Results 1  10
of
12
Experimental Quantum Cryptography
 Journal of Cryptology
, 1992
"... We describe results from an apparatus and protocol designed to implement quantum key distribution, by which two users, who share no secret information initially: 1) exchange a random quantum transmission, consisting of very faint flashes of polarized light; 2) by subsequent public discussion of the ..."
Abstract

Cited by 195 (20 self)
 Add to MetaCart
We describe results from an apparatus and protocol designed to implement quantum key distribution, by which two users, who share no secret information initially: 1) exchange a random quantum transmission, consisting of very faint flashes of polarized light; 2) by subsequent public discussion of the sent and received versions of this transmission estimate the extent of eavesdropping that might have taken place on it, and finally 3) if this estimate is small enough, distill from the sent and received versions a smaller body of shared random information, which is certifiably secret in the sense that any third party's expected information on it is an exponentially small fraction of one bit. Because the system depends on the uncertainty principle of quantum physics, instead of usual mathematical assumptions such as the difficulty of factoring, it remains secure against an adversary with unlimited computing power. A preliminary version of this paper was presented at Eurocrypt '90, May 21 ...
A Quantum Bit Commitment Scheme Provably Unbreakable by both Parties
, 1993
"... Assume that a party, Alice, has a bit x in mind, to which she would like to be committed toward another party, Bob. That is, Alice wishes, through a procedure commit(x), to provide Bob with a piece of evidence that she has a bit x in mind and that she cannot change it. Meanwhile, Bob should not be ..."
Abstract

Cited by 68 (12 self)
 Add to MetaCart
Assume that a party, Alice, has a bit x in mind, to which she would like to be committed toward another party, Bob. That is, Alice wishes, through a procedure commit(x), to provide Bob with a piece of evidence that she has a bit x in mind and that she cannot change it. Meanwhile, Bob should not be able to tell from that evidence what x is. At a later time, Alice can reveal, through a procedure unveil(x), the value of x and prove to Bob that the piece of evidence sent earlier really corresponded to that bit. Classical bit commitment schemes (by which Alice's piece of evidence is classical information such as a bit string) cannot be secure against unlimited computing power and none have been proven secure against algorithmic sophistication. Previous quantum bit commitment schemes (by which Alice's piece of evidence is quantum information such as a stream of polarized photons) were known to be invulnerable to unlimited computing power and algorithmic sophistication, but not to arbitrary...
Quantum publickey cryptosystems
 in Proc. of CRYPT0 2000
, 2000
"... Abstract. This paper presents a new paradigm of cryptography, quantum publickey cryptosystems. In quantum publickey cryptosystems, all parties including senders, receivers and adversaries are modeled as quantum (probabilistic) polytime Turing (QPT) machines and only classical channels (i.e., no q ..."
Abstract

Cited by 28 (2 self)
 Add to MetaCart
Abstract. This paper presents a new paradigm of cryptography, quantum publickey cryptosystems. In quantum publickey cryptosystems, all parties including senders, receivers and adversaries are modeled as quantum (probabilistic) polytime Turing (QPT) machines and only classical channels (i.e., no quantum channels) are employed. A quantum trapdoor oneway function, f, plays an essential role in our system, in which a QPT machine can compute f with high probability, any QPT machine can invert f with negligible probability, and a QPT machine with trapdoor data can invert f. This paper proposes a concrete scheme for quantum publickey cryptosystems: a quantum publickey encryption scheme or quantum trapdoor oneway function. The security of our schemes is based on the computational assumption (over QPT machines) that a class of subsetsum problems is intractable against any QPT machine. Our scheme is very efficient and practical if Shor’s discrete logarithm algorithm is efficiently realized on a quantum machine.
The Spymasters DoubleAgent Problem: Multiparty Computation Secure Unconditionally from Minorities and Cryptographically from Majorities
, 1989
"... inequality, which means that all collusions of minorities can be tolerated, is argued to be optimal and makes the main result also optimal. 592 A third construction, on which the second is based but which is interesting in its own right, is that of an "allhonest world." This is a setting, relyin ..."
Abstract

Cited by 12 (0 self)
 Add to MetaCart
inequality, which means that all collusions of minorities can be tolerated, is argued to be optimal and makes the main result also optimal. 592 A third construction, on which the second is based but which is interesting in its own right, is that of an "allhonest world." This is a setting, relying only on assumption (b), in which any participant who has revealed secrets to any other can prove publicly that the secrets revealed are correct and receivable by the second participanteven ff the second participant denies receipt orcorrecmess. I INFORMAL INTRODUCTION A spymaster's deepest fear, it might be said, is that of a "double agent., If the spymasters of major countries would be willing to pool all the information they have on their agents, then they could discoverto their mutual benefit all double agents who play one side off against the other. But for a spymaster, revealing this sensitive data to "the other side" is, of course, unthinkable. A solution to the spymasters'
Detectable Byzantine Agreement Secure Against Faulty Majorities
 In 21st PODC
, 2002
"... It is wellknown that n players, connected only by pairwise secure channels, can achieve Byzantine agreement only if the number t of cheaters satisfies t < n=3, even with respect to computational security. However, for many applications it is sufficient to achieve detectable broadcast. With this pri ..."
Abstract

Cited by 10 (3 self)
 Add to MetaCart
It is wellknown that n players, connected only by pairwise secure channels, can achieve Byzantine agreement only if the number t of cheaters satisfies t < n=3, even with respect to computational security. However, for many applications it is sufficient to achieve detectable broadcast. With this primitive, broadcast is only guaranteed when all players are nonfaulty ("honest"), but all nonfaulty players always reach agreement on whether broadcast was achieved or not. We show that detectable broadcast can be achieved regardless of the number of faulty players (i.e., for all t < n). We give a protocol which is unconditionally secure, as well as two more efficient protocols which are secure with respect to computational assumptions, and the existence of quantum channels, respectively.
Alternative Computational Models: A Comparison of Biomolecular and Quantum Computation
 INVITED PAPER,18TH INTERNATIONAL CONFERENCE ON FOUNDATIONS OF SOFTWARE TECHNOLOGY AND THEORETICAL COMPUTER SCEINCE (FST&TCS98
, 1998
"... ..."
Quantum Key Distribution with Authentication
, 1999
"... The security of the previous quantum key distribution (QKD) protocols, which is guaranteed by the nature of physics law, is based on the legitimate users. However, impersonation of the legitimate communicators by eavesdroppers, in practice, will be inevitable. In fact, the previous QKD protocols is ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
The security of the previous quantum key distribution (QKD) protocols, which is guaranteed by the nature of physics law, is based on the legitimate users. However, impersonation of the legitimate communicators by eavesdroppers, in practice, will be inevitable. In fact, the previous QKD protocols is un secure without authentication in practical communication. In this paper, we proposed an improved QKD protocol that can simultaneously distribute the quantum secret key and verify the communicators ’ identity. This presented authentication scheme is provably secure. PACS:0365.Bz 1
Quantum Information Processing: Algorithms, Technologies and Challenges
"... Quantum Computation (QC) is a type of computation where unitary and measurement operations are executed on linear superpositions of basis states. This paper provides a brief introduction to QC. We begin with a discussion of basic models for QC such as quantum TMs, quantum gates and circuits and rela ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
Quantum Computation (QC) is a type of computation where unitary and measurement operations are executed on linear superpositions of basis states. This paper provides a brief introduction to QC. We begin with a discussion of basic models for QC such as quantum TMs, quantum gates and circuits and related complexity results. We then discuss a number of topics in quantum information theory, including bounds for quantum communication and I/O complexity, methods for quantum data compression. and quantum error correction (that is, techniques for decreasing decoherence errors in QC), Furthermore, we enumerate a number of methodologies and technologies for doing QC. Finally, we discuss resource bounds for QC including bonds for processing time, energy and volume, particularly emphasizing challenges in determining volume bounds for observation apperatus.
Improved Construnctions of Quantum BitCommitment Based on Quantum OneWay Permutations
"... this paper, we focus on the number of bits which Bob needs to store until the opening phase. We consider this as crucial in the quantum setting, since Bob must protect the received quantum states against decoherence until the opening phase. For some practical application, the length between the comm ..."
Abstract
 Add to MetaCart
this paper, we focus on the number of bits which Bob needs to store until the opening phase. We consider this as crucial in the quantum setting, since Bob must protect the received quantum states against decoherence until the opening phase. For some practical application, the length between the committing phase and the opening phase could be years. We will propose two quantum bitcommitment schemes based on quantum oneway permutations. One has the property of statistically binding and computationally concealing, and the other has that of statistically concealing and computationally binding. Our schemes reduce exponentially the number of bits which Bob needs to store (i.e., Alice sends) until the opening phase compared with the classical counterparts