Write, autoreview, editor, reviewer
3,129
edits
Prepare-and-Send Quantum Fully Homomorphic Encryption: Difference between revisions
Jump to navigation
Jump to search
Prepare-and-Send Quantum Fully Homomorphic Encryption (edit)
Revision as of 22:41, 19 September 2018
, 19 September 2018→Security Claim/ Theorems
| Line 57: | Line 57: | ||
* n, dimension of input qubit | * n, dimension of input qubit | ||
===Security Claim/ Theorems=== | ===Security Claim/ Theorems=== | ||
* Indistinguishability under Chosen Plaintext Attacks by adversary with quantum computational powers(q-IND-CPA) If FHE is q-IND-CPA secure then this protocol is q-IND-CPA secure. It means that an adversary cannot distinguish between ciphertext from a message and a ciphertext from an arbitrary quantum state such as |0ih0| | * ''Indistinguishability under Chosen Plaintext Attacks by adversary with quantum computational powers(q-IND-CPA).'' If FHE is q-IND-CPA secure then this protocol is q-IND-CPA secure. It means that an adversary cannot distinguish between ciphertext from a message and a ciphertext from an arbitrary quantum state such as |0ih0| | ||
* Correctness This protocol is perfectly correct such that,<br/> | * ''Correctness.'' This protocol is perfectly correct such that,<br/> | ||
Pr[QFHE.Decsk(QFHE.EvalevkC (HE.Encpk(x))) 6= C(x)] ≤ η(k)<br/> | Pr[QFHE.Decsk(QFHE.EvalevkC (HE.Encpk(x))) 6= C(x)] ≤ η(k)<br/> | ||
, where ηk is a negligible function . This means that if the protocol is followed it results the same output as when circuit is operated on the input states directly with overwhelming probability. | , where ηk is a negligible function . This means that if the protocol is followed it results the same output as when circuit is operated on the input states directly with overwhelming probability. | ||
* Compactness If HE is compact then this protocol is compact. The complexity of applying QFHE.Dec on the results of QFHE.Eval is at most p(k), where p(k) is a polynomial dependent only on the security parameter k. This implies that decryption is independent of the size of quantum circuit for evaluation. | * ''Compactness.'' If HE is compact then this protocol is compact. The complexity of applying QFHE.Dec on the results of QFHE.Eval is at most p(k), where p(k) is a polynomial dependent only on the security parameter k. This implies that decryption is independent of the size of quantum circuit for evaluation. | ||
* Circuit Privacy This protocol does not guarantee that client cannot gain information about the circuit evaluated. | * ''Circuit Privacy.'' This protocol does not guarantee that client cannot gain information about the circuit evaluated i.e. the circuit is not private to one party and unknown to another. | ||
• ''Full Homomorphism.'' This scheme is fully homomorphic for circuits with polynomial sized T gates | |||
== Pseudo-Code== | == Pseudo-Code== | ||