Write, autoreview, editor, reviewer
3,125
edits
Prepare-and-Send Verifiable Quantum Fully Homomorphic Encryption: Difference between revisions
Jump to navigation
Jump to search
m
Prepare-and-Send Verifiable Quantum Fully Homomorphic Encryption (edit)
Revision as of 17:17, 6 June 2019
, 6 June 2019no edit summary
mNo edit summary |
mNo edit summary |
||
| Line 5: | Line 5: | ||
==Outline== | ==Outline== | ||
This protocol consists mainly of four stages: Key Generation, Encryption, Homomorphic evaluation and Verified decryption. For verification, the major changes from the standard [[Prepare and Send Quantum Fully Homomorphic Encryption]] is in stage 2, evaluation where a computational log is provided as an extra output and in stage 4, Verified decryption which accepts computational log and performs the verification. The verification performed in this protocol is mainly classical in nature | This protocol consists mainly of four stages: Key Generation, Encryption, Homomorphic evaluation, and Verified decryption. For verification, the major changes from the standard [[Prepare and Send Quantum Fully Homomorphic Encryption]] is in stage 2, evaluation where a computational log is provided as an extra output and in stage 4, Verified decryption which accepts computational log and performs the verification. The verification performed in this protocol is mainly classical in nature | ||
*'''Key Generation and Encryption''' | *'''Key Generation and Encryption''' | ||
** This procedure requires the generation of single-qubit and two-qubit states from a small fixed set, performing Bell measurements and Pauli gates, and executing the encoding procedure of a quantum error-correcting code on which the trap code is based. | ** This procedure requires the generation of single-qubit and two-qubit states from a small fixed set, performing Bell measurements and Pauli gates, and executing the encoding procedure of a quantum error-correcting code on which the trap code is based. | ||
** In this step, using the classical fully homomorphic encryption scheme, public key, the secret keys and the evaluation function key for the encryption are generated. A message authenticating system (MAC) is used to authenticate this process. Using [[MAC]], a key is also generated. | ** In this step, using the classical fully homomorphic encryption scheme, public key, the secret keys and the evaluation function key for the encryption are generated. A message authenticating system (MAC) is used to authenticate this process. Using [[MAC]], a key is also generated. | ||
** Majority of the single-qubit and two qubit quantum states are encrypted using the global permutation <math>\pi</math>, but all the qubits in the error correcting gadget are encrypted using independent permutation. The encryption occurs through [[CSS]] where equal amounts of traps gates (<math>|0\rangle</math> and <math>|+\rangle</math>) are added and permuted using the global permutation, after which the overall state is encrypted by using [[Quantum one time pad]]. The final state formed of the single-qubit or two qubit quantum used initially is known as the magic state. | ** Majority of the single-qubit and two-qubit quantum states are encrypted using the global permutation <math>\pi</math>, but all the qubits in the error correcting gadget are encrypted using independent permutation. The encryption occurs through [[CSS]] where equal amounts of traps gates (<math>|0\rangle</math> and <math>|+\rangle</math>) are added and permuted using the global permutation, after which the overall state is encrypted by using [[Quantum one time pad]]. The final state formed of the single-qubit or two-qubit quantum used initially is known as the magic state. | ||
** The keys for the quantum one-time pad are selected during the encryption stage, For the <math>T</math> gate, error correcting gadgets are prepared from garden-hose gadgets(Link here). | ** The keys for the quantum one-time pad are selected during the encryption stage, For the <math>T</math> gate, error correcting gadgets are prepared from garden-hose gadgets(Link here). | ||
** Then the evaluation key is formed, using the auxiliary states mentioned, which includes the magic states too. | ** Then the evaluation key is formed, using the auxiliary states mentioned, which includes the magic states too. | ||
</br> | </br> | ||
* '''Evaluation''': Evaluation of a circuit is done gate by gate. Throughout this procedure, apart from the outputs, a complete computational log is made of all randomness used, all computation steps, all intermediate results and all the classical FHE computations. To measure a qubit, we measure all ciphertext qubits and place the outcomes in the log. | * '''Evaluation''': Evaluation of a circuit is done gate by gate. Throughout this procedure, apart from the outputs, a complete computational log is made of all randomness used, all computation steps, all intermediate results, and all the classical FHE computations. To measure a qubit, we measure all ciphertext qubits and place the outcomes in the log. | ||
** Measurements: In computational basis measurement, logical measurement is performed by measurement of all physical qubits of the ciphertext and also checks the traps. This is followed by using the encryption function of classical homomorphic encryption on the result. In Hadamard basis measurement, because of the Hadamard gate property of <math>H|0\rangle = |+\rangle</math> and <math>H|+\rangle = |0\rangle</math>, all computational traps are swapped with the Hadamard traps. . A transversal application of <math>H</math> to all relevant physical qubits precedes the evaluation procedure for the computational basis measurement. | ** Measurements: In computational basis measurement, logical measurement is performed by measurement of all physical qubits of the ciphertext and also checks the traps. This is followed by using the encryption function of classical homomorphic encryption on the result. In Hadamard basis measurement, because of the Hadamard gate property of <math>H|0\rangle = |+\rangle</math> and <math>H|+\rangle = |0\rangle</math>, all computational traps are swapped with the Hadamard traps. . A transversal application of <math>H</math> to all relevant physical qubits precedes the evaluation procedure for the computational basis measurement. | ||
** Pauli gates: Applying a logical Pauli is done by applying the same Pauli to all physical qubits. The application of Pauli gates (<math>X</math> and/or <math>Z</math>) to a state encrypted with a quantum one-time pad can be achieved without touching the actual state, by updating the keys to QOTP in the appropriate way. The logical Pauli-X is performed by (homomorphically) flipping the X-key bits of the QOTP and Pauli-Y works in the same manner for Z-key bits. Hence, this is a classical task. | ** Pauli gates: Applying a logical Pauli is done by applying the same Pauli to all physical qubits. The application of Pauli gates (<math>X</math> and/or <math>Z</math>) to a state encrypted with a quantum one-time pad can be achieved without touching the actual state, by updating the keys to QOTP in the appropriate way. The logical Pauli-X is performed by (homomorphically) flipping the X-key bits of the QOTP and Pauli-Y works in the same manner for Z-key bits. Hence, this is a classical task. | ||