In this work, we consider the problem of secure key leasing, also known as revocable cryptography (Agarwal et. al. Eurocrypt' 23, Ananth et. al. TCC' 23), as a strengthened security notion of its predecessor put forward in Ananth et. al. Eurocrypt' 21. This problem aims to leverage unclonable nature of quantum information to allow a lessor to lease a quantum key with reusability for evaluating a classical functionality. Later, the lessor can request the lessee to provably delete the key and then the lessee will be completely deprived of the capability to evaluate. In this work, we construct a secure key leasing scheme to lease a decryption key of a (classical) public-key, homomorphic encryption scheme from standard lattice assumptions. We achieve strong form of security where: * The entire protocol uses only classical communication between a classical lessor (client) and a quantum lessee (server). * Assuming standard assumptions, our security definition ensures that every computationally bounded quantum adversary could not simultaneously provide a valid classical deletion certificate and yet distinguish ciphertexts. Our security relies on the hardness of learning with errors assumption. Our scheme is the first scheme to be based on a standard assumption and satisfying the two properties above.

翻译：本文研究安全密钥租赁问题（亦称可撤销密码学，Agarwal 等，Eurocrypt'23；Ananth 等，TCC'23），作为其前序工作（Ananth 等，Eurocrypt'21）所提出概念的强化安全定义。该问题旨在利用量子信息的不可克隆特性，使出租人能够租赁可重复使用的量子密钥以评估经典功能。随后，出租人可要求承租人可证明地删除该密钥，承租人将完全丧失评估能力。本文基于标准格假设，构建了一个安全密钥租赁方案，用于租赁（经典）公钥同态加密方案的解密密钥。我们实现了强安全性保障：* 整个协议仅需经典出租人（客户端）与量子承租人（服务器）之间的经典通信。* 在标准假设下，我们的安全定义确保每个计算有界的量子敌手无法同时提供有效的经典删除证书并区分密文。本方案的安全性依赖于带误差学习问题的困难性。该方案是首个同时满足上述两个特性且基于标准假设的构造。