Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Unclonable Cryptography in Linear Quantum Memory

Omri Shmueli, Mark Zhandry

TL;DR

This work initiates a substantial reduction of the long-term quantum memory required for unclonable cryptography, focusing on one-shot signatures (OSS) and quantum signing tokens. It introduces signing techniques that operate on entire messages with a single quantum state and develops a folding coset partition framework to beat the CPF input-size barrier, achieving asymptotically optimal quantum storage in the oracle model. In the standard model, under cryptographic assumptions such as sub-exponential iO, LWE with strong security guarantees, and decomposable trapdoor claw-free functions, the authors obtain $O(oldsymbol{ extlambda})$- or $O(oldsymbol{ extlambda}^2)$-sized quantum secret keys for OSS, significantly reducing memory costs compared to prior work. The paper also develops new information-theoretic and cryptographic hardness results for hidden subspace detection, along with subspace-hiding function concepts, which support the security reductions and have potential applications beyond unclonable cryptography, including quantum copy protection and quantum one-time programs.

Abstract

Quantum cryptography is a rapidly-developing area which leverages quantum information to accomplish classically-impossible tasks. In many of these protocols, quantum states are used as long-term cryptographic keys. Typically, this is to ensure the keys cannot be copied by an adversary, owing to the quantum no-cloning theorem. Unfortunately, due to quantum state's tendency to decohere, persistent quantum memory will likely be one of the most challenging resources for quantum computers. As such, it will be important to minimize persistent memory in quantum protocols. In this work, we consider the case of one-shot signatures (OSS), and more general quantum signing tokens. These are important unclonable primitives, where quantum signing keys allow for signing a single message but not two. Naturally, these quantum signing keys would require storage in long-term quantum memory. Very recently, the first OSS was constructed in a classical oracle model and also in the standard model, but we observe that the quantum memory required for these protocols is quite large. In this work, we significantly decrease the quantum secret key size, in some cases achieving asymptotically optimal size. To do so, we develop novel techniques for proving the security of cryptosystems using coset states, which are one of the main tools used in unclonable cryptography.

Unclonable Cryptography in Linear Quantum Memory

TL;DR

This work initiates a substantial reduction of the long-term quantum memory required for unclonable cryptography, focusing on one-shot signatures (OSS) and quantum signing tokens. It introduces signing techniques that operate on entire messages with a single quantum state and develops a folding coset partition framework to beat the CPF input-size barrier, achieving asymptotically optimal quantum storage in the oracle model. In the standard model, under cryptographic assumptions such as sub-exponential iO, LWE with strong security guarantees, and decomposable trapdoor claw-free functions, the authors obtain - or -sized quantum secret keys for OSS, significantly reducing memory costs compared to prior work. The paper also develops new information-theoretic and cryptographic hardness results for hidden subspace detection, along with subspace-hiding function concepts, which support the security reductions and have potential applications beyond unclonable cryptography, including quantum copy protection and quantum one-time programs.

Abstract

Quantum cryptography is a rapidly-developing area which leverages quantum information to accomplish classically-impossible tasks. In many of these protocols, quantum states are used as long-term cryptographic keys. Typically, this is to ensure the keys cannot be copied by an adversary, owing to the quantum no-cloning theorem. Unfortunately, due to quantum state's tendency to decohere, persistent quantum memory will likely be one of the most challenging resources for quantum computers. As such, it will be important to minimize persistent memory in quantum protocols. In this work, we consider the case of one-shot signatures (OSS), and more general quantum signing tokens. These are important unclonable primitives, where quantum signing keys allow for signing a single message but not two. Naturally, these quantum signing keys would require storage in long-term quantum memory. Very recently, the first OSS was constructed in a classical oracle model and also in the standard model, but we observe that the quantum memory required for these protocols is quite large. In this work, we significantly decrease the quantum secret key size, in some cases achieving asymptotically optimal size. To do so, we develop novel techniques for proving the security of cryptosystems using coset states, which are one of the main tools used in unclonable cryptography.

Paper Structure

This paper contains 73 sections, 28 theorems, 93 equations.

Table of Contents

  1. Introduction
  2. Long-term quantum memory.
  3. The quadratic memory barrier.
  4. The case of signature tokens and one-shot signatures.
  5. This work.
  6. Overview of techniques
  7. What is $\lambda$, anyway?
  8. The OSS of C:ShmZha25.
  9. Why the large signing keys.
  10. Signing multiple bits using a single quantum state.
  11. Parallel Signing.
  12. Overcoming the CPF input-size Problem.
  13. Folding Coset Partition Functions.
  14. Standard Model Construction.
  15. Concurrent and Independent Work
  16. ...and 58 more sections

Key Result

Theorem 1

Relative to a classical oracle there exists secure OSS with $O(\lambda)$-sized quantum secret keys, where each quantum secret key can sign on messages of size $\lambda$ and for every $T$ and a quantum unbounded algorithm making $T$ queries to the oracles, the probability to find two different signat

Theorems & Definitions (54)

  • Theorem 1
  • Theorem 2
  • Theorem 3
  • Theorem 4
  • Remark 5
  • Definition 6: Puncturable PRFs
  • Definition 7: Indistinguishability Obfuscation (iO)
  • Definition 8: Lossy Functions
  • Definition 9
  • Theorem 10: Implicit in C:WatZha24
  • ...and 44 more