Is it possible to comprehensively destroy a piece of quantum information, so that nothing is left behind except the memory of whether one had it at one point? For example, various works, most recently Morimae, Poremba, and Yamakawa (TQC 2024), show how to construct a signature scheme with certified deletion where a user who deletes a signature on m cannot later produce a signature for m. However, in all of the existing schemes, even after deletion the user is still able keep irrefutable evidence that m was signed, and thus they do not fully capture the spirit of deletion. In this work, we initiate the study of certified deniability in order to obtain a more comprehensive notion of deletion. Certified deniability uses a simulation-based security definition, ensuring that any information the user has kept after deletion could have been learned without being given the deleteable object to begin with; meaning that deletion leaves no trace behind! We define and construct two non-interactive primitives that satisfy certified deniability in the quantum random oracle model: signatures and non-interactive zero-knowledge arguments (NIZKs). As a consequence, for example, it is not possible to delete a signature/NIZK and later provide convincing evidence that it used to exist. Notably, our results utilize uniquely quantum phenomena to bypass the celebrated result of Pass (CRYPTO, 2003) showing that deniable NIZKs are impossible even in the random oracle model.

翻译：是否有可能彻底销毁一段量子信息，使得除了“某人曾拥有过它”这一记忆外，不留任何痕迹？例如，近期Morimae、Poremba和Yamakawa（TQC 2024）等多项研究表明，如何构建一种具有可验证删除功能的签名方案，使得删除者对消息m的签名后，无法再为m生成签名。然而，在所有现有方案中，即使用户执行了删除操作，其仍能保留m曾被签名的不可辩驳证据，因此未能完全体现删除的本质精神。在本研究中，我们首次提出对可验证可否认性的研究，以期获得更全面的删除概念。可验证可否认性采用基于模拟的安全性定义，确保用户在删除后保留的任何信息，本就可以在不获得可删除对象的情况下习得；这意味着删除操作不会留下任何痕迹！我们定义并构建了两种在量子随机预言机模型中满足可验证可否认性的非交互式原语：签名方案和非交互式零知识论证（NIZK）。由此带来的结果是，例如，用户无法在删除签名/NIZK后，再提供令人信服的证据证明其曾经存在。值得注意的是，我们的成果利用独特的量子现象，绕过了Pass（CRYPTO, 2003）提出的著名结论——该结论表明即使在随机预言机模型中，可否认的NIZK也是不可能实现的。