285 research outputs found
Computationally-Secure and Composable Remote State Preparation
We introduce a protocol between a classical polynomial-time verifier and a quantum polynomial-time prover that allows the verifier to securely delegate to the prover the preparation of certain single-qubit quantum states The prover is unaware of which state he received and moreover, the verifier can check with high confidence whether the preparation was successful. The delegated preparation of single-qubit states is an elementary building block in many quantum cryptographic protocols. We expect our implementation of "random remote state preparation with verification", a functionality first defined in (Dunjko and Kashefi 2014), to be useful for removing the need for quantum communication in such protocols while keeping functionality. The main application that we detail is to a protocol for blind and verifiable delegated quantum computation (DQC) that builds on the work of (Fitzsimons and Kashefi 2018), who provided such a protocol with quantum communication. Recently, both blind an verifiable DQC were shown to be possible, under computational assumptions, with a classical polynomial-time client (Mahadev 2017, Mahadev 2018). Compared to the work of Mahadev, our protocol is more modular, applies to the measurement-based model of computation (instead of the Hamiltonian model) and is composable. Our proof of security builds on ideas introduced in (Brakerski et al. 2018)
Computationally-Secure and Composable Remote State Preparation
We introduce a protocol between a classical polynomial-time verifier and a quantum polynomial-time prover that allows the verifier to securely delegate to the prover the preparation of certain single-qubit quantum states The prover is unaware of which state he received and moreover, the verifier can check with high confidence whether the preparation was successful. The delegated preparation of single-qubit states is an elementary building block in many quantum cryptographic protocols. We expect our implementation of "random remote state preparation with verification", a functionality first defined in (Dunjko and Kashefi 2014), to be useful for removing the need for quantum communication in such protocols while keeping functionality. The main application that we detail is to a protocol for blind and verifiable delegated quantum computation (DQC) that builds on the work of (Fitzsimons and Kashefi 2018), who provided such a protocol with quantum communication. Recently, both blind an verifiable DQC were shown to be possible, under computational assumptions, with a classical polynomial-time client (Mahadev 2017, Mahadev 2018). Compared to the work of Mahadev, our protocol is more modular, applies to the measurement-based model of computation (instead of the Hamiltonian model) and is composable. Our proof of security builds on ideas introduced in (Brakerski et al. 2018)
Security Limitations of Classical-Client Delegated Quantum Computing
Secure delegated quantum computing allows a computationally weak client to
outsource an arbitrary quantum computation to an untrusted quantum server in a
privacy-preserving manner. One of the promising candidates to achieve classical
delegation of quantum computation is classical-client remote state preparation
(), where a client remotely prepares a quantum state using a
classical channel. However, the privacy loss incurred by employing
as a sub-module is unclear.
In this work, we investigate this question using the Constructive
Cryptography framework by Maurer and Renner (ICS'11). We first identify the
goal of as the construction of ideal RSP resources from classical
channels and then reveal the security limitations of using . First,
we uncover a fundamental relationship between constructing ideal RSP resources
(from classical channels) and the task of cloning quantum states. Any
classically constructed ideal RSP resource must leak to the server the full
classical description (possibly in an encoded form) of the generated quantum
state, even if we target computational security only. As a consequence, we find
that the realization of common RSP resources, without weakening their
guarantees drastically, is impossible due to the no-cloning theorem. Second,
the above result does not rule out that a specific protocol can
replace the quantum channel at least in some contexts, such as the Universal
Blind Quantum Computing (UBQC) protocol of Broadbent et al. (FOCS '09).
However, we show that the resulting UBQC protocol cannot maintain its proven
composable security as soon as is used as a subroutine. Third, we
show that replacing the quantum channel of the above UBQC protocol by the
protocol QFactory of Cojocaru et al. (Asiacrypt '19), preserves the
weaker, game-based, security of UBQC.Comment: 40 pages, 12 figure
Asymmetric quantum secure multi-party computation with weak clients against dishonest majority
Secure multi-party computation (SMPC) protocols allow several parties that distrust each other to collectively compute a function on their inputs. In this paper, we introduce a protocol that lifts classical SMPC to quantum SMPC in a composably and statistically secure way, even for a single honest party. Unlike previous quantum SMPC protocols, our proposal only requires very limited quantum resources from all but one party; it suffices that the weak parties, i.e. the clients, are able to prepare single-qubit states in the X-Y plane. The novel quantum SMPC protocol is constructed in a naturally modular way, and relies on a new technique for quantum verification that is of independent interest. This verification technique requires the remote preparation of states only in a single plane of the Bloch sphere. In the course of proving the security of the new verification protocol, we also uncover a fundamental invariance that is inherent to measurement-based quantum computing
QEnclave - A practical solution for secure quantum cloud computing
We introduce a secure hardware device named a QEnclave that can secure the
remote execution of quantum operations while only using classical controls.
This device extends to quantum computing the classical concept of a secure
enclave which isolates a computation from its environment to provide privacy
and tamper-resistance. Remarkably, our QEnclave only performs single-qubit
rotations, but can nevertheless be used to secure an arbitrary quantum
computation even if the qubit source is controlled by an adversary. More
precisely, attaching a QEnclave to a quantum computer, a remote client
controlling the QEnclave can securely delegate its computation to the server
solely using classical communication. We investigate the security of our
QEnclave by modeling it as an ideal functionality named Remote State Rotation.
We show that this resource, similar to previously introduced functionality of
remote state preparation, allows blind delegated quantum computing with perfect
security. Our proof relies on standard tools from delegated quantum computing.
Working in the Abstract Cryptography framework, we show a construction of
remote state preparation from remote state rotation preserving the security. An
immediate consequence is the weakening of the requirements for blind delegated
computation. While previous delegated protocols were relying on a client that
can either generate or measure quantum states, we show that this same
functionality can be achieved with a client that only transforms quantum states
without generating or measuring them.Comment: 25 pages, 5 figure
Composable security of delegated quantum computation
Delegating difficult computations to remote large computation facilities,
with appropriate security guarantees, is a possible solution for the
ever-growing needs of personal computing power. For delegated computation
protocols to be usable in a larger context---or simply to securely run two
protocols in parallel---the security definitions need to be composable. Here,
we define composable security for delegated quantum computation. We distinguish
between protocols which provide only blindness---the computation is hidden from
the server---and those that are also verifiable---the client can check that it
has received the correct result. We show that the composable security
definition capturing both these notions can be reduced to a combination of
several distinct "trace-distance-type" criteria---which are, individually,
non-composable security definitions.
Additionally, we study the security of some known delegated quantum
computation protocols, including Broadbent, Fitzsimons and Kashefi's Universal
Blind Quantum Computation protocol. Even though these protocols were originally
proposed with insufficient security criteria, they turn out to still be secure
given the stronger composable definitions.Comment: 37+9 pages, 13 figures. v3: minor changes, new references. v2:
extended the reduction between composable and local security to include
entangled inputs, substantially rewritten the introduction to the Abstract
Cryptography (AC) framewor
Classical secure delegation of quantum computations
The rapid evolution of quantum technologies is likely to cause major shifts in the
mainstream computing landscape. In order to fully reach their potential in a wide base
accessible to any user, remote access of quantum computers and manipulation of data
with strong privacy and integrity guarantees are essential.
Consider a setting where a client having a fully classical computer wants to determine the result of some quantum computation, but lacks the necessary resources
to perform the computation herself. She has access to a more powerful server which
has quantum resources and can solve the problem and send the outcome back to the
client. However, the client does not trust the powerful server, so she needs to find a
way to hide her data. Therefore, the main question that arises is how can we guarantee the client’s privacy of the input and even the computation itself against the server
possessing quantum computational capabilities.
In the present thesis, we study this problem, denoted here as classical secure delegation of quantum computations (CSDQC) between a fully classical honest client and
a quantum untrusted server. We focus on different models of security, analyzing the
limitations and potential of each of the settings. Concretely, we first study the CSDQC
problem under information-theoretic security. We analyse two categories of quantum
computations, decision and sampling problems and in both cases we provide evidence
indicating the impossibility of achieving information-theoretic security. Subsequently,
we consider relaxing the security framework and specifically, we will analyze this task
in the computational security setting (against quantum polynomial-time adversaries).
As a result, in the second part of the thesis we put forward the remote state preparation as a key component that would allow us to achieve classical secure delegation of
universal quantum computations. We present two protocols realizing the remote state
preparation primitive assuming only a classical channel between client and server. The
first candidate is shown to be secure in the honest-but-curious model, while the second
candidate is proven secure against the server in the malicious setting. The security of
both constructions relies on the hardness of the learning with errors problem. Finally,
given the important role the remote state preparation plays not only in CSDQC, but also
in other quantum communication protocols, we analyze its composable security to determine the privacy loss as a result of using remote state preparation as a sub-module
in different protocols
Quantum cryptography: key distribution and beyond
Uniquely among the sciences, quantum cryptography has driven both
foundational research as well as practical real-life applications. We review
the progress of quantum cryptography in the last decade, covering quantum key
distribution and other applications.Comment: It's a review on quantum cryptography and it is not restricted to QK
- …