Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Reexamination of the realtime protection for user privacy in practical quantum private query

Chun-Yan Wei, Xiao-Qiu Cai, Tian-Yin Wang

TL;DR

The paper reexamines realtime user-privacy protection in practical quantum private query (QPQ) protocols that rely on honesty checking (HCD) or qubit rearrangement (ROQ). Through cryptanalysis of Yu et al.'s HCD-based protocol and Chang et al.'s ROQ-based protocol, it constructs explicit cheating strategies for dishonest database holders and users, showing that realtime detection is ineffective and may even compromise database security (e.g., dishonest database holder can achieve a discrimination error of $0.1464$ for conclusive bits, while dishonest user can force more information). In the ROQ scenario, Bob can exploit published outputs to bias final-key selections and reduce privacy leakage, while Alice can store qubits and reconstruct the entire raw key to obtain the whole database. These results reveal fundamental tensions between user privacy and database security in quantum two-party computations and call for more careful honesty-check designs in quantum secure protocols.

Abstract

Quantum private query (QPQ) is the quantum version for symmetrically private retrieval. However, the user privacy in QPQ is generally guarded in the non-realtime and cheat sensitive way. That is, the dishonest database holder's cheating to elicit user privacy can only be discovered after the protocol is finished (when the user finds some errors in the retrieved database item). Such delayed detection may cause very unpleasant results for the user in real-life applications. Current efforts to protect user privacy in realtime in existing QPQ protocols mainly use two techniques, i.e., adding an honesty checking on the database or allowing the user to reorder the qubits. We reexamine these two kinds of QPQ protocols and find neither of them can work well. We give concrete cheating strategies for both participants and show that honesty checking of inner participant should be dealt more carefully in for example the choosing of checking qubits. We hope such discussion can supply new concerns when detection of dishonest participant is considered in quantum multi-party secure computations.

Reexamination of the realtime protection for user privacy in practical quantum private query

TL;DR

The paper reexamines realtime user-privacy protection in practical quantum private query (QPQ) protocols that rely on honesty checking (HCD) or qubit rearrangement (ROQ). Through cryptanalysis of Yu et al.'s HCD-based protocol and Chang et al.'s ROQ-based protocol, it constructs explicit cheating strategies for dishonest database holders and users, showing that realtime detection is ineffective and may even compromise database security (e.g., dishonest database holder can achieve a discrimination error of for conclusive bits, while dishonest user can force more information). In the ROQ scenario, Bob can exploit published outputs to bias final-key selections and reduce privacy leakage, while Alice can store qubits and reconstruct the entire raw key to obtain the whole database. These results reveal fundamental tensions between user privacy and database security in quantum two-party computations and call for more careful honesty-check designs in quantum secure protocols.

Abstract

Quantum private query (QPQ) is the quantum version for symmetrically private retrieval. However, the user privacy in QPQ is generally guarded in the non-realtime and cheat sensitive way. That is, the dishonest database holder's cheating to elicit user privacy can only be discovered after the protocol is finished (when the user finds some errors in the retrieved database item). Such delayed detection may cause very unpleasant results for the user in real-life applications. Current efforts to protect user privacy in realtime in existing QPQ protocols mainly use two techniques, i.e., adding an honesty checking on the database or allowing the user to reorder the qubits. We reexamine these two kinds of QPQ protocols and find neither of them can work well. We give concrete cheating strategies for both participants and show that honesty checking of inner participant should be dealt more carefully in for example the choosing of checking qubits. We hope such discussion can supply new concerns when detection of dishonest participant is considered in quantum multi-party secure computations.
Paper Structure (12 sections, 11 equations, 1 figure)

This paper contains 12 sections, 11 equations, 1 figure.

Table of Contents

  1. Introduction
  2. Cryptanalysis of QKD-based QPQ with HCD
  3. Review of Yu et al.'s protocol
  4. Cryptanalysis of Yu et al.'s protocol
  5. Attack of dishonest database holder
  6. Attack of dishonest user
  7. Cryptanalysis of QKD-based QPQ with ROQ
  8. Review of Chang et al.'s protocol with ROQ
  9. Cryptanalysis of Chang et al.'s protocol
  10. Attack of dishonest database holder Bob
  11. Attack of dishonest user Alice
  12. Conclusions

Figures (1)

  • Figure 1: The relationship between honest measurement and the two-step measurement.