Добірка наукової літератури з теми "Quantum security definitions"

Recent advances indicate that quantum computers will soon be reality. Motivated by this ever more realistic threat for existing classical cryptographic protocols, researchers have developed several schemes to resist “quantum attacks.” In particular, for electronic voting (e-voting), several schemes relying on properties of quantum mechanics have been proposed. However, each of these proposals comes with a different and often not well-articulated corruption model, has different objectives, and is accompanied by security claims that are never formalized and are at best justified only against specific attacks. To address this, we propose the first formal security definitions for quantum e-voting protocols. With these at hand, we systematize and evaluate the security of previously proposed quantum e-voting protocols; we examine the claims of these works concerning privacy, correctness, and verifiability, and if they are correctly attributed to the proposed protocols. In all non-trivial cases, we identify specific quantum attacks that violate these properties. We argue that the cause of these failures lies in the absence of formal security models and references to the existing cryptographic literature.

Digital signatures are widely used in electronic communications to secure important tasks such as financial transactions, software updates, and legal contracts. The signature schemes that are in use today are based on public-key cryptography and derive their security from computational assumptions. However, it is possible to construct unconditionally secure signature protocols. In particular, using quantum communication, it is possible to construct signature schemes with security based on fundamental principles of quantum mechanics. Several quantum signature protocols have been proposed, but none of them has been explicitly generalised to more than three participants, and their security goals have not been formally defined. Here, we first extend the security definitions of Swanson and Stinson [1] so that they can apply also to the quantum case, and introduce a formal definition of transferability based on different verification levels. We then prove several properties that multiparty signature protocols with informationtheoretic security – quantum or classical – must satisfy in order to achieve their security goals. We also express two existing quantum signature protocols with three parties in the security framework we have introduced. Finally, we generalize a quantum signature protocol given in [2] to the multiparty case, proving its security against forging, repudiation and non-transferability. Notably, this protocol can be implemented using any pointto-point quantum key distribution network and therefore is ready to be experimentally demonstrated.

Quantum Information Theory is an area of physics which studies both fundamental and applied issues in quantum mechanics from an information-theoretical viewpoint. The underlying techniques are, however, often restricted to the analysis of systems which satisfy a certain independence condition. For example, it is assumed that an experiment can be repeated independently many times or that a large physical system consists of many virtually independent parts. Unfortunately, such assumptions are not always justified. This is particularly the case for practical applications — e.g. in quantum cryptography — where parts of a system might have an arbitrary and unknown behavior. We propose an approach which allows us to study general physical systems for which the above mentioned independence condition does not necessarily hold. It is based on an extension of various information-theoretical notions. For example, we introduce new uncertainty measures, called smooth min- and max-entropy, which are generalizations of the von Neumann entropy. Furthermore, we develop a quantum version of de Finetti's representation theorem, as described below. Consider a physical system consisting of n parts. These might, for instance, be the outcomes of n runs of a physical experiment. Moreover, we assume that the joint state of this n-partite system can be extended to an (n + k)-partite state which is symmetric under permutations of its parts (for some k ≫ 1). The de Finetti representation theorem then says that the original n-partite state is, in a certain sense, close to a mixture of product states. Independence thus follows (approximatively) from a symmetry condition. This symmetry condition can easily be met in many natural situations. For example, it holds for the joint state of n parts, which are chosen at random from an arbitrary (n + k)-partite system. As an application of these techniques, we prove the security of quantum key distribution (QKD), i.e. secret key agreement by communication over a quantum channel. In particular, we show that, in order to analyze QKD protocols, it is generally sufficient to consider so-called collective attacks, where the adversary is restricted to applying the same operation to each particle sent over the quantum channel separately. The proof is generic and thus applies to known protocols such as BB84 and B92 (where better bounds on the secret-key rate and on the the maximum tolerated noise level of the quantum channel are obtained) as well as to continuous variable schemes (where no full security proof has been known). Furthermore, the security holds with respect to a strong so-called universally composable definition. This implies that the keys generated by a QKD protocol can safely be used in any application, e.g. for one-time pad encryption — which, remarkably, is not the case for most standard definitions.

Abstract We propose a circuit extension handshake for Tor that is forward secure against adversaries who gain quantum computing capabilities after session negotiation. In doing so, we refine the notion of an authenticated and confidential channel establishment (ACCE) protocol and define pre-quantum, transitional, and post-quantum ACCE security. These new definitions reflect the types of adversaries that a protocol might be designed to resist. We prove that, with some small modifications, the currently deployed Tor circuit extension handshake, ntor, provides pre-quantum ACCE security. We then prove that our new protocol, when instantiated with a post-quantum key encapsulation mechanism, achieves the stronger notion of transitional ACCE security. Finally, we instantiate our protocol with NTRU-Encrypt and provide a performance comparison between ntor, our proposal, and the recent design of Ghosh and Kate.

Cryptography with quantum states exhibits a number of surprising and counterintuitive features. In a 2002 work, Barnum et al. argue that these features imply that digital signatures for quantum states are impossible (Barnum et al., FOCS 2002). In this work, we ask: can all forms of signing quantum data, even in a possibly weak sense, be completely ruled out? We give two results which shed significant light on this basic question.First, we prove an impossibility result for digital signatures for quantum data, which extends the result of Barnum et al. Specifically, we show that no nontrivial combination of correctness and security requirements can be fulfilled, beyond what is achievable simply by measuring the quantum message and then signing the outcome. In other words, only classical signature schemes exist.We then show a positive result: a quantum state can be signed with the same security guarantees as classically, provided that it is also encrypted with the public key of the intended recipient. Following classical nomenclature, we call this notion quantum signcryption. Classically, signcryption is only interesting if it provides superior performance to encypt-then-sign. Quantumly, it is far more interesting: it is the only signing method available. We develop "as-strong-as-classical" security definitions for quantum signcryption and give secure constructions based on post-quantum public-key primitives. Along the way, we show that a natural hybrid method of combining classical and quantum schemes can be used to "upgrade" a secure classical scheme to the fully-quantum setting, in a wide range of cryptographic settings including signcryption, authenticated encryption, and CCA security.

We propose definitions and implementations of ‘S-money’—virtual tokens designed for high-value fast transactions on networks with relativistic or other trusted signalling constraints, defined by inputs that in general are made at many network points, some or all of which may be space-like separated. We argue that one significant way of characterizing types of money in space–time is via the ‘summoning’ tasks they can solve: that is, how flexibly the money can be propagated to a desired space–time point in response to relevant information received at various space–time points. We show that S-money is more flexible than standard quantum or classical money in the sense that it can solve deterministic summoning tasks that they cannot. It requires the issuer and user to have networks of agents with classical data storage and communication, but no long-term quantum state storage, and is feasible with current technology. User privacy can be incorporated by secure bit commitment and zero-knowledge proof protocols. The level of privacy feasible in given scenarios depends on efficiency and composable security questions that remain to be systematically addressed.

A quantum proxy signature scheme makes the proxy signer can generate a quantum signature on behalf of the original signer. Although many quantum proxy signature schemes have been proposed, none of them can be formally proved to be secure. There is not even security model for the quantum proxy signatures. Some quantum proxy signature schemes have been proved to be insecure against forgery attacks. In this paper, first, the formal definition and the corresponding security model for the quantum proxy signatures are proposed. Second, based on the Hadamard operator and the controlled NOT operation, a new quantum proxy signature scheme is proposed. The security of our quantum proxy signature scheme can be formally proved under security model. The security model of the quantum proxy signatures is helpful for analyzing and improving the security of the quantum proxy signature schemes. On the other hand, compared with the other quantum proxy signatures, the new one proposed in this paper is the first that can be formally proved to be secure under security model.

Group signature scheme is a method of allowing a member of a group to sign a message anonymously on behalf of the group. The group administrator is in charge of adding group members and has the ability to reveal the original signer in the event of disputes. Based on controlled quantum teleportation with three-particle entangled W states, we propose a new quantum group signature scheme with designated receiver. Security analysis proves that the proposed scheme possesses the characteristics of group signature and resists the usual attacks. Compared with previous proposed schemes, this scheme follows security definition of group signature fully and meets its basic requirements.

IntroductionThe theorization focuses on the climate change’s influence to neurobiology. In modern societies, environmental nucleon generates in everyday activities from computers to industrial pollution. The subtle psychiatric changes can be categorized into: 1) the change of media in consciousness formation processes from cognition, such as from paper to electronic reading and from linguistics to coding; 2) activity changes in local reciprocal environment especially in places undergoing industrialization or developmental energy sources; 3) global exchanges underlying the current definitions of climate change but also taken into consideration of media change in cognitive behaviors; and 4) changes from outer space environment to the effects of global-to-local changes.ObjectivesThe objective of the theorization seeks to develop a heuristic paradigm to quantify the climate change’s effects to psychiatry from a neurobiological perspective. Albeit climate change is a complex topical issue, especially regarding the multivariable sources and traditional paradigms of case studies in the psychological and medical sciences, common sources of impacts to psychiatric public health in collective behaviors have been less of a focus. With the higher order of autonomous human functioning governed by the brains, the theorization in psychiatric public health hopes to quantify environmental impacts to brain functionings.MethodsThe theorization accumulated from nonproliferation research and the researcher’s developments in dopamine treatments in the high risk social-natural environment on depression. Inspired by the explicit review on electronic warfare’s impact on public health and astronomical research with proton decay outcome, a correlative theorization emerged between the cosmic decay and biodiversity in biochemistry. The theorization draws on developmental psychology to the nucleon heuristics in data research in cosmology, with prior experience documenting proliferation by applied quantum chromodynamics. Psychiatric data can be retrieved from relevant clinical settings of equivalent multi-wavelength brain scans as samples.ResultsFrom the perspective of cosmology, extremal graph theory can sample climate change on earth’s plasma from cosmic changes. This means earth’s dipole shifts to quantitative local population can be plotted, similar to the wild life researches in birds’ migration pattern changes. Local variants mainly derive from energy source types and energy consumption, however, bona fide data can hardly be retrieved due to deliberate transgressions for certain dire areas. Normative research can be conducted with cross-disciplinary collaborations with due consideration to privacy in public health research ethics.ConclusionsEnvironmental monitoring and psychiatric effects in developmental psychology are necessary in fundamental research on human security. This would increase some certainties and predictabilities for human development.Disclosure of InterestNone Declared

With the development of the Internet, information security has attracted great attention in today’s society, and quantum cryptography communication network based on quantum key distribution (QKD) is a very important part of this field, since the quantum key distribution combined with one-time-pad encryption scheme can guarantee the unconditional security of the information. The secret key generated by quantum key distribution protocols is a very valuable resource, so making full use of key resources is particularly important. Software definition network (SDN) is a new type of network architecture, and it separates the control plane and the data plane of network devices through OpenFlow technology, thus it realizes the flexible control of the network resources. In this paper, a quantum cryptography communication network model based on SDN is proposed to realize the flexible control of quantum key resources in the whole cryptography communication network. Moreover, we propose a routing algorithm which takes into account both the hops and the end-to-end availible keys, so that the secret key generated by QKD can be used effectively. We also simulate this quantum cryptography communication network, and the result shows that based on SDN and the proposed routing algorithm the performance of this network is improved since the effective use of the quantum key resources.

With recent advancements and research on quantum computers, it is conjectured that in the foreseeable future, sufficiently large quantum computers will be built to break essentially all public key cryptosystems currently in use. As a response, quantum-safe cryptography has recently garnered significant attention. The aim of quantum-safe cryptography is to design cryptosystems that are secure against both classical and quantum computers. This involves identifying computational problems that are believed to be secure against quantum adversaries and building cryptosystems based on such problems. A related problem of interest is arguing security of quantum-safe cryptosystems within the paradigm of provable security. Quantum security models for basic primitives like encryption and signature are gradually evolving and the security of different cryptosystems are being investigated in these models. Signcryption is a public key primitive that ensures both confidentiality and authenticity of data. Signcryption security can be modeled in different ways depending on whether the adversary can corrupt an insider, i.e., the sender or receiver, or not. The aim of this work is a comprehensive treatment of signcryption against quantum adversaries that are allowed to make oracle queries on quantum superposition of classical input values. We formulate suitable quantum security definitions for confidentiality and authenticity of signcryption both in insider and outsider models. We investigate the quantum security of generic constructions of signcryption schemes based on three paradigms, viz., encrypt-then-sign (EtS), sign-then-encrypt (StE) and commit-then-encrypt-and-sign (CtE&S). We show that the quantum analogues of the classical results hold in the insider model with an exception in the StE paradigm. However, in outsider model we need to consider an intermediate setting in which the adversary is given quantum access to unsigncryption oracle but classical access to signcryption oracle. In two-user outsider model, as in the classical setting, we show that post-quantum CPA security of the base encryption scheme is amplified in the EtS paradigm if the base signature scheme satisfies a stronger notion of security. We prove an analogous result in the StE paradigm. Interestingly, in the multi-user setting, our results strengthen the known classical results. Our results for the EtS and StE paradigms in the two-user outsider model also extend to the setting of authenticated encryption. We briefly discuss the difficulties in analyzing the full quantum security of signcryption in outsider model. Finally, we briefly discuss about some existing quantum secure encryption and signature proposals which can be used to instantiate signcryption schemes based on the above paradigms.