Public cloud computing provides a variety of services to consumersvia high-speed internet. The consumer can access these services anytimeand anywhere on a balanced service cost. Many traditional authenticationprotocol...Public cloud computing provides a variety of services to consumersvia high-speed internet. The consumer can access these services anytimeand anywhere on a balanced service cost. Many traditional authenticationprotocols are proposed to secure public cloud computing. However, therapid development of high-speed internet and organizations’ race to developquantum computers is a nightmare for existing authentication schemes. Thesetraditional authentication protocols are based on factorization or discretelogarithm problems. As a result, traditional authentication protocols arevulnerable in the quantum computing era. Therefore, in this article, we haveproposed an authentication protocol based on the lattice technique for publiccloud computing to resist quantum attacks and prevent all known traditionalsecurity attacks. The proposed lattice-based authentication protocolis provably secure under the Real-Or-Random (ROR) model. At the sametime, the result obtained during the experiments proved that our protocol islightweight compared to the existing lattice-based authentication protocols,as listed in the performance analysis section. The comparative analysis showsthat the protocol is suitable for practical implementation in a quantum-basedenvironment.展开更多
Recently,a round-robin differential phase-shift(RRDPS) protocol was proposed[Nature 509,475(2014)],in which the amount of leakage is bounded without monitoring the signal disturbance.Introducing states of the phas...Recently,a round-robin differential phase-shift(RRDPS) protocol was proposed[Nature 509,475(2014)],in which the amount of leakage is bounded without monitoring the signal disturbance.Introducing states of the phase-encoded Bennett-Brassard 1984 protocol(PE-BB84) to the RRDPS,this paper presents another quantum key distribution protocol called round-robin differential quadrature phase-shift(RRDQPS) quantum key distribution.Regarding a train of many pulses as a single packet,the sender modulates the phase of each pulse by one of {0,π/2,π,3π/2},then the receiver measures each packet with a Mach-Zehnder interferometer having a phase basis of 0 or π/2.The RRDQPS protocol can be implemented with essential similar hardware to the PE-BB84,so it has great compatibility with the current quantum system.Here we analyze the security of the RRDQPS protocol against the intercept-resend attack and the beam-splitting attack.Results show that the proposed protocol inherits the advantages arising from the simplicity of the RRDPS protocol and is more robust against these attacks than the original protocol.展开更多
Our aim is to determine the conditions for quantum computing technology to give rise to the security risks associated with quantum Bitcoin mining.Specifically,we determine the speed and energy efficiency a quantum com...Our aim is to determine the conditions for quantum computing technology to give rise to the security risks associated with quantum Bitcoin mining.Specifically,we determine the speed and energy efficiency a quantum computer needs to offer an advantage over classical mining.We analyze the setting in which the Bitcoin network is entirely classical except for a single quantum miner with a small hash rate compared to the network.We develop a closed-form approximation for the probability that the quantum miner successfully mines a block,with this probability dependent on the number of Grover iterations the quantum miner applies before making a measurement.Next,we show that for a quantum miner that is“peaceful”,this success probability is maximized if the quantum miner applies Grover iterations for 16 min before measuring,which is surprising,as the network mines blocks every 10 min on average.Using this optimal mining procedure,we show that the quantum miner outperforms a classical computer in efficiency(cost per block)if the condition Q<Crb is satisfied,where Q is the cost of a Grover iteration,C is the cost of a classical hash,r is the quantum miner's speed in Grover iterations per second,and b is a factor that attains its maximum if the quantum miner uses our optimal mining procedure.This condition lays the foundation for determining when quantum mining and the known security risks associated with it will arise.展开更多
Advanced Encryption Standard(AES)is one of the most widely used block ciphers nowadays,and has been established as an encryption standard in 2001.Here we design AES-128 and the sample-AES(S-AES)quantum circuits for de...Advanced Encryption Standard(AES)is one of the most widely used block ciphers nowadays,and has been established as an encryption standard in 2001.Here we design AES-128 and the sample-AES(S-AES)quantum circuits for deciphering.In the quantum circuit of AES-128,we perform an affine transformation for the SubBytes part to solve the problem that the initial state of the output qubits in SubBytes is not the|0⟩⊗8 state.After that,we are able to encode the new round sub-key on the qubits encoding the previous round sub-key,and this improvement reduces the number of qubits used by 224 compared with Langenberg et al.’s implementation.For S-AES,a complete quantum circuit is presented with only 48 qubits,which is already within the reach of existing noisy intermediate-scale quantum computers.展开更多
基金Korean Government (Ministry of Science and ICT)through the National Research Foundation of Korea (NRF)Grant 2021R1A2C1010481.
文摘Public cloud computing provides a variety of services to consumersvia high-speed internet. The consumer can access these services anytimeand anywhere on a balanced service cost. Many traditional authenticationprotocols are proposed to secure public cloud computing. However, therapid development of high-speed internet and organizations’ race to developquantum computers is a nightmare for existing authentication schemes. Thesetraditional authentication protocols are based on factorization or discretelogarithm problems. As a result, traditional authentication protocols arevulnerable in the quantum computing era. Therefore, in this article, we haveproposed an authentication protocol based on the lattice technique for publiccloud computing to resist quantum attacks and prevent all known traditionalsecurity attacks. The proposed lattice-based authentication protocolis provably secure under the Real-Or-Random (ROR) model. At the sametime, the result obtained during the experiments proved that our protocol islightweight compared to the existing lattice-based authentication protocols,as listed in the performance analysis section. The comparative analysis showsthat the protocol is suitable for practical implementation in a quantum-basedenvironment.
基金Project supported by the National Natural Science Foundation of China(Grant Nos.61505261 and 11304397)the National Basic Research Program of China(Grant No.2013CB338002)
文摘Recently,a round-robin differential phase-shift(RRDPS) protocol was proposed[Nature 509,475(2014)],in which the amount of leakage is bounded without monitoring the signal disturbance.Introducing states of the phase-encoded Bennett-Brassard 1984 protocol(PE-BB84) to the RRDPS,this paper presents another quantum key distribution protocol called round-robin differential quadrature phase-shift(RRDQPS) quantum key distribution.Regarding a train of many pulses as a single packet,the sender modulates the phase of each pulse by one of {0,π/2,π,3π/2},then the receiver measures each packet with a Mach-Zehnder interferometer having a phase basis of 0 or π/2.The RRDQPS protocol can be implemented with essential similar hardware to the PE-BB84,so it has great compatibility with the current quantum system.Here we analyze the security of the RRDQPS protocol against the intercept-resend attack and the beam-splitting attack.Results show that the proposed protocol inherits the advantages arising from the simplicity of the RRDPS protocol and is more robust against these attacks than the original protocol.
文摘Our aim is to determine the conditions for quantum computing technology to give rise to the security risks associated with quantum Bitcoin mining.Specifically,we determine the speed and energy efficiency a quantum computer needs to offer an advantage over classical mining.We analyze the setting in which the Bitcoin network is entirely classical except for a single quantum miner with a small hash rate compared to the network.We develop a closed-form approximation for the probability that the quantum miner successfully mines a block,with this probability dependent on the number of Grover iterations the quantum miner applies before making a measurement.Next,we show that for a quantum miner that is“peaceful”,this success probability is maximized if the quantum miner applies Grover iterations for 16 min before measuring,which is surprising,as the network mines blocks every 10 min on average.Using this optimal mining procedure,we show that the quantum miner outperforms a classical computer in efficiency(cost per block)if the condition Q<Crb is satisfied,where Q is the cost of a Grover iteration,C is the cost of a classical hash,r is the quantum miner's speed in Grover iterations per second,and b is a factor that attains its maximum if the quantum miner uses our optimal mining procedure.This condition lays the foundation for determining when quantum mining and the known security risks associated with it will arise.
基金support from the National Natural Science Foundation of China under Grant Nos.11974205 and 11774197,the National Key Research and Development Program of China(No.2017YFA0303700)the Key Research and Development Program of Guangdong province(No.2018B030325002)+1 种基金and Beijing Advanced Innovation Center for Future Chip(ICFC).S.W.also acknowledges the China Postdoctoral Science Foundation(No.2020M670172)the National Natural Science Foundation of China under Grant No.12005015.
文摘Advanced Encryption Standard(AES)is one of the most widely used block ciphers nowadays,and has been established as an encryption standard in 2001.Here we design AES-128 and the sample-AES(S-AES)quantum circuits for deciphering.In the quantum circuit of AES-128,we perform an affine transformation for the SubBytes part to solve the problem that the initial state of the output qubits in SubBytes is not the|0⟩⊗8 state.After that,we are able to encode the new round sub-key on the qubits encoding the previous round sub-key,and this improvement reduces the number of qubits used by 224 compared with Langenberg et al.’s implementation.For S-AES,a complete quantum circuit is presented with only 48 qubits,which is already within the reach of existing noisy intermediate-scale quantum computers.