algorithms (2004), pp. 1106–1115
C. Moore, A. Russell, L.J. Schulman, The symmetric group defies strong Fourier sampling. SIAM J. Comput. 37(6), 1842–1864 (2008). See also quant-ph/0501056 and quant-ph/0501066
M.A. Nielsen, I.L. Chuang, Quantum Computation and Quantum Information (Cambridge University Press, Cambridge, 2000)
G.M. Nikolopoulos, Applications of single-qubit rotations in quantum public-key cryptography. Phys. Rev. A 77, 032348 (2008)
G.M. Nikolopoulos, L.M. Ioannou, Deterministic quantum-public-key encryption: forward search attack and randomization. Phys. Rev. A 79, 042327 (2009)
T. Okamoto, K. Tanaka, S. Uchiyama, Quantum public-key cryptosystems, in Advances in Cryptology—CRYPTO 2000. LNCS, vol. 1880 (Springer, Berlin, 2000), pp. 147–165
O. Regev, New lattice-based cryptographic constructions. J. ACM 51(6), 899–942 (2004)
O. Regev, Quantum computation and lattice problems. SIAM J. Comput. 33(3), 738–760 (2004)
R. Renner, Security of quantum key distribution. Ph.D. thesis, ETH Zurich (2005). quant-ph/0512258
O. Regev, On lattices, learning with errors, random linear codes, and cryptography. J. ACM 56(6), 34 (2009)
D. Robinson, A Course in the Theory of Groups (Springer, Berlin, 1995)
U. Schöning, Graph isomorphism is in the low hierarchy. J. Comput. Syst. Sci. 37, 312–323 (1988)
A. Schmidt, Quantum algorithms for many-to-one functions to solve the regulator and the principal ideal problem (2009). arXiv:0912.4807
P.W. Shor, Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26(5), 1484–1509 (1997)
P.W. Shor, J. Preskill, Simple proof of security of the BB84 quantum key distribution protocol. Phys. Rev. Lett. 85, 441–444 (2000)
M. Tompa, H. Woll, Random self-reducibility and zero knowledge interactive proofs of possession of information, in Proceedings of the 28th IEEE Symposium on Foundations of Computer Science (1987), pp. 472–482
J. Watrous, Limits on the power of quantum statistical zero-knowledge, in Proceedings of the 43rd Annual IEEE Symposium on Foundations of Computer Science (2002), pp. 459–468
A.C.-C. Yao, Theory and applications of trapdoor functions (extended abstract), in Proceedings of the 23rd Annual IEEE Symposium on Foundations of Computer Science (1982), pp. 80–91
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Stefan Wolf
The preliminary version [30] appeared in the Proceedings of EUROCRYPT 2005, Lecture Notes in Computer Science, Vol. 3494, pp. 268–284, Aarhus, Denmark, May 22–26, 2005.
Rights and permissions
About this article
Cite this article
Kawachi, A., Koshiba, T., Nishimura, H. et al. Computational Indistinguishability Between Quantum States and Its Cryptographic Application. J Cryptol 25, 528–555 (2012). https://doi.org/10.1007/s00145-011-9103-4
Received:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-011-9103-4