Abstract
We propose to study equivalence relations between phenomena in high-energy physics and the existence of standard cryptographic primitives, and show the first example where such an equivalence holds. A small number of prior works showed that high-energy phenomena can be explained by cryptographic hardness. Examples include using the existence of one-way functions to explain the hardness of decoding black-hole Hawking radiation (Harlow and Hayden 2013, Aaronson 2016), and using pseudorandom quantum states to explain the hardness of computing AdS/CFT dictionary (Bouland, Fefferman and Vazirani, 2020).
In this work we show, for the former example of black-hole radiation decoding, that it also implies the existence of secure quantum cryptography. In fact, we show an existential equivalence between the hardness of black-hole radiation decoding and a variety of cryptographic primitives, including bit-commitment schemes and oblivious transfer protocols (using quantum communication). This can be viewed (with proper disclaimers, as we discuss) as providing a physical justification for the existence of secure cryptography. We conjecture that such connections may be found in other high-energy physics phenomena.
For the most up-to-date version of this work, please refer to https://arxiv.org/abs/2211.05491.
Z. Brakerski—Supported by the Israel Science Foundation (Grant No. 3426/21), and by the European Union Horizon 2020 Research and Innovation Program via ERC Project REACT (Grant 756482).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The reason that Hawking radiation is believed to carry information, is that otherwise the evolution of the wave-function of the universe would not be unitary, which seems implausible in the context of well accepted physical theory.
- 2.
The description of the quantum operations in [HH13] and in followups [Sus13, Aar16] is in terms of unitaries that are efficient/inefficient to implement. We find this unnecessarily cumbersome and consider general quantum procedures, which correspond to completely positive trace preserving (CPTP) channels. Such channels can always be “purified” into unitary form, so this does not limit the generality of the discussion.
- 3.
This is not the focus of this work, so we choose not to elaborate too much on this point. In a nutshell, there are two gaps in the claim of [Aar16]. One is that [Ost91] refers to average-case hardness in \(\textbf{SZK}\), whereas the HH argument only assumes worst-case hardness. To an extent, HH rely on a weaker assumption but also prove a weaker claim: they only show that there does not exist an efficient decoder that decodes all possible black-holes, whereas Aaronson shows that there is a (single) potential black-hole that resists all efficient decoders. The second point is that [Ost91] shows that average-case \(\textbf{SZK}\) hardness implies one-wayness, but not necessarily injectivity.
- 4.
At the same time, we caution from over-interpreting our result. The hardness of radiation decoding has been suggested as a possible solution to an apparent paradox, under a specific set of assumptions about the behavior of quantum gravity and black-holes. Therefore our result is only meaningful in the context of these physical assumptions. Nevertheless, the argument that firewalls should be avoided rests on physical understanding of the universe, and being able to derive computational conclusions from it appears worthwhile. See additional discussion in Sect. 1.3 below.
- 5.
\(\textrm{EFI}\) stands for Efficient (to sample), Far (statistically), and Indistinguishable (computationally). For a formal definition, see Definition 2.6.
- 6.
Alice can boost her confidence by performing the experiment many times and relying on concentration bounds. This would require her to chase after multiple radiation particles once inside the black-hole. This is not unreasonable but we view it as less elegant compared to our solution.
- 7.
As noted above, our formulation is in terms of quantum channels and not in terms of unitaries.
- 8.
We recall that high-confidence decoding means that with some non-negligible probability, the decoder declares success and produces D such that the fidelity of BD with EPR is \(1-o(1)\).
- 9.
To be precise, our universe is not AdS, so AdS/CFT theories do not directly apply to universes like our own. Nevertheless, it is believed that AdS/CFT hints to a duality relation that could exist in our universe as well.
- 10.
We use a signed definition of advantage, where positive advantage reflects positive correlation between the output of the distinguisher and the “label” of the input state, and negative advantage represents negative correlation.
- 11.
This refers to the standard adversarial cryptographic model, without making physical assumptions about limits on storage or use of special hardware.
References
Aaronson, S.: The complexity of quantum states and transformations: from quantum money to black holes. CoRR, abs/1607.05256 (2016)
Aaronson, S.: Introduction to quantum information science II lecture notes (2022). https://www.scottaaronson.com/qisii.pdf
Aaronson, S.: On black holes, holography, the quantum extended church-turing thesis, fully homomorphic encryption, and brain uploading (2022). Blog Post on Shtetl-Optimized, The Blog of Scott Aaronson https://scottaaronson.blog/?p=6599. Attributed to discussions with Daniel Gottesman, Daniel Harlow and Leonard Susskind
Adcock, M., Cleve, R.: A quantum Goldreich-Levin theorem with cryptographic applications. In: Alt, H., Ferreira, A. (eds.) STACS 2002. LNCS, vol. 2285, pp. 323–334. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45841-7_26
Almheiri, A., Marolf, D., Polchinski, J., Sully, J.: Black holes: complementarity or firewalls? J. High Energy Phys. 2013(2), 1–20 (2013). https://doi.org/10.1007/JHEP02(2013)062
Brakerski, Z., Canetti, R., Qian, L.: On the computational hardness needed for quantum cryptography. Cryptology ePrint Archive, Paper 2022/1181 (2022). https://eprint.iacr.org/2022/1181
Bouland, A., Fefferman, B., Vazirani, U.V.: Computational pseudorandomness, the wormhole growth paradox, and constraints on the ADS/CFT duality (abstract). In: Vidick, T. (ed.) 11th Innovations in Theoretical Computer Science Conference, ITCS 2020, 12–14 January 2020, Seattle, Washington, USA, LIPIcs, vol. 151, pp. 63:1–63:2. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2020)
Gheorghiu, A., Hoban, M.J.: Estimating the entropy of shallow circuit outputs is hard (2020)
Goldreich, O., Levin, L.A.: A hard-core predicate for all one-way functions. In: Johnson, D.S. (ed.) Proceedings of the 21st Annual ACM Symposium on Theory of Computing, 14–17 May 1989, Seattle, Washington, USA, pp. 25–32. ACM (1989)
Goldreich, O.: A note on computational indistinguishability. Inf. Process. Lett. 34(6), 277–281 (1990)
Harlow, D., Hayden, P.: Quantum computation vs. firewalls. J. High Energy Phys. 2013, (85) (2013)
Ji, Z., Liu, Y.-K., Song, F.: Pseudorandom quantum states. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 126–152. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_5
Kretschmer, W.: Quantum pseudorandomness and classical complexity. In: Hsieh, M.-H. (ed.) 16th Conference on the Theory of Quantum Computation, Communication and Cryptography, TQC 2021, 5–8 July 2021, Virtual Conference, LIPIcs, vol. 197, pp. 2:1–2:20. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2021)
Kim, I., Tang, E., Preskill, J.: The ghost in the radiation: robust encodings of the black hole interior. J. High Energy Phys. 2020(6), 1–65 (2020). https://doi.org/10.1007/JHEP06(2020)031
Maldacena, J.M.: The large n limit of superconformal field theories and supergravity. Adv. Theor. Math. Phys. 2, 231 (1998)
Ostrovsky, R.: One-way functions, hard on average problems, and statistical zero-knowledge proofs. In: Proceedings of the Sixth Annual Structure in Complexity Theory Conference, Chicago, Illinois, USA, 30 June–3 July 1991, pp. 133–138. IEEE Computer Society (1991)
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: Gabow, H.N., Fagin, R. (eds.) Proceedings of the 37th Annual ACM Symposium on Theory of Computing, Baltimore, MD, USA, 22–24 May 2005, pp. 84–93. ACM (2005)
Susskind, L.: Black hole complementarity and the Harlow-Hayden conjecture (2013)
Yan, J.: General properties of quantum bit commitments. Cryptology ePrint Archive, Paper 2020/1488 (2020). https://eprint.iacr.org/2020/1488
Acknowledgements
We thank Scott Aaronson, Ran Canetti, Isaac Kim and Luowen Qian for valuable feedback. We also thank anonymous reviewers for their comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Proof of Estimation Lemma
A Proof of Estimation Lemma
Lemma A.1
(Lemma 2.5, Restated). Let \(n \in {\mathbb N}\) and let \((\varGamma _1, \ldots , \varGamma _n)\) be an arbitrary set of events over some probability space. Define \(\varUpsilon _i = \bigwedge _{j=1}^i \varGamma _j\) and let \(\varUpsilon _0\) be the universal event. Denote \(\epsilon = \Pr [\varUpsilon _n]\). Finally denote \(\alpha _i = \Pr [\varGamma _i | \varUpsilon _{i-1}]\). Then for all \(\delta \in (0,1)\)
Proof
By definition it holds that
Then by a telescopic product it holds that
or alternatively
We can apply Markov’s inequality (since \(\ln (1/\alpha _i)\) is positive) to conclude that for all \(\delta \in (0,1)\):
Therefore with probability at least \(1-\delta \) over i, we have that \(\ln (1/\alpha _i) < \frac{\ln (1/\epsilon )}{\delta n}\), which implies that \(1/\alpha _i < e^{\frac{\ln (1/\epsilon )}{\delta n}}\). That is
This concludes the proof of the lemma.
Rights and permissions
Copyright information
© 2023 International Association for Cryptologic Research
About this paper
Cite this paper
Brakerski, Z. (2023). Black-Hole Radiation Decoding Is Quantum Cryptography. In: Handschuh, H., Lysyanskaya, A. (eds) Advances in Cryptology – CRYPTO 2023. CRYPTO 2023. Lecture Notes in Computer Science, vol 14085. Springer, Cham. https://doi.org/10.1007/978-3-031-38554-4_2
Download citation
DOI: https://doi.org/10.1007/978-3-031-38554-4_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-38553-7
Online ISBN: 978-3-031-38554-4
eBook Packages: Computer ScienceComputer Science (R0)