Provably secure key establishment against quantum adversaries

Alexandrs Belovs; Gilles  Brassard; Peter  Høyer; Marc Kaplan; Sophie  Laplante; Louis Salvail

doi:10.4230/LIPIcs.TQC.2017.3

Provably secure key establishment against quantum adversaries

Alexandrs Belovs, Gilles Brassard, Peter Høyer, Marc Kaplan, Sophie Laplante, Louis Salvail

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

At Crypto 2011, some of us had proposed a family of cryptographic protocols for key establishment capable of protecting quantum and classical legitimate parties unconditionally against a quantum eavesdropper in the query complexity model. Unfortunately, our security proofs were unsatisfactory from a cryptographically meaningful perspective because they were sound only in a worst-case scenario. Here, we extend our results and prove that for any e > 0, there is a classical protocol that allows the legitimate parties to establish a common key after O(N) expected queries to a random oracle, yet any quantum eavesdropper will have a vanishing probability of learning their key after O(N^{1.5-e}) queries to the same oracle. The vanishing probability applies to a typical run of the protocol. If we allow the legitimate parties to use a quantum computer as well, their advantage over the quantum eavesdropper becomes arbitrarily close to the quadratic advantage that classical legitimate parties enjoyed over classical eavesdroppers in the seminal 1974 work of Ralph Merkle. Along the way, we develop new tools to give lower bounds on the number of quantum queries required to distinguish two probability distributions. This method in itself could have multiple applications in cryptography. We use it here to study average-case quantum query complexity, for which we develop a new composition theorem of independent interest.

Original language	English
Title of host publication	12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17)
Place of Publication	Paris, France
Publisher	Schloss Dagstuhl - Leibniz-Zentrum für Informatik
Pages	3:1--3:17
Number of pages	17
Volume	73
ISBN (Electronic)	978-3-95977-034-7
DOIs	https://doi.org/10.4230/LIPIcs.TQC.2017.3
Publication status	Published - 2018
Event	12th Conference on the Theory of Quantum Computation, Communication, and Cryptography - Université Pierre et Marie Curie, Paris, France Duration: 14 Jun 2017 → 16 Jun 2017 http://tqc2017.lip6.fr/ http://tqc2017.lip6.fr/

Publication series

Name	Leibniz International Proceedings in Informatics (LIPIcs)
Volume	73
ISSN (Electronic)	1868-8969

Conference

Conference	12th Conference on the Theory of Quantum Computation, Communication, and Cryptography
Abbreviated title	TQC 2017
Country/Territory	France
City	Paris
Period	14/06/17 → 16/06/17
Internet address	http://tqc2017.lip6.fr/ http://tqc2017.lip6.fr/

Access to Document

10.4230/LIPIcs.TQC.2017.3Licence: Creative Commons: Attribution (CC-BY)

merkle2-tqc-final-1Accepted author manuscript, 703 KBLicence: Creative Commons: Attribution (CC-BY)

http://drops.dagstuhl.de/opus/frontdoor.php?source_opus=8581Licence: Creative Commons: Attribution (CC-BY)

Verification of Quantum Technology
Kashefi, E.
EPSRC
1/10/15 → 31/03/21
Project: Research

Cite this

Belovs, A., Brassard, G., Høyer, P., Kaplan, M., Laplante, S., & Salvail, L. (2018). Provably secure key establishment against quantum adversaries. In 12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17) (Vol. 73, pp. 3:1--3:17). [3] (Leibniz International Proceedings in Informatics (LIPIcs); Vol. 73). Schloss Dagstuhl - Leibniz-Zentrum für Informatik. https://doi.org/10.4230/LIPIcs.TQC.2017.3

Belovs, Alexandrs ; Brassard, Gilles ; Høyer, Peter et al. / Provably secure key establishment against quantum adversaries. 12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17). Vol. 73 Paris, France : Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2018. pp. 3:1--3:17 (Leibniz International Proceedings in Informatics (LIPIcs)).

@inproceedings{8829875da0a1494aa8980198fbf92546,

title = "Provably secure key establishment against quantum adversaries",

abstract = "At Crypto 2011, some of us had proposed a family of cryptographic protocols for key establishment capable of protecting quantum and classical legitimate parties unconditionally against a quantum eavesdropper in the query complexity model. Unfortunately, our security proofs were unsatisfactory from a cryptographically meaningful perspective because they were sound only in a worst-case scenario. Here, we extend our results and prove that for any e > 0, there is a classical protocol that allows the legitimate parties to establish a common key after O(N) expected queries to a random oracle, yet any quantum eavesdropper will have a vanishing probability of learning their key after O(N^{1.5-e}) queries to the same oracle. The vanishing probability applies to a typical run of the protocol. If we allow the legitimate parties to use a quantum computer as well, their advantage over the quantum eavesdropper becomes arbitrarily close to the quadratic advantage that classical legitimate parties enjoyed over classical eavesdroppers in the seminal 1974 work of Ralph Merkle. Along the way, we develop new tools to give lower bounds on the number of quantum queries required to distinguish two probability distributions. This method in itself could have multiple applications in cryptography. We use it here to study average-case quantum query complexity, for which we develop a new composition theorem of independent interest.",

author = "Alexandrs Belovs and Gilles Brassard and Peter H{\o}yer and Marc Kaplan and Sophie Laplante and Louis Salvail",

year = "2018",

doi = "10.4230/LIPIcs.TQC.2017.3",

language = "English",

volume = "73",

series = "Leibniz International Proceedings in Informatics (LIPIcs)",

publisher = "Schloss Dagstuhl - Leibniz-Zentrum f{\"u}r Informatik",

pages = "3:1----3:17",

booktitle = "12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17)",

note = " 12th Conference on the Theory of Quantum Computation, Communication, and Cryptography, TQC 2017 ; Conference date: 14-06-2017 Through 16-06-2017",

url = "http://tqc2017.lip6.fr/, http://tqc2017.lip6.fr/",

}

Belovs, A, Brassard, G, Høyer, P, Kaplan, M, Laplante, S & Salvail, L 2018, Provably secure key establishment against quantum adversaries. in 12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17). vol. 73, 3, Leibniz International Proceedings in Informatics (LIPIcs), vol. 73, Schloss Dagstuhl - Leibniz-Zentrum für Informatik, Paris, France, pp. 3:1--3:17, 12th Conference on the Theory of Quantum Computation, Communication, and Cryptography, Paris, France, 14/06/17. https://doi.org/10.4230/LIPIcs.TQC.2017.3

Provably secure key establishment against quantum adversaries. / Belovs, Alexandrs; Brassard, Gilles ; Høyer, Peter et al.

12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17). Vol. 73 Paris, France : Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 2018. p. 3:1--3:17 3 (Leibniz International Proceedings in Informatics (LIPIcs); Vol. 73).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Provably secure key establishment against quantum adversaries

AU - Belovs, Alexandrs

AU - Brassard, Gilles

AU - Høyer, Peter

AU - Kaplan, Marc

AU - Laplante, Sophie

AU - Salvail, Louis

PY - 2018

Y1 - 2018

N2 - At Crypto 2011, some of us had proposed a family of cryptographic protocols for key establishment capable of protecting quantum and classical legitimate parties unconditionally against a quantum eavesdropper in the query complexity model. Unfortunately, our security proofs were unsatisfactory from a cryptographically meaningful perspective because they were sound only in a worst-case scenario. Here, we extend our results and prove that for any e > 0, there is a classical protocol that allows the legitimate parties to establish a common key after O(N) expected queries to a random oracle, yet any quantum eavesdropper will have a vanishing probability of learning their key after O(N^{1.5-e}) queries to the same oracle. The vanishing probability applies to a typical run of the protocol. If we allow the legitimate parties to use a quantum computer as well, their advantage over the quantum eavesdropper becomes arbitrarily close to the quadratic advantage that classical legitimate parties enjoyed over classical eavesdroppers in the seminal 1974 work of Ralph Merkle. Along the way, we develop new tools to give lower bounds on the number of quantum queries required to distinguish two probability distributions. This method in itself could have multiple applications in cryptography. We use it here to study average-case quantum query complexity, for which we develop a new composition theorem of independent interest.

AB - At Crypto 2011, some of us had proposed a family of cryptographic protocols for key establishment capable of protecting quantum and classical legitimate parties unconditionally against a quantum eavesdropper in the query complexity model. Unfortunately, our security proofs were unsatisfactory from a cryptographically meaningful perspective because they were sound only in a worst-case scenario. Here, we extend our results and prove that for any e > 0, there is a classical protocol that allows the legitimate parties to establish a common key after O(N) expected queries to a random oracle, yet any quantum eavesdropper will have a vanishing probability of learning their key after O(N^{1.5-e}) queries to the same oracle. The vanishing probability applies to a typical run of the protocol. If we allow the legitimate parties to use a quantum computer as well, their advantage over the quantum eavesdropper becomes arbitrarily close to the quadratic advantage that classical legitimate parties enjoyed over classical eavesdroppers in the seminal 1974 work of Ralph Merkle. Along the way, we develop new tools to give lower bounds on the number of quantum queries required to distinguish two probability distributions. This method in itself could have multiple applications in cryptography. We use it here to study average-case quantum query complexity, for which we develop a new composition theorem of independent interest.

U2 - 10.4230/LIPIcs.TQC.2017.3

DO - 10.4230/LIPIcs.TQC.2017.3

M3 - Conference contribution

VL - 73

T3 - Leibniz International Proceedings in Informatics (LIPIcs)

SP - 3:1--3:17

BT - 12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17)

PB - Schloss Dagstuhl - Leibniz-Zentrum für Informatik

CY - Paris, France

T2 - 12th Conference on the Theory of Quantum Computation, Communication, and Cryptography

Y2 - 14 June 2017 through 16 June 2017

ER -

Belovs A, Brassard G, Høyer P, Kaplan M, Laplante S, Salvail L. Provably secure key establishment against quantum adversaries. In 12th Conference on Theory of Quantum Computation, Communication and Cryptography (TQC 17). Vol. 73. Paris, France: Schloss Dagstuhl - Leibniz-Zentrum für Informatik. 2018. p. 3:1--3:17. 3. (Leibniz International Proceedings in Informatics (LIPIcs)). Epub 2018 Feb 26. doi: 10.4230/LIPIcs.TQC.2017.3

Provably secure key establishment against quantum adversaries

Abstract

Publication series

Conference

Access to Document

Fingerprint

Projects

Verification of Quantum Technology

Cite this