Write, autoreview, editor, reviewer
3,129
edits
Prepare-and-Send Quantum Fully Homomorphic Encryption: Difference between revisions
Jump to navigation
Jump to search
Prepare-and-Send Quantum Fully Homomorphic Encryption (edit)
Revision as of 09:04, 11 July 2019
, 11 July 2019→Stage 2 Server’s Computation
| Line 109: | Line 109: | ||
=== Stage 2 Server’s Computation=== | === Stage 2 Server’s Computation=== | ||
*'''Input:''' public key tuple <math>(pk_i)_{i = 0}^{L}</math>, Evaluation key tuple, Encrypted Pad key (<math>\{\tilde{a}^{[0]}...\tilde{a}^{[n]}</math>, <math>\tilde{b}^{[i]}...\tilde{b}^{[n]}\}</math>), QOTP Input State (<math> X^{a^{[1]}}Z^{b^{[1]}}\otimes.....\otimes X^{a^{[n]}}Z^{b^{[n]}}\rho Z^{b^{[1]}}X^{a^{[1]}}\otimes.....\otimes X^{a^{[n]}}Z^{b^{[n]}}</math>)</br> | |||
*'''Output:''' QOTP Circuit Output State (<math> X^{a'^{[1]}}Z^{b'^{[1]}}\otimes.....\otimes X^{a'^{[k]}}Z^{b'^{[k]}}\rho' Z^{b'^{[1]}}X^{a'^{[1]}}\otimes.....\otimes X^{a'^{[k]}}Z^{b'^{[k]}}</math>), Corresponding Encrypted Pad key (<math>\tilde{a'},\tilde{b'}</math>)=(HE.Eval<math>_{evk_L}^\text{C}(\tilde{a}</math>),HE.Eval<math>_{evk_L}^\text{C}(\tilde{b}</math>))</br></br> | |||
*Output: QOTP Circuit Output State ( | Let the Circuit be denoted by C and the gates be <math>c_i</math> | ||
Let the Circuit be denoted by C and the gates be | # For all i, <math>c_i</math> gate is applied on qubit m and the <math>m_{th}</math> bits of pad key <math>(\tilde {a}^{[m]},\tilde{b}^{[m]})</math> are updated to <math>(\tilde {a}'^{[m]},\tilde{b}'^{[m]})</math> as follows. | ||
# For all i, | # If <math>c_i=\{P,H,CNOT\}</math>, a Clifford gate then: <math>c_iX^{a^{[m]}}Z^{b^{[m]}}\psi=X^{a'^{[m]}}Z^{b'^{[m]}}c_i\psi</math>) | ||
( | ## if <math>c_i=</math>H then //Hadamard Gate: <math>(\tilde {a}^{[m]},\tilde{b}^{[m]})\rightarrow (\tilde{b}^{[m]},\tilde{a}^{[m]})</math> (Hadamard tranforms X gate into Z and Z into X) | ||
\item if $c_i=$P then //Pauli Gate | |||
\item[] $(\tilde {a}^{[m]},\tilde{b}^{[m]})\rightarrow (\tilde{a}^{[m]},\tilde{a}^{[m]}\oplus\tilde{b}^{[m]})$ | |||
\item if $c_i=$CNOT with m as target bit and n as control bit then (CNOT) | |||
\item[] $(\tilde {a}^{[m]},\tilde{b}^{[m]};\tilde {a}^{[n]},\tilde{b}^{[n]})\rightarrow (\tilde {a}^{[m]},\tilde{b}^{[m]}\oplus \tilde {b}^{[n]};\tilde{a}^{[m]}\oplus \tilde {a}^{[n]},\tilde{b}^{[n]})$ | |||
\end{enumerate} | |||
\item If $c_i=T_j$ gate then //T Gate | |||
\item[] ($T_jX^{a^{[m]}}Z^{b^{[m]}}\psi=P^{a^{[m]}}X^{a^{[m]}}Z^{b^{[m]}}T_j\psi$) | |||
\begin{enumerate} | |||
\item \textbf{Generate Measurement} | |||
\item[] M$\leftarrow$ QFHE.GenMeasurement($\tilde {a}^{[m]},\Gamma_{pk_{j+1}}(sk_j),evk_j)$ | |||
\item \textbf{Gadget Correction} | |||
\item[] $(X^{a'^{[m]}}Z^{b'^{[m]}}T_j)\psi\leftarrow$ QFHE.Measurement(M, $P^{a^{[m]}}X^{a^{[m]}}Z^{b^{[m]}}T_j\psi)$; | |||
\item[] Server gets measurement outcome x',z' | |||
\item\textbf {Recryption} Server recrypts one-pad key using pk$_{k+1}$ | |||
\item[] ($\tilde {a''}^{[m]},\tilde{b''}^{[m]})\leftarrow$ QFHE.Rec$_{pk_{k+1}}(\tilde {a}^{[m]},\tilde{b}^{[m]})$. | |||
\item Server updates the recrypted key using x,z and x',z'. | |||
\item[]($\tilde {a'}^{[m]},\tilde{b'}^{[m]})\leftarrow (\tilde {a''}^{[m]},\tilde{b''}^{[m]}$) | |||
\end{enumerate} | |||
\item Server sends the updated encryption and QOTP output state to Client. | |||
===Stage 3 Client’s Correction=== | ===Stage 3 Client’s Correction=== | ||
'''Decryption (QFHE.Dec()) | '''Decryption (QFHE.Dec()) | ||