[Resource Topic] 2020/1286: Secure Two-Party Quantum Computation Over Classical Channels

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2020/1286

Title:
Secure Two-Party Quantum Computation Over Classical Channels

Authors: Michele Ciampi, Alexandru Cojocaru, Elham Kashefi, Atul Mantri

Abstract:

Secure two-party computation considers the problem of two parties computing a joint function of their private inputs without revealing anything beyond the output of the computation. In this work, we take the first steps towards understanding the setting where: 1) the two parties (Alice and Bob) can communicate only via a classical channel, 2) the input of Bob is quantum, and 3) the input of Alice is classical. Our first result indicates that in this setting it is in general impossible to realize a two-party quantum functionality with black-box simulation in the case of malicious quantum adversaries. In particular, we show that the existence of a secure quantum computing protocol that relies only on classical channels would contradict the quantum no-cloning argument. We circumvent this impossibility following three different approaches. The first is by considering a weaker security notion called one-sided simulation security. This notion protects the input of one party (the quantum Bob) in the standard simulation-based sense and protects the privacy of the other party’s input (the classical Alice). We show how to realize a protocol that satisfies this notion relying on the learning with errors assumption. The second way to circumvent the impossibility result, while at the same time providing standard simulation-based security also against a malicious Bob, is by assuming that the quantum input has an efficient classical representation. Finally, we focus our attention on the class of zero-knowledge functionalities and provide a compiler that takes as input a classical proof of quantum knowledge (PoQK) protocol for a QMA relation R (a classical PoQK is a PoQK that can be verified by a classical verifier) and outputs a zero-knowledge PoQK for R that can be verified by classical parties. The direct implication of our result is that Mahadev’s protocol for classical verification of quantum computations (FOCS’18) can be turned into a zero-knowledge proof of quantum knowledge with classical verifiers. To the best of our knowledge, we are the first to instantiate such a primitive.

ePrint: https://eprint.iacr.org/2020/1286

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .