Résumé
Due to the special no-cloning principle, quantum states appear to be very useful in cryptography. But this very same property also has drawbacks: when receiving a quantum state, it is nearly impossible for the receiver to efficiently check non-trivial properties on that state without destroying it.
In this talk (which does not expect prior knowledge in quantum and post-quantum cryptography), I will introduce (Non-Interactive) Non-Destructive Zero-Knowledge Proofs on Quantum States. Our method binds a quantum state to a classical encryption of that quantum state (whose security reduces to the hardness of the Learning With Error problem). That way, the receiver can obtain guarantees on the quantum state by asking to the sender to prove properties directly on this classical encryption. This method is therefore non-destructive and it is possible to verify a very large class of properties that would be impossible to verify with a more standard quantum channel. For instance, we can force the sender to send different categories of states depending on whether they know a classical secret or not.
I will also explain how to extend this method to the multi-party setting, and how it can prove useful to distribute a GHZ state between different parties. The protocol ensures that only parties knowing a secret can be part of this GHZ, and that the identity of the parties that are part of the GHZ remains hidden to any malicious party. A direct application would be to allow a server to create a secret sharing of a qubit between unknown parties, authorized for example by a third party Certification Authority.
