Abstract
A recent result by Dulek et al. (EUROCRYPT 2020) showed a secure protocol for computing any quantum circuit even without the presence of an honest majority. Their protocol, however, is susceptible to a “denial of service” attack and allows even a single corrupted party to force an abort. We propose the first quantum protocol that admits security-with-identifiable-abort, which allows the honest parties to agree on the identity of a corrupted party in case of an abort. Additionally, our protocol is the first to have the property that the number of rounds where quantum communication is required is independent of the circuit complexity. Furthermore, if there exists a post-quantum secure classical protocol whose round complexity is independent of the circuit complexity, then our protocol has this property as well. Our protocol is secure under the assumption that classical quantum-resistant fully homomorphic encryption schemes with decryption circuit of logarithmic depth exist. Interestingly, our construction also admits a reduction from quantum fair secure computation to classical fair secure computation.
B. Alon—This work was supported by ISF grant 152/17 and by the Ariel Cyber Innovation Center in conjunction with the Israel National Cyber directorate in the Prime Minister’s Office. Part of the work was done while visiting Academia Sinica.
H. Chung and Y.-C. Shen—This research is partially supported by the Young Scholar Fellowship (Einstein Program) of the Ministry of Science and Technology (MOST) in Taiwan, under grant number MOST 108-2636-E-002-014 and Executive Yuan Data Safety and Talent Cultivation Project (ASKPQ-109-DSTCP).
K.-M. Chung—This research is partially supported by the Air Force Office of Scientific Research under award number FA2386-20-1-4066, and MOST, Taiwan, under Grant no. MOST 109-2223-E-001-001-MY3.
M.-Y. Huang—This work is supported by the Young Scholar Fellowship (Einstein Program) of the Ministry of Science and Technology (MOST) in Taiwan, under grant number MOST 109-2636-E-002-025.
Y. Lee—This work was done in part while the author was affiliated to National Taiwan University.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
The impossibility proof is in the information theoretic setting, where the adversary is unbounded. However, even though Cleve’s impossibility result is stated for classical protocols, the proof can still be applied for quantum protocols.
- 2.
Intuitively, fair computation means that either all parties receive their respective outputs, or none of them do.
- 3.
Here we abuse the notation that we denote the \(k\)th qubit of the codeword \(\sigma _k\), while these \(q\) qubits may be entangled.
- 4.
It is more common to use the term Clifford encoding. However, in the quantum setting authentication implies encryption. Thus, we refer to these as encryptions to remove confusion with the QECC encoding.
- 5.
Repetition codes only resist bit-flip error (i.e., Pauli X attack). However, it is sufficient for the purposes of demonstration here.
- 6.
Formally, the ideal-world is parametrized by two polynomial in the security parameter that bound the number input-qubits and number of output-qubits that can be dropped.
- 7.
The reason for the fixed length is due to a technicality that follows from the way \({\mathsf {SA}}\) is used.
- 8.
We note that this technique, of using the graph to allow honest parties to unanimously agree on the identity of a corrupted party, was independently used in another recent paper by [BMMMQ20].
- 9.
Recall that \({\mathsf {SA}}\) requires the path to be of length \(n^2\). Note that the way \({\mathsf {cMPC}}\) computes the path always generates a path of length at most \(n^2\). If the path is shorter, then \({\mathsf {cMPC}}\) can just add the last party repeatedly.
- 10.
In addition to fairness, identifiable fair computation have the added property that in case the protocol aborts, the honest parties agree on the identity of at least one corrupted party.
References
Ambainis, A., Buhrman, H., Dodis, Y., Rohrig, H.: Multiparty quantum coin flipping. In: Proceedings of the 19th IEEE Annual Conference on Computational Complexity 2004, pp. 250–259. IEEE (2004)
Aharonov, D., Ben-Or, M., Eban, E.: Interactive proofs for quantum computations. In: Chi-Chih Yao, A. (ed.) Innovations in Computer Science - ICS 2010, Tsinghua University, 5–7 January 2010, Beijing, China. Proceedings, pp. 453–469. Tsinghua University Press (2010)
Alon, B., Chung, H., Chung, K.-M., Huang, M.-Y., Lee, Y., Shen, Y.-C.: Round efficient secure multiparty quantum computation with identifiable abort. Cryptology ePrint Archive, Report 2020/1464, 2020. https://eprint.iacr.org/2020/1464
Alagic, G., Dulek, Y., Schaffner, C., Speelman, F.: Quantum fully homomorphic encryption with verification (2017)
Barnum, H., Crepeau, C., Gottesman, D., Smith, A., Tapp, A.: Authentication of quantum messages. In: The 43rd Annual IEEE Symposium on Foundations of Computer Science 2002 Proceedings. IEEE Comput. Soc (2002)
Broadbent, A., Gutoski, G., Stebila, D.: Quantum one-time programs. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 344–360. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_20
Bravyi, S., Kitaev, A.: Universal quantum computation with ideal Clifford gates and noisy ancillas. Physical Review A (2005)
Brandt, N.-P., Maier, S., Müller, T., Müller-Quade, J.: Constructing secure multi-party computation with identifiable abort. IACR Cryptol. ePrint Arch. 2020, vol. 153 (2020)
Ben-Or, M., Crepeau, C., Gottesman, D., Hassidim, A., Smith, A.: Secure multiparty quantum computation with (only) a strict honest majority. In: 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS 2006). IEEE (2006)
Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. In: Ostrovsky, R. (ed.) IEEE 52nd Annual Symposium on Foundations of Computer Science, FOCS 2011, 22–25 October 2011, Palm Springs, CA, USA, pp. 97–106. IEEE Computer Society (2011)
Crépeau, C., Gottesman, D., Smith, A.: Secure multi-party quantum computation. In: Proceedings of the Thiry-Fourth Annual ACM Symposium on Theory of Computing - STOC 2002. ACM Press (2002)
Cleve, R.: Limits on the security of coin flips when half the processors are faulty. In: Proceedings of the Eighteenth Annual ACM Symposium on Theory of Computing, pp. 364–369 (1986)
Dulek, Y., Grilo, A.B., Jeffery, S., Majenz, C., Schaffner, C.: Secure multi-party quantum computation with a dishonest majority. Advances in Cryptology - EUROCRYPT 2020 (2020)
DiVincenzo, D.P., Leung, D.W., Terhal, B.M.: Quantum data hiding. IEEE Trans. Inf. Theory 48(3), 580–598 (2002)
Dupuis, F., Nielsen, J.B., Salvail, L.: Actively secure two-party evaluation of any quantum operation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 794–811. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_46
Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_38
Goldreich, O., Micali, S., Wigderson, A.: How to play ANY mental game. In: Proceedings of the Nineteenth Annual ACM Conference on Theory of Computing - STOC 1987. ACM Press (1987)
Ishai, Y., Ostrovsky, R., Zikas, V.: Secure multi-party computation with identifiable abort. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014. LNCS, vol. 8617, pp. 369–386. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44381-1_21
Kitaev, A.: Quantum coin-flipping. Talk at QIP 2003 (slides and video at MSRI), December 2002
Rabin, T., Ben-Or, M.: Verifiable secret sharing and multiparty protocols with honest majority. In: Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing, pp. 73–85 (1989)
Unruh, D.: Universally composable quantum multi-party computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 486–505. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_25
Acknowledgements
The authors would like to thank the anonymous reviewers for their useful comments and suggestions, and in particular for pointing out the existence of \(\mathsf {NC}^1\) decryption of classical fully homomorphic encryption schemes [BV11]. We would also like to thank Eran Omri for many useful conversations.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 International Association for Cryptologic Research
About this paper
Cite this paper
Alon, B., Chung, H., Chung, KM., Huang, MY., Lee, Y., Shen, YC. (2021). Round Efficient Secure Multiparty Quantum Computation with Identifiable Abort. In: Malkin, T., Peikert, C. (eds) Advances in Cryptology – CRYPTO 2021. CRYPTO 2021. Lecture Notes in Computer Science(), vol 12825. Springer, Cham. https://doi.org/10.1007/978-3-030-84242-0_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-84242-0_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-84241-3
Online ISBN: 978-3-030-84242-0
eBook Packages: Computer ScienceComputer Science (R0)