How to encrypt a quantum state
Encryption of classical data is ubiquitous in everyday life. As quantum computation and communication gains wider use, encryption of quantum data is likely to become important as well. Until recently, the theory of quantum encryption was fairly limited, consisting primarily of the quantum analogue of the one-time pad. In this talk, I will discuss how to place quantum encryption on the same foundations as classical encryption, and how to translate many of the great achievements of classical encryption theory to the quantum setting. This includes quantum encryption schemes which satisfy a natural notion of semantic security against chosen-plaintext and non-adaptive chosen-ciphertext attacks. I will briefly mention applications of these schemes to impossibility proofs for quantum black-box obfuscation. Finally, I will discuss how to make these quantum encryption schemes immune to forgery, manipulation of ciphertexts, and adaptive chosen-ciphertext attacks. The talk is based on several joint works, with collaborators A. Broadbent, B. Fefferman, T. Gagliardoni, C. Schaffner and M. St. Jules.