Lower Bounds for Quantum Secure Function Evaluation Reductions
Abstract
One-sided output secure function evaluation is a cryptographic primitive where the two mutually distrustful players, Alice and Bob, both have a private input to a bivariate function. Bob obtains the value of the function for the given inputs, while Alice receives no output. It is known that this primitive cannot be securely implemented if the two players only have access to noiseless classical and quantum communication. In this work, we first show that Bob can extract the function values for all his possible inputs from any implementation of a non-trivial function that is correct and preserves the privacy of Bob's input. Our result holds in the non-asymptotic setting where the players have finite resources and the error is a constant. Then we consider protocols for secure function evaluation in a setup where the two players have access to trusted distributed randomness as a resource. Building upon the first result, we prove a bound on the efficiency of such cryptographic reductions for any non-trivial function in terms of the conditional entropies of the trusted randomness. From this result, we can derive lower bounds on the number of instances of different variants of OT needed to securely implement a given function.
Keywords
Cite
@article{arxiv.2405.12121,
title = {Lower Bounds for Quantum Secure Function Evaluation Reductions},
author = {Esther Hänggi and Severin Winkler},
journal= {arXiv preprint arXiv:2405.12121},
year = {2025}
}
Comments
v3: Completely rewritten. For better readability, we have separated the two main results of the previous versions. arXiv:2405.12121 proves the impossibility of quantum private queries. The current version builds upon the main theorem of arXiv:2405.12121. It then proves lower bounds on secure implementations of functions by quantum protocols v4: Minor changes, mainly in the introduction