Secure Client- Server Delegated Computation
Functionality Description
Delegated Computation is the task of assigning computation on hidden data to a powerful untrusted party (a device) by a weak (in terms of computational powers) party while maintaining privacy of hidden data from the powerful party. Protocols under this functionality are commonly called Client (weak party)-Server (powerful party) protocols. Delegated Quantum Computation (DQC) protocols involve partially/fully classical Client delegating a quantum computation to fully powerful single/multiple quantum Server/Servers. All DQC protocols involve three main stages, Preparation Stage, Computation Stage and Output Correction Stage. The roles of Client and Server in the different stages may differ according to the type of communication used. It can be performed via classical and quantum communication. If it is carried out only during Preparation and Correction stage, it is called offline communication else if the communication is carried out during the computation stage, it is online communication. If the outcome can be verified by the Client it is a verifiable delegated quantum computation protocol. Hence, based on the above requirements, DQC protocols can be classified as follows.
Classical Online Communication-Quantum Offline Communication
It involves a partially quantum Client who can prepare and send quantum states use quantum offline communication to send input to the Server, in the preparation Stage and to receive outputs from the Server, during output correction. Client and Server then use classical online communication to exchange classical messages during computation phase. Universal Blind Quantum Computation (UBQC) falls under this category, where Client hides his input, output and computation from the Server using MBQC. If the task performed by Server can be verified by the Client, it is Verifiable Universal Blind Quantum Computation (VUBQC). Classes of protocols under this category are:
Classical Online Communication-Quantum Online Communication
It involves a partially quantum Client who can measure quantum states use quantum and classical communication throughout the protocol. Client performs the hidden MBQC on states prepared by Server using her measurement device in the computation Stage. She then corrects her classical outcomes in Correction Stage. Classes of protocols under this category are:
Classical Online Communication-No Quantum Communication
It involves a fully classical Client exchanging classical messages with the server throughout. This can be done using protocols for generating secret random qubits, also called Secret Random Qubit Generator (SQRG). One could append SQRG with UBQC to eliminate quantum communication. A protocol falling under this category is Pseudo-Secret Random Qubit Generator (PSRQG). A verification protocol using PSQRG is still an open question.
Classical Offline Communication-Quantum Offline Communication
It involves a partially classical Client performing both classical and quantum communication with the Server during the preparation stage and output correction. There is no communication between the two parties during computation stage. Protocols falling under this category are Quantum Fully Homomorphic Encryption (QFHE). Client hides her input states with the help of some classical encryption using classical Homomorphic Encryption and prepares quantum gadgets (using entanglement) which the Server uses perform computation on the encrypted state. This requires some steps which cannot be realised by classical HE scheme. Later Client decrypts the outcome sent by Server to get the correct result. Just like UBQC, QFHE protocols can also be realised by a Prepare and Send QFHE protocol where client prepares and sends the input states to the Server. If the task performed by the Server can be verified by the Client, the protocol is called, Verifiable Quantum Fully Homomorphic Encryption (VQFHE). Same as QFHE, VQFHE can be realised by Prepare and Send VQFHE. For both QFHE and VQFHE, Measurement Only protocols are an open case. Version for quantum input/output is also available in the descriptions.
Classical Offline Communication-No Quantum Communication
It involves a fully classical Client assign quantum computation to a Server on her classical input/output using only classical communication during the preparation stage and output correction. There is no communication between the two parties during computation stage. It uses only classical Homomorphic Encryption and no quantum gadgets to realize a quantum functionality. Quantum offline communication would be needed in case of quantum input/output. Protocols falling under this category are quantum capable Classical Fully Homomorphic Encryption (FHE) for Quantum Circuits. A verification of FHE for Quantum Circuits protocol is still an open question.
Use Case
Quantum Cloud Computing
Tags: Two Party, Universal Task, Quantum Functionality, Multiparty Delegated Quantum Computation, Quantum Enhanced Classical Delegated Computing
Properties
- Blindness asserts the Client’s input/output/computation are blind (unknown) to the Server.
- Universality asserts the protocol can compute universal set of quantum gates.
- Correctness asserts that if the protocol is followed it results the same output as when circuit is operated on the input states directly.
- Compactness asserts the decryption of the encrypted messages does not depend on the size of the computation circuit.
- Circuit Privacy asserts circuit is private from the party who did not create it.
- Indistinguishability under Chosen Plaintext Attacks by adversary with quantum computational powers(q-IND-CPA) means that an adversary cannot distinguish between encrypted text from a message and encrypted text from an arbitrary state.
- Full Homomorphism A fully homomorphic scheme is capable of performing any quantum computation on encrypted text and give the correct outcome after decryption. If a scheme cannot perform all quantum gates, it is called Quantum Homomorphic Encryption (QHE) instead of QFHE.
- Quantum Capable A classical HE scheme is quantum capable if it can be used to evaluate quantum circuits
- Circular Security An encryption scheme that encrypts (hides) its own keys