Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Masking Countermeasures Against Side-Channel Attacks on Quantum Computers

Jason T. LeGrow, Travis Morrison, Jamie Sikora, Nicolas Swanson

TL;DR

The paper tackles side-channel leakage in quantum cloud computing by introducing a transpilation-based masking approach. It defines $R$-gate masking using a covering gate set and leverages virtual gates on IBM hardware to hide gate identifications and placements without altering circuit behavior, achieving information-theoretic security under the assumption that virtual-gate angles are undetectable. Depth overheads are analyzed with bounds $T_B \le 2 r T$ and $T_D \le 2 r p T$, and concrete constructions are provided for both gate masking and gate-position masking, including topology-aware bounds like $Y$ depth $\le \Delta(G)+2 \le n+1$. The proposed approach is designed to be implementable with current vendors (e.g., Qiskit), moving side-channel defenses from quantum hardware to classical control paths and enabling practical validation and extension to more threat models in future work.

Abstract

We propose a modification to the transpiler of a quantum computer to safeguard against side-channel attacks aimed at learning information about a quantum circuit. We demonstrate that if it is feasible to shield a specific subset of gates from side-channel attacks, then it is possible to conceal all information in a quantum circuit by transpiling it into a new circuit whose depth grows linearly, depending on the quantum computer's architecture. We provide concrete examples of implementing this protection on IBM's quantum computers, utilizing their virtual gates and editing their transpiler.

Masking Countermeasures Against Side-Channel Attacks on Quantum Computers

TL;DR

The paper tackles side-channel leakage in quantum cloud computing by introducing a transpilation-based masking approach. It defines -gate masking using a covering gate set and leverages virtual gates on IBM hardware to hide gate identifications and placements without altering circuit behavior, achieving information-theoretic security under the assumption that virtual-gate angles are undetectable. Depth overheads are analyzed with bounds and , and concrete constructions are provided for both gate masking and gate-position masking, including topology-aware bounds like depth . The proposed approach is designed to be implementable with current vendors (e.g., Qiskit), moving side-channel defenses from quantum hardware to classical control paths and enabling practical validation and extension to more threat models in future work.

Abstract

We propose a modification to the transpiler of a quantum computer to safeguard against side-channel attacks aimed at learning information about a quantum circuit. We demonstrate that if it is feasible to shield a specific subset of gates from side-channel attacks, then it is possible to conceal all information in a quantum circuit by transpiling it into a new circuit whose depth grows linearly, depending on the quantum computer's architecture. We provide concrete examples of implementing this protection on IBM's quantum computers, utilizing their virtual gates and editing their transpiler.
Paper Structure (10 sections, 5 theorems, 4 equations, 9 figures)

This paper contains 10 sections, 5 theorems, 4 equations, 9 figures.

Table of Contents

  1. Introduction
  2. Quantum Side-Channel Attacks
  3. Masking in the Transpiler
  4. Masking certain gates
  5. Masking gate positions
  6. The depth of masked circuits
  7. Virtual Gates
  8. Virtual gates as covering sets
  9. Virtual Gate Masking
  10. Conclusions and Future Work

Key Result

Theorem 8

Suppose we have a universal gate set $S$, covering set $R$, and two quantum circuits $C$ and $C'$ with the same positional information. If $C$ is transpiled into $B$ and $C'$ is transpiled into $B'$, both with $R$-gate masking, then the $R$-positional information of $B$ and $B'$ are equivalent.

Figures (9)

  • Figure 1: Our side-channel attack model.
  • Figure 2: Pictured is $C_1$ on the left and $C_2$ on the right from \ref{['ex:weirdCircuits']}. These circuits do the same thing, but have different representations in terms of gates.
  • Figure 3: Different circuits for the quantum teleportation algorithm. The circuit $C_1$ has a single gate with identification $U$, index 1, wire label $\{1, 2 , 3\}$, and size 3; the circuit $C_2 = (U_{1}, \dots, U_{6})$ where $U_{1} = I \otimes H \otimes I$, $U_{2} = I \otimes \textrm{CNOT}$, and so on. The first Hadamard gate on the left of $C_2$ has identification $H$, index 1, wire label 2, and size 1. In $C_3$, the last two gates have identification $H$, index 12, size 1, and wire labels 2 and 3 respectively.
  • Figure 4: A possible layout of $4$ physical qubits, called a 1D array. If two qubits can have a gate applied to them, they are connected with an edge. These are called nearest neighbor interactions.
  • Figure 5: Using the topology in Figure \ref{['fig:imbLagos0']}, assuming we can apply only single-qubit gates and two-qubit gates, we have $N = 2$ and possible wire-labels $W = \{1\}, \{2\}, \{3\}, \{4\}$, $\{ 1,2 \}$, $\{ 2,3 \}$, and $\{ 3,4 \}$. The circuit $Y$ with minimum depth is shown above with depth $p = 3$.
  • ...and 4 more figures

Theorems & Definitions (22)

  • Definition 1
  • Definition 2
  • Example 3
  • Example 4
  • Definition 5
  • Definition 6
  • Remark
  • Theorem 8
  • proof
  • Remark
  • ...and 12 more