Secure Client- Server Delegated Computation
Functionality Description
Delegated Computation is the task of assigning quantum computation to an untrusted device while maintaining privacy of the computation. Protocols under this functionality are commonly called ClientServer protocols. Delegated Quantum Computation (DQC) protocols involve partially/fully classical Client delegate a quantum computation task to a fully powerful quantum Server. All DQC protocols involve three main stages, Prepataion Stage, Computation Stage, Output Correction Stage. The roles of Client and Server in the different stages may differ according to the type of communication used. It can be performed via classical online/offline and quantum online/offline communication. It can be verifiable or non-verifiable. Hence, it is classified as follows.
Classical Online-Quantum Offline
It involves a partially quantum Client perform a one time quantum communication to send input to the Server, in the preparation Stage and then to receive outputs from the Server, during output correction. The Client and Server then exchange classical messages during the computation phase. Universal Blind Quantum Computation (UBQC) is a protocol falling under this category. In this protocol Client hides his input, output and computation from the Server using MBQC by sending hidden quantum states to the Server. UBQC protocols can be realised by a Prepare and Send UBQC protocol where client prepares and sends the input states to the Server or Measurement Only UBQC protocol where the client measures some known quantum state prepared by server in a rotated basis to generate input states. If the task performed by the Server can be verified by the Client, the protocol is Verifiable Universal Blind Quantum Computation (VUBQC). Same as UBQC, VUBQC can also be realised by Prepare and Send VUBQC or Measurement Only VUBQC protocols.
Classical Online-No Quantum
It involves a fully classical Client exchanging classical messages with the server throughout. Protocols falling under this category are Q-Factory. A verification of Q-Factory protocol is still an open question.
Classical Offline-Quantum Offline
It involves a partially classical Client exchanging performing both classical and quantum communication with the Server during the preparation stage and output correction. There is no communication between the two parties during computation stage. Client hides her input states with the help of some classical encryption using HE and Server performs computation on the encrypted state. Later Client decrypts the outcome sent by Server to get the correct result. Protocols falling under this category are Quantum Fully Homomorphic Encryption (QFHE) Just like UBQC, QFHE protocols can also be realised by a Prepare and Send QFHE protocol where client prepares and sends the input states to the Server or Measurement Only QFHE protocol where the client measures some known quantum state prepared by server in a rotated basis to generate input states. If the task performed by the Server can be verified by the Client, the protocol is called, Verifiable Quantum Fully Homomorphic Encryption [[Verifiable Quantum Fully Homomorphic Encryption (VQFHE). Same as QFHE, VQFHE can be realised by Prepare and Send VQFHE and Measurement Only VQFHE. For both QFHE and VQFHE, Measurement Only protocols are an open case.
Classical Offline-No Quantum
It involves a fully classical Client exchanging classical messages with the server only during the preparation and output correction phase. There is no communication during computation phase. It uses a classical protocol to realize a quantum functionality. Protocols falling under this category are Classical Fully Homomorphic Encryption (FHE) for Quantum Circuits. A verification of FHE for Quantum Circuits protocol is still an open question
Tags: Two Party, Universal Task, Quantum Functionality, Secure Delegated Quantum Computation, Multiparty Delegated Quantum Computation, Quantum Enhanced Classical Delegated Computing
Property/Security Definitions
Following are the definitions of various properties and security realized by the different DQC protocols mentioned above.
Adversarial Assumption
- Secure against Honest But Curious adversary protocols are non-verifiable protocols. In this setting, protocols assumes a dishonest server only tries to learn Client’s hidden variables (input, output or computation) and not mutate it.
- Secure against Malicious adversary protocol are verifiable protocols. In this setting, a dishonest server apart from trying to learn the Client’s hidden variable may also try to change it.
Properties
- Blindness asserts the Client’s input/output/server are blind (unknown) to the Server.
- Universality asserts the protocol can compute universal set of quantum gates.
- Correctness asserts that if the protocol is followed it results the same output as when circuit is operated on the input states directly.
- Compactness asserts the decryption of the encrypted messages does not depend on the size of the computation circuit.
- Circuit Privacy asserts circuit is private from the party who did not create it.
- Indistinguishability under Chosen Plaintext Attacks by adversary with quantum computational powers(q-IND-CPA) means that an adversary cannot distinguish between encrypted text from a message and encrypted text from an arbitrary state.
- Full Homomorphism A fully homomorphic scheme is capable of performing any quantum computation on encrypted text and give the correct outcome after decryption. If a scheme cannot perform all quantum gates, it is called Quantum Homomorphic Encryption (QHE) instead of QFHE.
- Quantum Capable A classical HE scheme is quantum capable if it can be used to evaluate quantum circuits
- Circular Security An encryption scheme that encrypts (hides) its own keys
Use Case
Quantum Cloud Computing