57 research outputs found
Flow Ambiguity: A Path Towards Classically Driven Blind Quantum Computation
Blind quantum computation protocols allow a user to delegate a computation to
a remote quantum computer in such a way that the privacy of their computation
is preserved, even from the device implementing the computation. To date, such
protocols are only known for settings involving at least two quantum devices:
either a user with some quantum capabilities and a remote quantum server or two
or more entangled but noncommunicating servers. In this work, we take the first
step towards the construction of a blind quantum computing protocol with a
completely classical client and single quantum server. Specifically, we show
how a classical client can exploit the ambiguity in the flow of information in
measurement-based quantum computing to construct a protocol for hiding critical
aspects of a computation delegated to a remote quantum computer. This ambiguity
arises due to the fact that, for a fixed graph, there exist multiple choices of
the input and output vertex sets that result in deterministic measurement
patterns consistent with the same fixed total ordering of vertices. This allows
a classical user, computing only measurement angles, to drive a
measurement-based computation performed on a remote device while hiding
critical aspects of the computation.Comment: (v3) 14 pages, 6 figures. expands introduction and definition of
flow, corrects typos to increase readability; contains a new figure to
illustrate example run of CDBQC protocol; minor changes to match the
published version.(v2) 12 pages, 5 figures. Corrects motivation for
quantities used in blindness analysi
Delegating Quantum Computation in the Quantum Random Oracle Model
A delegation scheme allows a computationally weak client to use a server's
resources to help it evaluate a complex circuit without leaking any information
about the input (other than its length) to the server. In this paper, we
consider delegation schemes for quantum circuits, where we try to minimize the
quantum operations needed by the client. We construct a new scheme for
delegating a large circuit family, which we call "C+P circuits". "C+P" circuits
are the circuits composed of Toffoli gates and diagonal gates. Our scheme is
non-interactive, requires very little quantum computation from the client
(proportional to input length but independent of the circuit size), and can be
proved secure in the quantum random oracle model, without relying on additional
assumptions, such as the existence of fully homomorphic encryption. In practice
the random oracle can be replaced by an appropriate hash function or block
cipher, for example, SHA-3, AES.
This protocol allows a client to delegate the most expensive part of some
quantum algorithms, for example, Shor's algorithm. The previous protocols that
are powerful enough to delegate Shor's algorithm require either many rounds of
interactions or the existence of FHE. The protocol requires asymptotically
fewer quantum gates on the client side compared to running Shor's algorithm
locally.
To hide the inputs, our scheme uses an encoding that maps one input qubit to
multiple qubits. We then provide a novel generalization of classical garbled
circuits ("reversible garbled circuits") to allow the computation of Toffoli
circuits on this encoding. We also give a technique that can support the
computation of phase gates on this encoding.
To prove the security of this protocol, we study key dependent message(KDM)
security in the quantum random oracle model. KDM security was not previously
studied in quantum settings.Comment: 41 pages, 1 figures. Update to be consistent with the proceeding
versio
Sumcheck-based delegation of quantum computing to rational server
Delegated quantum computing enables a client with a weak computational power
to delegate quantum computing to a remote quantum server in such a way that the
integrity of the server is efficiently verified by the client. Recently, a new
model of delegated quantum computing has been proposed, namely, rational
delegated quantum computing. In this model, after the client interacts with the
server, the client pays a reward to the server. The rational server sends
messages that maximize the expected value of the reward. It is known that the
classical client can delegate universal quantum computing to the rational
quantum server in one round. In this paper, we propose novel one-round rational
delegated quantum computing protocols by generalizing the classical rational
sumcheck protocol. The construction of the previous rational protocols depends
on gate sets, while our sumcheck technique can be easily realized with any
local gate set. Furthermore, as with the previous protocols, our reward
function satisfies natural requirements. We also discuss the reward gap. Simply
speaking, the reward gap is a minimum loss on the expected value of the
server's reward incurred by the server's behavior that makes the client accept
an incorrect answer. Although our sumcheck-based protocols have only
exponentially small reward gaps as with the previous protocols, we show that a
constant reward gap can be achieved if two non-communicating but entangled
rational servers are allowed. We also discuss that a single rational server is
sufficient under the (widely-believed) assumption that the learning-with-errors
problem is hard for polynomial-time quantum computing. Apart from these
results, we show, under a certain condition, the equivalence between
and delegated quantum computing protocols. Based on this
equivalence, we give a reward-gap amplification method.Comment: 28 pages, 1 figure, Because of the character limitation, the abstract
was shortened compared with the PDF fil
- …