Abstract
An encryption scheme is called indistinguishable under chosen plaintext attack (short IND-CPA) if an attacker cannot distinguish the encryptions of two messages of his choice. There are other variants of this definition but they all turn out to be equivalent in the classical case. In this paper, we give a comprehensive overview of these different variants of IND-CPA for symmetric encryption schemes in the quantum setting. We investigate the relationships between these notions and prove various equivalences, implications, non-equivalences, and non-implications between these variants.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
They additionally distinguish between what they call the “oracle model” and the “challenger model” queries. The difference is that in the “oracle model”, only unitary query oracles are allowed, while in the “challenger model”, query oracles are allowed that, e.g., erase register. The security definitions that can be expressed in the “challenger model” trivially subsume those that can be stated in the “oracle model”. So the distinction has no effect on the set of possible security definitions. (In fact [12] never formally defines the distinction.).
- 2.
This security definition is equivalent to the indistinguishability notion proposed in [7] for secret key encryption of quantum messages when restricted to a classical encryption function operating in the minimal query type.
- 3.
- 4.
Their precise wording is “we will focus on the (...2) models in order to be on the ‘safe side’, as they lead to security notions which are harder to achieve.”. In their language, type-(2) models correspond to our \( ER \) queries, and type-(1) models to our \( ST \) queries.
- 5.
This is, of course, arguable. But without this restriction, the number of possible combinations would grow beyond what is manageable in the scope of this paper.
- 6.
Quantum secure pseudorandom permutation can be constructed from a quantum secure one-way function [27].
References
Alagic, G., Majenz, C., Russell, A., Song, F.: Quantum-access-secure message authentication via blind-unforgeability. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12107, pp. 788–817. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45727-3_27
Ambainis, A., Hamburg, M., Unruh, D.: Quantum security proofs using semi-classical oracles. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 269–295. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_10
Anand, M.V., Targhi, E.E., Tabia, G.N., Unruh, D.: Post-quantum security of the CBC, CFB, OFB, CTR, and XTS modes of operation. In: Takagi, T. (ed.) PQCrypto 2016. LNCS, vol. 9606, pp. 44–63. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29360-8_4
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: FOCS 1997, pp. 394–403. IEEE Computer Society (1997)
Boneh, D., Zhandry, M.: Quantum-secure message authentication codes. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 592–608. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38348-9_35
Boneh, D., Zhandry, M.: Secure signatures and chosen ciphertext security in a quantum computing world. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 361–379. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_21
Broadbent, A., Jeffery, S.: Quantum homomorphic encryption for circuits of low T-gate complexity. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 609–629. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_30
Carstens, T.V., Ebrahimi, E., Tabia, G.N., Unruh, D.: Relationships between quantum IND-CPA notions. IACR ePrint 2020/596 (2021). Full version of this paper
Chevalier, C., Ebrahimi, E., Vu, Q.H.: On the security notions for encryption in a quantum world. IACR Cryptology ePrint Archive 2020:237 (2020)
Damgård, I., Funder, J., Nielsen, J.B., Salvail, L.: Superposition attacks on cryptographic protocols. In: Padró, C. (ed.) ICITS 2013. LNCS, vol. 8317, pp. 142–161. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-04268-8_9
Ebrahimi, E., Chevalier, C., Kaplan, M., Minelli, M.: Superposition attack on OT protocols. IACR Cryptology ePrint Archive 2020:798 (2020)
Gagliardoni, T., Hülsing, A., Schaffner, C.: Semantic security and indistinguishability in the quantum world. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 60–89. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53015-3_3
Gagliardoni, T., Krämer, J., Struck, P.: Quantum indistinguishability for public key encryption. IACR Cryptology ePrint Archive 2020:266 (2020)
Kaplan, M., Leurent, G., Leverrier, A., Naya-Plasencia, M.: Breaking symmetric cryptosystems using quantum period finding. In: CRYPTO 2016. LNCS, vol. 9815, pp. 207–237. Springer, Cham (2016)
Kashefi, E., Kent, A., Vedral, V., Banaszek, K.: Comparison of quantum oracles. Phys. Rev. A 65, 050304 (2002)
Kuwakado, H., Morii, M.: Quantum distinguisher between the 3-round Feistel cipher and the random permutation. In ISIT 2010, pp. 2682–2685. IEEE (2010)
Kuwakado, H., Morii, M.: Security on the quantum-type even-Mansour cipher. In: ISITA 2012, pp. 312–316. IEEE (2012)
Liu, Q., Sahai, A., Zhandry, M.: Quantum immune one-time memories. IACR Cryptology ePrint Archive 2020:871 (2020)
Mossayebi, S., Schack, R.: Concrete security against adversaries with quantum superposition access to encryption and decryption oracles. CoRR, abs/1609.03780 (2016)
Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information (10th Anniversary edition). Cambridge University Press, Cambridge (2016)
Shi, Y.: Quantum lower bounds for the collision and the element distinctness problems. In: FOCS 2002, pp. 513–519 (2002)
Simon, D.R.: On the power of quantum computation. SIAM J. Comput. 26(5), 1474–1483 (1997)
Unruh, D.: Quantum proofs of knowledge. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 135–152. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_10
Unruh, D.: Computationally binding quantum commitments. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 497–527. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_18
Watrous, J.: Zero-knowledge against quantum attacks. SIAM J. Comput. 39(1), 25–58 (2009)
Zhandry, M.: A note on the quantum collision and set equality problems. Quantum Inf. Comput. 15(7 & 8), 557–567 (2015)
Zhandry, M.: A note on quantum-secure PRPs. IACR Cryptology ePrint Archive 2016:1076 (2016)
Acknowledgments
This work was supported by the United States Air Force Office of Scientific Research (AFOSR) via AOARD Grant “Verification of Quantum Cryptography” (FA2386-17-1-4022), by the ERC consolidator grant CerQuS (819317), by the Estonian Centre of Exellence in IT (EXCITE) funded by ERDF, and by the IUT2-1 grant and the PUT team grant PRG946 from the Estonian Research Council.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 International Association for Cryptologic Research
About this paper
Cite this paper
Carstens, T.V., Ebrahimi, E., Tabia, G.N., Unruh, D. (2021). Relationships Between Quantum IND-CPA Notions. In: Nissim, K., Waters, B. (eds) Theory of Cryptography. TCC 2021. Lecture Notes in Computer Science(), vol 13042. Springer, Cham. https://doi.org/10.1007/978-3-030-90459-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-030-90459-3_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-90458-6
Online ISBN: 978-3-030-90459-3
eBook Packages: Computer ScienceComputer Science (R0)
