-
Quantum secure non-malleable randomness encoder and its applications
Authors:
Rishabh Batra,
Naresh Goud Boddu,
Rahul Jain
Abstract:
"Non-Malleable Randomness Encoder"(NMRE) was introduced by Kanukurthi, Obbattu, and Sekar~[KOS18] as a useful cryptographic primitive helpful in the construction of non-malleable codes. To the best of our knowledge, their construction is not known to be quantum secure.
We provide a construction of a first rate-$1/2$, $2$-split, quantum secure NMRE and use this in a black-box manner, to construct…
▽ More
"Non-Malleable Randomness Encoder"(NMRE) was introduced by Kanukurthi, Obbattu, and Sekar~[KOS18] as a useful cryptographic primitive helpful in the construction of non-malleable codes. To the best of our knowledge, their construction is not known to be quantum secure.
We provide a construction of a first rate-$1/2$, $2$-split, quantum secure NMRE and use this in a black-box manner, to construct for the first time the following:
1) rate $1/11$, $3$-split, quantum non-malleable code,
2) rate $1/3$, $3$-split, quantum secure non-malleable code,
3) rate $1/5$, $2$-split, average case quantum secure non-malleable code.
△ Less
Submitted 12 August, 2023;
originally announced August 2023.
-
Split-State Non-Malleable Codes and Secret Sharing Schemes for Quantum Messages
Authors:
Naresh Goud Boddu,
Vipul Goyal,
Rahul Jain,
João Ribeiro
Abstract:
Non-malleable codes are fundamental objects at the intersection of cryptography and coding theory. These codes provide security guarantees even in settings where error correction and detection are impossible, and have found applications to several other cryptographic tasks. One of the strongest and most well-studied adversarial tampering models is $2$-split-state tampering. Here, a codeword is spl…
▽ More
Non-malleable codes are fundamental objects at the intersection of cryptography and coding theory. These codes provide security guarantees even in settings where error correction and detection are impossible, and have found applications to several other cryptographic tasks. One of the strongest and most well-studied adversarial tampering models is $2$-split-state tampering. Here, a codeword is split into two parts and the adversary can then independently tamper with each part using arbitrary functions. This model can be naturally extended to the secret sharing setting with several parties by having the adversary independently tamper with each share. Previous works on non-malleable coding and secret sharing in the split-state tampering model only considered the encoding of \emph{classical} messages. Furthermore, until recent work by Aggarwal, Boddu, and Jain (IEEE Trans.\ Inf.\ Theory 2024), adversaries with quantum capabilities and \emph{shared entanglement} had not been considered, and it is a priori not clear whether previous schemes remain secure in this model.
In this work, we introduce the notions of split-state non-malleable codes and secret sharing schemes for quantum messages secure against quantum adversaries with shared entanglement. Then, we present explicit constructions of such schemes that achieve low-error non-malleability. More precisely, we construct efficiently encodable and decodable split-state non-malleable codes and secret sharing schemes for quantum messages preserving entanglement with external systems and achieving security against quantum adversaries having shared entanglement with codeword length $n$, any message length at most $n^{Ω(1)}$, and error $ε=2^{-{n^{Ω(1)}}}$. In the easier setting of \emph{average-case} non-malleability, we achieve efficient non-malleable coding with rate close to $1/11$.
△ Less
Submitted 27 February, 2024; v1 submitted 12 August, 2023;
originally announced August 2023.
-
Quantum secure non-malleable codes in the split-state model
Authors:
Divesh Aggarwal,
Naresh Goud Boddu,
Rahul Jain
Abstract:
Non-malleable-codes introduced by Dziembowski, Pietrzak and Wichs [DPW18] encode a classical message $S$ in a manner such that tampering the codeword results in the decoder either outputting the original message $S$ or a message that is unrelated/independent of $S$. Providing such non-malleable security for various tampering function families has received significant attention in recent years. We…
▽ More
Non-malleable-codes introduced by Dziembowski, Pietrzak and Wichs [DPW18] encode a classical message $S$ in a manner such that tampering the codeword results in the decoder either outputting the original message $S$ or a message that is unrelated/independent of $S$. Providing such non-malleable security for various tampering function families has received significant attention in recent years. We consider the well-studied (2-part) split-state model, in which the message $S$ is encoded into two parts $X$ and $Y$, and the adversary is allowed to arbitrarily tamper with each $X$ and $Y$ individually. We consider the security of non-malleable-codes in the split-state model when the adversary is allowed to make use of arbitrary entanglement to tamper the parts $X$ and $Y$. We construct explicit quantum secure non-malleable-codes in the split-state model. Our construction of quantum secure non-malleable-codes is based on the recent construction of quantum secure $2$-source non-malleable-extractors by Boddu, Jain and Kapshikar [BJK21].
△ Less
Submitted 8 June, 2023; v1 submitted 27 February, 2022;
originally announced February 2022.
-
Quantum secure non-malleable-extractors
Authors:
Naresh Goud Boddu,
Rahul Jain,
Upendra Kapshikar
Abstract:
We construct several explicit quantum secure non-malleable-extractors. All the quantum secure non-malleable-extractors we construct are based on the constructions by Chattopadhyay, Goyal and Li [2015] and Cohen [2015].
1) We construct the first explicit quantum secure non-malleable-extractor for (source) min-entropy $k \geq \textsf{poly}\left(\log \left( \frac{n}ε \right)\right)$ ($n$ is the len…
▽ More
We construct several explicit quantum secure non-malleable-extractors. All the quantum secure non-malleable-extractors we construct are based on the constructions by Chattopadhyay, Goyal and Li [2015] and Cohen [2015].
1) We construct the first explicit quantum secure non-malleable-extractor for (source) min-entropy $k \geq \textsf{poly}\left(\log \left( \frac{n}ε \right)\right)$ ($n$ is the length of the source and $ε$ is the error parameter). Previously Aggarwal, Chung, Lin, and Vidick [2019] have shown that the inner-product based non-malleable-extractor proposed by Li [2012] is quantum secure, however it required linear (in $n$) min-entropy and seed length.
Using the connection between non-malleable-extractors and privacy amplification (established first in the quantum setting by Cohen and Vidick [2017]), we get a $2$-round privacy amplification protocol that is secure against active quantum adversaries with communication $\textsf{poly}\left(\log \left( \frac{n}ε \right)\right)$, exponentially improving upon the linear communication required by the protocol due to [2019].
2) We construct an explicit quantum secure $2$-source non-malleable-extractor for min-entropy $k \geq n- n^{Ω(1)}$, with an output of size $n^{Ω(1)}$ and error $2^{- n^{Ω(1)}}$.
3) We also study their natural extensions when the tampering of the inputs is performed $t$-times. We construct explicit quantum secure $t$-non-malleable-extractors for both seeded ($t=d^{Ω(1)}$) as well as $2$-source case ($t=n^{Ω(1)}$).
△ Less
Submitted 28 May, 2023; v1 submitted 7 September, 2021;
originally announced September 2021.
-
On relating one-way classical and quantum communication complexities
Authors:
Naresh Goud Boddu,
Rahul Jain,
Han-Hsuan Lin
Abstract:
Communication complexity is the amount of communication needed to compute a function when the function inputs are distributed over multiple parties. In its simplest form, one-way communication complexity, Alice and Bob compute a function $f(x,y)$, where $x$ is given to Alice and $y$ is given to Bob, and only one message from Alice to Bob is allowed. A fundamental question in quantum information is…
▽ More
Communication complexity is the amount of communication needed to compute a function when the function inputs are distributed over multiple parties. In its simplest form, one-way communication complexity, Alice and Bob compute a function $f(x,y)$, where $x$ is given to Alice and $y$ is given to Bob, and only one message from Alice to Bob is allowed. A fundamental question in quantum information is the relationship between one-way quantum and classical communication complexities, i.e., how much shorter the message can be if Alice is sending a quantum state instead of bit strings? We make some progress towards this question with the following results.
Let $f: \mathcal{X} \times \mathcal{Y} \rightarrow \mathcal{Z} \cup \{\bot\}$ be a partial function and $μ$ be a distribution with support contained in $f^{-1}(\mathcal{Z})$. Denote $d=|\mathcal{Z}|$. Let $\mathsf{R}^{1,μ}_ε(f)$ be the classical one-way communication complexity of $f$; $\mathsf{Q}^{1,μ}_ε(f)$ be the quantum one-way communication complexity of $f$ and $\mathsf{Q}^{1,μ, *}_ε(f)$ be the entanglement-assisted quantum one-way communication complexity of $f$, each with distributional error (average error over $μ$) at most $ε$. We show:
1) If $μ$ is a product distribution, $η> 0$ and $0 \leq ε\leq 1-1/d$, then,
$$\mathsf{R}^{1,μ}_{2ε-dε^2/(d-1)+ η}(f) \leq 2\mathsf{Q}^{1,μ, *}_ε(f) + O(\log\log (1/η))\enspace.$$
2)If $μ$ is a non-product distribution and $\mathcal{Z}=\{ 0,1\}$, then $\forall ε, η> 0$ such that $ε/η+ η< 0.5$,
$$\mathsf{R}^{1,μ}_{3η}(f) = O(\mathsf{Q}^{1,μ}_{ε}(f) \cdot \mathsf{CS}(f)/η^3)\enspace,$$
where
\[\mathsf{CS}(f) = \max_{y} \min_{z\in\{0,1\}} \vert \{x~|~f(x,y)=z\} \vert \enspace.\]
△ Less
Submitted 12 May, 2023; v1 submitted 24 July, 2021;
originally announced July 2021.
-
Quantum Measurement Adversary
Authors:
Divesh Aggarwal,
Naresh Goud Boddu,
Rahul Jain,
Maciej Obremski
Abstract:
Multi-source-extractors are functions that extract uniform randomness from multiple (weak) sources of randomness. Quantum multi-source-extractors were considered by Kasher and Kempe (for the quantum-independent-adversary and the quantum-bounded-storage-adversary), Chung, Li and Wu (for the general-entangled-adversary) and Arnon-Friedman, Portmann and Scholz (for the quantum-Markov-adversary). One…
▽ More
Multi-source-extractors are functions that extract uniform randomness from multiple (weak) sources of randomness. Quantum multi-source-extractors were considered by Kasher and Kempe (for the quantum-independent-adversary and the quantum-bounded-storage-adversary), Chung, Li and Wu (for the general-entangled-adversary) and Arnon-Friedman, Portmann and Scholz (for the quantum-Markov-adversary). One of the main objectives of this work is to unify all the existing quantum multi-source adversary models. We propose two new models of adversaries: 1) the quantum-measurement-adversary (qm-adv), which generates side-information using entanglement and on post-measurement and 2) the quantum-communication-adversary (qc-adv), which generates side-information using entanglement and communication between multiple sources. We show that, 1. qm-adv is the strongest adversary among all the known adversaries, in the sense that the side-information of all other adversaries can be generated by qm-adv. 2. The (generalized) inner-product function (in fact a general class of two-wise independent functions) continues to work as a good extractor against qm-adv with matching parameters as that of Chor and Goldreich. 3. A non-malleable-extractor proposed by Li (against classical-adversaries) continues to be secure against quantum side-information. This result implies a non-malleable-extractor result of Aggarwal, Chung, Lin and Vidick with uniform seed. We strengthen their result via a completely different proof to make the non-malleable-extractor of Li secure against quantum side-information even when the seed is not uniform. 4. A modification (working with weak sources instead of uniform sources) of the Dodis and Wichs protocol for privacy-amplification is secure against active quantum adversaries. This strengthens on a recent result due to Aggarwal, Chung, Lin and Vidick which uses uniform sources.
△ Less
Submitted 6 June, 2023; v1 submitted 4 June, 2021;
originally announced June 2021.
-
Tamper Detection against Unitary Operators
Authors:
Naresh Goud Boddu,
Upendra S. Kapshikar
Abstract:
Security of a storage device against a tampering adversary has been a well-studied topic in classical cryptography. Such models give black-box access to an adversary, and the aim is to protect the stored message or abort the protocol if there is any tampering.
In this work, we extend the scope of the theory of tamper detection codes against an adversary with quantum capabilities. We consider enc…
▽ More
Security of a storage device against a tampering adversary has been a well-studied topic in classical cryptography. Such models give black-box access to an adversary, and the aim is to protect the stored message or abort the protocol if there is any tampering.
In this work, we extend the scope of the theory of tamper detection codes against an adversary with quantum capabilities. We consider encoding and decoding schemes that are used to encode a $k$-qubit quantum message $\vert m\rangle$ to obtain an $n$-qubit quantum codeword $\vert {ψ_m} \rangle$. A quantum codeword $\vert {ψ_m} \rangle$ can be adversarially tampered via a unitary $U$ from some known tampering unitary family $\mathcal{U}_{\mathsf{Adv}}$ (acting on $\mathbb{C}^{2^n}$).
Firstly, we initiate the general study of \emph{quantum tamper detection codes}, which detect if there is any tampering caused by the action of a unitary operator. In case there was no tampering, we would like to output the original message. We show that quantum tamper detection codes exist for any family of unitary operators $\mathcal{U}_{\mathsf{Adv}}$, such that $\vert\mathcal{U}_{\mathsf{Adv}} \vert < 2^{2^{αn}}$ for some constant $α\in (0,1/6)$; provided that unitary operators are not too close to the identity operator. Quantum tamper detection codes that we construct can be considered to be quantum variants of \emph{classical tamper detection codes} studied by Jafargholi and Wichs~['15], which are also known to exist under similar restrictions.
Additionally, we show that when the message set $\mathcal{M}$ is classical, such a construction can be realized as a \emph{non-malleable code} against any $\mathcal{U}_{\mathsf{Adv}}$ of size up to $2^{2^{αn}}$.
△ Less
Submitted 6 November, 2023; v1 submitted 10 May, 2021;
originally announced May 2021.
-
Graph-theoretic approach to dimension witnessing
Authors:
Maharshi Ray,
Naresh Goud Boddu,
Kishor Bharti,
Leong-Chuan Kwek,
Adán Cabello
Abstract:
A fundamental problem in quantum computation and quantum information is finding the minimum quantum dimension needed for a task. For tasks involving state preparation and measurements, this problem can be addressed using only the input-output correlations. This has been applied to Bell, prepare-and-measure, and Kochen-Specker contextuality scenarios. Here, we introduce a novel approach to quantum…
▽ More
A fundamental problem in quantum computation and quantum information is finding the minimum quantum dimension needed for a task. For tasks involving state preparation and measurements, this problem can be addressed using only the input-output correlations. This has been applied to Bell, prepare-and-measure, and Kochen-Specker contextuality scenarios. Here, we introduce a novel approach to quantum dimension witnessing for scenarios with one preparation and several measurements, which uses the graphs of mutual exclusivity between sets of measurement events. We present the concepts and tools needed for graph-theoretic quantum dimension witnessing and illustrate their use by identifying novel quantum dimension witnesses, including a family that can certify arbitrarily high quantum dimensions with few events.
△ Less
Submitted 13 November, 2020; v1 submitted 21 July, 2020;
originally announced July 2020.
-
Quantum Log-Approximate-Rank Conjecture is also False
Authors:
Anurag Anshu,
Naresh Goud Boddu,
Dave Touchette
Abstract:
In a recent breakthrough result, Chattopadhyay, Mande and Sherif [ECCC TR18-17] showed an exponential separation between the log approximate rank and randomized communication complexity of a total function $f$, hence refuting the log approximate rank conjecture of Lee and Shraibman [2009]. We provide an alternate proof of their randomized communication complexity lower bound using the information…
▽ More
In a recent breakthrough result, Chattopadhyay, Mande and Sherif [ECCC TR18-17] showed an exponential separation between the log approximate rank and randomized communication complexity of a total function $f$, hence refuting the log approximate rank conjecture of Lee and Shraibman [2009]. We provide an alternate proof of their randomized communication complexity lower bound using the information complexity approach. Using the intuition developed there, we derive a polynomially-related quantum communication complexity lower bound using the quantum information complexity approach, thus providing an exponential separation between the log approximate rank and quantum communication complexity of $f$. Previously, the best known separation between these two measures was (almost) quadratic, due to Anshu, Ben-David, Garg, Jain, Kothari and Lee [CCC, 2017]. This settles one of the main question left open by Chattopadhyay, Mande and Sherif, and refutes the quantum log approximate rank conjecture of Lee and Shraibman [2009]. Along the way, we develop a Shearer-type protocol embedding for product input distributions that might be of independent interest.
△ Less
Submitted 26 November, 2018;
originally announced November 2018.
