0

In classical cryptography, security proofs are often based on the (assumed) computational hardness of some mathematical problem. Using the principles of quantum mechanics might provide means to design cryptographic protocols for which it is impossible to realise them classically (information-theoretically) securely. But is there also a notion of computational security in quantum cryptography (assuming a polynomial-time quantum adversary) where fully quantum information is being processed to begin with? Why does or doesn't this notion of security make sense?

thanks for your reply; I edited my question for some clarification. My question here would be whether "fully" quantum protocols that process arbitrary quantum information existed that are secure against computationally bounded quantum-adversaries. – jgerrit – 2020-07-08T09:23:41.880

How do you define a "fully" quantum protocol? I'm guessing you want some sort of trapdoor function based on an algorithm that cannot (to the best of our knowledge) be implemented efficiently on a classical computer? I imagine you

could(and somebody probably has) define a public key crypto system based on a QMA-complete problem. But it would come with the same sorts of caveats that come with a post-quantum public key crypto system based on NP-complete problems. – DaftWullie – 2020-07-08T09:35:49.800explicitly I am interested in protocols that process quantum information to begin with. To the best of my knowledge, post-quantum crypto aims at finding classical protocols (that process/ secure classical information) against quantum adversaries. For example, I am interested in quantum secret sharing schemes or multi-party quantum computation protocols that start with quantum inputs and whether there are protocols that are secure only against comp. bounded quantum adversaries. – jgerrit – 2020-07-08T09:54:01.963