Minimum disclosure proofs of knowledge
Journal of Computer and System Sciences - 27th IEEE Conference on Foundations of Computer Science October 27-29, 1986
Founding crytpography on oblivious transfer
STOC '88 Proceedings of the twentieth annual ACM symposium on Theory of computing
Limits on the provable consequences of one-way permutations
STOC '89 Proceedings of the twenty-first annual ACM symposium on Theory of computing
Journal of the ACM (JACM)
Experimental quantum cryptography
Journal of Cryptology - Eurocrypt '90
Security of quantum protocols against coherent measurements
STOC '95 Proceedings of the twenty-seventh annual ACM symposium on Theory of computing
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Quantum Bit Commitment and Coin Tossing Protocols
CRYPTO '90 Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology
Practical Quantum Oblivious Transfer
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Protocols for Secret Key Agreement by Public Discussion Based on Common Information
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
On the Security of the Quantum Oblivious Transfer and Key Distribution Protocols
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Committed Oblivious Transfer and Private Multi-Party Computation
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Quantum Bit Commitment from a Physical Assumption
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
Coin flipping by telephone a protocol for solving impossible problems
ACM SIGACT News - A special issue on cryptography
ACM SIGACT News - A special issue on cryptography
Achieving oblivious transfer using weakened security assumptions
SFCS '88 Proceedings of the 29th Annual Symposium on Foundations of Computer Science
A quantum bit commitment scheme provably unbreakable by both parties
SFCS '93 Proceedings of the 1993 IEEE 34th Annual Foundations of Computer Science
Algorithms for quantum computation: discrete logarithms and factoring
SFCS '94 Proceedings of the 35th Annual Symposium on Foundations of Computer Science
Quantum oblivious mutual identification
EUROCRYPT'95 Proceedings of the 14th annual international conference on Theory and application of cryptographic techniques
| Hi-index | 0.00 |
In 1982, Bennett and Brassard suggested a new way to provide privacy in long distance communications with security based on the correctness of the basic principles of quantum mechanics. The scheme allows two parties, Alice and Bob, sharing no secret information in the first place, to exchange messages that nobody else can figure out. The only requirement is a quantum channel and a normal phone line connecting the two parties. The fact that quantum mechanics provides unconditional secure communications is a remarkable result that cannot be achieved by classical techniques alone. Apart from secure communication, cryptography is also interested in tasks that aim at protecting one party against a potentially dishonest peer. This scenario, called secure twoparty computation, is usually modelled by a function f(xA, xB) where xA and xB are Alice's and Bob's secret input respectively. They would like to execute a protocol that produces z = f(xA, xB) to both parties without disclosing their secret input to the other party. The only information about a secret input that can be leaked toward the other party is what the output z itself discloses about it. Unlike secure communication, secure two-party computation does not assume that Alice and Bob are honest. One honest party's input should remain secret whatever the other party's behaviour. It is well-known that in order to find a protocol for secure two-party computation, one must have access to a secure bit commitment scheme. Unfortunately, in 1996 Mayers showed that no secure quantum bit commitment scheme exists. Similarly to the classical case (where trapdoor one-way functions are needed) quantum cryptography does not provide secure two-party computation for free. In this paper, we discuss the possibilities and limits of quantum cryptography for two-party computation. We describe the essential distinctions between classical and quantum cryptography in this scenario.