Deniable Encryption in a Quantum World
This work addresses privacy for users under coercion in cryptographic systems, introducing a fundamentally stronger quantum-based approach that is not incremental.
The paper tackles the problem of deniable encryption in a quantum setting, showing that quantum computation enables perfect unexplainability, which protects against coercion before-the-fact, a property impossible classically, with security based on the quantum hardness of LWE in the random oracle model.
(Sender-)Deniable encryption provides a very strong privacy guarantee: a sender who is coerced by an attacker into "opening" their ciphertext after-the-fact is able to generate "fake" local random choices that are consistent with any plaintext of their choice. In this work, we study (sender-)deniable encryption in a setting where the encryption procedure is a quantum algorithm, but the ciphertext is classical. We show that quantum computation unlocks a fundamentally stronger form of deniable encryption, which we call perfect unexplainability. The primitive at the heart of unexplainability is a quantum computation for which there is provably no efficient way, such as exhibiting the "history of the computation", to establish that the output was indeed the result of the computation. We give a construction that is secure in the random oracle model, assuming the quantum hardness of LWE. Crucially, this notion implies a form of protection against coercion "before-the-fact", a property that is impossible to achieve classically.