Skip to main content

Quantum Lightning Never Strikes the Same State Twice. Or: Quantum Money from Cryptographic Assumptions

Author(s): Zhandry, Mark

Download
To refer to this page use: http://arks.princeton.edu/ark:/88435/pr1mp2b
Full metadata record
DC FieldValueLanguage
dc.contributor.authorZhandry, Mark-
dc.date.accessioned2021-10-08T19:51:22Z-
dc.date.available2021-10-08T19:51:22Z-
dc.date.issued2021en_US
dc.identifier.citationZhandry, Mark. "Quantum Lightning Never Strikes the Same State Twice. Or: Quantum Money from Cryptographic Assumptions." Journal of Cryptology 34, no. 1 (2021). doi:10.1007/s00145-020-09372-xen_US
dc.identifier.issn1432-1378-
dc.identifier.urihttps://www.cs.princeton.edu/~mzhandry/docs/papers/QLightning.pdf-
dc.identifier.urihttp://arks.princeton.edu/ark:/88435/pr1mp2b-
dc.description.abstractPublic key quantum money can be seen as a version of the quantum no-cloning theorem that holds even when the quantum states can be verified by the adversary. In this work, we investigate quantum lightning, a formalization of “collision-free quantum money” defined by Lutomirski et al. [ICS’10], where no-cloning holds even when the adversary herself generates the quantum state to be cloned. We then study quantum money and quantum lightning, showing the following results: We demonstrate the usefulness of quantum lightning beyond quantum money by showing several potential applications, such as generating random strings with a proof of entropy, to completely decentralized cryptocurrency without a blockchain where transactions are instantaneous and local. We give win–win results for quantum money/lightning, showing that either signatures/hash functions/commitment schemes meet very strong recently proposed notions of security, or they yield quantum money or lightning. Given the difficulty in constructing public key quantum money, this suggests that natural schemes do attain strong security guarantees. We show that instantiating the quantum money scheme of Aaronson and Christiano [STOC’12] with indistinguishability obfuscation that is secure against quantum computers yields a secure quantum money scheme. This construction can be seen as an instance of our win–win result for signatures, giving the first separation between two security notions for signatures from the literature. Finally, we give a plausible construction for quantum lightning, which we prove secure under an assumption related to the multicollision resistance of degree-2 hash functions. Our construction is inspired by our win–win result for hash functions and yields the first plausible standard model instantiation of a non-collapsing collision-resistant hash function. This improves a result of Unruh [Eurocrypt’16] which is relative to a quantum oracle. Thus, we provide the first constructions of public key quantum money from several cryptographic assumptions. Along the way, we develop several new techniques including a new precise variant of the no-cloning theorem.en_US
dc.language.isoen_USen_US
dc.relation.ispartofJournal of Cryptologyen_US
dc.rightsAuthor's manuscripten_US
dc.titleQuantum Lightning Never Strikes the Same State Twice. Or: Quantum Money from Cryptographic Assumptionsen_US
dc.typeJournal Articleen_US
dc.identifier.doi10.1007/s00145-020-09372-x-
pu.type.symplectichttp://www.symplectic.co.uk/publications/atom-terms/1.0/journal-articleen_US

Files in This Item:
File Description SizeFormat 
QuantumLightning.pdf673.77 kBAdobe PDFView/Download


Items in OAR@Princeton are protected by copyright, with all rights reserved, unless otherwise indicated.