Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Quantum Encryption with Certified Deletion, Revisited: Public Key, Attribute-Based, and Classical Communication

  • Conference paper
  • First Online:
Advances in Cryptology – ASIACRYPT 2021 (ASIACRYPT 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 13090))

Abstract

Broadbent and Islam (TCC ’20) proposed a quantum cryptographic primitive called quantum encryption with certified deletion. In this primitive, a receiver in possession of a quantum ciphertext can generate a classical certificate that the encrypted message has been deleted. Although their construction is information-theoretically secure, it is limited to the setting of one-time symmetric key encryption (SKE), where a sender and receiver have to share a common key in advance and the key can be used only once. Moreover, the sender has to generate a quantum state and send it to the receiver over a quantum channel in their construction. Deletion certificates are privately verifiable, which means a verification key for a certificate must be kept secret, in the definition by Broadbent and Islam. However, we can also consider public verifiability. In this work, we present various constructions of encryption with certified deletion.

  • Quantum communication case: We achieve (reusable-key) public key encryption (PKE) and attribute-based encryption (ABE) with certified deletion. Our PKE scheme with certified deletion is constructed assuming the existence of IND-CPA secure PKE, and our ABE scheme with certified deletion is constructed assuming the existence of indistinguishability obfuscation and one-way functions. These two schemes are privately verifiable.

  • Classical communication case: We also achieve interactive encryption with certified deletion that uses only classical communication. We give two schemes, a privately verifiable one and a publicly verifiable one. The former is constructed assuming the LWE assumption in the quantum random oracle model. The latter is constructed assuming the existence of one-shot signatures and extractable witness encryption.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    We note that if the adversary is given the decryption key before the deletion, it can decrypt the ciphertext to obtain the message and keep it even after the deletion, but such an “attack” is unavoidable.

  2. 2.

    In the initial version of this work [NY21], we achieve only the selective security because we use statistical simulation-sound NIZK as the FE scheme by Garg et al. [GGH+16]. We improve the result.

  3. 3.

    A recent work by Coladangelo, Majenz, and Poremba [CMP20] studied what is called “simultaneous one-way to hiding lemma”, but their setting is different from ours and their lemma cannot be used in our setting.

  4. 4.

    We require \(\mathsf {Enc}\) to satisfy the RNC security due to a similar reason to that in Sect. 1.3, which we omit to explain here.

  5. 5.

    In the actual construction, there is an additional component that is needed for preventing an adversary from decrypting the ciphertext before outputting a valid deletion certificate without the decryption key. This is just a security as standard PKE and can be added easily. Thus, we omit this and focus on the security after outputting a valid deletion certificate.

  6. 6.

    We note that a combination of one-shot signatures and extractable witness encryption appeared in the work of Georgiou and Zhandry [GZ20] in a related but different context.

  7. 7.

    We can also take \(S\subseteq [2n]\) such that \(|S|=n\), but we do as above just for convenience in the proof.

  8. 8.

    Indeed, for \(i\in S\).

  9. 9.

    If \(S'=\bot \) or \(K'=\bot \), output \(\bot \).

References

  1. Amos, R., Georgiou, M., Kiayias, A., Zhandry, M.: One-shot signatures and applications to hybrid quantum/classical authentication. In: 52nd ACM STOC, pp. 255–268 (2020)

    Google Scholar 

  2. Ambainis, A., Hamburg, M., Unruh, D.: Quantum security proofs using semi-classical Oracles. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 269–295. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_10

    Chapter  Google Scholar 

  3. Ananth, P., Kaleoglu, F.: Uncloneable encryption. Revisited. IACR Cryptol. ePrint Arch. 2021, 412 (2021)

    Google Scholar 

  4. Bennett, C.H., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: IEEE International Conference on Computers Systems and Signal Processing, pp. 175–179. IEEE (1984)

    Google Scholar 

  5. Brakerski, Z., Christiano, P., Mahadev, U., Vazirani, U.V., Vidick, T.: A cryptographic test of quantumness and certifiable randomness from a single quantum device. In: 59th FOCS, pp. 320–331 (2018)

    Google Scholar 

  6. Boneh, D., Dagdelen, Ö., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random Oracles in a quantum world. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 41–69. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_3

    Chapter  MATH  Google Scholar 

  7. Barak, B., et al.: On the (im)possibility of obfuscating programs. J. ACM 59(2), 6:1–6:48 (2012)

    Google Scholar 

  8. Broadbent, A., Islam, R.: Quantum encryption with certified deletion. In: Pass, R., Pietrzak, K. (eds.) TCC 2020. LNCS, vol. 12552, pp. 92–122. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64381-2_4

    Chapter  Google Scholar 

  9. Broadbent, A., Lord, S.: Uncloneable quantum encryption via Oracles. In: 15th Conference on the Theory of Quantum Computation, Communication and Cryptography, TQC 2020, 9–12 June 2020, Riga, Latvia, volume 158 of LIPIcs, pp. 4:1–4:22 (2020)

    Google Scholar 

  10. Bellare, M., Rogaway, P.: Collision-resistant hashing: towards making UOWHFs practical. In: Kaliski, B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 470–484. Springer, Heidelberg (1997). https://doi.org/10.1007/BFb0052256

    Chapter  Google Scholar 

  11. Cojocaru, A., Colisson, L., Kashefi, E., Wallden, P.: QFactory: classically-instructed remote secret qubits preparation. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019. LNCS, vol. 11921, pp. 615–645. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34578-5_22

    Chapter  Google Scholar 

  12. Canetti, R., Feige, U., Goldreich, O., Naor, M.: Adaptively secure multi-party computation. In: 28th ACM STOC, pp. 639–648 (1996)

    Google Scholar 

  13. Canetti, R., Halevi, S., Katz, J.: Adaptively-secure, non-interactive public-key encryption. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 150–168. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30576-7_9

    Chapter  Google Scholar 

  14. Coladangelo, A., Majenz, C., Poremba, A.: Quantum copy-protection of compute-and-compare programs in the Quantum Random Oracle model. arXiv arXiv:2009.13865 (2020)

  15. Coiteux-Roy, X., Wolf, S.: Proving erasure. In: 2019 IEEE International Symposium on Information Theory (ISIT) (2019)

    Google Scholar 

  16. Fu, H., Miller, C.A.: Local randomness: examples and application. Phys. Rev. A 97(3), 032324 (2018)

    Article  Google Scholar 

  17. Regulation (eu) 2016/679 of the European parliament and of the council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing directive 95/46 (general data protection regulation). Off. J. Eur. Union (OJ), 1–88 (2016)

    Google Scholar 

  18. Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. SIAM J. Comput. 45(3), 882–929 (2016)

    Article  MathSciNet  Google Scholar 

  19. Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)

    Article  MathSciNet  Google Scholar 

  20. Garg, S., Gentry, C., Sahai, A., Waters, B.: Witness encryption and its applications. In: 45th ACM STOC, pp. 467–476 (2013)

    Google Scholar 

  21. Goldwasser, S., Kalai, Y.T., Popa, R.A., Vaikuntanathan, V., Zeldovich, N.: How to run Turing machines on encrypted data. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 536–553. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40084-1_30

    Chapter  Google Scholar 

  22. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM CCS 2006, pp. 89–98 (2006). Available as Cryptology ePrint Archive Report 2006/309

    Google Scholar 

  23. Georgiou, M., Zhandry, M.: Unclonable decryption keys. Cryptology ePrint Archive, Report 2020/877 (2020). https://eprint.iacr.org/2020/877

  24. Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)

    Article  MathSciNet  Google Scholar 

  25. Jarecki, S., Lysyanskaya, A.: Adaptively secure threshold cryptography: introducing concurrency, removing erasures. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 221–242. Springer, Heidelberg (2000). https://doi.org/10.1007/3-540-45539-6_16

    Chapter  Google Scholar 

  26. Kitagawa, F., Nishimaki, R., Tanaka, K., Yamakawa, T.: Adaptively secure and succinct functional encryption: improving security and efficiency, simultaneously. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11694, pp. 521–551. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26954-8_17

    Chapter  Google Scholar 

  27. Kitagawa, F., Nishimaki, R., Yamakawa, T.: Secure software leasing from standard assumptions. Cryptology ePrint Archive, Report 2020/1314 (2020). https://eprint.iacr.org/2020/1314

  28. Kundu, S., Tan, E.: Composably secure device-independent encryption with certified deletion. arXiv arXiv:2011.12704 (2020)

  29. Mahadev, U.: Classical verification of quantum computations. In: 59th FOCS, pp. 259–267 (2018)

    Google Scholar 

  30. Naor, M., Yung, M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: 22nd ACM STOC, pp. 427–437 (1990)

    Google Scholar 

  31. Nishimaki, R., Yamakawa, T.: Quantum encryption with certified deletion: public key and attribute-based. IACR Cryptol. ePrint Arch. 2021, 394 (2021)

    Google Scholar 

  32. Radian, R., Sattath, O.: Semi-quantum money. arXiv arXiv:abs/1908.08889 (2019)

  33. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  34. Unruh, D.: Revocable quantum timed-release encryption. J. ACM 62(6), 49:1-49:76 (2015)

    Article  MathSciNet  Google Scholar 

  35. Wiesner, S.: Conjugate coding. SIGACT News 15(1), 78–88 (1983)

    Article  Google Scholar 

Download references

Acknowledgements

TM is supported by the Moonshot R&D JPMJMS2061-5-1-1, MEXT Q-LEAP, JST FOREST, JST PRESTO No. JPMJPR176A, and the Grant-in-Aid for Scientific Research (B) No. JP19H04066 of JSPS.

Author information

Authors and Affiliations

  1. Yukawa Institute for Theoretical Physics, Kyoto University, Kyoto, Japan

    Taiga Hiroka & Tomoyuki Morimae

  2. PRESTO, JST, Saitama, Japan

    Tomoyuki Morimae

  3. NTT Corporation, Tokyo, Japan

    Ryo Nishimaki & Takashi Yamakawa

Authors
  1. Taiga Hiroka
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Tomoyuki Morimae
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ryo Nishimaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Takashi Yamakawa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Taiga Hiroka , Tomoyuki Morimae , Ryo Nishimaki or Takashi Yamakawa .

Editor information

Editors and Affiliations

  1. NTT Corporation, Tokyo, Japan

    Mehdi Tibouchi

  2. Nanyang Technological University, Singapore, Singapore

    Huaxiong Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Hiroka, T., Morimae, T., Nishimaki, R., Yamakawa, T. (2021). Quantum Encryption with Certified Deletion, Revisited: Public Key, Attribute-Based, and Classical Communication. In: Tibouchi, M., Wang, H. (eds) Advances in Cryptology – ASIACRYPT 2021. ASIACRYPT 2021. Lecture Notes in Computer Science(), vol 13090. Springer, Cham. https://doi.org/10.1007/978-3-030-92062-3_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92062-3_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92061-6

  • Online ISBN: 978-3-030-92062-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation