Quantum Encryption with Certified Deletion
This functionality allows encryption of classical data into a quantum ciphertext so that the recipient of the ciphertext can produce a deletion certificate (a classical string) which proves to the originator that the recipient can no longer obtain the original plaintext should the decryption key be revealed.
A Certified Deletion Encryption (CDE) scheme usually consists of the following 5 algorithms:
- KeyGen: This algorithm generates the key used in later stages
- Enc: This algorithm encrypts the classical plaintext into a quantum ciphertext
- Dec: This algorithm decrypts the quantum ciphertext to recover the classical plaintext
- Del: This algorithm deletes the ciphertext and generates a deletion certificate
- Ver: This algorithm verifies the deletion certificate
- Decryption-correctness: Given the ciphertext and the associated key, the probability that Dec does not output the correct plaintext is negligible in the security parameter
- Verification-correctness: Given a valid deletion certificate and its associated key, the probability that Ver does not accept the certificate is negligible in the security parameter
- Certified Deletion Security: Once the deletion certificate is issued, it becomes impossible to decrypt the certificate, even if the key is later leaked.
- Prepare-and-Measure Certified Deletion
- Public Key Encryption with Certified Deletion
- Attribute-Based Encryption with Certified Deletion