Paper 2022/1102
Proofs of Quantumness from Trapdoor Permutations
Abstract
Assume that Alice can do only classical probabilistic polynomialtime computing while Bob can do quantum polynomialtime computing. Alice and Bob communicate over only classical channels, and finally Bob gets a state $x_0\rangle+x_1\rangle$ with some bit strings $x_0$ and $x_1$. Is it possible that Alice can know $\{x_0,x_1\}$ but Bob cannot? Such a task, called {\it remote state preparations}, is indeed possible under some complexity assumptions, and is bases of many quantum cryptographic primitives such as proofs of quantumness, (classicalclient) blind quantum computing, (classical) verifications of quantum computing, and quantum money. A typical technique to realize remote state preparations is to use 2to1 trapdoor collision resistant hash functions: Alice sends a 2to1 trapdoor collision resistant hash function $f$ to Bob, and Bob evaluates it coherently, i.e., Bob generates $\sum_xx\ranglef(x)\rangle$. Bob measures the second register to get the measurement result $y$, and sends $y$ to Alice. Bob's postmeasurement state is $x_0\rangle+x_1\rangle$, where $f(x_0)=f(x_1)=y$. With the trapdoor, Alice can learn $\{x_0,x_1\}$ from $y$, but due to the collision resistance, Bob cannot. This Alice's advantage can be leveraged to realize the quantum cryptographic primitives listed above. It seems that the collision resistance is essential here. In this paper, surprisingly, we show that the collision resistance is not necessary for a restricted case: we show that (nonverifiable) remote state preparations of $x_0\rangle+x_1\rangle$ secure against {\it classical} probabilistic polynomialtime Bob can be constructed from classicallysecure (fulldomain) trapdoor permutations. Trapdoor permutations are not likely to imply the collision resistance, because blackbox reductions from collisionresistant hash functions to trapdoor permutations are known to be impossible. As an application of our result, we construct proofs of quantumness from classicallysecure (fulldomain) trapdoor permutations.
Metadata
 Available format(s)
 Category
 Foundations
 Publication info
 Preprint.
 Keywords
 proofs of quantumness remote state preparations trapdoor permutations
 Contact author(s)

tomoyuki morimae @ yukawa kyotou ac jp
takashi yamakawa ga @ hco ntt co jp  History
 20220829: approved
 20220826: received
 See all versions
 Short URL
 https://ia.cr/2022/1102
 License

CC BY
BibTeX
@misc{cryptoeprint:2022/1102, author = {Tomoyuki Morimae and Takashi Yamakawa}, title = {Proofs of Quantumness from Trapdoor Permutations}, howpublished = {Cryptology ePrint Archive, Paper 2022/1102}, year = {2022}, note = {\url{https://eprint.iacr.org/2022/1102}}, url = {https://eprint.iacr.org/2022/1102} }