Commitment scheme is a central task in cryptography, where a party (typically called a prover) stores a piece of information (e.g., a bit string) with the promise of not changing it. This information can be accessed by another party (typically called the verifier), who can later learn the information and verify that it was not meddled with. Merkle tree is a well-known construction for doing so in a succinct manner, in which the verfier can learn any part of the information by receiving a short proof from the honest prover. Despite its significance in classical cryptography, there was no quantum analog of the Merkle tree. A direct generalization using the Quantum Random Oracle Model (QROM) does not seem to be secure. In this work, we propose the quantum Merkle tree. It is based on what we call the Quantum Haar Random Oracle Model (QHROM). In QHROM, both the prover and the verifier have access to a Haar random quantum oracle G and its inverse. Using the quantum Merkle tree, we propose a succinct quantum argument for the Gap-k-Local-Hamiltonian problem. We prove it is secure against semi-honest provers in QHROM and conjecture its general security. Assuming the Quantum PCP conjecture is true, this succinct argument extends to all of QMA. This work raises a number of interesting open research problems.
翻译:承诺计划是加密中的一项核心任务, 在加密中, 一个政党( 通常称为证明人) 储存了一块信息( 例如, 一个小字符串 ), 并承诺不更改这些信息。 这个信息可以被另一个政党( 通常称为核查人 ) 获取, 后者后来可以学习这些信息并核实它没有被调用过。 Merkle树是使用简洁方式来这样做的一个众所周知的建筑, 使动画家能够从诚实的证明人那里得到一个简短的证据来了解信息的任何部分。 尽管它在古典的加密中具有意义, 但Merkle树没有量的类比。 使用“ 量子随机甲骨” 模型( QROM) 直接概括信息似乎并不安全。 在这项工作中, 我们提议了“ 量子” 树, 以我们称之为“ 量子” 随机 Oracle 模型( Q) 。 在Q 中, 验证人和验证人都可以使用一个“ 量子” 标码 G和“ G” 和“ ” 的反号 。 。 我们用量 质的直径 Q, 我们建议一个“ 直观的“ 平基” 的“ 标” 标” 来证明“ 。
相关内容
微信扫码咨询专知VIP会员