Limitations on Uncloneable Encryption and Simultaneous One-Way-to-Hiding

TL;DR

This paper investigates the fundamental limitations of uncloneable quantum encryption schemes for classical messages, providing explicit attacks, characterizations, and bounds that challenge their security assumptions.

Contribution

It offers new explicit attacks, characterizes minimal success probabilities, and establishes lower bounds on ciphertext complexity in uncloneable quantum encryption.

Findings

Explicit cloning-indistinguishable attack with success probability above 1/2

Minimal success probability characterization for uniform message distribution

Ciphertext rank must grow at least logarithmically for security

Abstract

We study uncloneable quantum encryption schemes for classical messages as recently proposed by Broadbent and Lord. We focus on the information-theoretic setting and give several limitations on the structure and security of these schemes: Concretely, 1) We give an explicit cloning-indistinguishable attack that succeeds with probability $\frac12 + \mu/16$ where $\mu$ is related to the largest eigenvalue of the resulting quantum ciphertexts. 2) For a uniform message distribution, we partially characterize the scheme with the minimal success probability for cloning attacks. 3) Under natural symmetry conditions, we prove that the rank of the ciphertext density operators has to grow at least logarithmically in the number of messages to ensure uncloneable security. 4) The \emph{simultaneous} one-way-to-hiding (O2H) lemma is an important technique in recent works on uncloneable encryption and quantum copy protection. We give an explicit example which shatters the hope of reducing the multiplicative "security loss" constant in this lemma to below 9/8.