Classical Fully Homomorphic Encryption for Quantum Circuits: Difference between revisions

Line 36: Line 36:
*The functions <math>f_0, f_1</math> used must be trapdoor claw-free(TCF) such that one it is not possible to find a triple <math>(\mu_0,\mu_1,y)</math> such that <math>f_0(\mu_0)=f_1(\mu_1)=y</math>
*The functions <math>f_0, f_1</math> used must be trapdoor claw-free(TCF) such that one it is not possible to find a triple <math>(\mu_0,\mu_1,y)</math> such that <math>f_0(\mu_0)=f_1(\mu_1)=y</math>
*One of the nodes require quantum memory, hence, this protocol belongs to Quantum Memory Network Stage.
*One of the nodes require quantum memory, hence, this protocol belongs to Quantum Memory Network Stage.
== Properties ==
*''Quantum Capable'' A classical HE is quantum capable i.e. can perform quantum computation efficiently if there exists AltHE which can execute natural XOR operations.
*''Indistinguishability under Chosen Plaintext Attacks by adversary(IND-CPA)'' The presented classical FHE scheme is CPA secure i.e. it is not possible for any polynomial time adversary to distinguish between the encrypted classical message bits 0 and 1, by learning with errors.
*''Compactness'' This protocol is compact i.e. decryption does not depend on the complexity of the quantum circuit.
*''Correctness'' Correctness is implied from the correctness of encrypted CNOT operation.
*''Circuit Privacy'' This protocol is not circuit private as both Client and Server know the quantum circuit used for performing the computation.
*''Full Homomorphism'' This protocol is fully homomorphic i.e. Server can operate any quantum circuit using this protocol.
*''Circular Security'' This protocol has a stronger notion of circular security where not only the secret key but also the trapdoor functions are encrypted when provided to the Server.


== Pseudocode==  
== Pseudocode==  
Write, autoreview, editor, reviewer
3,129

edits