filmov
tv
QIP2021 | Non-interactive Zero-knowledge Protocols for QMA and... (Shih-Han Hung, Omri Shmueli)
Показать описание
Non-interactive Zero-knowledge Protocols for QMA and Post-quantum Zero-knowledge in Constant Rounds
Authors: Gorjan Alagic, Andrew Childs, Andrea Coladangelo, Alex Bredariol Grilo, Shih-Han Hung, Thomas Vidick and Tina Zhang // Nir Bitansky and Omri Shmueli
Affiliations: QuICS | University of Maryland | UC Berkeley | LIP6, CNRS/Sorbonne Université | QuICS | Caltech | Caltech // Tel Aviv University | Tel Aviv University
Abstract:
A non-interactive zero-knowledge (NIZK) proof system for a language L in NP allows a prover (who is provided with an instance x and a witness w) to compute a classical certificate for the claim that x is in L, with the following properties: 1) the protocol can be verified efficiently, and 2) the protocol does not reveal any information about w, besides the fact that it exists (i.e., that x is in L). While NIZKs are known to be impossible in the plain model (i.e., with no additional trusted resource), they are well studied in alternative models and have seen widespread application in classical cryptography. Given the importance of NIZKs, and more generally zero-knowledge protocols, in classical cryptography, there has been a recent effort to achieve such protocols for QMA, a natural quantum analog of NP. However, all previous results only achieved interactive protocols, limiting their cryptographic use. Moreover, they all rely on quantum communication between the prover and the verifier, which may be difficult to achieve. In this submission, we present two NIZK protocols for QMA in the Common Reference String (CRS) model, with additional offline setup. Both protocols are achieved through the homomorphic computation of classical NIZKs for NP, and rely on the hardness of the Learning With Errors problem. However, each of them then combines this core idea with different (seemingly incomparable) techniques: 1) our first protocol makes use of quantum teleportation and quantum communication in an offline setup phase, with a classical online phase; our second protocol leverages techniques for classical verification of quantum computations, and is the only known NIZK for QMA to be completely classical, as well as reusable, meaning that a single setup allows to prove many theorems. Security of the latter is in the Quantum Random Oracle model. // We construct the first constant-round zero-knowledge classical argument for NP secure against quantum attacks. We assume the existence of Quantum Fully Homomorphic Encryption and other standard primitives, known based on the Learning with Errors Assumption for quantum algorithms. As a corollary, we also obtain the first constant-round zero-knowledge quantum argument for QMA. At the heart of our protocol is a new no-cloning non-black-box simulation technique.
Get entangled with us!
Authors: Gorjan Alagic, Andrew Childs, Andrea Coladangelo, Alex Bredariol Grilo, Shih-Han Hung, Thomas Vidick and Tina Zhang // Nir Bitansky and Omri Shmueli
Affiliations: QuICS | University of Maryland | UC Berkeley | LIP6, CNRS/Sorbonne Université | QuICS | Caltech | Caltech // Tel Aviv University | Tel Aviv University
Abstract:
A non-interactive zero-knowledge (NIZK) proof system for a language L in NP allows a prover (who is provided with an instance x and a witness w) to compute a classical certificate for the claim that x is in L, with the following properties: 1) the protocol can be verified efficiently, and 2) the protocol does not reveal any information about w, besides the fact that it exists (i.e., that x is in L). While NIZKs are known to be impossible in the plain model (i.e., with no additional trusted resource), they are well studied in alternative models and have seen widespread application in classical cryptography. Given the importance of NIZKs, and more generally zero-knowledge protocols, in classical cryptography, there has been a recent effort to achieve such protocols for QMA, a natural quantum analog of NP. However, all previous results only achieved interactive protocols, limiting their cryptographic use. Moreover, they all rely on quantum communication between the prover and the verifier, which may be difficult to achieve. In this submission, we present two NIZK protocols for QMA in the Common Reference String (CRS) model, with additional offline setup. Both protocols are achieved through the homomorphic computation of classical NIZKs for NP, and rely on the hardness of the Learning With Errors problem. However, each of them then combines this core idea with different (seemingly incomparable) techniques: 1) our first protocol makes use of quantum teleportation and quantum communication in an offline setup phase, with a classical online phase; our second protocol leverages techniques for classical verification of quantum computations, and is the only known NIZK for QMA to be completely classical, as well as reusable, meaning that a single setup allows to prove many theorems. Security of the latter is in the Quantum Random Oracle model. // We construct the first constant-round zero-knowledge classical argument for NP secure against quantum attacks. We assume the existence of Quantum Fully Homomorphic Encryption and other standard primitives, known based on the Learning with Errors Assumption for quantum algorithms. As a corollary, we also obtain the first constant-round zero-knowledge quantum argument for QMA. At the heart of our protocol is a new no-cloning non-black-box simulation technique.
Get entangled with us!
1:13:17
0:28:34
1:01:51
0:29:54
0:25:56
0:27:04
0:25:09
0:29:52
0:21:21
0:22:08
3:00:19
0:42:14
0:29:28
0:25:40
0:54:18
0:29:28
0:30:45
0:59:31
0:24:34
0:26:38
1:01:27
0:29:53
0:57:30