Plugging Leaks in Fault-Tolerant Quantum Computation and Verification

TL;DR

This paper presents the first fault-tolerant blind verification scheme for universal quantum computations able to handle secret-dependent noise on the verifier's quantum device and proves Composable security of the proposed protocol is proven in the Abstract Cryptography framework.

Abstract

With the advent of quantum cloud computing, the security of delegated quantum computation has become of utmost importance. While multiple statistically secure blind verification schemes in the prepare-and-send model have been proposed, none of them achieves full quantum fault-tolerance, a prerequisite for useful verification on scalable quantum computers. In this paper, we present the first fault-tolerant blind verification scheme for universal quantum computations able to handle secret-dependent noise on the verifier's quantum device. Composable security of the proposed protocol is proven in the Abstract Cryptography framework. Our main tools are two novel distillation protocols that turn secret-dependent noise into secret-independent noise. The first one is run by the verifier and acts on its noisy gates, while the second and more complex one is run entirely on the prover's device and acts on states provided by the verifier. Both are required to overcome the leakage induced by secret-dependent noise. We use these protocols to prepare states in the X-Y-plane whose noise is overwhelmingly secret-independent, which then allows us to verify with exponential confidence arbitrary fault-tolerant BQP computations.

Figures (6)

• Figure 1: Fault-tolerant Level-2 Simulation of a $\mathsf{Z}(\theta)$ Gate. Left: level-0 simulation corresponding to the logical level; middle: level-1 simulation; right: level-2 simulation depicting the implementation of the level-1 $\mathsf{Z}(\theta)$ for the first qubit.
• Figure 2: Plugged Rotated Remote State Preparation for eight qubits. All qubits are in the state $\ket{+_{\theta_j}}$, supplied by a Stochastically Leaky Remote State Preparation Resource. The rotation angle $\theta$ on the central qubit after the protocol is completed corresponds to the one chosen by the Sender as its input.
• Figure 3: Short-dashed resctangles correspond to a $1-\mathsf{SafeRec}$, while the long-dashed one corresponds to a $1-\mathsf{exSafeRec}$.
• Figure 4: Safe Level-$2$ Simulation of $\mathsf{Z}(\theta)$ Gate. Left: Level-2 (Logical level); middle: level-$1$ simulation with $\alpha_i$ chosen at random and $\theta = \alpha_i + \beta_i$; right: level-$0$ simulation depicting the implementation of the level-$1$$\mathsf{Z}(\beta_{1})$, with $\gamma_i$ chosen at random and $\beta_1 = \gamma_i + \delta_i$. To leak the value of $\theta$, it is necessary to leak all the angles for at least one physical qubit which decreases doubly exponentially with the simulation level.
• Figure 5: The quantum circuit used by the Receiver in the gadget after having corrected all five half-EPR pairs, corresponding to the states $\rho_i$.

Theorems & Definitions (35)

• Theorem 1.1: Threshold Theorem for Secure Delegation of Fault-Tolerant Quantum Computation
• Definition 2.1: Statistical Indistinguishability of Resources
• Definition 2.2: Construction of Resources
• Definition 2.3: Measurement Pattern
• Theorem 2.4: Security of Protocol \ref{['proto:dummyless-sdqc']}, KKLM22unifyingKKLM23asymmetric
• Theorem 2.5: Restated from AGP06quantum
• Lemma 4.1
• proof
• Theorem 4.2: Exponentially-Boosted Rotated State Preparation
• Lemma 4.3: Correctness of Plugged Rotated Remote State Preparation