ABSTRACT
We show that Trevisan's extractor and its variants [22,19] are secure against bounded quantum storage adversaries. One instantiation gives the first such extractor to achieve an output length Θ(K-b), where K is the source's entropy and b the adversary's storage, together with a poly-logarithmic seed length. Another instantiation achieves a logarithmic key length, with a slightly smaller output length Θ((K-b)/Kγ) for any γ>0. In contrast, the previous best construction [21] could only extract (K/b)1/15 bits.
Some of our constructions have the additional advantage that every bit of the output is a function of only a polylogarithmic number of bits from the source, which is crucial for some cryptographic applications.
Our argument is based on bounds for a generalization of quantum random access codes, which we call quantum functional access codes. This is crucial as it lets us avoid the local list-decoding algorithm central to the approach in [21], which was the source of the multiplicative overhead.
- A. Ambainis, A. Nayak, A. Tashma, and U. V. Vazirani. Dense quantum coding and quantum finite automata. Journal of the ACM, 49(4):496--511, 2002. Preliminary version in phProc. of STOC 1999. Google ScholarDigital Library
- A. Ben-Aroya, O. Regev, and R. de Wolf. A Hypercontractive Inequality for Matrix-Valued Functions with Applications to Quantum Computing and LDCs . In Proceedings of the 49th IEEE Symposium on Foundations of Computer Science, pages 477--486, 2008. Full version at arXiv:0705.3806. Google ScholarDigital Library
- R. Cleve, W. v. Dam, M. Nielsen, and A. Tapp. Quantum entanglement and the communication complexity of the inner product function. In QCQC '98: Selected papers from the First NASA International Conference on Quantum Computing and Quantum Communications, pages 61--74, London, UK, 1998. Springer-Verlag. Google ScholarDigital Library
- A. De, C. Portmann, R. Renner, and T. Vidick. Trevisan's extractor in the presence of quantum side information. Technical report arXiv:0912.5514, 2009.Google Scholar
- A. De and L. Trevisan. Extractors using hardness amplification. In Proc. of APPROX-RANDOM, pages 462--475, 2009. Google ScholarDigital Library
- S. Dziembowski and U. Maurer. Optimal randomizer efficiency in the bounded-storage model. Journal of Cryptology, 17(1):5--26, 2004. Google ScholarDigital Library
- S. Fehr and C. Schaffner. Randomness extraction via delta-biased masking in the presence of a quantum attacker. In R. Canetti, editor, TCC, volume 4948 of Lecture Notes in Computer Science, pages 465--481. Springer, 2008. Google ScholarDigital Library
- D. Gavinsky, J. Kempe, I. Kerenidis, R. Raz, and R. de Wolf. Exponential separation for one-way quantum communication complexity, with applications to cryptography. SIAM Journal of Computing, 38(5):1695--1708, 2008. Preliminary version in Proc. of STOC 2007. Google ScholarDigital Library
- V. Guruswami, J. Håstad, M. Sudan, and D. Zuckerman. Combinatorial bounds for list decoding. IEEE Transactions on Information Theory, 48(5):1021--1034, 2002. Google ScholarDigital Library
- T. Hartman and R. Raz. On the distribution of the number of roots of polynomials and explicit weak designs. Random Structures and Algorithms, 23(3):235--263, 2003. Google ScholarDigital Library
- A. Holevo. Information-theoretic aspects of quantum measurement. Problems of Information Transmission, 9(2):31--42, 1973.Google Scholar
- R. Impagliazzo, R. Jaiswal, and V. Kabanets. Approximately List-Decoding Direct Product Codes and Uniform Hardness Amplification. In Proceedings of the 47th IEEE Symposium on Foundations of Computer Science, pages 187--196, 2006. Full version at http://www1.cs.columbia.edu/$\sim$rjaiswal/. Google ScholarDigital Library
- R. König, U. Maurer, and R. Renner. On the power of quantum memory. IEEE Transactions on Information Theory, 51(7):2391--2401, 2005. Google ScholarDigital Library
- R. König and B. Terhal. The bounded storage model in presence of a quantum adversary. IEEE Transactions on Information Theory, 54(2):749--762, 2008. Google ScholarDigital Library
- C.-J. Lu. Encryption against storage-bounded adversaries from on-line strong extractors. Journal of Cryptology, 17(1):27--42, 2004. Google ScholarDigital Library
- U. M. Maurer. Conditionally-perfect secrecy and a provably-secure randomized cipher. Journal of Cryptology, 5(1):53--66, 1992. Google ScholarCross Ref
- A. Nayak and J. Salzman. Limits on the ability of quantum states to convey classical messages. Journal of the ACM, 53(1):184--206, 2006. Google ScholarDigital Library
- N. Nisan and A. Wigderson. Hardness vs randomness. Journal of Computer and System Sciences, 49:149--167, 1994. Preliminary version in Proc. of FOCS'88. Google ScholarDigital Library
- R. Raz, O. Reingold, and S. P. Vadhan. Extracting all the randomness and reducing the error in trevisan's extractors. J. Comput. Syst. Sci., 65(1):97--128, 2002. Preliminary version in Proc. of STOC 1999. Google ScholarDigital Library
- M. Sudan, L. Trevisan, and S. Vadhan. Pseudorandom generators without the XOR lemma. Journal of Computer and System Sciences, 62(2):236--266, 2001. Preliminary version in STOC and CCC 1999. Google ScholarDigital Library
- A. Tashma. Short seed extractors against quantum storage. In Proceedings of the 41st ACM Symposium on Theory of Computing, pages 401--409, 2009. Google ScholarDigital Library
- L. Trevisan. Extractors and pseudorandom generators. Journal of the ACM, 48(4):860--879, 2001. Google ScholarDigital Library
- S. P. Vadhan. Constructing locally computable extractors and cryptosystems in the bounded-storage model. Journal of Cryptology, 17(1):43--77, 2004. Google ScholarDigital Library
- E. Viola. The complexity of constructing pseudorandom generators from hard functions. Computational Complexity, 13(3-4):147--188, 2004. Google ScholarDigital Library
Index Terms
- Near-optimal extractors against quantum storage
Recommendations
Short seed extractors against quantum storage
STOC '09: Proceedings of the forty-first annual ACM symposium on Theory of computingIn the classical privacy amplification problem Alice and Bob share information that is only partially secret towards an eavesdropper Charlie. Their goal is to distill this information to a shorter string that is completely secret. The classical privacy ...
Extractors with weak random seeds
STOC '05: Proceedings of the thirty-seventh annual ACM symposium on Theory of computingWe show how to extract random bits from two or more independent weak random sources in cases where only one source is of linear min-entropy and all other sources are of logarithmic min-entropy. Our main results are as follows:
- A long line of research, ...
Short Seed Extractors against Quantum Storage
In this paper we show that a construction of Trevisan, solving the privacy amplification problem in the classical setting, also solves the problem when the adversary may keep quantum storage, thereby giving the first such construction with logarithmic ...
Comments