MPC in the Quantum Head (or: Superposition-Secure (Quantum) Zero-Knowledge)

Andrea Coladangelo1, Ruta Jawale2, Dakshita Khurana3, Giulio Malavolta4, and Hendrik Waldner5

1University of Washington
2University of Illinois, Urbana-Champaign
3University of Illinois, Urbana-Champaign and NTT Research
4Bocconi University
5CISPA

Find this paper interesting or want to discuss? Scite or leave a comment on SciRate.

Abstract

The MPC-in-the-head technique (Ishai et al., STOC 2007) is a celebrated method to build zero-knowledge protocols with desirable theoretical properties and high practical efficiency. This technique has generated a large body of research and has influenced the design of real-world post-quantum cryptographic signatures. In this work, we present a generalization of the MPC-in-the-head paradigm to the quantum setting, where the MPC is running a quantum computation. As an application of our framework, we propose a new approach to build zero-knowledge protocols where security holds even against a verifier that can obtain a superposition of transcripts. This notion was pioneered by Damgard et al., who built a zero-knowledge protocol for NP (in the common reference string model) secure against superposition attacks, by relying on perfectly hiding and unconditionally binding dual-mode commitments. Unfortunately, no such commitments are known from standard cryptographic assumptions. In this work we revisit this problem, and present two new three-round protocols in the common reference string model: (i) A zero-knowledge argument for NP, whose security reduces to the standard learning with errors (LWE) problem. (ii) A zero-knowledge argument for QMA from the same assumption.

► BibTeX data

► References

[1] Gorjan Alagic, Andrew M. Childs, Alex B. Grilo, and Shih-Han Hung, ``Non-interactive Classical Verification of Quantum Computation'' Theory of Cryptography - 18th International Conference, TCC 2020, Durham, NC, USA, November 16-19, 2020, Proceedings, Part III 12552, 153-180 (2020).
https:/​/​doi.org/​10.1007/​978-3-030-64381-2_6

[2] Gorjan Alagic, Stacey Jeffery, Maris Ozols, and Alexander Poremba, ``On Quantum Chosen-Ciphertext Attacks and Learning with Errors'' Cryptogr. 4, 10 (2020).
https:/​/​doi.org/​10.3390/​CRYPTOGRAPHY4010010

[3] James Bartusekand Giulio Malavolta ``Indistinguishability Obfuscation of Null Quantum Circuits and Applications'' 13th Innovations in Theoretical Computer Science Conference, ITCS 2022, January 31 - February 3, 2022, Berkeley, CA, USA 215, 15:1–15:13 (2022).
https:/​/​doi.org/​10.4230/​LIPIcs.ITCS.2022.15

[4] Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson, ``Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract)'' Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2-4, 1988, Chicago, Illinois, USA 1–10 (1988).
https:/​/​doi.org/​10.1145/​62212.62213

[5] Rishabh Bhadauria, Zhiyong Fang, Carmit Hazay, Muthuramakrishnan Venkitasubramaniam, Tiancheng Xie, and Yupeng Zhang, ``Ligero++: A New Optimized Sublinear IOP'' CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020 2025–2038 (2020).
https:/​/​doi.org/​10.1145/​3372297.3417893

[6] Ritam Bhaumik, Xavier Bonnetain, André Chailloux, Gaëtan Leurent, María Naya-Plasencia, André Schrottenloher, and Yannick Seurin, ``QCB: Efficient Quantum-Secure Authenticated Encryption'' Advances in Cryptology - ASIACRYPT 2021 - 27th International Conference on the Theory and Application of Cryptology and Information Security, Singapore, December 6-10, 2021, Proceedings, Part I 668–698 (2021).
https:/​/​doi.org/​10.1007/​978-3-030-92062-3_23

[7] Dan Bonehand Mark Zhandry ``Quantum-Secure Message Authentication Codes'' Advances in Cryptology - EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, May 26-30, 2013. Proceedings 7881, 592–608 (2013).
https:/​/​doi.org/​10.1007/​978-3-642-38348-9_35

[8] Dan Bonehand Mark Zhandry ``Secure Signatures and Chosen Ciphertext Security in a Quantum Computing World'' Advances in Cryptology - CRYPTO 2013 - 33rd Annual Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2013. Proceedings, Part II 8043, 361–379 (2013).
https:/​/​doi.org/​10.1007/​978-3-642-40084-1_21

[9] Dan Boneh, Özgür Dagdelen, Marc Fischlin, Anja Lehmann, Christian Schaffner, and Mark Zhandry, ``Random Oracles in a Quantum World'' Advances in Cryptology - ASIACRYPT 2011 - 17th International Conference on the Theory and Application of Cryptology and Information Security, Seoul, South Korea, December 4-8, 2011. Proceedings 7073, 41–69 (2011).
https:/​/​doi.org/​10.1007/​978-3-642-25385-0_3

[10] Zvika Brakerskiand Nir Magrafta ``Real-Valued Somewhat-Pseudorandom Unitaries'' Theory of Cryptography - 22nd International Conference, TCC 2024, Milan, Italy, December 2-6, 2024, Proceedings, Part II 36–59 (2024).
https:/​/​doi.org/​10.1007/​978-3-031-78017-2_2

[11] Zvika Brakerskiand Omri Shmueli ``Scalable Pseudorandom Quantum States'' Advances in Cryptology - CRYPTO 2020 - 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17-21, 2020, Proceedings, Part II 417–440 (2020).
https:/​/​doi.org/​10.1007/​978-3-030-56880-1_15

[12] Anne Broadbentand Alex Bredariol Grilo ``QMA-Hardness of Consistency of Local Density Matrices with Applications to Quantum Zero-Knowledge'' SIAM J. Comput. 51, 1400–1450 (2022).
https:/​/​doi.org/​10.1137/​21M140729X

[13] Anne Broadbent, Zhengfeng Ji, Fang Song, and John Watrous, ``Zero-Knowledge Proof Systems for QMA'' SIAM J. Comput. 49, 245–283 (2020).
https:/​/​doi.org/​10.1137/​18M1193530

[14] André Chailloux ``Tight quantum security of the Fiat-Shamir transform for commit-and-open identification schemes with applications to post-quantum signature schemes'' CoRR abs/​1906.05415 (2019).
https:/​/​doi.org/​10.48550/​arXiv.1906.05415
arXiv:1906.05415

[15] Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Sebastian Ramacher, Christian Rechberger, Daniel Slamanig, and Greg Zaverucha, ``Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives'' Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017 1825–1842 (2017).
https:/​/​doi.org/​10.1145/​3133956.3133997

[16] Kai-Min Chung, Yi Lee, Han-Hsuan Lin, and Xiaodi Wu, ``Constant-Round Blind Classical Verification of Quantum Sampling'' Advances in Cryptology - EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, May 30 - June 3, 2022, Proceedings, Part III 707–736 (2022).
https:/​/​doi.org/​10.1007/​978-3-031-07082-2_25

[17] Claude Crepeau, Daniel Gottesman, and Adam Smith, ``Secure Multi-party Quantum Computing'' (2002).
https:/​/​doi.org/​10.48550/​ARXIV.QUANT-PH/​0206138
https:/​/​arxiv.org/​abs/​quant-ph/​0206138

[18] Ivan Damgård, Serge Fehr, Carolin Lunemann, Louis Salvail, and Christian Schaffner, ``Improving the Security of Quantum Protocols via Commit-and-Open'' Advances in Cryptology - CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 16-20, 2009. Proceedings 408–427 (2009).
https:/​/​doi.org/​10.1007/​978-3-642-03356-8_24

[19] Ivan Damgård, Jakob Funder, Jesper Buus Nielsen, and Louis Salvail, ``Superposition Attacks on Cryptographic Protocols'' Information Theoretic Security - 7th International Conference, ICITS 2013, Singapore, November 28-30, 2013, Proceedings 8317, 142–161 (2013).
https:/​/​doi.org/​10.1007/​978-3-319-04268-8_9

[20] Jelle Don, Serge Fehr, Christian Majenz, and Christian Schaffner, ``Security of the Fiat-Shamir Transformation in the Quantum Random-Oracle Model'' Advances in Cryptology - CRYPTO 2019 - 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2019, Proceedings, Part II 11693, 356–383 (2019).
https:/​/​doi.org/​10.1007/​978-3-030-26951-7_13

[21] Jelle Don, Serge Fehr, Christian Majenz, and Christian Schaffner, ``Efficient NIZKs and Signatures from Commit-and-Open Protocols in the QROM'' Advances in Cryptology - CRYPTO 2022 - 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, Proceedings, Part II 729–757 (2022).
https:/​/​doi.org/​10.1007/​978-3-031-15979-4_25

[22] Jelle Don, Serge Fehr, Christian Majenz, and Christian Schaffner, ``Online-Extractability in the Quantum Random-Oracle Model'' Advances in Cryptology - EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, May 30 - June 3, 2022, Proceedings, Part III 13277, 677–706 (2022).
https:/​/​doi.org/​10.1007/​978-3-031-07082-2_24

[23] Uriel Feige, Dror Lapidot, and Adi Shamir, ``Multiple Non-Interactive Zero Knowledge Proofs Based on a Single Random String (Extended Abstract)'' 31st Annual Symposium on Foundations of Computer Science, St. Louis, Missouri, USA, October 22-24, 1990, Volume I 308–317 (1990).
https:/​/​doi.org/​10.1109/​FSCS.1990.89549

[24] Tommaso Gagliardoni, Andreas Hülsing, and Christian Schaffner, ``Semantic Security and Indistinguishability in the Quantum World'' Advances in Cryptology - CRYPTO 2016 - 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2016, Proceedings, Part III 9816, 60–89 (2016).
https:/​/​doi.org/​10.1007/​978-3-662-53015-3_3

[25] Sumegha Garg, Henry Yuen, and Mark Zhandry, ``New Security Notions and Feasibility Results for Authentication of Quantum Data'' Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part II 10402, 342–371 (2017).
https:/​/​doi.org/​10.1007/​978-3-319-63715-0_12

[26] Irene Giacomelli, Jesper Madsen, and Claudio Orlandi, ``ZKBoo: Faster Zero-Knowledge for Boolean Circuits'' 25th USENIX Security Symposium, USENIX Security 16, Austin, TX, USA, August 10-12, 2016 1069–1083 (2016).

[27] Oded Goldreich, Silvio Micali, and Avi Wigderson, ``How to Play any Mental Game or A Completeness Theorem for Protocols with Honest Majority'' Proceedings of the 19th Annual ACM Symposium on Theory of Computing, 1987, New York, New York, USA 218–229 (1987).
https:/​/​doi.org/​10.1145/​28395.28420

[28] J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten, ``Lest We Remember: Cold Boot Attacks on Encryption Keys'' Proceedings of the 17th USENIX Security Symposium, July 28-August 1, 2008, San Jose, CA, USA 45–60 (2008).
https:/​/​doi.org/​10.1145/​1506409.1506429

[29] Michael Hutterand Jörn-Marc Schmidt ``The Temperature Side Channel and Heating Fault Attacks'' Smart Card Research and Advanced Applications - 12th International Conference, CARDIS 2013, Berlin, Germany, November 27-29, 2013. Revised Selected Papers 8419, 219–235 (2013).
https:/​/​doi.org/​10.1007/​978-3-319-08302-5_15

[30] Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, and Amit Sahai, ``Zero-Knowledge Proofs from Secure Multiparty Computation'' SIAM J. Comput. 39, 1121–1152 (2009).
https:/​/​doi.org/​10.1137/​080725398

[31] Zhengfeng Ji, Yi-Kai Liu, and Fang Song, ``Pseudorandom Quantum States'' Advances in Cryptology - CRYPTO 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018, Proceedings, Part III 10993, 126–152 (2018).
https:/​/​doi.org/​10.1007/​978-3-319-96878-0_5

[32] Elham Kashefi, Luka Music, and Petros Wallden, ``The Quantum Cut-and-Choose Technique and Quantum Two-Party Computation'' CoRR abs/​1703.03754 (2017).
https:/​/​doi.org/​10.48550/​ARXIV.1703.03754
arXiv:1703.03754

[33] Jonathan Katz, Vladimir Kolesnikov, and Xiao Wang, ``Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures'' Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, October 15-19, 2018 525–537 (2018).
https:/​/​doi.org/​10.1145/​3243734.3243805

[34] Julia Kempe, Alexei Y. Kitaev, and Oded Regev, ``The Complexity of the Local Hamiltonian Problem'' SIAM J. Comput. 35, 1070–1097 (2006).
https:/​/​doi.org/​10.1137/​S0097539704445226

[35] Julia Kempeand Oded Regev ``3-local Hamiltonian is QMA-complete'' Quantum Inf. Comput. 3, 258–264 (2003).
https:/​/​doi.org/​10.26421/​QIC3.3-7

[36] Alexei Y. Kitaev, A. H. Shen, and Mikhail N. Vyalyi, ``Classical and Quantum Computation'' American Mathematical Society (2002).
https:/​/​bookstore.ams.org/​gsm-47/​

[37] Alex Lombardiand Luke Schaeffer ``A Note on Key Agreement and Non-Interactive Commitments'' IACR Cryptol. ePrint Arch. 2019, 279 (2019).
https:/​/​eprint.iacr.org/​2019/​279

[38] Chris Peikert, Vinod Vaikuntanathan, and Brent Waters, ``A Framework for Efficient and Composable Oblivious Transfer'' Advances in Cryptology - CRYPTO 2008, 28th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 17-21, 2008. Proceedings 5157, 554–571 (2008).
https:/​/​doi.org/​10.1007/​978-3-540-85174-5_31

[39] Adam Smith ``Multi-party Quantum Computation'' CoRR abs/​0111030 (2026).
https:/​/​doi.org/​10.48550/​ARXIV.QUANT-PH/​0111030
arXiv:0111030

[40] Fabian Wiesnerand Anna Pappa ``Verified delegated quantum computation requires techniques beyond cut-and-choose'' CoRR abs/​2603.09368 (2026).
https:/​/​doi.org/​10.48550/​ARXIV.2603.09368
arXiv:2603.09368

[41] Fabian Wiesner, Ziad Chaoui, Diana Kessler, Anna Pappa, and Martti Karvonen, ``Why cut-and-choose quantum state verification cannot be both efficient and secure'' IACR Communications in Cryptology 2 (2026).
https:/​/​doi.org/​10.62056/​ay11c3c2h

[42] Salessawi Ferede Yitbarek, Misiker Tadesse Aga, Reetuparna Das, and Todd M. Austin, ``Cold Boot Attacks are Still Hot: Security Analysis of Memory Scramblers in Modern Processors'' 2017 IEEE International Symposium on High Performance Computer Architecture, HPCA 2017, Austin, TX, USA, February 4-8, 2017 313–324 (2017).
https:/​/​doi.org/​10.1109/​HPCA.2017.10

[43] Mark Zhandry ``How to Construct Quantum Random Functions'' 53rd Annual IEEE Symposium on Foundations of Computer Science, FOCS 2012, New Brunswick, NJ, USA, October 20-23, 2012 679–687 (2012).
https:/​/​doi.org/​10.1109/​FOCS.2012.37

[44] Mark Zhandry ``Secure Identity-Based Encryption in the Quantum Random Oracle Model'' Advances in Cryptology - CRYPTO 2012 - 32nd Annual Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2012. Proceedings 7417, 758–775 (2012).
https:/​/​doi.org/​10.1007/​978-3-642-32009-5_44

Cited by

Could not fetch Crossref cited-by data during last attempt 2026-07-15 13:49:15: Could not fetch cited-by data for 10.22331/q-2026-07-15-2161 from Crossref. This is normal if the DOI was registered recently. On SAO/NASA ADS no data on citing works was found (last attempt 2026-07-15 13:49:15).