A Constant Lower Bound for Any Quantum Protocol for Secure Function Evaluation

Authors Sarah A. Osborn, Jamie Sikora

Thumbnail PDF


  • Filesize: 0.63 MB
  • 14 pages

Document Identifiers

Author Details

Sarah A. Osborn
  • Virginia Polytechnic Institute and State University, Blacksburg, VA, USA
Jamie Sikora
  • Virginia Polytechnic Institute and State University, Blacksburg, VA, USA

Cite AsGet BibTex

Sarah A. Osborn and Jamie Sikora. A Constant Lower Bound for Any Quantum Protocol for Secure Function Evaluation. In 17th Conference on the Theory of Quantum Computation, Communication and Cryptography (TQC 2022). Leibniz International Proceedings in Informatics (LIPIcs), Volume 232, pp. 8:1-8:14, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2022)


Secure function evaluation is a two-party cryptographic primitive where Bob computes a function of Alice’s and his respective inputs, and both hope to keep their inputs private from the other party. It has been proven that perfect (or near perfect) security is impossible, even for quantum protocols. We generalize this no-go result by exhibiting a constant lower bound on the cheating probabilities for any quantum protocol for secure function evaluation, and present many applications from oblivious transfer to the millionaire’s problem. Constant lower bounds are of practical interest since they imply the impossibility to arbitrarily amplify the security of quantum protocols by any means.

Subject Classification

ACM Subject Classification
  • Theory of computation → Cryptographic primitives
  • Theory of computation → Cryptographic protocols
  • Security and privacy → Mathematical foundations of cryptography
  • Theory of computation → Quantum information theory
  • Quantum cryptography
  • security analysis
  • secure function evaluation


  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    PDF Downloads


  1. Scott Aaronson. QMA/qpoly is contained in PSPACE/poly: de-Merlinizing quantum protocols. In Proceedings of the 21st Annual IEEE Conference on Computational Complexity, pages 261-273, 2006. Google Scholar
  2. N Aharon and J Silman. Quantum dice rolling: a multi-outcome generalization of quantum coin flipping. New Journal of Physics, 12(3):033027, 2010. Google Scholar
  3. Dorit Aharonov, André Chailloux, Maor Ganz, Iordanis Kerenidis, and Loïck Magnin. A simpler proof of the existence of quantum weak coin flipping with arbitrarily small bias. SIAM Journal on Computing, 45(3):633-679, 2016. Google Scholar
  4. Andris Ambainis. A new protocol and lower bounds for quantum coin flipping. In Proceedings of the 33rd Annual ACM Symposium on the Theory of Computing, pages 134-142, 2001. Google Scholar
  5. Andris Ambainis, Ashwin Nayak, Amnon Ta-Shma, and Umesh Vazirani. Dense quantum coding and quantum finite automata. Journal of the ACM, 49(4):496-511, 2002. Google Scholar
  6. Atul Singh Arora, Jérémie Roland, and Chrysoula Vlachou. Analytic quantum weak coin flipping protocols with arbitrarily small bias. In Proceedings of the 2021 ACM-SIAM Symposium on Discrete Algorithms, pages 919-938, 2021. Google Scholar
  7. Atul Singh Arora, Jérémie Roland, and Stephan Weis. Quantum weak coin flipping. In Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing, pages 205-216, 2019. Google Scholar
  8. B. Baumgartner. An inequality for the trace of matrix products, using absolute values. Available as arXiv.org e-Print math-ph/1106.6189, 2011. URL: http://arxiv.org/abs/math-ph/1106.6189.
  9. C. H. Bennett and G. Brassard. Quantum cryptography: Public key distribution and coin tossing. In Proceedings of IEEE International Conference on Computers, Systems, and Signal Processing, pages 175-179, India, 1984. Google Scholar
  10. Manuel Blum. Coin flipping by telephone. In Advances in Cryptology: A Report on CRYPTO 81, pages 11-15, 1981. Google Scholar
  11. Harry Buhrman, Matthias Christandl, and Christian Schaffner. Complete insecurity of quantum protocols for classical two-party computation. Physical Review Letters, 109(16):160501, 2012. Google Scholar
  12. André Chailloux, Gus Gutoski, and Jamie Sikora. Optimal bounds for semi-honest quantum oblivious transfer. Chicago Journal of Theoretical Computer Science, article 13, 2016. Google Scholar
  13. André Chailloux and Iordanis Kerenidis. Optimal quantum strong coin flipping. In Proceedings of the 2009 50th Annual IEEE Symposium on Foundations of Computer Science, pages 527-533, 2009. Google Scholar
  14. André Chailloux and Iordanis Kerenidis. Optimal bounds for quantum bit commitment. In Proceedings of the IEEE 52nd Annual Symposium on Foundations of Computer Science, pages 354-362, 2011. Google Scholar
  15. André Chailloux, Iordanis Kerenidis, and Jamie Sikora. Lower bounds for quantum oblivious transfer. Quantum Information & Computation, 13(1-2):158-177, 2013. Google Scholar
  16. I.B. Damgaard, S. Fehr, L. Salvail, and C. Schaffner. Cryptography in the bounded quantum-storage model. In Proceedings of the 46th Annual IEEE Symposium on Foundations of Computer Science, pages 449-458, 2005. Google Scholar
  17. Jingliang Gao. Quantum union bounds for sequential projective measurements. Physical Review A, 92(5):052331, 2015. Google Scholar
  18. Gus Gutoski, Ansis Rosmanis, and Jamie Sikora. Fidelity of quantum strategies with applications to cryptography. Quantum, 2:89, 2018. Google Scholar
  19. Alexei Kitaev. Quantum coin-flipping. Unpublished result, 2002. Talk at the 6th Annual workshop on Quantum Information Processing (QIP 2003). Google Scholar
  20. Srijita Kundu, Jamie Sikora, and Ernest Y.-Z. Tan. A device-independent protocol for XOR oblivious transfer. In Proceedings of the 15th Conference on the Theory of Quantum Computation, Communication and Cryptography, volume 158(12), pages 1-15, 2020. Google Scholar
  21. Hoi-Kwong Lo. Insecurity of quantum secure computations. Physical Review A, 56(2):1154-1162, 1997. Google Scholar
  22. Hoi-Kwong Lo and H. F. Chau. Is quantum bit commitment really possible? Physical Review Letters, 78(17):3410-3413, 1997. Google Scholar
  23. Hoi-Kwong Lo and H. F. Chaušpace0mm. Why quantum bit commitment and ideal quantum coin tossing are impossible. Physica D: Nonlinear Phenomena, 120(1-2):177-187, 1998. Google Scholar
  24. Dominic Mayers. Unconditionally secure quantum bit commitment is impossible. Physical Review Letters, 78(17):3414-3417, 1997. Google Scholar
  25. C. Mochon. Quantum weak coin flipping with arbitrarily small bias. Available as arXiv.org e-Print quant-ph/0711.4114, 2007. URL: http://arxiv.org/abs/quant-ph/0711.4114.
  26. R. O'Donnell and R. Venkateswaran. The quantum union bound made easy. Available as arXiv.org e-Print quant-ph/2103.07827, 2021. URL: http://arxiv.org/abs/quant-ph/2103.07827.
  27. Samad Khabbazi Oskouei, Stefano Mancini, and Mark M. Wilde. Union bound for quantum information processing. Proceedings of the Royal Society A: Mathematical, Physical and Engineering Sciences, 475(2221):20180612, 2018. Google Scholar
  28. Michael O. Rabin. How to exchange secrets with oblivious transfer. Technical Report TR-81, Aiken Computation Lab, Harvard University, 1981. Google Scholar
  29. Christian Schaffner. Cryptography in the bounded-quantum-storage model. Available as arXiv.org e-Print quant-ph/0709.0289, 2007. URL: http://arxiv.org/abs/quant-ph/0709.0289.
  30. Christian Schaffner, Barbara M. Terhal, and Stephanie Wehner. Robust cryptography in the noisy-quantum-storage model. Quantum Information & Computation, 9:963-996, 2009. Google Scholar
  31. Jamie Sikora. Simple, near-optimal quantum protocols for die-rolling. Cryptography, 1(2):11, 2017. Google Scholar
  32. R. W. Spekkens and T. Rudolph. Degrees of concealment and bindingness in quantum bit commitment protocols. Physical Review A, 65:012310, 2001. Google Scholar
  33. Stephanie Wehner, Christian Schaffner, and Barbara M. Terhal. Cryptography from noisy storage. Physical Review Letters, 100(22):220502, 2008. Google Scholar
  34. Stephen Wiesner. Conjugate coding. SIGACT News, 15(1):78-88, 1983. Google Scholar
  35. Mark M. Wilde. Sequential decoding of a general classical-quantum channel. In Proceedings of the Royal Society A: Mathematical, Physical and Engineering Sciences, volume 469(2157), page 20130259, 2013. Google Scholar
  36. Mark M. Wilde. Quantum Information Theory (second edition). Cambridge University Press, 2017. Google Scholar
  37. A. Winter. Coding theorem and strong converse for quantum channels. IEEE Transactions on Information Theory, 45(7):2481-2485, 1999. Google Scholar
Questions / Remarks / Feedback

Feedback for Dagstuhl Publishing

Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail