Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

An efficient quantum parallel repetition theorem and applications

John Bostanci, Luowen Qian, Nicholas Spooner, Henry Yuen

TL;DR

This work establishes a tight parallel repetition theorem for 3-message quantum interactive protocols, showing that repeating a γ-secure protocol k times yields a γ^k plus negligible security loss, with a reduction that preserves advice and is uniform. It also proves that extending the 3-message result to 4-message protocols is generally impossible under plausible post-quantum assumptions, and it demonstrates efficient round-compression that reduces quantum arguments to 3 messages. Leveraging these advances, the authors derive broad applications, including hardness amplification for quantum commitments, EFI pairs, public-key quantum money, and quantum zero-knowledge, alongside a quantum XOR lemma for predicates. The technical core blends quantum rewinding with the quantum singular value transform, Jordan’s lemma, and coherent state management for almost-projective measurements to achieve uniform, time-efficient amplification while preserving complexity and security properties. Overall, the results offer a unifying, scalable approach to boosting quantum cryptographic security with strong practical implications for post-quantum cryptography and quantum money/primitives.

Abstract

We prove a tight parallel repetition theorem for $3$-message computationally-secure quantum interactive protocols between an efficient challenger and an efficient adversary. We also prove under plausible assumptions that the security of $4$-message computationally secure protocols does not generally decrease under parallel repetition. These mirror the classical results of Bellare, Impagliazzo, and Naor [BIN97]. Finally, we prove that all quantum argument systems can be generically compiled to an equivalent $3$-message argument system, mirroring the transformation for quantum proof systems [KW00, KKMV07]. As immediate applications, we show how to derive hardness amplification theorems for quantum bit commitment schemes (answering a question of Yan [Yan22]), EFI pairs (answering a question of Brakerski, Canetti, and Qian [BCQ23]), public-key quantum money schemes (answering a question of Aaronson and Christiano [AC13]), and quantum zero-knowledge argument systems. We also derive an XOR lemma [Yao82] for quantum predicates as a corollary.

An efficient quantum parallel repetition theorem and applications

TL;DR

This work establishes a tight parallel repetition theorem for 3-message quantum interactive protocols, showing that repeating a γ-secure protocol k times yields a γ^k plus negligible security loss, with a reduction that preserves advice and is uniform. It also proves that extending the 3-message result to 4-message protocols is generally impossible under plausible post-quantum assumptions, and it demonstrates efficient round-compression that reduces quantum arguments to 3 messages. Leveraging these advances, the authors derive broad applications, including hardness amplification for quantum commitments, EFI pairs, public-key quantum money, and quantum zero-knowledge, alongside a quantum XOR lemma for predicates. The technical core blends quantum rewinding with the quantum singular value transform, Jordan’s lemma, and coherent state management for almost-projective measurements to achieve uniform, time-efficient amplification while preserving complexity and security properties. Overall, the results offer a unifying, scalable approach to boosting quantum cryptographic security with strong practical implications for post-quantum cryptography and quantum money/primitives.

Abstract

We prove a tight parallel repetition theorem for -message computationally-secure quantum interactive protocols between an efficient challenger and an efficient adversary. We also prove under plausible assumptions that the security of -message computationally secure protocols does not generally decrease under parallel repetition. These mirror the classical results of Bellare, Impagliazzo, and Naor [BIN97]. Finally, we prove that all quantum argument systems can be generically compiled to an equivalent -message argument system, mirroring the transformation for quantum proof systems [KW00, KKMV07]. As immediate applications, we show how to derive hardness amplification theorems for quantum bit commitment schemes (answering a question of Yan [Yan22]), EFI pairs (answering a question of Brakerski, Canetti, and Qian [BCQ23]), public-key quantum money schemes (answering a question of Aaronson and Christiano [AC13]), and quantum zero-knowledge argument systems. We also derive an XOR lemma [Yao82] for quantum predicates as a corollary.
Paper Structure (49 sections, 41 theorems, 69 equations, 3 figures, 9 algorithms)

This paper contains 49 sections, 41 theorems, 69 equations, 3 figures, 9 algorithms.

Table of Contents

  1. Introduction
  2. On tightness of the reduction.
  3. Applications of 3-message hardness amplification
  4. Quantum commitments.
  5. Quantum Yao's XOR lemma.
  6. Quantum money.
  7. Amplification of post-quantum security.
  8. Barrier for parallel repetition beyond 3-message protocols
  9. Round compression for quantum argument systems
  10. Related works
  11. Acknowledgments.
  12. Technical overview
  13. 2-message non-uniform parallel repetition
  14. Attempt: Alternating projectors.
  15. Solution: QSVT.
  16. ...and 34 more sections

Key Result

theorem 1

Let $\proto$ be a $3$-message $\gamma$-computationally secure quantum protocol. Then the $k$-fold parallel repetition $\proto^{\otimes k}$ is $(\gamma^k + \negl(\lambda))$-computationally secure.

Figures (3)

  • Figure 1: A $2r+1$-message quantum interactive protocol.
  • Figure 2: An $c$, $r$-message post-quantum bit commitment scheme. In a post-quantum bit commitment, all messages are classical, but the sender might be quantum.
  • Figure 3: Schedule of messages sent in $\sch$. The schedule is chosen specifically so that an adversary might forward commitments to other challengers, in particular the left and right always send their messages first, before expecting a response. In \ref{['prot:k-fold-unrepeatable']}, both the left and right are executed by the challenger, and the adversary executes the man-in-the-middle strategy.

Theorems & Definitions (80)

  • theorem 1: 3-message efficient parallel repetition, informal
  • corollary 1: Hardness amplification for commitments
  • corollary 2: XOR lemma for EFI pairs
  • corollary 3: Quantum Yao's XOR lemma
  • corollary 4: Hardness amplification for quantum money
  • theorem 2: Impossibility of parallel repetition, informal
  • theorem 3: Round compression, informal
  • corollary 5: Round-preserving amplification for arguments
  • corollary 6: Round compression of zero-knowledge protocols
  • remark 1: Advice preservation
  • ...and 70 more