Internet Cryptography for the Quantum World

Опубликовано 16 декабря 2016, 22:05

Quantum mechanics has profound implications for cryptography. It tells us that perfectly-secure key-exchange is possible, and that factoring is not a good basis for secure encryption. More generally, it tells us that quantum data and quantum computation are more fundamental than their classical counterparts. As a result, it stands to reason that the Internet of the future will be "fully-quantum," with all participants able to prepare, send, and compute on quantum states. In this talk, I will discuss how such an Internet might be secured. A starting point is to show how to securely transmit many large quantum states using a single short key, and how to authenticate such transmissions. Then, one can attempt to translate many of the great achievements of classical modern cryptography to the quantum setting. In some cases (such as CPA-secure encryption), this is relatively straightforward. In general however, the unique features of quantum-mechanics (such as no-cloning and the destructiveness of measurements) present significant obstacles. I will show how to overcome these obstacles in some cases, and how to design schemes for encrypting quantum states (and detecting forged states) under the strongest possible security guarantees (i.e., CCA.) I will also discuss current work on powerful primitives (such as black-box obfuscation) that are impossible classically but may exist quantumly.

See more on this video at microsoft.com/en-us/research/v...