HP Labs Technical Reports
Click here for full text:
Insecurity of Quantum Secure Computations
Lo, HoiKwong
HPLBRIMS9626
Keyword(s): quantum cryptography; secure computation; oblivious circuit evaluation; oblivious transfer; cryptanalysis; quantum theory
Abstract: It had been widely claimed that quantum mechanics can protect private information during public decision in for example the socalled twoparty secure computation. If this were the case, quantum smartcards could prevent fake teller machines from learning the PIN (personal Identification Number) from the customer's input. Although such optimism has been challenged by the recent surprising discovery of the insecurity of the socalled quantum bit commitment, the security of quantum twoparty computation itself remains unaddressed. Here we answer this question directly by showing that all onesided twoparty computations (which allow only one of the two parties to learn the result) are necessarily insecure. As corollaries to our results, quantum oblivious password identification and the socalled quantum oneoutoftwo oblivious transfer are impossible. We also construct a class of functions that cannot be computed securely in any twosided twoparty computation. Nevertheless, quantum cryptography remains useful in key distribution and can still provide partial security in "quantum money" proposed by Wiesner. PACS Numbers: 03.65. Bz, 89.70.+c, 89.80.+h
Back to Index
