Write, autoreview, editor, reviewer
3,129
edits
Line 11: | Line 11: | ||
==Outline== | ==Outline== | ||
Homomorphic Encryption [[Glossary#Quantum Capable Homomorphic Encryption|(HE)]] schemes can be divided into four stages: Key Generation generates keys for encryption, decryption, and evaluation of the circuit, Encryption encodes the input into a ciphertext using encryption key, Homomorphic Evaluation performs operations (implements the circuit) on the encrypted input using evaluation key and Decryption transforms result of the ciphertext to actual outcome of the circuit using decryption key. This protocol requires Client to prepare and send the quantum states to Server, hence the name, ''Prepare and Send QFHE''. A QFHE scheme is fundamentally different from classical FHE in the aspect that an evaluation key is allowed to be a quantum state in the former case. Also, in the last step decryption for FHE is carried out subsystem by subsystem. This cannot be correct for QFHE as quantum states can be entangled, hence decryption should be carried out on the system as a whole. The QFHE version of encryption is based on quantum one-time pad | Homomorphic Encryption [[Glossary#Quantum Capable Homomorphic Encryption|(HE)]] schemes can be divided into four stages: Key Generation generates keys for encryption, decryption, and evaluation of the circuit, Encryption encodes the input into a ciphertext using encryption key, Homomorphic Evaluation performs operations (implements the circuit) on the encrypted input using evaluation key and Decryption transforms result of the ciphertext to actual outcome of the circuit using decryption key. This protocol requires Client to prepare and send the quantum states to Server, hence the name, ''Prepare and Send QFHE''. A QFHE scheme is fundamentally different from classical FHE in the aspect that an evaluation key is allowed to be a quantum state in the former case. Also, in the last step decryption for FHE is carried out subsystem by subsystem. This cannot be correct for QFHE as quantum states can be entangled, hence decryption should be carried out on the system as a whole. The QFHE version of encryption is based on [[quantum one-time pad]] i.e. randomly applying a Pauli Gate (X, Y, Z, I) in order to hide the input. A Fully Homomorphic Encryption can implement Universal Gates (a set of gates which can implement any quantum circuit). Most of the gates in this set work well with QOTP while for T gates one needs an additional gadget, in order to implement any arbitrary circuit and make the scheme Fully Homomorphic. This adds an additional step called ”Gadget Construction” during Key Generation Stage in this protocol | ||
*'''Key Generation''' | *'''Key Generation''' | ||
This step generates homomorphic key sets consisting of the classical public key for encryption, a classical private key for decryption and a quantum evaluation key for operation on the encrypted input state. If the circuit involves L T gates, Client needs L+1 such key sets for L gadgets and one input state. The Client uses the classical HE Key Generation (HE.KeyGen) to get classical key sets. She stores all the public keys and secret keys in two separate sets (tuples). Quantum evaluation keys consist of the classical evaluation keys and L gadgets. Once constructed, the gadget is also encrypted using all public keys except the first one by the Client. As construction of gadgets takes secret keys (first L) as inputs, the public key used for its encryption should not belong to the same homomorphic key set used to construct the gadget. A classical description of the gadget, useful for evaluation is also encrypted and included in the gadget. Construction and encryption of gadgets is described in the last step.<br/> | This step generates homomorphic key sets consisting of the classical public key for encryption, a classical private key for decryption and a quantum evaluation key for operation on the encrypted input state. If the circuit involves L T gates, Client needs L+1 such key sets for L gadgets and one input state. The Client uses the classical HE Key Generation (HE.KeyGen) to get classical key sets. She stores all the public keys and secret keys in two separate sets (tuples). Quantum evaluation keys consist of the classical evaluation keys and L gadgets. Once constructed, the gadget is also encrypted using all public keys except the first one by the Client. As construction of gadgets takes secret keys (first L) as inputs, the public key used for its encryption should not belong to the same homomorphic key set used to construct the gadget. A classical description of the gadget, useful for evaluation is also encrypted and included in the gadget. Construction and encryption of gadgets is described in the last step.<br/> |