CQCT Feb 07 Griffith University 1 Joan Vaccaro Joe Spring Anthony Chefles Quantum Polling HP Labs, Bristol Griffith University Uni of Hertfordshire QUantum.

Slides:

Advertisements

Similar presentations

Secret Ballot Receipts: True Voter Verifiable Elections Author: David Chaum Published: IEEE Security & Privacy Presenter: Adam Anthony.

Advertisements

Cryptography for Unconditionally Secure Message Transmission in Networks Kaoru Kurosawa.

A Pairing-Based Blind Signature

Implementation of Practically Secure Quantum Bit Commitment Protocol Ariel Danan School of Physics Tel Aviv University September 2008.

Christian Schaffner CWI Amsterdam, Netherlands Position-Based Quantum Cryptography: Impossibility and Constructions Seminar Eindhoven, Netherlands Wednesday,

Distribution and Revocation of Cryptographic Keys in Sensor Networks Amrinder Singh Dept. of Computer Science Virginia Tech.

1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.

22C:19 Discrete Structures Integers and Modular Arithmetic

QUANTUM CRYPTOGRAPHY ABHINAV GUPTA CSc Introduction [1,2]  Quantum cryptography is an emerging technology in which two parties can secure network.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Short course on quantum computing Andris Ambainis University of Latvia.

Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.

Receipt-free Voting Joint work with Markus Jakobsson, C. Andy Neff Ari Juels RSA Laboratories.

Quantum Cryptography Ranveer Raaj Joyseeree & Andreas Fognini Alice Bob Eve.

Introduction to Modern Cryptography, Lecture 13 Money Related Issues ($$$) and Odds and Ends.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.

Quantum Cryptography Qingqing Yuan. Outline No-Cloning Theorem BB84 Cryptography Protocol Quantum Digital Signature.

Universal Optical Operations in Quantum Information Processing Wei-Min Zhang ( Physics Dept, NCKU )

Digital Cash Damodar Nagapuram. Overview ► Monetary Freedom ► Digital Cash and its importance ► Achieving Digital Cash ► Disadvantages with digital cash.

Electronic Voting Schemes and Other stuff. Requirements Only eligible voters can vote (once only) No one can tell how voter voted Publish who voted (?)

Efficient many-party controlled teleportation of multi-qubit quantum information via entanglement Chui-Ping Yang, Shih-I Chu, Siyuan Han Physical Review.

CRYPTOGRAPHY WHAT IS IT GOOD FOR? Andrej Bogdanov Chinese University of Hong Kong CMSC 5719 | 6 Feb 2012.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

BB84 Quantum Key Distribution 1.Alice chooses (4+  )n random bitstrings a and b, 2.Alice encodes each bit a i as {|0>,|1>} if b i =0 and as {|+>,|->}

Quantum Cryptography Prafulla Basavaraja CS 265 – Spring 2005.

EECS 598 Fall ’01 Quantum Cryptography Presentation By George Mathew.

Paraty, Quantum Information School, August 2007 Antonio Acín ICFO-Institut de Ciències Fotòniques (Barcelona) Quantum Cryptography.

Quantum Public Key Cryptography with Information- Theoretic Security Daniel Gottesman Perimeter Institute.

1 Lecture 18: Security issues specific to security key management services –privacy –integrity/authentication –nonrepudiation/plausible deniability.

Pretty Good Privacy by Philip Zimmerman presented by: Chris Ward.

Digital Cash By Gaurav Shetty. Agenda Introduction. Introduction. Working. Working. Desired Properties. Desired Properties. Protocols for Digital Cash.

An Efficient Identity-based Cryptosystem for

A Few Simple Applications to Cryptography Louis Salvail BRICS, Aarhus University.

Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms David Chaum CACM Vol. 24 No. 2 February 1981 Presented by: Adam Lee 1/24/2006 David.

Robust Sharing of Secrets when the Dealer Is Honest or Cheating Tal Rabin 1994 Brian Fry COEN

Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.

6. Esoteric Protocols secure elections and multi-party computation Kim Hyoung-Shick.

Privacy Enhancing Technologies Spring What is Privacy? “The right to be let alone” Confidentiality Anonymity Access Control Most privacy technologies.

1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.

Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 6:Esoteric Protocols Dulal C Kar. Secure Elections Ideal voting protocol has at least following six properties 1.Only authorized voters can vote.

Cryptography In the Bounded Quantum-Storage Model Christian Schaffner, BRICS University of Århus, Denmark ECRYPT Autumn School, Bertinoro Wednesday, October.

Cryptography In the Bounded Quantum-Storage Model Christian Schaffner, BRICS University of Århus, Denmark 9 th workshop on QIP 2006, Paris Tuesday, January.

1 A Randomized Space-Time Transmission Scheme for Secret-Key Agreement Xiaohua (Edward) Li 1, Mo Chen 1 and E. Paul Ratazzi 2 1 Department of Electrical.

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Introduction to Quantum Key Distribution

CS555Topic 251 Cryptography CS 555 Topic 25: Quantum Crpytography.

Merkle trees Introduced by Ralph Merkle, 1979 An authentication scheme

Intro to Cryptography Lesson Introduction

COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●

Cryptography In the Bounded Quantum-Storage Model

PROACTIVE SECRET SHARING Or: How to Cope With Perpetual Leakage Herzberg et al. Presented by: Avinash Ravi Kevin Skapinetz.

CS555Spring 2012/Topic 31 Cryptography CS 555 Topic 3: One-time Pad and Perfect Secrecy.

1 Conference key-agreement and secret sharing through noisy GHZ states Kai Chen and Hoi-Kwong Lo Center for Quantum Information and Quantum Control, Dept.

Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam.

Quantum Cryptography Christian Schaffner

Quantum Cryptography Antonio Acín

Quantum Cryptography Christian Schaffner Research Center for Quantum Software Institute for Logic, Language and Computation (ILLC) University of Amsterdam.

1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.

1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 467 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 3524 Course.

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Information Security message M one-way hash fingerprint f = H(M)

Unconditional Security of the Bennett 1992 quantum key-distribution protocol over a lossy and noisy channel Kiyoshi Tamaki * *Perimeter Institute for.

Information Security message M one-way hash fingerprint f = H(M)

Quantum Key Distribution

Presentation transcript:

CQCT Feb 07 Griffith University 1 Joan Vaccaro Joe Spring Anthony Chefles Quantum Polling HP Labs, Bristol Griffith University Uni of Hertfordshire QUantum PRoperties Of DIstributed Systems PRA 75, (2007), quant-ph/ ~ Hillery et al. PLA (2006), quant-ph/

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 2 ~ small scale quantum processing quantum data security QKD – commercial… other (incl. multiparty) protocols Quantum Fingerprinting Quantum Seals Authentication of Quantum Messages Quantum Broadcast Communication Quantum Anonymous Transmissions Quantum Exam Secret Sharing Introduction

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 3 ~ Small scale quantum processing Quantum data security QKD – 2 party protocols – commercial… Other (incl. multiparty) protocols Quantum Broadcast Communication Quantum Fingerprinting Quantum Seals Authentication of Quantum Messages Quantum Anonymous Transmissions Quantum Exam Secret Sharing Introduction Quantum Fingerprinting [Buhrman…PRL 87, (2003)] fingerprint: smaller string ~ uniquely identifies message. quantum fingerprints of classical messages are exp. smaller Quantum Seals [Bechmann-Pasquinucci quant-ph/ ] encode classical message in quantum state (0  |0>|0>|f>, 1  |1>|1>|f>, order of bits is random, |f>=|0>+e i  |1>) easily read (majority vote) – can detect if message has been read Authentication of Quantum Messages [Barnum… quant-ph/ ] allows Bob to check that message has not been altered e.g. distribute EPR pairs, use purity checking, teleport,… Quantum Anonymous Transmissions [Christandl… quant-ph/ ] share GHZ state, pi phase, Hadamard, measure – announce, answer is mod 2. Can also share entanglement with “anon Bob” Quantum Exam [Nguyen PLA 350, 174 (2006)] share GHZ states – local meas. gives shared random class. key – use key to send common exam text and the individual answers. Secret Sharing [Hillery…, PRA ;Cleve…PRL (1999)]

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 4 Cleve, Gottesman & Lo, PRL 83, 648 (1999) (n,k) threshold scheme - n shares - need k pieces to reveal secret Quantum (2,2) threshold scheme Secret sharing Classical (2,2) threshold scheme: - two secret numbers m, c - encode as linear equation y = m x + c quantum secret c 0 x y k = 2, n = 2 Shamir, ACM 22, 612 (1979) (x 1, y 1 ) (x 2, y 2 ) slope = m e.g. distribute key to 2 people

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 5 Cleve, Gottesman & Lo, PRL 83, 648 (1999) Quantum (2,2) threshold scheme quantum secret partial traces  (n,k) threshold scheme - n shares - need k pieces to reveal secret Secret sharing Classical (2,2) threshold scheme: - two secret numbers m, c - encode as linear equation y = m x + c c 0 x y k = 2, n = 2 Shamir, ACM 22, 612 (1979) (x 1, y 1 ) (x 2, y 2 ) slope = m e.g. distribute key to 2 people

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 6 Secure survey Distributed ballot state Estimate (or gift) Q 1 of each person is: - private to each person - nonbinding (receipt not nec.) Net amount is known publicly tallymanvoting “booth” T V N “ particles”

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 7 1 st person applies local phase shift  for estimate Q 1 at voting booth for  = Q 1  Secure survey Distributed ballot state Estimate (or gift) Q 1 of each person is: - private to each person - nonbinding (receipt not nec.) Net amount is known publicly tallymanvoting “booth” T V N “ particles”

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 8 tallyman T Effect on ballot state: phase value  is not available locally Partial traces: voting “booth” V Secrecy:

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 9 ….after the k th person: whereis net amount Global phase-state basis Pegg & Barnett PRA 39, 1665 (1989) Global measurement yields and thus net amount M tallyman T voting “booth” V

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 10 Local attack – colluding to learn amounts offered: Rewrite ballot state as: A measures the phase angle locally and finds Subsequent amounts tendered accumulate locally: C then measures the phase angle Collusion by A and C reveals net amount M. value of  is random Tallyman detects attack by measuring total particle number (with prob. ~ 1  1 / N ) Imagine: Detection:

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 11 Defence - multiparty ballot state: K booths: one for each person tallymanvoting booths T V Global Measurement in the basis yields and thus net amount M

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 12 Problem: not restricted to 1 vote/person Solution: use –restricted voting system –extra (trusted) electoral agent Vote of each person is: - private, receipt-free - limited to 1 vote Tally of votes is known publicly Use multiparty ballot state: “No” = zero phase shift “Yes” = phase shift of  Secure voting Vote:

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 13 Restricted voting system Voter prepares qutrit pairs (basis ) one qutrit is given to Tallyman, other qutrit is given to a local Electoral Agent Extra (trusted) electoral agent Vote is recorded in ballot state using the local operation qutritsballot tallyman electoral agent

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 14 Attack – colluding by Tallyman and Electoral Agent to measure state of qutrit pairs Defence – increase number of Electoral Agents Example: triplet of qutrits 2 Agents Tallyman Reduces risk of collusion (all parties need to be involved) Reduces information available to each Agent Reduces risk of collusion (all parties need to be involved) Reduces information available to each Agent

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 15  Quantum scheme computational complexity: distribute & collect ballot state to N voters = 2 N Comparison  Classical scheme Chaum’s secret ballot protocol unconditionally secure - uses blind signature and sender untraceability - share one-time pads between all pairs of voters computational complexity: distribute 1-time pads = N(N-1) 2 order N speedup T D. Chaum EuroCrypt '88, 177 (1998) adv. is scalability!

CQCT Feb 07 IntroductionSecure SurveySecure VotingSummary Griffith University 16 secure survey multiparty ballot state each offer is anonymous secure voting 1 vote per voter extra Electoral Agents receipt-free Summary advocate small scale processing