Cryptology ePrint Archive: Report 2017/960

Unforgeable Quantum Encryption

Gorjan Alagic and Tommaso Gagliardoni and Christian Majenz

Abstract: We study the problem of encrypting and authenticating quantum data in the presence of adversaries making adaptive chosen plaintext and chosen ciphertext queries. Classically, security games use string copying and comparison to detect adversarial cheating in such scenarios. Quantumly, this approach would violate no-cloning. We develop new techniques to overcome this problem: we use entanglement to detect cheating, and rely on recent results for characterizing quantum encryption schemes. We give denitions for (i.) ciphertext unforgeability , (ii.) indistinguishability under adaptive chosen-ciphertext attack, and (iii.) authenticated encryption. The restriction of each denition to the classical setting is at least as strong as the corresponding classical notion: (i) implies INT-CTXT, (ii) implies IND-CCA2, and (iii) implies AE. All of our new notions also imply QIND-CPA privacy. Combining one-time authentication and classical pseudorandomness, we construct schemes for each of these new quantum security notions, and provide several separation examples. Along the way, we also give a new denition of one-time quantum authentication which, unlike all previous approaches, authenticates ciphertexts rather than plaintexts.

Category / Keywords: foundations / quantum encryption, quantum cryptography, quantum CCA2, quantum authenticated encryption, quantum unforgeability

Original Publication (with minor differences): IACR-EUROCRYPT-2018

Date: received 29 Sep 2017, last revised 13 Oct 2018

Contact author: c majenz at uva nl

Available format(s): PDF | BibTeX Citation

Note: 24 pages, 1 figure. Error in the definition of QIND-CCA2 fixed, proofs relating to this definition clarified.

Version: 20181013:090753 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]