Questions tagged [cryptography]
For questions about cryptography as it relates directly to quantum computing. Not for general cryptographic methods.
151 questions
0
votes
0
answers
26
views
Does quantum-accessible leakage invalidate classical security reductions in post-quantum cryptography?
In classical cryptographic security proofs, leakage or side information is typically modeled as classical and efficiently computable. In post-quantum cryptography, however, an adversary may hold ...
2
votes
0
answers
31
views
Relationship between post-quantum security and security against quantum adversaries
In cryptographic literature, the terms post-quantum secure and secure against quantum adversaries are sometimes used interchangeably, but in other places they appear to refer to distinct notions.
My ...
2
votes
1
answer
339
views
A Symmetry in Shor’s Algorithm: Successful bases always come in pairs (a, N–a)
I’ve recently written a short note proving a structural property of Shor’s factoring algorithm, and I’d like feedback from those more experienced in quantum algorithms.
Key result:
If a base a is ...
1
vote
1
answer
101
views
eff.org/dice psswrd generator secure against an adequate quantum computer?
https://www.eff.org/dice
If capable quantum computers were around would they be able to run a successful bruit force attack on the eff dice psswrd generator?
My learning has been regardless of its ...
2
votes
1
answer
144
views
Is it well-known that $H(x)\oplus H(x\oplus s)$ satisfies Simon's promise?
In Simon's problem, we are given a description of a function $f(x)$ where $f: \{0,1\}^n \to \{0,1\}^m, \; m \geq n-1$. We are also promised that there is a non-zero string $s\in\{0,1\}^n$ such that $f(...
1
vote
1
answer
110
views
Is there a metric or definition for how "quantum-friendly" a problem is?
I'm looking for a way to classify computational problems based on how suitable they are for quantum computers. Specifically, is there an established metric, definition, or framework that categorizes ...
2
votes
2
answers
849
views
A proof that 4 ≥ ∞ when using the Quantum One-Time Pad
A cryptographic scheme using a $n$-bit key to hide a $m$-bit plaintext is said to be perfectly secret when, without this key, we cannot get any information about the plaintext from the ciphertext. ...
6
votes
1
answer
212
views
Can we learn anything interesting about a claw by taking the square-root-of-NOT of each qubit?
Consider being given a circuit for a two-to-one Boolean function $f$ from $n$ (qu)bits to $m\ge n-1$ (qu)bits, and prepare the following state:
$$\frac{1}{\sqrt {2^n}}\sum_0^{2^n-1}|x\rangle|f(x)\...
1
vote
1
answer
209
views
How many qubits does the Mahadev's classical-verifier-quantum-prover protocol need?
In Mahadev's protocols, the idea is for a classical verifier to use post-quantum cryptography to check a quantum prover. This allows for various tasks from randomness certification to delegated ...
3
votes
1
answer
150
views
DOS attacks on QKD Systesm
In the BB84 QKD or similar protocol, we know that eavesdropping or interception during secret key generation can be detected, prompting both parties to discard the transaction and attempt a new one. ...
0
votes
1
answer
57
views
Why does an optimal collective attack correspond to a case involving purification of a biparitite state shared between Alice and Bob?
In Acin's paper (arXiv), it is mentioned that, given Eve chooses to do a collective attack (which roughly means Eve applies the same attack to each system of Alice and Bob, and that the devices with ...
2
votes
0
answers
57
views
In hetero (homodyne) detection, what does it mean to operate at the quantum shot limit?
I am an electrical engineering by trade, working on the analogue part (Transmitter & Receiver) of a quantum optical communication channel. By this, I mean I have not much experience on things ...
2
votes
0
answers
85
views
Seeking Recommendations on Quantum Attacks
I'm exploring quantum attacks (in the Q1 model) on symmetric structures, including hash functions, block ciphers, modes of operation and stream ciphers with time complexity beyond quadratic speedup. I'...
1
vote
0
answers
44
views
On the construction of quantum circuits for S-boxes with different criteria based on the SAT solver
I'm reading this paper: On the construction of quantum circuits for
S-boxes with different criteria based on the SAT
solver. Here's the link: https://eprint.iacr.org/2024/565.pdf#page=29&zoom=100,...
3
votes
1
answer
101
views
Benefits of using quantum encrypted keys
Considering, in a perfect world everyone has the capability to create a quantum key. What would the benefits of using quantum encrypted keys instead of using classically encrypted keys? Besides the ...