Abstract
Can a sender non-interactively transmit one of two strings to a receiver without knowing which string was received? Does there exist minimally-interactive secure multiparty computation that only makes (black-box) use of symmetric-key primitives? We provide affirmative answers to these questions in a model where parties have access to shared EPR pairs, thus demonstrating the cryptographic power of this resource.
-
First, we construct a one-shot (i.e., single message) string oblivious transfer (OT) protocol with random receiver bit in the shared EPR pairs model, assuming the (sub-exponential) hardness of LWE.
Building on this, we show that secure teleportation through quantum channels is possible. Specifically, given the description of any quantum operation Q, a sender with (quantum) input \(\rho \) can send a single classical message that securely transmits \(Q(\rho )\) to a receiver. That is, we realize an ideal quantum channel that takes input \(\rho \) from the sender and provably delivers \(Q(\rho )\) to the receiver without revealing any other information.
This immediately gives a number of applications in the shared EPR pairs model: (1) non-interactive secure computation of unidirectional classical randomized functionalities, (2) NIZK for QMA from standard (sub-exponential) hardness assumptions, and (3) a non-interactive zero-knowledge state synthesis protocol.
-
Next, we construct a two-round (round-optimal) secure multiparty computation protocol for classical functionalities in the shared EPR pairs model that is unconditionally-secure in the (quantum-accessible) random oracle model.
Classically, both of these results cannot be obtained without some form of correlated randomness shared between the parties, and the only known approach is to have a trusted dealer set up random (string) OT correlations. In the quantum world, we show that shared EPR pairs (which are simple and can be deterministically generated) are sufficient. At the heart of our work are novel techniques for making use of entangling operations to generate string OT correlations, and for instantiating the Fiat-Shamir transform using correlation-intractability in the quantum setting.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
We will also allow for preserving entanglement that \(\rho \) may have with its environment, so technically we consider Q to map a state on Alice’s input register \(\mathcal{A}\) to a state on Bob’s output register \(\mathcal{B}\).
- 2.
We use one-shot, one-message, and non-interactive interchangeably to refer to a protocol that consists of a single message from a sender to a receiver.
- 3.
Note that it is impossible to obtain a one-shot protocol for fixed receiver bit OT, since Bob does not send any message.
- 4.
In chosen-input OT, the receiver specifies their input bit b, and they receive the message \(m_b\). We contrast this with the notion of OT discussed above, where the receiver’s bit b is chosen uniformly at random.
- 5.
In particular, any (even semi-honest) dealer that sets up OT correlations can learn the parties’ private inputs by observing the resulting transcript of communication, while this is not necessarily true of an EPR pair setup, by monogamy of entanglement. We also remark that obtaining OT correlations from any deterministically generated shared quantum state is non-trivial. In particular, if the parties shared a (deterministically generated) superposition over classical OT correlations, the receiver could simply decide not to measure the register holding their choice bit, and obtain a superposition over the sender’s strings, which violates the security of OT.
- 6.
A followup work of [5] showed that, assuming ideal obfuscation, there exists a protocol over a bit OT channel with \(1/\textrm{poly}(\lambda )\) security.
- 7.
Note that despite the existence of quantum key distribution [14], public-key infrastructure would still likely be required for the quantum internet, since QKD requires authenticated classical channels.
- 8.
We do stress that our model assumes the EPR pairs are generated honestly, for example by an honest network administrator. Otherwise, such secure one-message protocols would be impossible to achieve.
- 9.
We also remark that [12] achieve NIZK for QMA in the (incomparable) common reference string model, but they argue security using classical oracles, or alternatively assuming indistinguishability obfuscation and the non-black-box use of a hash function modeled as a random oracle.
- 10.
In this setting, publicly-verifiable revocation [10] seems crucial to ensure that no one need know the classical description of the secret key.
- 11.
Technically, the random coins used to compute the commitments must also be included in the witness.
- 12.
Note that this step is not efficient to implement, but this will not be important for our arguments.
References
Aaronson, S.: The complexity of quantum states and transformations: from quantum money to black holes (2016)
Agarwal, A., Bartusek, J., Khurana, D., Kumar, N.: A new framework for quantum oblivious transfer. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology – EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14004, pp. 363–393. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30545-0_13
Agarwal, S., Kitagawa, F., Nishimaki, R., Yamada, S., Yamakawa, T.: Public key encryption with secure key leasing. In: Hazay, C., Stam, M. (eds.) Advances in Cryptology – EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14004, pp. 581–610. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30545-0_20
Agrawal, S., et al.: Cryptography from one-way communication: on completeness of finite channels. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12493, pp. 653–685. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64840-4_22
Agrawal, S., et al.: Secure computation from one-way noisy communication, or: anti-correlation via anti-concentration. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12826, pp. 124–154. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84245-1_5
Ananth, P., Poremba, A., Vaikuntanathan, V.: Revocable cryptography from learning with errors. Cryptology ePrint Archive, Paper 2023/325 (2023). https://eprint.iacr.org/2023/325
Ananth, P., Qian, L., Yuen, H.: Cryptography from pseudorandom quantum states. In: Dodis, Y., Shrimpton, T. (eds.) Advances in Cryptology - CRYPTO 2022–42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, 15–18 August 2022, Proceedings, Part I. LNCS, vol. 13507, pp. 208–236. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15802-5_8
Bartusek, J., Coladangelo, A., Khurana, D., Ma, F.: On the round complexity of secure quantum computation. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12825, pp. 406–435. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84242-0_15
Bartusek, J., Coladangelo, A., Khurana, D., Ma, F.: One-way functions imply secure computation in a quantum world. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12825, pp. 467–496. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84242-0_17
Bartusek, J.: Obfuscation and outsourced computation with certified deletion. Cryptology ePrint Archive, Paper 2023/265 (2023). https://eprint.iacr.org/2023/265
Bartusek, J., Khurana, D., Srinivasan, A.: Secure computation with shared EPR pairs (or: How to teleport in zero-knowledge). Cryptology ePrint Archive, Paper 2023/564 (2023). https://eprint.iacr.org/2023/564
Bartusek, J., Malavolta, G.: Indistinguishability obfuscation of null quantum circuits and applications. In: Braverman, M. (ed.) 13th Innovations in Theoretical Computer Science Conference, ITCS 2022, 31 January–3 February 2022, Berkeley, CA, USA. LIPIcs, vol. 215, pp. 15:1–15:13. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2022)
Benhamouda, F., Lin, H.: k-round multiparty computation from k-round oblivious transfer via garbled interactive circuits. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 500–532. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_17
Bennett, C.H., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: Proceedings of the IEEE International Conference on Computers, Systems, and Signal Processing, pp. 175–179 (1984)
Bennett, C.H., Brassard, G., Crépeau, C., Jozsa, R., Peres, A., Wootters, W.K.: Teleporting an unknown quantum state via dual classical and Einstein-Podolsky-Rosen channels. Phys. Rev. Lett. 70, 1895–1899 (1993)
Bennett, C.H., Wiesner, S.J.: Communication via one- and two-particle operators on Einstein-Podolsky-Rosen states. Phys. Rev. Lett. 69, 2881–2884 (1992)
Bouman, N.J., Fehr, S.: Sampling in a quantum population, and applications. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 724–741. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_39
Brakerski, Z., Koppula, V., Mour, T.: NIZK from LPN and Trapdoor Hash via correlation intractability for approximable relations. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12172, pp. 738–767. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_26
Brakerski, Z., Yuen, H.: Quantum garbled circuits. In: Proceedings of the 54th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2022, pp. 804–817. Association for Computing Machinery, New York (2022)
Brun, T., Devetak, I., Hsieh, M.-H.: Correcting quantum errors with entanglement. Science (New York, N.Y.) 314, 436–439 (2006)
Canetti, R.: Fiat-Shamir: from practice to theory. In: Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019, pp. 1082–1090. Association for Computing Machinery, New York (2019)
Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. J. ACM 51(4), 557–594 (2004)
Choudhuri, A.R., Garg, S., Jain, A., Jin, Z., Zhang, J.: Correlation intractability and SNARGs from sub-exponential DDH (2022). https://eprint.iacr.org/2022/1486
Choudhuri, A.R., Jain, A., Jin, Z.: Non-interactive batch arguments for NP from standard assumptions. IACR Cryptol. ePrint Arch., 2021:807 (2021)
Choudhuri, A.R., Jain, A., Jin, Z.: SNARGs for P from LWE. IACR Cryptol. ePrint Arch., p. 808 (2021)
Coladangelo, A., Liu, J., Liu, Q., Zhandry, M.: Hidden Cosets and applications to unclonable cryptography. In: Malkin, T., Peikert, C. (eds.) CRYPTO 2021. LNCS, vol. 12825, pp. 556–584. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-84242-0_20
Colisson, L., Muguruza, G., Speelman, F.: Oblivious transfer from zero-knowledge proofs, or how to achieve round-optimal quantum oblivious transfer and zero-knowledge proofs on quantum states (2023)
Crépeau, C., Kilian, J.: Achieving oblivious transfer using weakened security assumptions (extended abstract). In: 29th FOCS, pp. 42–52. IEEE Computer Society Press, October 1988
Crépeau, C., van de Graaf, J., Tapp, A.: Committed oblivious transfer and private multi-party computation. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 110–123. Springer, Heidelberg (1995). https://doi.org/10.1007/3-540-44750-4_9
Don, J., Fehr, S., Majenz, C., Schaffner, C.: Security of the Fiat-Shamir transformation in the quantum random-oracle model. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 356–383. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_13
Dupuis, F., Lamontagne, P., Salvail, L.: Fiat-Shamir for proofs lacks a proof even in the presence of shared entanglement (2022)
Einstein, A., Podolsky, B., Rosen, N.: Can quantum-mechanical description of physical reality be considered complete? Phys. Rev. 47, 777–780 (1935)
Ekert, A.K.: Quantum cryptography based on Bell’s theorem. Phys. Rev. Lett. 67, 661–663 (1991)
Garg, S., Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Cryptography with one-way communication. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 191–208. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_10
Garg, S., Ishai, Y., Srinivasan, A.: Two-round MPC: information-theoretic and black-box. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11239, pp. 123–151. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03807-6_5
Garg, S., Srinivasan, A.: Two-round multiparty secure computation from minimal assumptions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10821, pp. 468–499. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_16
Georgiou, M., Zhandry, M.: Unclonable decryption keys. Cryptology ePrint Archive, Paper 2020/877 (2020). https://eprint.iacr.org/2020/877
Grilo, A.B., Lin, H., Song, F., Vaikuntanathan, V.: Oblivious transfer is in MiniQCrypt. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12697, pp. 531–561. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77886-6_18
Halevi, S., Lindell, Y., Pinkas, B.: Secure computation on the web: computing without simultaneous interaction. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 132–150. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_8
Holmgren, J., Lombardi, A., Rothblum, R.D.: Fiat-Shamir via list-recoverable codes (or: Parallel repetition of GMW is not zero-knowledge). In: Proceedings of the 53rd Annual ACM SIGACT Symposium on Theory of Computing, STOC 2021, pp. 750–760. Association for Computing Machinery, New York (2021)
Hulett, J., Jawale, R., Khurana, D., Srinivasan, A.: SNARGs for P from sub-exponential DDH and QR. In: Dunkelman, O., Dziembowski, S. (eds.) Advances in Cryptology - EUROCRYPT 2022–41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, 30 May–3 June 2022, Proceedings, Part II, LNCS, vol. 13276, pp. 520–549. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-07085-3_18
Impagliazzo, R., Rudich, S.: Limits on the provable consequences of one-way permutations. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 8–26. Springer, New York (1990). https://doi.org/10.1007/0-387-34799-2_2
Irani, S., Natarajan, A., Nirkhe, C., Rao, S., Yuen, H.: Quantum search-to-decision reductions and the state synthesis problem. In: Proceedings of the 37th Computational Complexity Conference, CCC 2022, Dagstuhl, DEU 2022. Schloss Dagstuhl-Leibniz-Zentrum fuer Informatik (2022)
Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer – efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_32
Jain, A., Jin, Z.: Non-interactive Zero Knowledge from Sub-exponential DDH. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 3–32. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_1
Jawale, R., Kalai, Y.T., Khurana, D., Zhang, R.: SNARGs for bounded depth computations and PPAD hardness from sub-exponential LWE. In: Khuller, S., Williams, V.V. (eds.) STOC 2021: 53rd Annual ACM SIGACT Symposium on Theory of Computing, Virtual Event, Italy, 21–25 June 2021, pp. 708–721. ACM (2021)
Ji, Z., Liu, Y.-K., Song, F.: Pseudorandom quantum states. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 126–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_5
Kalai, Y., Lombardi, A., Vaikuntanathan, V.: SNARGs and PPAD hardness from the decisional Diffie-Hellman assumption. In: Hazay, C., Stam, M. (eds) Advances in Cryptology – EUROCRYPT 2023. EUROCRYPT 2023. LNCS, vol. 14005. Springer, Cham (2023). https://doi.org/10.1007/978-3-031-30617-4_16
Kalai, Y.T., Vaikuntanathan, V., Zhang, R.Y.: Somewhere statistical soundness, post-quantum security, and SNARGs. Cryptology ePrint Archive, Report 2021/788 (2021). https://ia.cr/2021/788
Khurana, D., Ostrovsky, R., Srinivasan, A.: Round optimal black-box “Commit-and-Prove’’. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11239, pp. 286–313. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03807-6_11
Kobayashi, H.: Non-interactive quantum perfect and statistical zero-knowledge. In: Ibaraki, T., Katoh, N., Ono, H. (eds.) ISAAC 2003. LNCS, vol. 2906, pp. 178–188. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-24587-2_20
Morimae, T., Yamakawa, T.: Classically verifiable NIZK for QMA with preprocessing. In: Agrawal, S., Lin, D. (eds.) Advances in Cryptology - ASIACRYPT 2022, pp. 599–627. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22972-5_21
Morimae, T., Yamakawa, T.: One-Wayness in quantum cryptography. CoRR, abs/2210.03394 (2022)
Peikert, C., Shiehian, S.: Noninteractive zero knowledge for NP from (plain) learning with errors. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11692, pp. 89–114. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26948-7_4
Rosenthal, G., Yuen, H.S.: Interactive proofs for synthesizing quantum states and unitaries. In: ITCS (2022)
Winter, A.J.: Coding theorem and strong converse for quantum channels. IEEE Trans. Inf. Theory 45(7), 2481–2485 (1999)
Acknowledgments
D. Khurana was supported in part by NSF CAREER CNS-2238718 and NSF CNS-2247727, DARPA SIEVE. This material is based upon work supported by the Defense Advanced Research Projects Agency through Award HR00112020024. A. Srinivasan is supported in part by a SERB startup grant and Google India Research Award.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 International Association for Cryptologic Research
About this paper
Cite this paper
Bartusek, J., Khurana, D., Srinivasan, A. (2023). Secure Computation with Shared EPR Pairs (Or: How to Teleport in Zero-Knowledge). In: Handschuh, H., Lysyanskaya, A. (eds) Advances in Cryptology – CRYPTO 2023. CRYPTO 2023. Lecture Notes in Computer Science, vol 14085. Springer, Cham. https://doi.org/10.1007/978-3-031-38554-4_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-38554-4_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-38553-7
Online ISBN: 978-3-031-38554-4
eBook Packages: Computer ScienceComputer Science (R0)