Cryptology ePrint Archive: Report 1998/022
Insecurity of Quantum Computations
Abstract: It had been widely claimed that quantum mechanics can protect private
information during public decision in for example the so-called
two-party secure computation. If this were the case, quantum
smart-cards could prevent fake teller machines from learning the PIN
(Personal Identification Number) from the customers' input. Although
such optimism has been challenged by the recent surprising discovery
of the insecurity of the so-called quantum bit commitment, the
security of quantum two-party computation itself remains unaddressed.
Here I answer this question directly by showing that all *one-sided*
two-party computations (which allow only one of the two parties to
learn the result) are necessarily insecure. As corollaries to my
results, quantum one-way oblivious password identification and the
so-called quantum one-out-of-two oblivious transfer are impossible. I
also construct a class of functions that cannot be computed securely
in any <i>two-sided</i> two-party computation. Nevertheless, quantum
cryptography remains useful in key distribution and can still provide
partial security in ``quantum money'' proposed by Wiesner.
Category / Keywords: Quantum cryptography.
Publication Info: Appeared in the THEORY OF CRYPTOGRAPHY LIBRARY and has been included in the ePrint Archive.
Date: received August 12th, 1998.
Contact author: hkl at hplb hp com
Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | BibTeX Citation
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]