Paper 2024/1822

Anonymous Public-Key Quantum Money and Quantum Voting

Alper Çakan, Carnegie Mellon University
Vipul Goyal, NTT Research, Carnegie Mellon University
Takashi Yamakawa, NTT (Japan)
Abstract

Quantum information allows us to build quantum money schemes, where a bank can issue banknotes in the form of authenticatable quantum states that cannot be cloned or counterfeited: a user in possession of k banknotes cannot produce k +1 banknotes. Similar to paper banknotes, in existing quantum money schemes, a banknote consists of an unclonable quantum state and a classical serial number, signed by bank. Thus, they lack one of the most fundamental properties cryptographers look for in a currency scheme: privacy. In this work, we first further develop the formal definitions of privacy for quantum money schemes. Then, we construct the first public-key quantum money schemes that satisfy these security notions. Namely, • Assuming existence of indistinguishability obfuscation and hardness of Learning with Errors, we construct a public-key quantum money scheme with anonymity against users and traceability by authorities. Since it is a policy choice whether authorities should be able to track banknotes or not, we also construct an untraceable money scheme, where no one (not even the authorities) can track banknotes. • Assuming existence of indistinguishability obfuscation and hardness of Learning with Er- rors, we construct a public-key quantum money scheme with untraceability. Further, we show that the no-cloning principle, a result of quantum mechanics, allows us to construct schemes, with security guarantees that are classically impossible, for a seemingly unrelated application: voting! • Assuming existence of indistinguishability obfuscation and hardness of Learning with Errors, we construct a universally verifiable quantum voting scheme with classical votes. Finally, as a technical tool, we introduce the notion of publicly rerandomizable encryption with strong correctness, where no adversary is able to produce a malicious ciphertext and a malicious random tape such that the ciphertext before and after rerandomization (with the malicious tape) decrypts to different values! We believe this might be of independent interest. • Assuming the (quantum) hardness of Learning with Errors, we construct a (post-quantum) classical publicly rerandomizable encryption scheme with strong correctness

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
quantum moneyvoting
Contact author(s)
alpercakan98 @ gmail com
vipul @ vipulgoyal org
takashi yamakawa @ ntt com
History
2024-11-08: approved
2024-11-07: received
See all versions
Short URL
https://ia.cr/2024/1822
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1822,
      author = {Alper Çakan and Vipul Goyal and Takashi Yamakawa},
      title = {Anonymous Public-Key Quantum Money and Quantum Voting},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1822},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1822}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.