Quantum Key Leasing for PKE and FHE with a Classical Lessor

TL;DR

This paper introduces a secure quantum key leasing scheme for classical public-key encryption that leverages quantum unclonability, enabling reusability and provable deletion with only classical communication under standard assumptions.

Contribution

It presents the first scheme based on standard assumptions that allows secure leasing and deletion of classical encryption keys using quantum properties.

Findings

Scheme achieves security based on LWE assumption.

Uses only classical communication between client and server.

Enables provable deletion of leased keys.

Abstract

In this work, we consider the problem of secure key leasing, also known as revocable cryptography (Agarwal et. al. Eurocrypt' 23, Ananth et. al. TCC' 23), as a strengthened security notion of its predecessor put forward in Ananth et. al. Eurocrypt' 21. This problem aims to leverage unclonable nature of quantum information to allow a lessor to lease a quantum key with reusability for evaluating a classical functionality. Later, the lessor can request the lessee to provably delete the key and then the lessee will be completely deprived of the capability to evaluate. In this work, we construct a secure key leasing scheme to lease a decryption key of a (classical) public-key, homomorphic encryption scheme from standard lattice assumptions. We achieve strong form of security where: * The entire protocol uses only classical communication between a classical lessor (client) and a quantum lessee (server). * Assuming standard assumptions, our security definition ensures that every computationally bounded quantum adversary could not simultaneously provide a valid classical deletion certificate and yet distinguish ciphertexts. Our security relies on the hardness of learning with errors assumption. Our scheme is the first scheme to be based on a standard assumption and satisfying the two properties above.