Recursive cheating strategies for the relativistic $F_Q$ bit commitment protocol

TL;DR

This paper analyzes the security of the relativistic $F_Q$ bit commitment protocol, revealing that classical cheating strategies can compromise it when the field size is an even power of a prime and the number of rounds is large.

Contribution

It introduces classical cheating strategies for the $F_Q$ scheme, showing the protocol's security limits are tight for certain field sizes and round numbers.

Findings

Cheating strategies are effective when $Q$ is an even prime power.

Security bounds are tight for large number of rounds relative to $ oot Q h root of Q$.

The protocol's security is compromised under specific conditions, matching previous upper bounds.

Abstract

In this paper, we study relativistic bit commitment, which uses timing and location constraints to achieve information theoretic security. We consider the $F_Q$ multi-round bit commitment scheme introduced by Lunghi et al. [LKB+15]. This protocol was shown secure against classical adversaries as long as the number of rounds $m$ is small compared to $\sqrt{Q}$ where $Q$ is the size of the used field in the protocol [CCL15,FF16]. In this work, we study classical attacks on this scheme. We use classical strategies for the $CHSH_Q$ game described in [BS15] to derive cheating strategies for this protocol. In particular, our cheating strategy shows that if $Q$ is an even power of any prime, then the protocol is not secure when the number of rounds $m$ is of the order of $\sqrt{Q}$. For those values of $Q$, this means that the upper bound of [CCL15,FF16] is essentially optimal.