DeepAI AI Chat
Log In Sign Up

Dispelling Myths on Superposition Attacks: Formal Security Model and Attack Analyses

by   Luka Music, et al.

It is of folkloric belief that the security of classical cryptographic protocols is automatically broken if the Adversary is allowed to perform superposition queries and the honest players forced to perform actions coherently on quantum states. Another widely held intuition is that enforcing measurements on the exchanged messages is enough to protect protocols from these attacks. However, the reality is much more complex. Security models dealing with superposition attacks only consider unconditional security. Conversely, security models considering computational security assume that all supposedly classical messages are measured, which forbids by construction the analysis of superposition attacks. Boneh and Zhandry have started to study the quantum computational security for classical primitives in their seminal work at Crypto'13, but only in the single-party setting. To the best of our knowledge, an equivalent model in the multiparty setting is still missing. In this work, we propose the first computational security model considering superposition attacks for multiparty protocols. We show that our new security model is satisfiable by proving the security of the well-known One-Time-Pad protocol and give an attack on a variant of the equally reputable Yao Protocol for Secure Two-Party Computations. The post-mortem of this attack reveals the precise points of failure, yielding highly counter-intuitive results: Adding extra classical communication, which is harmless for classical security, can make the protocol become subject to superposition attacks. We use this newly imparted knowledge to construct the first concrete protocol for Secure Two-Party Computation that is resistant to superposition attacks. Our results show that there is no straightforward answer to provide for either the vulnerabilities of classical protocols to superposition attacks or the adapted countermeasures.


page 1

page 2

page 3

page 4


Secure Multi-Party Quantum Conference and Xor Computation

Quantum conference is a process of securely exchanging messages between ...

Secure Process Algebra

Based on our previous work on truly concurrent process algebras APTC, we...

Automated Security Analysis of Exposure Notification Systems

We present the first formal analysis and comparison of the security of t...

Real-World Snapshots vs. Theory: Questioning the t-Probing Security Model

Due to its sound theoretical basis and practical efficiency, masking has...

Perfectly Secure Message Transmission against Rational Adversaries

Secure Message Transmission (SMT) is a two-party cryptographic protocol ...

Why Botnets Work: Distributed Brute-Force Attacks Need No Synchronization

In September 2017, McAffee Labs quarterly report estimated that brute fo...

WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring

We present WPSE, a browser-side security monitor for web protocols desig...