112 research outputs found
Composable security of delegated quantum computation
Delegating difficult computations to remote large computation facilities,
with appropriate security guarantees, is a possible solution for the
ever-growing needs of personal computing power. For delegated computation
protocols to be usable in a larger context---or simply to securely run two
protocols in parallel---the security definitions need to be composable. Here,
we define composable security for delegated quantum computation. We distinguish
between protocols which provide only blindness---the computation is hidden from
the server---and those that are also verifiable---the client can check that it
has received the correct result. We show that the composable security
definition capturing both these notions can be reduced to a combination of
several distinct "trace-distance-type" criteria---which are, individually,
non-composable security definitions.
Additionally, we study the security of some known delegated quantum
computation protocols, including Broadbent, Fitzsimons and Kashefi's Universal
Blind Quantum Computation protocol. Even though these protocols were originally
proposed with insufficient security criteria, they turn out to still be secure
given the stronger composable definitions.Comment: 37+9 pages, 13 figures. v3: minor changes, new references. v2:
extended the reduction between composable and local security to include
entangled inputs, substantially rewritten the introduction to the Abstract
Cryptography (AC) framewor
QEnclave - A practical solution for secure quantum cloud computing
We introduce a secure hardware device named a QEnclave that can secure the
remote execution of quantum operations while only using classical controls.
This device extends to quantum computing the classical concept of a secure
enclave which isolates a computation from its environment to provide privacy
and tamper-resistance. Remarkably, our QEnclave only performs single-qubit
rotations, but can nevertheless be used to secure an arbitrary quantum
computation even if the qubit source is controlled by an adversary. More
precisely, attaching a QEnclave to a quantum computer, a remote client
controlling the QEnclave can securely delegate its computation to the server
solely using classical communication. We investigate the security of our
QEnclave by modeling it as an ideal functionality named Remote State Rotation.
We show that this resource, similar to previously introduced functionality of
remote state preparation, allows blind delegated quantum computing with perfect
security. Our proof relies on standard tools from delegated quantum computing.
Working in the Abstract Cryptography framework, we show a construction of
remote state preparation from remote state rotation preserving the security. An
immediate consequence is the weakening of the requirements for blind delegated
computation. While previous delegated protocols were relying on a client that
can either generate or measure quantum states, we show that this same
functionality can be achieved with a client that only transforms quantum states
without generating or measuring them.Comment: 25 pages, 5 figure
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Security Limitations of Classical-Client Delegated Quantum Computing
Secure delegated quantum computing allows a computationally weak client to
outsource an arbitrary quantum computation to an untrusted quantum server in a
privacy-preserving manner. One of the promising candidates to achieve classical
delegation of quantum computation is classical-client remote state preparation
(), where a client remotely prepares a quantum state using a
classical channel. However, the privacy loss incurred by employing
as a sub-module is unclear.
In this work, we investigate this question using the Constructive
Cryptography framework by Maurer and Renner (ICS'11). We first identify the
goal of as the construction of ideal RSP resources from classical
channels and then reveal the security limitations of using . First,
we uncover a fundamental relationship between constructing ideal RSP resources
(from classical channels) and the task of cloning quantum states. Any
classically constructed ideal RSP resource must leak to the server the full
classical description (possibly in an encoded form) of the generated quantum
state, even if we target computational security only. As a consequence, we find
that the realization of common RSP resources, without weakening their
guarantees drastically, is impossible due to the no-cloning theorem. Second,
the above result does not rule out that a specific protocol can
replace the quantum channel at least in some contexts, such as the Universal
Blind Quantum Computing (UBQC) protocol of Broadbent et al. (FOCS '09).
However, we show that the resulting UBQC protocol cannot maintain its proven
composable security as soon as is used as a subroutine. Third, we
show that replacing the quantum channel of the above UBQC protocol by the
protocol QFactory of Cojocaru et al. (Asiacrypt '19), preserves the
weaker, game-based, security of UBQC.Comment: 40 pages, 12 figure
Quantum-enhanced Secure Delegated Classical Computing
We present a quantumly-enhanced protocol to achieve unconditionally secure
delegated classical computation where the client and the server have both
limited classical and quantum computing capacity. We prove the same task cannot
be achieved using only classical protocols. This extends the work of Anders and
Browne on the computational power of correlations to a security setting.
Concretely, we present how a client with access to a non-universal classical
gate such as a parity gate could achieve unconditionally secure delegated
universal classical computation by exploiting minimal quantum gadgets. In
particular, unlike the universal blind quantum computing protocols, the
restriction of the task to classical computing removes the need for a full
universal quantum machine on the side of the server and makes these new
protocols readily implementable with the currently available quantum technology
in the lab
Quantum computing on encrypted data
The ability to perform computations on encrypted data is a powerful tool for
protecting privacy. Recently, protocols to achieve this on classical computing
systems have been found. Here we present an efficient solution to the quantum
analogue of this problem that enables arbitrary quantum computations to be
carried out on encrypted quantum data. We prove that an untrusted server can
implement a universal set of quantum gates on encrypted quantum bits (qubits)
without learning any information about the inputs, while the client, knowing
the decryption key, can easily decrypt the results of the computation. We
experimentally demonstrate, using single photons and linear optics, the
encryption and decryption scheme on a set of gates sufficient for arbitrary
quantum computations. Because our protocol requires few extra resources
compared to other schemes it can be easily incorporated into the design of
future quantum servers. These results will play a key role in enabling the
development of secure distributed quantum systems
Asymmetric Quantum Secure Multi-Party Computation With Weak Clients Against Dishonest Majority
Secure multi-party computation (SMPC) protocols allow several parties that distrust each other to collectively compute a function on their inputs. In this paper, we introduce a protocol that lifts classical SMPC to quantum SMPC in a composably and statistically secure way, even for a single honest party. Unlike previous quantum SMPC protocols, our proposal only requires very limited quantum resources from all but one party; it suffices that the weak parties, i.e. the clients, are able to prepare single-qubit states in the X-Y plane.
The novel quantum SMPC protocol is constructed in a naturally modular way, and relies on a new technique for quantum verification that is of independent interest. This verification technique requires the remote preparation of states only in a single plane of the Bloch sphere. In the course of proving the security of the new verification protocol, we also uncover a fundamental invariance that is inherent to measurement-based quantum computing
- …