928 research outputs found
Classical Homomorphic Encryption for Quantum Circuits
We present the first leveled fully homomorphic encryption scheme for quantum
circuits with classical keys. The scheme allows a classical client to blindly
delegate a quantum computation to a quantum server: an honest server is able to
run the computation while a malicious server is unable to learn any information
about the computation. We show that it is possible to construct such a scheme
directly from a quantum secure classical homomorphic encryption scheme with
certain properties. Finally, we show that a classical homomorphic encryption
scheme with the required properties can be constructed from the learning with
errors problem
Quantum homomorphic encryption for circuits of low -gate complexity
Fully homomorphic encryption is an encryption method with the property that
any computation on the plaintext can be performed by a party having access to
the ciphertext only. Here, we formally define and give schemes for quantum
homomorphic encryption, which is the encryption of quantum information such
that quantum computations can be performed given the ciphertext only. Our
schemes allows for arbitrary Clifford group gates, but become inefficient for
circuits with large complexity, measured in terms of the non-Clifford portion
of the circuit (we use the "" non-Clifford group gate, which is also
known as the -gate).
More specifically, two schemes are proposed: the first scheme has a
decryption procedure whose complexity scales with the square of the number of
-gates (compared with a trivial scheme in which the complexity scales with
the total number of gates); the second scheme uses a quantum evaluation key of
length given by a polynomial of degree exponential in the circuit's -gate
depth, yielding a homomorphic scheme for quantum circuits with constant
-depth. Both schemes build on a classical fully homomorphic encryption
scheme.
A further contribution of ours is to formally define the security of
encryption schemes for quantum messages: we define quantum indistinguishability
under chosen plaintext attacks in both the public and private-key settings. In
this context, we show the equivalence of several definitions.
Our schemes are the first of their kind that are secure under modern
cryptographic definitions, and can be seen as a quantum analogue of classical
results establishing homomorphic encryption for circuits with a limited number
of multiplication gates. Historically, such results appeared as precursors to
the breakthrough result establishing classical fully homomorphic encryption
Delegating Quantum Computation in the Quantum Random Oracle Model
A delegation scheme allows a computationally weak client to use a server's
resources to help it evaluate a complex circuit without leaking any information
about the input (other than its length) to the server. In this paper, we
consider delegation schemes for quantum circuits, where we try to minimize the
quantum operations needed by the client. We construct a new scheme for
delegating a large circuit family, which we call "C+P circuits". "C+P" circuits
are the circuits composed of Toffoli gates and diagonal gates. Our scheme is
non-interactive, requires very little quantum computation from the client
(proportional to input length but independent of the circuit size), and can be
proved secure in the quantum random oracle model, without relying on additional
assumptions, such as the existence of fully homomorphic encryption. In practice
the random oracle can be replaced by an appropriate hash function or block
cipher, for example, SHA-3, AES.
This protocol allows a client to delegate the most expensive part of some
quantum algorithms, for example, Shor's algorithm. The previous protocols that
are powerful enough to delegate Shor's algorithm require either many rounds of
interactions or the existence of FHE. The protocol requires asymptotically
fewer quantum gates on the client side compared to running Shor's algorithm
locally.
To hide the inputs, our scheme uses an encoding that maps one input qubit to
multiple qubits. We then provide a novel generalization of classical garbled
circuits ("reversible garbled circuits") to allow the computation of Toffoli
circuits on this encoding. We also give a technique that can support the
computation of phase gates on this encoding.
To prove the security of this protocol, we study key dependent message(KDM)
security in the quantum random oracle model. KDM security was not previously
studied in quantum settings.Comment: 41 pages, 1 figures. Update to be consistent with the proceeding
versio
Experimental Demonstration of Quantum Fully Homomorphic Encryption with Application in a Two-Party Secure Protocol
A fully homomorphic encryption system hides data from unauthorized parties while still allowing them to perform computations on the encrypted data. Aside from the straightforward benefit of allowing users to delegate computations to a more powerful server without revealing their inputs, a fully homomorphic cryptosystem can be used as a building block in the construction of a number of cryptographic functionalities. Designing such a scheme remained an open problem until 2009, decades after the idea was first conceived, and the past few years have seen the generalization of this functionality to the world of quantum machines. Quantum schemes prior to the one implemented here were able to replicate some features in particular use cases often associated with homomorphic encryption but lacked other crucial properties, for example, relying on continual interaction to perform a computation or leaking information about the encrypted data. We present the first experimental realization of a quantum fully homomorphic encryption scheme. To demonstrate the versatility of a a quantum fully homomorphic encryption scheme, we further present a toy two-party secure computation task enabled by our scheme
Quantum Fully Homomorphic Encryption With Verification
Fully-homomorphic encryption (FHE) enables computation on encrypted data
while maintaining secrecy. Recent research has shown that such schemes exist
even for quantum computation. Given the numerous applications of classical FHE
(zero-knowledge proofs, secure two-party computation, obfuscation, etc.) it is
reasonable to hope that quantum FHE (or QFHE) will lead to many new results in
the quantum setting. However, a crucial ingredient in almost all applications
of FHE is circuit verification. Classically, verification is performed by
checking a transcript of the homomorphic computation. Quantumly, this strategy
is impossible due to no-cloning. This leads to an important open question: can
quantum computations be delegated and verified in a non-interactive manner? In
this work, we answer this question in the affirmative, by constructing a scheme
for QFHE with verification (vQFHE). Our scheme provides authenticated
encryption, and enables arbitrary polynomial-time quantum computations without
the need of interaction between client and server. Verification is almost
entirely classical; for computations that start and end with classical states,
it is completely classical. As a first application, we show how to construct
quantum one-time programs from classical one-time programs and vQFHE.Comment: 30 page
Experimental Demonstration of Quantum Fully Homomorphic Encryption with Application in a Two-Party Secure Protocol
A fully homomorphic encryption system hides data from unauthorized parties,
while still allowing them to perform computations on the encrypted data. Aside
from the straightforward benefit of allowing users to delegate computations to
a more powerful server without revealing their inputs, a fully homomorphic
cryptosystem can be used as a building block in the construction of a number of
cryptographic functionalities. Designing such a scheme remained an open problem
until 2009, decades after the idea was first conceived, and the past few years
have seen the generalization of this functionality to the world of quantum
machines. Quantum schemes prior to the one implemented here were able to
replicate some features in particular use-cases often associated with
homomorphic encryption but lacked other crucial properties, for example,
relying on continual interaction to perform a computation or leaking
information about the encrypted data. We present the first experimental
realisation of a quantum fully homomorphic encryption scheme. We further
present a toy two-party secure computation task enabled by our scheme. Finally,
as part of our implementation, we also demonstrate a post-selective two-qubit
linear optical controlled-phase gate with a much higher post-selection success
probability (1/2) when compared to alternate implementations, e.g. with
post-selective controlled- or controlled- gates (1/9).Comment: 11 pages, 16 figures, 2 table
- …