- Jiayu Zhang: Succinct Blind...
- Edit Event
- Cancel Event
- Preview Reminder
- Send Reminder
- Other events happening in March 2021
Jiayu Zhang: Succinct Blind Quantum Computation Using a Random Oracle
Speaker:
Jiayu Zhang
Date: Friday, March 19, 2021
Time: 1:00 PM to 2:30 PM Note: all times are in the Eastern Time Zone
Public: Yes
Location: email dlehto@mit.edu for Zoom link
Event Type: Seminar
Room Description:
Host: Vinod Vaikuntanathan and Yael Kalai
Contact: Deborah Goodwin, dlehto@csail.mit.edu
Relevant URL:
Speaker URL: None
Speaker Photo:
None
Reminders to:
seminars@csail.mit.edu, cis-seminars@csail.mit.edu, crypto@lists.csail.mit.edu
Reminder Subject:
TALK: Jiayu Zhang: Succinct Blind Quantum Computation Using a Random Oracle
Abstract: In the universal blind quantum computation problem, a client wants to make use of a single quantum server to evaluate C|0> where C is an arbitrary quantum circuit while keeping C secret. The client's goal is to use as few resources as possible. This problem, first raised by Broadbent, Fitzsimons and Kashefi [FOCS09, arXiv:0807.4154], has become fundamental to the study of quantum cryptography, not only because of its own importance, but also because it provides a testbed for new techniques that can be later applied to related problems (for example, quantum computation verification). Known protocols on this problem are mainly either information-theoretically (IT) secure or based on trapdoor assumptions (public key encryptions). In this paper we study how the availability of symmetric-key primitives, modeled by a random oracle, changes the complexity of universal blind quantum computation. We give a new universal blind quantum computation protocol. Similar to previous works on IT-secure protocols (for example, BFK [FOCS09, arXiv:0807.4154]), our protocol can be divided into two phases. In the first phase the client prepares some quantum gadgets with relatively simple quantum gates and sends them to the server, and in the second phase the client is entirely classical -- it does not even need quantum storage. Crucially, the protocol's first phase is succinct, that is, its complexity is independent of the circuit size. Given the security parameter kappa, its complexity is only a fixed polynomial of kappa, and can be used to evaluate any circuit (or several circuits) of size up to a subexponential of kappa. In contrast, known schemes either require the client to perform quantum computations that scale with the size of the circuit [FOCS09, arXiv:0807.4154], or require trapdoor assumptions [Mahadev, FOCS18, arXiv:1708.02130].
Research Areas:
Impact Areas:
Created by Deborah Goodwin at Friday, March 12, 2021 at 12:29 PM.