Classical Homomorphic Encryption for Quantum Circuits

We present the first leveled fully homomorphic encryption scheme for quantum circuits with classical keys. The scheme allows a classical client to blindly delegate a quantum computation to a quantum server: an honest server is able to run the computation while a malicious server is unable to learn any information about the computation. We show that it is possible to construct such a scheme directly from a quantum secure classical homomorphic encryption scheme with certain properties. Finally, we show that a classical homomorphic encryption scheme with the required properties can be constructed from the learning with errors problem

Classical Verification of Quantum Computations

We present the first protocol allowing a classical computer to interactively verify the result of an efficient quantum computation. We achieve this by constructing a measurement protocol, which enables a classical verifier to use a quantum prover as a trusted measurement device. The protocol forces the prover to behave as follows: the prover must construct an n qubit state of his choice, measure each qubit in the Hadamard or standard basis as directed by the verifier, and report the measurement results to the verifier. The soundness of this protocol is enforced based on the assumption that the learning with errors problem is computationally intractable for efficient quantum machines

Classical Verification of Quantum Computations

We present the first protocol allowing a classical computer to interactively verify the result of an efficient quantum computation. We achieve this by constructing a measurement protocol, which enables a classical verifier to use a quantum prover as a trusted measurement device. The protocol forces the prover to behave as follows: the prover must construct an n qubit state of his choice, measure each qubit in the Hadamard or standard basis as directed by the verifier, and report the measurement results to the verifier. The soundness of this protocol is enforced based on the assumption that the learning with errors problem is computationally intractable for efficient quantum machines

Rational approximations and quantum algorithms with postselection

We study the close connection between rational functions that approximate a given Boolean function, and quantum algorithms that compute the same function using postselection. We show that the minimal degree of the former equals (up to a factor of 2) the minimal query complexity of the latter. We give optimal (up to constant factors) quantum algorithms with postselection for the Majority function, slightly improving upon an earlier algorithm of Aaronson. Finally we show how Newman's classic theorem about low-degree rational approximation of the absolute-value function follows from these algorithms.Comment: v2: 12 pages LaTeX, to appear in Quantum Information and Computation. Compared to version 1, the writing has been improved but the results are unchange

Classical Verification of Quantum Computations

We present the first protocol allowing a classical computer to interactively verify the result of an efficient quantum computation. We achieve this by constructing a measurement protocol, which enables a classical verifier to use a quantum prover as a trusted measurement device. The protocol forces the prover to behave as follows: the prover must construct an n qubit state of his choice, measure each qubit in the Hadamard or standard basis as directed by the verifier, and report the measurement results to the verifier. The soundness of this protocol is enforced based on the assumption that the learning with errors problem is computationally intractable for efficient quantum machines

A Cryptographic Test of Quantumness and Certifiable Randomness from a Single Quantum Device

We give a protocol for producing certifiable randomness from a single untrusted quantum device that is polynomial-time bounded. The randomness is certified to be statistically close to uniform from the point of view of any computationally unbounded quantum adversary, that may share entanglement with the quantum device. The protocol relies on the existence of post-quantum secure trapdoor claw-free functions, and introduces a new primitive for constraining the power of an untrusted quantum device. We then show how to construct this primitive based on the hardness of the learning with errors (LWE) problem. The randomness protocol can also be used as the basis for an efficiently verifiable "quantum supremacy" proposal, thus answering an outstanding challenge in the field

A Cryptographic Test of Quantumness and Certifiable Randomness from a Single Quantum Device

We give a protocol for producing certifiable randomness from a single untrusted quantum device that is polynomial-time bounded. The randomness is certified to be statistically close to uniform from the point of view of any computationally unbounded quantum adversary, that may share entanglement with the quantum device. The protocol relies on the existence of post-quantum secure trapdoor claw-free functions, and introduces a new primitive for constraining the power of an untrusted quantum device. We show how to construct this primitive based on the hardness of the learning with errors (LWE) problem, and prove that it has a crucial adaptive hardcore bit property. The randomness protocol can be used as the basis for an efficiently verifiable "test of quantumness", thus answering an outstanding challenge in the field.Comment: 45 page

A Cryptographic Test of Quantumness and Certifiable Randomness from a Single Quantum Device

We give a protocol for producing certifiable randomness from a single untrusted quantum device that is polynomial-time bounded. The randomness is certified to be statistically close to uniform from the point of view of any computationally unbounded quantum adversary, that may share entanglement with the quantum device. The protocol relies on the existence of post-quantum secure trapdoor claw-free functions, and introduces a new primitive for constraining the power of an untrusted quantum device. We then show how to construct this primitive based on the hardness of the learning with errors (LWE) problem. The randomness protocol can also be used as the basis for an efficiently verifiable "quantum supremacy" proposal, thus answering an outstanding challenge in the field

Classical Verification and Blind Delegation of Quantum Computations

In this dissertation, we solve two open questions. First, can the output of a quantum computation be verified classically? We give the first protocol for provable classical verifica- tion of efficient quantum computations, depending only on the assumption that the learning with errors problem is post-quantum secure.The second question, which is related to verifiability and is often referred to as blind computation, asks the following: can a classical client delegate a desired quantum compu- tation to a remote quantum server while hiding all data from the server? This is especially relevant to proposals for quantum computing in the cloud. For classical computations, this task is achieved by the celebrated result of fully homomorphic encryption ([21]). We prove an analogous result for quantum computations by showing that certain classical homomorphic encryption schemes, when used in a different manner, are able to homomorphically evaluate quantum circuits.While we use entirely different techniques to construct the verification and homomorphic encryption protocols, they both rely on the same underlying cryptographic primitive of trapdoor claw-free functions