996 research outputs found
Quantum-enhanced Secure Delegated Classical Computing
We present a quantumly-enhanced protocol to achieve unconditionally secure
delegated classical computation where the client and the server have both
limited classical and quantum computing capacity. We prove the same task cannot
be achieved using only classical protocols. This extends the work of Anders and
Browne on the computational power of correlations to a security setting.
Concretely, we present how a client with access to a non-universal classical
gate such as a parity gate could achieve unconditionally secure delegated
universal classical computation by exploiting minimal quantum gadgets. In
particular, unlike the universal blind quantum computing protocols, the
restriction of the task to classical computing removes the need for a full
universal quantum machine on the side of the server and makes these new
protocols readily implementable with the currently available quantum technology
in the lab
Quantum Cryptography Beyond Quantum Key Distribution
Quantum cryptography is the art and science of exploiting quantum mechanical
effects in order to perform cryptographic tasks. While the most well-known
example of this discipline is quantum key distribution (QKD), there exist many
other applications such as quantum money, randomness generation, secure two-
and multi-party computation and delegated quantum computation. Quantum
cryptography also studies the limitations and challenges resulting from quantum
adversaries---including the impossibility of quantum bit commitment, the
difficulty of quantum rewinding and the definition of quantum security models
for classical primitives. In this review article, aimed primarily at
cryptographers unfamiliar with the quantum world, we survey the area of
theoretical quantum cryptography, with an emphasis on the constructions and
limitations beyond the realm of QKD.Comment: 45 pages, over 245 reference
Flow Ambiguity: A Path Towards Classically Driven Blind Quantum Computation
Blind quantum computation protocols allow a user to delegate a computation to
a remote quantum computer in such a way that the privacy of their computation
is preserved, even from the device implementing the computation. To date, such
protocols are only known for settings involving at least two quantum devices:
either a user with some quantum capabilities and a remote quantum server or two
or more entangled but noncommunicating servers. In this work, we take the first
step towards the construction of a blind quantum computing protocol with a
completely classical client and single quantum server. Specifically, we show
how a classical client can exploit the ambiguity in the flow of information in
measurement-based quantum computing to construct a protocol for hiding critical
aspects of a computation delegated to a remote quantum computer. This ambiguity
arises due to the fact that, for a fixed graph, there exist multiple choices of
the input and output vertex sets that result in deterministic measurement
patterns consistent with the same fixed total ordering of vertices. This allows
a classical user, computing only measurement angles, to drive a
measurement-based computation performed on a remote device while hiding
critical aspects of the computation.Comment: (v3) 14 pages, 6 figures. expands introduction and definition of
flow, corrects typos to increase readability; contains a new figure to
illustrate example run of CDBQC protocol; minor changes to match the
published version.(v2) 12 pages, 5 figures. Corrects motivation for
quantities used in blindness analysi
Universal blind quantum computation
We present a protocol which allows a client to have a server carry out a
quantum computation for her such that the client's inputs, outputs and
computation remain perfectly private, and where she does not require any
quantum computational power or memory. The client only needs to be able to
prepare single qubits randomly chosen from a finite set and send them to the
server, who has the balance of the required quantum computational resources.
Our protocol is interactive: after the initial preparation of quantum states,
the client and server use two-way classical communication which enables the
client to drive the computation, giving single-qubit measurement instructions
to the server, depending on previous measurement outcomes. Our protocol works
for inputs and outputs that are either classical or quantum. We give an
authentication protocol that allows the client to detect an interfering server;
our scheme can also be made fault-tolerant.
We also generalize our result to the setting of a purely classical client who
communicates classically with two non-communicating entangled servers, in order
to perform a blind quantum computation. By incorporating the authentication
protocol, we show that any problem in BQP has an entangled two-prover
interactive proof with a purely classical verifier.
Our protocol is the first universal scheme which detects a cheating server,
as well as the first protocol which does not require any quantum computation
whatsoever on the client's side. The novelty of our approach is in using the
unique features of measurement-based quantum computing which allows us to
clearly distinguish between the quantum and classical aspects of a quantum
computation.Comment: 20 pages, 7 figures. This version contains detailed proofs of
authentication and fault tolerance. It also contains protocols for quantum
inputs and outputs and appendices not available in the published versio
Complexity-Theoretic Limitations on Blind Delegated Quantum Computation
Blind delegation protocols allow a client to delegate a computation to a
server so that the server learns nothing about the input to the computation
apart from its size. For the specific case of quantum computation we know that
blind delegation protocols can achieve information-theoretic security. In this
paper we prove, provided certain complexity-theoretic conjectures are true,
that the power of information-theoretically secure blind delegation protocols
for quantum computation (ITS-BQC protocols) is in a number of ways constrained.
In the first part of our paper we provide some indication that ITS-BQC
protocols for delegating computations in which the client and the
server interact only classically are unlikely to exist. We first show that
having such a protocol with bits of classical communication implies
that . We conjecture that this
containment is unlikely by providing an oracle relative to which . We then show that if an ITS-BQC protocol
exists with polynomial classical communication and which allows the client to
delegate quantum sampling problems, then there exist non-uniform circuits of
size , making polynomially-sized queries to
an oracle, for computing the permanent of an matrix.
The second part of our paper concerns ITS-BQC protocols in which the client and
the server engage in one round of quantum communication and then exchange
polynomially many classical messages. First, we provide a complexity-theoretic
upper bound on the types of functions that could be delegated in such a
protocol, namely . Then, we show that
having such a protocol for delegating -hard functions implies
.Comment: Improves upon, supersedes and corrects our earlier submission, which
previously included an error in one of the main theorem
Sumcheck-based delegation of quantum computing to rational server
Delegated quantum computing enables a client with a weak computational power
to delegate quantum computing to a remote quantum server in such a way that the
integrity of the server is efficiently verified by the client. Recently, a new
model of delegated quantum computing has been proposed, namely, rational
delegated quantum computing. In this model, after the client interacts with the
server, the client pays a reward to the server. The rational server sends
messages that maximize the expected value of the reward. It is known that the
classical client can delegate universal quantum computing to the rational
quantum server in one round. In this paper, we propose novel one-round rational
delegated quantum computing protocols by generalizing the classical rational
sumcheck protocol. The construction of the previous rational protocols depends
on gate sets, while our sumcheck technique can be easily realized with any
local gate set. Furthermore, as with the previous protocols, our reward
function satisfies natural requirements. We also discuss the reward gap. Simply
speaking, the reward gap is a minimum loss on the expected value of the
server's reward incurred by the server's behavior that makes the client accept
an incorrect answer. Although our sumcheck-based protocols have only
exponentially small reward gaps as with the previous protocols, we show that a
constant reward gap can be achieved if two non-communicating but entangled
rational servers are allowed. We also discuss that a single rational server is
sufficient under the (widely-believed) assumption that the learning-with-errors
problem is hard for polynomial-time quantum computing. Apart from these
results, we show, under a certain condition, the equivalence between
and delegated quantum computing protocols. Based on this
equivalence, we give a reward-gap amplification method.Comment: 28 pages, 1 figure, Because of the character limitation, the abstract
was shortened compared with the PDF fil
Classical secure delegation of quantum computations
The rapid evolution of quantum technologies is likely to cause major shifts in the
mainstream computing landscape. In order to fully reach their potential in a wide base
accessible to any user, remote access of quantum computers and manipulation of data
with strong privacy and integrity guarantees are essential.
Consider a setting where a client having a fully classical computer wants to determine the result of some quantum computation, but lacks the necessary resources
to perform the computation herself. She has access to a more powerful server which
has quantum resources and can solve the problem and send the outcome back to the
client. However, the client does not trust the powerful server, so she needs to find a
way to hide her data. Therefore, the main question that arises is how can we guarantee the client’s privacy of the input and even the computation itself against the server
possessing quantum computational capabilities.
In the present thesis, we study this problem, denoted here as classical secure delegation of quantum computations (CSDQC) between a fully classical honest client and
a quantum untrusted server. We focus on different models of security, analyzing the
limitations and potential of each of the settings. Concretely, we first study the CSDQC
problem under information-theoretic security. We analyse two categories of quantum
computations, decision and sampling problems and in both cases we provide evidence
indicating the impossibility of achieving information-theoretic security. Subsequently,
we consider relaxing the security framework and specifically, we will analyze this task
in the computational security setting (against quantum polynomial-time adversaries).
As a result, in the second part of the thesis we put forward the remote state preparation as a key component that would allow us to achieve classical secure delegation of
universal quantum computations. We present two protocols realizing the remote state
preparation primitive assuming only a classical channel between client and server. The
first candidate is shown to be secure in the honest-but-curious model, while the second
candidate is proven secure against the server in the malicious setting. The security of
both constructions relies on the hardness of the learning with errors problem. Finally,
given the important role the remote state preparation plays not only in CSDQC, but also
in other quantum communication protocols, we analyze its composable security to determine the privacy loss as a result of using remote state preparation as a sub-module
in different protocols
- …