{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,8]],"date-time":"2025-11-08T18:08:14Z","timestamp":1762625294792,"version":"3.28.0"},"reference-count":79,"publisher":"Verein zur Forderung des Open Access Publizierens in den Quantenwissenschaften","license":[{"start":{"date-parts":[[2024,10,23]],"date-time":"2024-10-23T00:00:00Z","timestamp":1729641600000},"content-version":"unspecified","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","award":["UIDB\/50008\/2020"],"award-info":[{"award-number":["UIDB\/50008\/2020"]}]},{"name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","award":["SFRH\/BD\/144806\/201"],"award-info":[{"award-number":["SFRH\/BD\/144806\/201"]}]},{"name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","award":["2020.03274.CEECIND\/CP1621\/CT000"],"award-info":[{"award-number":["2020.03274.CEECIND\/CP1621\/CT000"]}]},{"name":"Funda\u00e7\u00e3o para a Ci\u00eancia e a Tecnologia","award":["PTDC\/EEI-TEL\/8017\/202"],"award-info":[{"award-number":["PTDC\/EEI-TEL\/8017\/202"]}]}],"content-domain":{"domain":["quantum-journal.org"],"crossmark-restriction":false},"short-container-title":["Quantum"],"abstract":"Oblivious linear evaluation is a generalization of oblivious transfer, whereby two distrustful parties obliviously compute a linear function, f<\/mml:mi>(<\/mml:mo>x<\/mml:mi>)<\/mml:mo>=<\/mml:mo>a<\/mml:mi>x<\/mml:mi>+<\/mml:mo>b<\/mml:mi><\/mml:math>, i.e., each one provides their inputs that remain unknown to the other, in order to compute the output f<\/mml:mi>(<\/mml:mo>x<\/mml:mi>)<\/mml:mo><\/mml:math> that only one of them receives. From both a structural and a security point of view, oblivious linear evaluation is fundamental for arithmetic-based secure multi-party computation protocols. In the classical case, oblivious linear evaluation protocols can be generated using oblivious transfer, and their quantum counterparts can, in principle, be constructed as straightforward extensions using quantum oblivious transfer. Here, we present the first, to the best of our knowledge, quantum protocol for oblivious linear evaluation that, furthermore, does not rely on quantum oblivious transfer. We start by presenting a semi-honest protocol, and then extend it to the dishonest setting employing a c<\/mml:mi>o<\/mml:mi>m<\/mml:mi>m<\/mml:mi>i<\/mml:mi>t<\/mml:mi>&#x2212;<\/mml:mo>a<\/mml:mi>n<\/mml:mi>d<\/mml:mi>&#x2212;<\/mml:mo>o<\/mml:mi>p<\/mml:mi>e<\/mml:mi>n<\/mml:mi><\/mml:math> strategy. Our protocol uses high-dimensional quantum states to obliviously compute f<\/mml:mi>(<\/mml:mo>x<\/mml:mi>)<\/mml:mo><\/mml:math> on Galois Fields of prime and prime-power dimension. These constructions utilize the existence of a complete set of mutually unbiased bases in prime-power dimension Hilbert spaces and their linear behaviour upon the Heisenberg-Weyl operators. We also generalize our protocol to achieve vector oblivious linear evaluation, where several instances of oblivious linear evaluation are generated, thus making the protocol more efficient. We prove the protocols to have static security in the framework of quantum universal composability.<\/jats:p>","DOI":"10.22331\/q-2024-10-23-1507","type":"journal-article","created":{"date-parts":[[2024,10,23]],"date-time":"2024-10-23T12:27:12Z","timestamp":1729686432000},"page":"1507","update-policy":"http:\/\/dx.doi.org\/10.22331\/q-crossmark-policy-page","source":"Crossref","is-referenced-by-count":1,"title":["Quantum Universally Composable Oblivious Linear Evaluation"],"prefix":"10.22331","volume":"8","author":[{"given":"Manuel B.","family":"Santos","sequence":"first","affiliation":[{"name":"Instituto de Telecomunica\u00e7\u00f5es, Av. Rovisco Pais 1, 1049-001 Lisboa, Portugal"},{"name":"Departamento de Matem\u00e1tica, Instituto Superior T\u00e9cnico, Universidade de Lisboa, Av. Rovisco Pais 1, 1049-001 Lisboa, Portugal"}]},{"given":"Paulo","family":"Mateus","sequence":"additional","affiliation":[{"name":"Instituto de Telecomunica\u00e7\u00f5es, Av. Rovisco Pais 1, 1049-001 Lisboa, Portugal"},{"name":"Departamento de Matem\u00e1tica, Instituto Superior T\u00e9cnico, Universidade de Lisboa, Av. Rovisco Pais 1, 1049-001 Lisboa, Portugal"}]},{"given":"Chrysoula","family":"Vlachou","sequence":"additional","affiliation":[{"name":"Instituto de Telecomunica\u00e7\u00f5es, Av. Rovisco Pais 1, 1049-001 Lisboa, Portugal"},{"name":"Departamento de Matem\u00e1tica, Instituto Superior T\u00e9cnico, Universidade de Lisboa, Av. Rovisco Pais 1, 1049-001 Lisboa, Portugal"}]}],"member":"9598","published-online":{"date-parts":[[2024,10,23]]},"reference":[{"key":"0","doi-asserted-by":"publisher","unstructured":"Antonio Acin, Nicolas Gisin, and Valerio Scarani. Security bounds in quantum cryptography using d-level systems. Quantum Information and Computation, 3 (6), 2003. 10.26421\/QIC3.6-1.","DOI":"10.26421\/QIC3.6-1"},{"key":"1","doi-asserted-by":"publisher","unstructured":"Irfan Ali-Khan, Curtis J. Broadbent, and John C. Howell. Large-alphabet quantum key distribution using energy-time entangled bipartite states. Phys. Rev. Lett., 98: 060503, 2007. 10.1103\/PhysRevLett.98.060503.","DOI":"10.1103\/PhysRevLett.98.060503"},{"key":"2","doi-asserted-by":"publisher","unstructured":"Ryan Amiri, Robert St\u00e1rek, David Reichmuth, Ittoop V. Puthoor, Michal Mi\u010duda, Jr. Ladislav Mi\u0161ta, Miloslav Du\u0161ek, Petros Wallden, and Erika Andersson. Imperfect 1-out-of-2 quantum oblivious transfer: Bounds, a protocol, and its experimental implementation. PRX Quantum, 2 (1), 2021. 10.1103\/prxquantum.2.010335.","DOI":"10.1103\/prxquantum.2.010335"},{"key":"3","doi-asserted-by":"publisher","unstructured":"Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. How to garble arithmetic circuits. In 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, pages 120\u2013129, 2011. 10.1109\/FOCS.2011.40.","DOI":"10.1109\/FOCS.2011.40"},{"key":"4","doi-asserted-by":"publisher","unstructured":"Benny Applebaum, Ivan Damg\u00e5rd, Yuval Ishai, Michael Nielsen, and Lior Zichron. Secure arithmetic computation with constant computational overhead. In Jonathan Katz and Hovav Shacham, editors, Advances in Cryptology \u2013 CRYPTO 2017, pages 223\u2013254, Cham, 2017. Springer International Publishing. 10.1007\/978-3-319-63688-7_8.","DOI":"10.1007\/978-3-319-63688-7_8"},{"key":"5","doi-asserted-by":"publisher","unstructured":"Atul Singh Arora, J\u00e9r\u00e9mie Roland, and Stephan Weis. Quantum weak coin flipping. In Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing, STOC 2019, page 205\u2013216, New York, NY, USA, 2019. Association for Computing Machinery. 10.1145\/3313276.3316306.","DOI":"10.1145\/3313276.3316306"},{"key":"6","doi-asserted-by":"publisher","unstructured":"Atul Singh Arora, J\u00e9r\u00e9mie Roland, and Chrysoula Vlachou. Analytic quantum weak coin flipping protocols with arbitrarily small bias. In Proceedings of the Thirty-Second Annual ACM-SIAM Symposium on Discrete Algorithms, SODA '21, page 919\u2013938. Society for Industrial and Applied Mathematics, 2021. 10.1137\/1.9781611976465.58.","DOI":"10.1137\/1.9781611976465.58"},{"key":"7","doi-asserted-by":"publisher","unstructured":"Michael Ben-Or and Dominic Mayers. General security definition and composability for quantum and classical protocols. arXiv, 0409062, 2004. 10.48550\/arXiv.quant-ph\/0409062.","DOI":"10.48550\/arXiv.quant-ph\/0409062"},{"key":"8","doi-asserted-by":"publisher","unstructured":"Charles H. Bennett, Gilles Brassard, Claude Cr\u00e9peau, and Marie-H\u00e9l\u00e8ne Skubiszewska. Practical quantum oblivious transfer. In Joan Feigenbaum, editor, Advances in Cryptology \u2014 CRYPTO '91, pages 351\u2013366, Berlin, Heidelberg, 1992. Springer Berlin Heidelberg. 10.1007\/3-540-46766-1_29.","DOI":"10.1007\/3-540-46766-1_29"},{"key":"9","doi-asserted-by":"publisher","unstructured":"Guido Berl\u00edn, Gilles Brassard, F\u00e9lix Bussi\u00e8res, and Nicolas Godbout. Fair loss-tolerant quantum coin flipping. Phys. Rev. A, 80: 062321, 2009. 10.1103\/PhysRevA.80.062321.","DOI":"10.1103\/PhysRevA.80.062321"},{"key":"10","doi-asserted-by":"publisher","unstructured":"Guido Berl\u00edn, Gilles Brassard, F\u00e9lix Bussi\u00e8res, Nicolas Godbout, Joshua A. Slater, and Wolfgang Tittel. Experimental loss-tolerant quantum coin flipping. Nature Communications, 2 (1): 561, 2011. 10.1038\/ncomms1572.","DOI":"10.1038\/ncomms1572"},{"key":"11","doi-asserted-by":"publisher","unstructured":"Fr\u00e9d\u00e9ric Bouchard, Khabat Heshami, Duncan England, Robert Fickler, Robert W. Boyd, Berthold-Georg Englert, Luis L. S\u00e1nchez-Soto, and Ebrahim Karimi. Experimental investigation of high-dimensional quantum key distribution protocols with twisted photons. Quantum, 2: 111, 2018a. 10.22331\/q-2018-12-04-111.","DOI":"10.22331\/q-2018-12-04-111"},{"key":"12","doi-asserted-by":"publisher","unstructured":"Fr\u00e9d\u00e9ric Bouchard, Natalia Herrera Valencia, Florian Brandt, Robert Fickler, Marcus Huber, and Mehul Malik. Measuring azimuthal and radial modes of photons. Opt. Express, 26 (24): 31925\u201331941, 2018b. 10.1364\/OE.26.031925.","DOI":"10.1364\/OE.26.031925"},{"key":"13","doi-asserted-by":"publisher","unstructured":"Elette Boyle, Geoffroy Couteau, Niv Gilboa, and Yuval Ishai. Compressing vector ole. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2018. 10.1145\/3243734.3243868.","DOI":"10.1145\/3243734.3243868"},{"key":"14","doi-asserted-by":"publisher","unstructured":"Mathieu Bozzio, Ulysse Chabaud, Iordanis Kerenidis, and Eleni Diamanti. Quantum weak coin flipping with a single photon. Phys. Rev. A, 102: 022414, 2020. 10.1103\/PhysRevA.102.022414.","DOI":"10.1103\/PhysRevA.102.022414"},{"key":"15","doi-asserted-by":"publisher","unstructured":"Mathieu Bozzio, Adrien Cavaill\u00e8s, Eleni Diamanti, Adrian Kent, and Dami\u00e1n Pital\u00faa-Garc\u00eda. Multiphoton and side-channel attacks in mistrustful quantum cryptography. PRX Quantum, 2: 030338, 2021. 10.1103\/PRXQuantum.2.030338.","DOI":"10.1103\/PRXQuantum.2.030338"},{"key":"16","doi-asserted-by":"publisher","unstructured":"Anne Broadbent and Peter Yuen. Device-independent oblivious transfer from the bounded-quantum-storage-model and computational assumptions. New Journal of Physics, 25 (5): 053019, 2023. 10.1088\/1367-2630\/accf32.","DOI":"10.1088\/1367-2630\/accf32"},{"key":"17","doi-asserted-by":"publisher","unstructured":"Ran Canetti. Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 13 (1): 143\u2013202, 2000. 10.1007\/s001459910006.","DOI":"10.1007\/s001459910006"},{"key":"18","doi-asserted-by":"publisher","unstructured":"Ran Canetti. Universally composable security. Journal of the ACM, 67 (5): 1\u201394, 2020. 10.1145\/3402457.","DOI":"10.1145\/3402457"},{"key":"19","doi-asserted-by":"publisher","unstructured":"Ran Canetti and Marc Fischlin. Universally composable commitments. In Advances in Cryptology CRYPTO 2001, pages 19\u201340. Springer Berlin Heidelberg, 2001. 10.1007\/3-540-44647-8_2.","DOI":"10.1007\/3-540-44647-8_2"},{"key":"20","doi-asserted-by":"publisher","unstructured":"J. Lawrence Carter and Mark N. Wegman. Universal classes of hash functions. Journal of Computer and System Sciences, 18 (2): 143\u2013154, 1979. 10.1016\/0022-0000(79)90044-8.","DOI":"10.1016\/0022-0000(79)90044-8"},{"key":"21","doi-asserted-by":"publisher","unstructured":"Nicolas J. Cerf, Mohamed Bourennane, Anders Karlsson, and Nicolas Gisin. Security of quantum key distribution using d-level systems. Phys. Rev. Lett., 88: 127902, 2002. 10.1103\/PhysRevLett.88.127902.","DOI":"10.1103\/PhysRevLett.88.127902"},{"key":"22","doi-asserted-by":"publisher","unstructured":"Andr\u00e9 Chailloux, Iordanis Kerenidis, and Jamie Sikora. Lower bounds for Quantum Oblivious Transfer. In Kamal Lodaya and Meena Mahajan, editors, IARCS Annual Conference on Foundations of Software Technology and Theoretical Computer Science (FSTTCS 2010), volume 8 of Leibniz International Proceedings in Informatics (LIPIcs), pages 157\u2013168, Dagstuhl, Germany, 2010. Schloss Dagstuhl \u2013 Leibniz-Zentrum f\u00fcr Informatik. 10.4230\/LIPIcs.FSTTCS.2010.157.","DOI":"10.4230\/LIPIcs.FSTTCS.2010.157"},{"key":"23","doi-asserted-by":"publisher","unstructured":"Andr\u00e9 Chailloux, Gus Gutoski, and Jamie Sikora. Optimal bounds for semi-honest quantum oblivious transfer. Chicago Journal of Theoretical Computer Science, (13): 1\u201317, 2016. 10.4086\/cjtcs.2016.013.","DOI":"10.4086\/cjtcs.2016.013"},{"key":"24","doi-asserted-by":"publisher","unstructured":"Melissa Chase, Yevgeniy Dodis, Yuval Ishai, Daniel Kraschewski, Tianren Liu, Rafail Ostrovsky, and Vinod Vaikuntanathan. Reusable non-interactive secure computation. Advances in Cryptology \u2013 CRYPTO 2019, 11694: 462\u2013488, 2019. 10.1007\/978-3-030-26954-8_15.","DOI":"10.1007\/978-3-030-26954-8_15"},{"key":"25","doi-asserted-by":"publisher","unstructured":"David Chaum, Claude Cr\u00e9peau, and Ivan Damgard. Multiparty unconditionally secure protocols. In Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC '88, page 11\u201319, New York, NY, USA, 1988. Association for Computing Machinery. 10.1145\/62212.62214.","DOI":"10.1145\/62212.62214"},{"key":"26","doi-asserted-by":"publisher","unstructured":"Bruno Costa, Pedro Branco, Manuel Goul\u00e3o, Mariano Lemus, and Paulo Mateus. Randomized oblivious transfer for secure multiparty computation in the quantum setting. Entropy, 23 (8): 1001, 2021. 10.3390\/e23081001.","DOI":"10.3390\/e23081001"},{"key":"27","doi-asserted-by":"publisher","unstructured":"Claude Cr\u00e9peau. Quantum oblivious transfer. Journal of Modern Optics, 41 (12): 2445\u20132454, 1994. 10.1080\/09500349414552291.","DOI":"10.1080\/09500349414552291"},{"key":"28","doi-asserted-by":"publisher","unstructured":"Ivan Damg\u00e5rd, Serge Fehr, Carolin Lunemann, Louis Salvail, and Christian Schaffner. Improving the security of quantum protocols via commit-and-open. In Advances in Cryptology - CRYPTO 2009, pages 408\u2013427, Berlin, Heidelberg, 2009. Springer Berlin Heidelberg. 10.1007\/978-3-642-03356-8_24.","DOI":"10.1007\/978-3-642-03356-8_24"},{"key":"29","doi-asserted-by":"publisher","unstructured":"Ivan Damg\u00e5rd, Helene Haagh, Michael Nielsen, and Claudio Orlandi. Commodity-based 2pc for arithmetic circuits. In Martin Albrecht, editor, Cryptography and Coding, pages 154\u2013177, Cham, 2019. Springer International Publishing. 10.1007\/978-3-030-35199-1_8.","DOI":"10.1007\/978-3-030-35199-1_8"},{"key":"30","doi-asserted-by":"publisher","unstructured":"Mirdit Doda, Marcus Huber, Gl\u00e1ucia Murta, Matej Pivoluska, Martin Plesch, and Chrysoula Vlachou. Quantum key distribution overcoming extreme noise: Simultaneous subspace coding using high-dimensional entanglement. Phys. Rev. Applied, 15: 034003, 2021. 10.1103\/PhysRevApplied.15.034003.","DOI":"10.1103\/PhysRevApplied.15.034003"},{"key":"31","doi-asserted-by":"publisher","unstructured":"Nico D\u00f6ttling, Satrajit Ghosh, Jesper Buus Nielsen, Tobias Nilges, and Roberto Trifiletti. Tinyole: Efficient actively secure two-party computation from oblivious linear function evaluation. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS '17, page 2263\u20132276, New York, NY, USA, 2017. Association for Computing Machinery. 10.1145\/3133956.3134024.","DOI":"10.1145\/3133956.3134024"},{"key":"32","doi-asserted-by":"publisher","unstructured":"Frederic Dupuis, Omar Fawzi, and Stephanie Wehner. Entanglement sampling and applications. IEEE Transactions on Information Theory, 61 (2): 1093\u20131112, 2015. 10.1109\/tit.2014.2371464.","DOI":"10.1109\/tit.2014.2371464"},{"key":"33","doi-asserted-by":"publisher","unstructured":"Thomas Durt, Berthold-Georg Englert, Ingemar Bengtsson, and Karol Zyczkowski. On mutually unbiased bases. International Journal of Quantum Information, 08 (04): 535\u2013640, 2010. 10.1142\/S0219749910006502.","DOI":"10.1142\/S0219749910006502"},{"key":"34","unstructured":"Nico D\u00f6ttling, Daniel Kraschewski, and J\u00f6rn M\u00fcller-Quade. David and goliath oblivious affine function evaluation - asymptotically optimal building blocks for universally composable two-party computation from a single untrusted stateful tamper-proof hardware token. Cryptology ePrint Archive, Report 2012\/135, 2012. URL https:\/\/eprint.iacr.org\/2012\/135."},{"key":"35","doi-asserted-by":"publisher","unstructured":"Serge Fehr and Christian Schaffner. Composing quantum protocols in a classical environment. Theory of Cryptography Conference (TCC 09), 5444: 350\u2013367, 2009. 10.48550\/arXiv.0804.1059.","DOI":"10.48550\/arXiv.0804.1059"},{"key":"36","doi-asserted-by":"publisher","unstructured":"Satrajit Ghosh and Tobias Nilges. An algebraic approach to maliciously secure private set intersection. In Yuval Ishai and Vincent Rijmen, editors, Advances in Cryptology \u2013 EUROCRYPT 2019, pages 154\u2013185, Cham, 2019. Springer International Publishing. 10.1007\/978-3-030-17659-4_6.","DOI":"10.1007\/978-3-030-17659-4_6"},{"key":"37","doi-asserted-by":"publisher","unstructured":"Satrajit Ghosh, Jesper Buus Nielsen, and Tobias Nilges. Maliciously secure oblivious linear function evaluation with constant overhead. In Tsuyoshi Takagi and Thomas Peyrin, editors, Advances in Cryptology \u2013 ASIACRYPT 2017, pages 629\u2013659, Cham, 2017. Springer International Publishing. 10.1007\/978-3-319-70694-8_22.","DOI":"10.1007\/978-3-319-70694-8_22"},{"key":"38","doi-asserted-by":"publisher","unstructured":"Niv Gilboa. Two party RSA key generation. In Advances in Cryptology \u2014 CRYPTO' 99, pages 116\u2013129. Springer Berlin Heidelberg, 1999. 10.1007\/3-540-48405-1_8.","DOI":"10.1007\/3-540-48405-1_8"},{"key":"39","doi-asserted-by":"publisher","unstructured":"Oded Goldreich. Foundations of Cryptography. Cambridge University Press, 2004. 10.1017\/cbo9780511721656.","DOI":"10.1017\/cbo9780511721656"},{"key":"40","doi-asserted-by":"publisher","unstructured":"Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game. In Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, STOC '87, page 218\u2013229, New York, NY, USA, 1987. Association for Computing Machinery. 10.1145\/28395.28420.","DOI":"10.1145\/28395.28420"},{"key":"41","doi-asserted-by":"publisher","unstructured":"Shai Halevi and Hugo Krawczyk. MMH: Software message authentication in the gbit\/second rates. In Fast Software Encryption, pages 172\u2013189. Springer Berlin Heidelberg, 1997. 10.1007\/bfb0052345.","DOI":"10.1007\/bfb0052345"},{"key":"42","doi-asserted-by":"publisher","unstructured":"Carmit Hazay. Oblivious polynomial evaluation and secure set-intersection from algebraic prfs. J. Cryptol., 31 (2): 537\u2013586, 2018. 10.1007\/s00145-017-9263-y.","DOI":"10.1007\/s00145-017-9263-y"},{"key":"43","doi-asserted-by":"publisher","unstructured":"Carmit Hazay, Yuval Ishai, Antonio Marcedone, and Muthuramakrishnan Venkitasubramaniam. Leviosa: Lightweight secure arithmetic computation. CCS '19, page 327\u2013344. Association for Computing Machinery, 2019. 10.1145\/3319535.3354258.","DOI":"10.1145\/3319535.3354258"},{"key":"44","doi-asserted-by":"publisher","unstructured":"Russel Impagliazzo and Steven Rudich. Limits on the provable consequences of one-way permutations. In Proceedings of the Twenty-First Annual ACM Symposium on Theory of Computing, STOC '89, page 44\u201361, New York, NY, USA, 1989. Association for Computing Machinery. ISBN 0897913078. 10.1145\/73007.73012.","DOI":"10.1145\/73007.73012"},{"key":"45","doi-asserted-by":"publisher","unstructured":"Yuval Ishai, Manoj Prabhakaran, and Amit Sahai. Secure arithmetic computation with no honest majority. In Omer Reingold, editor, Theory of Cryptography, pages 294\u2013314, Berlin, Heidelberg, 2009. Springer Berlin Heidelberg. 10.1007\/978-3-642-00457-5_18.","DOI":"10.1007\/978-3-642-00457-5_18"},{"key":"46","doi-asserted-by":"publisher","unstructured":"I. Kerenidis and A. Chailloux. Optimal bounds for quantum bit commitment. In 2013 IEEE 54th Annual Symposium on Foundations of Computer Science, pages 354\u2013362, Los Alamitos, CA, USA, oct 2011. IEEE Computer Society. 10.1109\/FOCS.2011.42.","DOI":"10.1109\/FOCS.2011.42"},{"key":"47","doi-asserted-by":"publisher","unstructured":"Joe Kilian. Founding cryptography on oblivious transfer. In Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, STOC '88, page 20\u201331, New York, NY, USA, 1988. Association for Computing Machinery. 10.1145\/62212.62215.","DOI":"10.1145\/62212.62215"},{"key":"48","doi-asserted-by":"publisher","unstructured":"Robert Konig, Stephanie Wehner, and J\u00fcrg Wullschleger. Unconditional security from noisy quantum storage. IEEE Transactions on Information Theory, 58 (3): 1962\u20131984, 2012. 10.1109\/TIT.2011.2177772.","DOI":"10.1109\/TIT.2011.2177772"},{"key":"49","doi-asserted-by":"publisher","unstructured":"Srijita Kundu, Jamie Sikora, and Ernest Y. Z. Tan. A device-independent protocol for xor oblivious transfer. Quantum, 6: 735, 2022. 10.22331\/q-2022-05-30-725.","DOI":"10.22331\/q-2022-05-30-725"},{"key":"50","doi-asserted-by":"publisher","unstructured":"Charles Ci Wen Lim, Christopher Portmann, Marco Tomamichel, Renato Renner, and Nicolas Gisin. Device-independent quantum key distribution with local bell test. Physical Review X, 3 (3), 2013. 10.1103\/physrevx.3.031006.","DOI":"10.1103\/physrevx.3.031006"},{"key":"51","doi-asserted-by":"publisher","unstructured":"Lindell and Pinkas. Privacy preserving data mining. Journal of Cryptology, 15 (3): 177\u2013206, 2002. 10.1007\/s00145-001-0019-2.","DOI":"10.1007\/s00145-001-0019-2"},{"key":"52","doi-asserted-by":"publisher","unstructured":"Hoi-Kwong Lo and H. F. Chau. Is quantum bit commitment really possible? Phys. Rev. Lett., 78: 3410\u20133413, Apr 1997. 10.1103\/PhysRevLett.78.3410.","DOI":"10.1103\/PhysRevLett.78.3410"},{"key":"53","doi-asserted-by":"publisher","unstructured":"Hoi-Kwong Lo and H.F. Chau. Why quantum bit commitment and ideal quantum coin tossing are impossible. Physica D: Nonlinear Phenomena, 120 (1): 177\u2013187, 1998. 10.1016\/S0167-2789(98)00053-0.","DOI":"10.1016\/S0167-2789(98)00053-0"},{"key":"54","doi-asserted-by":"publisher","unstructured":"Ricardo Loura, \u00c1lvaro J. Almeida, Paulo S. Andr\u00e9, Armando N. Pinto, Paulo Mateus, and Nikola Paunkovi\u0107. Noise and measurement errors in a practical two-state quantum bit commitment protocol. Phys. Rev. A, 89: 052336, 2014. 10.1103\/PhysRevA.89.052336.","DOI":"10.1103\/PhysRevA.89.052336"},{"key":"55","doi-asserted-by":"publisher","unstructured":"Ricardo Loura, Du\u0161an Arsenovi\u0107, Nikola Paunkovi\u0107, Du\u0161ka B. Popovi\u0107, and Slobodan Prvanovi\u0107. Security of two-state and four-state practical quantum bit-commitment protocols. Phys. Rev. A, 94: 062335, 2016. 10.1103\/PhysRevA.94.062335.","DOI":"10.1103\/PhysRevA.94.062335"},{"key":"56","doi-asserted-by":"publisher","unstructured":"Dominic Mayers. Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Lett., 78: 3414\u20133417, 1997. 10.1103\/PhysRevLett.78.3414.","DOI":"10.1103\/PhysRevLett.78.3414"},{"key":"57","doi-asserted-by":"publisher","unstructured":"Carlos Mochon. Large family of quantum weak coin-flipping protocols. Phys. Rev. A, 72: 022341, 2005. 10.1103\/PhysRevA.72.022341.","DOI":"10.1103\/PhysRevA.72.022341"},{"key":"58","doi-asserted-by":"publisher","unstructured":"G. Molina-Terriza, A. Vaziri, R. Ursin, and A. Zeilinger. Experimental quantum coin tossing. Phys. Rev. Lett., 94: 040501, 2005. 10.1103\/PhysRevLett.94.040501.","DOI":"10.1103\/PhysRevLett.94.040501"},{"key":"59","doi-asserted-by":"publisher","unstructured":"Martin M\u00fcller-Lennert, Fr\u00e9d\u00e9ric Dupuis, Oleg Szehr, Serge Fehr, and Marco Tomamichel. On quantum r\u00e9nyi entropies: A new generalization and some properties. Journal of Mathematical Physics, 54 (12): 122203, 2013. 10.1063\/1.4838856.","DOI":"10.1063\/1.4838856"},{"key":"60","doi-asserted-by":"publisher","unstructured":"Moni Naor and Benny Pinkas. Oblivious transfer and polynomial evaluation. In Proceedings of the thirty-first annual ACM symposium on Theory of computing - STOC'99. ACM Press. 10.1145\/301250.301312.","DOI":"10.1145\/301250.301312"},{"key":"61","doi-asserted-by":"publisher","unstructured":"Moni Naor and Benny Pinkas. Oblivious polynomial evaluation. SIAM Journal on Computing, 35 (5): 1254\u20131281, 2006. 10.1137\/s0097539704383633.","DOI":"10.1137\/s0097539704383633"},{"key":"62","doi-asserted-by":"publisher","unstructured":"Nelly Huei Ying Ng, Siddarth K. Joshi, Chia Chen Ming, Christian Kurtsiefer, and Stephanie Wehner. Experimental implementation of bit commitment in the noisy-storage model. Nature Communications, 3 (1): 1326, 2012. 10.1038\/ncomms2268.","DOI":"10.1038\/ncomms2268"},{"key":"63","doi-asserted-by":"publisher","unstructured":"Dimiter Ostrev. QKD parameter estimation by two-universal hashing. Quantum, 7: 894, 2023. 10.22331\/q-2023-01-13-894.","DOI":"10.22331\/q-2023-01-13-894"},{"key":"64","doi-asserted-by":"publisher","unstructured":"Anna Pappa, Paul Jouguet, Thomas Lawson, Andr\u00e9 Chailloux, Matthieu Legr\u00e9, Patrick Trinkler, Iordanis Kerenidis, and Eleni Diamanti. Experimental plug and play quantum coin flipping. Nature Communications, 5 (1): 3717, 2014. 10.1038\/ncomms4717.","DOI":"10.1038\/ncomms4717"},{"key":"65","unstructured":"Michael O. Rabin. How to exchange secrets with oblivious transfer. Technical Report TR-81, Aiken Computation Laboratory, Harvard University, 1981. URL https:\/\/eprint.iacr.org\/2005\/187."},{"key":"66","doi-asserted-by":"publisher","unstructured":"Renato Renner. Security of quantum key distribution. International Journal of Quantum Information, 06 (01): 1\u2013127, 2008. 10.1142\/S0219749908003256.","DOI":"10.1142\/S0219749908003256"},{"key":"67","doi-asserted-by":"publisher","unstructured":"Manuel B. Santos, Paulo Mateus, and Armando N. Pinto. Quantum oblivious transfer: A short review. Entropy, 24 (7), 2022. 10.3390\/e24070945.","DOI":"10.3390\/e24070945"},{"key":"68","doi-asserted-by":"publisher","unstructured":"Lana Sheridan and Valerio Scarani. Security proof for quantum key distribution using qudit systems. Phys. Rev. A, 82: 030301, 2010. 10.1103\/PhysRevA.82.030301.","DOI":"10.1103\/PhysRevA.82.030301"},{"key":"69","doi-asserted-by":"publisher","unstructured":"Peter W. Shor. Algorithms for quantum computation: discrete logarithms and factoring. Proceedings 35th Annual Symposium on Foundations of Computer Science, pages 124\u2013134, 1994. 10.1109\/SFCS.1994.365700.","DOI":"10.1109\/SFCS.1994.365700"},{"key":"70","doi-asserted-by":"publisher","unstructured":"Alicia Sit, Fr\u00e9d\u00e9ric Bouchard, Robert Fickler, J\u00e9r\u00e9mie Gagnon-Bischoff, Hugo Larocque, Khabat Heshami, Dominique Elser, Christian Peuntinger, Kevin G\u00fcnthner, Bettina Heim, Christoph Marquardt, Gerd Leuchs, Robert W. Boyd, and Ebrahim Karimi. High-dimensional intracity quantum cryptography with structured photons. Optica, 4 (9): 1006\u20131010, 2017. 10.1364\/OPTICA.4.001006.","DOI":"10.1364\/OPTICA.4.001006"},{"key":"71","doi-asserted-by":"publisher","unstructured":"Lara Stroh, Nikola Horov\u00e1, Robert St\u00e1rek, Ittoop V. Puthoor, Michal Mi\u010duda, Miloslav Du\u0161ek, and Erika Andersson. Noninteractive xor quantum oblivious transfer: Optimal protocols and their experimental implementations. PRX Quantum, 4: 020320, 2023. 10.1103\/PRXQuantum.4.020320.","DOI":"10.1103\/PRXQuantum.4.020320"},{"key":"72","doi-asserted-by":"publisher","unstructured":"Marco Tomamichel. Quantum Information Processing with Finite Resources. Springer International Publishing, 2016. 10.1007\/978-3-319-21891-5.","DOI":"10.1007\/978-3-319-21891-5"},{"key":"73","doi-asserted-by":"publisher","unstructured":"Marco Tomamichel, Christian Schaffner, Adam Smith, and Renato Renner. Leftover hashing against quantum side information. IEEE Transactions on Information Theory, 57 (8): 5524\u20135535, 2011. 10.1109\/tit.2011.2158473.","DOI":"10.1109\/tit.2011.2158473"},{"key":"74","doi-asserted-by":"publisher","unstructured":"Dominique Unruh. Simulatable security for quantum protocols. arXiv, 0409125, 2004. 10.48550\/arXiv.quant-ph\/0409125.","DOI":"10.48550\/arXiv.quant-ph\/0409125"},{"key":"75","doi-asserted-by":"publisher","unstructured":"Dominique Unruh. Universally composable quantum multi-party computation. In Advances in Cryptology \u2013 EUROCRYPT 2010, pages 486\u2013505, Berlin, Heidelberg, 2010. Springer Berlin Heidelberg. 10.1007\/978-3-642-13190-5_25.","DOI":"10.1007\/978-3-642-13190-5_25"},{"key":"76","doi-asserted-by":"publisher","unstructured":"Dominique Unruh. Concurrent composition in the bounded quantum storage model. In Advances in Cryptology \u2013 EUROCRYPT 2011, pages 467\u2013486. Springer Berlin Heidelberg, 2011. 10.1007\/978-3-642-20465-4_26.","DOI":"10.1007\/978-3-642-20465-4_26"},{"key":"77","unstructured":"Dominique Unruh. Lecture notes in quantum cryptography, 2022. URL https:\/\/kodu.ut.ee\/ unruh\/courses\/qc\/2022\/notes.pdf."},{"key":"78","doi-asserted-by":"publisher","unstructured":"Tian Zhong, Hongchao Zhou, Robert D Horansky, Catherine Lee, Varun B Verma, Adriana E Lita, Alessandro Restelli, Joshua C Bienfang, Richard P Mirin, Thomas Gerrits, Sae Woo Nam, Francesco Marsili, Matthew D Shaw, Zheshen Zhang, Ligong Wang, Dirk Englund, Gregory W Wornell, Jeffrey H Shapiro, and Franco N C Wong. Photon-efficient quantum key distribution using time\u2013energy entanglement with high-dimensional encoding. New Journal of Physics, 17 (2): 022002, 2015. 10.1088\/1367-2630\/17\/2\/022002.","DOI":"10.1088\/1367-2630\/17\/2\/022002"}],"container-title":["Quantum"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/quantum-journal.org\/papers\/q-2024-10-23-1507\/pdf\/","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2024,10,23]],"date-time":"2024-10-23T12:27:19Z","timestamp":1729686439000},"score":1,"resource":{"primary":{"URL":"https:\/\/quantum-journal.org\/papers\/q-2024-10-23-1507\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,10,23]]},"references-count":79,"URL":"https:\/\/doi.org\/10.22331\/q-2024-10-23-1507","archive":["CLOCKSS"],"relation":{},"ISSN":["2521-327X"],"issn-type":[{"value":"2521-327X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2024,10,23]]},"article-number":"1507"}}