[Resource Topic] 2024/1820: On the Power of Oblivious State Preparation

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2024/1820

Title:
On the Power of Oblivious State Preparation

Authors: James Bartusek, Dakshita Khurana

Abstract:

We put forth Oblivious State Preparation (OSP) as a cryptographic primitive that unifies techniques developed in the context of a quantum server interacting with a classical client. OSP allows a classical polynomial-time sender to input a choice of one out of two public observables, and a quantum polynomial-time receiver to recover an eigenstate of the corresponding observable – while keeping the sender’s choice hidden from any malicious receiver.

We obtain the following results:

  • The existence of (plain) trapdoor claw-free functions implies OSP, and the existence of dual-mode trapdoor claw-free functions implies round-optimal (two-round) OSP.
  • OSP implies the existence of proofs of quantumness, test of a qubit, blind classical delegation of quantum computation, and classical verification of quantum computation.
  • Two-round OSP implies quantum money with classical communication, classically-verifiable position verification, and (additionally assuming classical FHE with log-depth decryption) quantum FHE.

Thus, the OSP abstraction helps separate the cryptographic layer from the information-theoretic layer when building cryptosystems across classical and quantum participants. Indeed, several of the aforementioned applications were previously only known via tailored LWE-based constructions, whereas our OSP-based constructions yield new results from a wider variety of assumptions, including hard problems on cryptographic group actions.

Finally, towards understanding the minimal hardness assumptions required to realize OSP, we prove the following:

  • OSP implies oblivious transfer between one classical and one quantum party.
  • Two-round OSP implies public-key encryption with classical keys and ciphertexts.

In particular, these results help to ‘‘explain’’ the use of public-key cryptography in the known approaches to establishing a ‘‘classical leash’’ on a quantum server. For example, combined with a result of Austrin et al. (CRYPTO 22), we conclude that perfectly-correct OSP cannot exist unconditionally in the (quantum) random oracle model.

ePrint: https://eprint.iacr.org/2024/1820

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .