The delegating private quantum computation(DQC)protocol with the universal quantum gate set{X,Z,H,P,R,CNOT}was firstly proposed by Broadbent et al.[Broadbent(2015)],and then Tan et al.[Tan and Zhou(2017)]tried to put ...The delegating private quantum computation(DQC)protocol with the universal quantum gate set{X,Z,H,P,R,CNOT}was firstly proposed by Broadbent et al.[Broadbent(2015)],and then Tan et al.[Tan and Zhou(2017)]tried to put forward a half-blind DQC protocol(HDQC)with another universal set{H,P,CNOT,T}.However,the decryption circuit of Toffoli gate(i.e.T)is a little redundant,and Tan et al.’s protocol[Tan and Zhou(2017)]exists the information leak.In addition,both of these two protocols just focus on the blindness of data(i.e.the client’s input and output),but do not consider the blindness of computation(i.e.the delegated quantum operation).For solving these problems,we propose a full-blind DQC protocol(FDQC)with quantum gate set{H,P,CNOT,T},where the desirable delegated quantum operation,one of{H,P,CNOT,T},is replaced by a fixed sequence(H,P,CZ,CNOT,T)to make the computation blind,and the decryption circuit of Toffoli gate is also optimized.Analysis shows that our protocol can not only correctly perform any delegated quantum computation,but also holds the characteristics of data blindness and computation blindness.展开更多
In most of the auction systems the values of bids are known to the auctioneer. This allows him to manipulate the outcome of the auction. Hence, one might be interested in hiding these values. Some cryptographically se...In most of the auction systems the values of bids are known to the auctioneer. This allows him to manipulate the outcome of the auction. Hence, one might be interested in hiding these values. Some cryptographically secure protocols for electronic auctions have been presented in the last decade. Our work extends these protocols in several ways. On the basis of garbled circuits, i.e., encrypted circuits, we present protocols for sealed-bid auctions that fulfill the following requirements: 1) protocols are information-theoretically t-private for honest but curious parties; 2) the number of bits that can be learned by malicious adversaries is bounded by the output length of the auction; 3) the computational requirements for participating parties are very low: only random bit choices and bitwise computation of the XOR-function are necessary. Note that one can distinguish between the protocol that generates a garbled circuit for an auction and the protocol to evaluate the auction. In this paper we address both problems. We will present a t-private protocol for the construction of a garbled circuit that reaches the lower bound of 2t + 1 parties, and Finally, we address the problem of bid changes in an auction. a more randomness efficient protocol for (t + 1)^2 parties展开更多
基金This work is supported by the National Nature Science Foundation of China(Grant Nos.61502101 and 61501247)the Natural Science Foundation of Jiangsu Province,China(Grant No.BK20171458)+4 种基金the Six Talent Peaks Project of Jiangsu Province,China(Grant No.2015-XXRJ-013)the Natural science Foundation for colleges and universities of Jiangsu Province,China(Grant No.16KJB520030)the Research Innovation Program for College Graduates of Jiangsu Province,China(Grant No.KYCX17_0902)the Practice Innovation Training Program Projects for the Jiangsu College Students(Grant No.201810300016Z)and the Priority Academic Program Development of Jiangsu Higher Education Institutions(PAPD).
文摘The delegating private quantum computation(DQC)protocol with the universal quantum gate set{X,Z,H,P,R,CNOT}was firstly proposed by Broadbent et al.[Broadbent(2015)],and then Tan et al.[Tan and Zhou(2017)]tried to put forward a half-blind DQC protocol(HDQC)with another universal set{H,P,CNOT,T}.However,the decryption circuit of Toffoli gate(i.e.T)is a little redundant,and Tan et al.’s protocol[Tan and Zhou(2017)]exists the information leak.In addition,both of these two protocols just focus on the blindness of data(i.e.the client’s input and output),but do not consider the blindness of computation(i.e.the delegated quantum operation).For solving these problems,we propose a full-blind DQC protocol(FDQC)with quantum gate set{H,P,CNOT,T},where the desirable delegated quantum operation,one of{H,P,CNOT,T},is replaced by a fixed sequence(H,P,CZ,CNOT,T)to make the computation blind,and the decryption circuit of Toffoli gate is also optimized.Analysis shows that our protocol can not only correctly perform any delegated quantum computation,but also holds the characteristics of data blindness and computation blindness.
文摘In most of the auction systems the values of bids are known to the auctioneer. This allows him to manipulate the outcome of the auction. Hence, one might be interested in hiding these values. Some cryptographically secure protocols for electronic auctions have been presented in the last decade. Our work extends these protocols in several ways. On the basis of garbled circuits, i.e., encrypted circuits, we present protocols for sealed-bid auctions that fulfill the following requirements: 1) protocols are information-theoretically t-private for honest but curious parties; 2) the number of bits that can be learned by malicious adversaries is bounded by the output length of the auction; 3) the computational requirements for participating parties are very low: only random bit choices and bitwise computation of the XOR-function are necessary. Note that one can distinguish between the protocol that generates a garbled circuit for an auction and the protocol to evaluate the auction. In this paper we address both problems. We will present a t-private protocol for the construction of a garbled circuit that reaches the lower bound of 2t + 1 parties, and Finally, we address the problem of bid changes in an auction. a more randomness efficient protocol for (t + 1)^2 parties
