We study secure computation in the plain model against fully concurrent quantum adversaries. While classical simulation-based notions—such as Super-Polynomial Simulation (SPS) security—have enabled meaningful forms of concurrent security, very little is known about their quantum counterparts, particularly under standard polynomial-time hardness assumptions. Our main result is the first post-quantum two-party computation protocol that achieves concurrent SPS security, based solely on the minimal assumption of semi-honest post-quantum oblivious transfer (PQ-OT). Moreover, our protocol has constant round complexity when the underlying PQ-OT protocol is constant-round. This can be viewed as a post-quantum analog of the classical result by Garg et al. [Eurocrypt’12], but with a crucial difference: our security proof completely avoids rewinding, making it suitable for quantum settings where rewinding is notoriously challenging due to the no-cloning principle. By leveraging a compiler of Bartusek et al. [Crypto’21], we further extend our result to the fully quantum setting, yielding the first constant-round concurrent SPS two-party computation for quantum functionalities in the plain model. Additionally, we construct a two-round, public-coin, concurrent SPS post-quantum zero-knowledge protocol for languages in \(\textbf{NP} \,\cap \, \textbf{coNP} \) , under the quantum polynomial-time hardness of LWE. This result is notable even in the classical setting.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Round-Efficient Composable Two-Party Quantum Computation

  • Vipul Goyal,
  • Xiao Liang,
  • Omkant Pandey,
  • Yuhao Tang,
  • Takashi Yamakawa

摘要

We study secure computation in the plain model against fully concurrent quantum adversaries. While classical simulation-based notions—such as Super-Polynomial Simulation (SPS) security—have enabled meaningful forms of concurrent security, very little is known about their quantum counterparts, particularly under standard polynomial-time hardness assumptions. Our main result is the first post-quantum two-party computation protocol that achieves concurrent SPS security, based solely on the minimal assumption of semi-honest post-quantum oblivious transfer (PQ-OT). Moreover, our protocol has constant round complexity when the underlying PQ-OT protocol is constant-round. This can be viewed as a post-quantum analog of the classical result by Garg et al. [Eurocrypt’12], but with a crucial difference: our security proof completely avoids rewinding, making it suitable for quantum settings where rewinding is notoriously challenging due to the no-cloning principle. By leveraging a compiler of Bartusek et al. [Crypto’21], we further extend our result to the fully quantum setting, yielding the first constant-round concurrent SPS two-party computation for quantum functionalities in the plain model. Additionally, we construct a two-round, public-coin, concurrent SPS post-quantum zero-knowledge protocol for languages in \(\textbf{NP} \,\cap \, \textbf{coNP} \) , under the quantum polynomial-time hardness of LWE. This result is notable even in the classical setting.