Quantum Homomorphic Encryption for Polynomial-Sized Circuits

We present a new scheme for quantum homomorphic encryption which is compact and allows for efficient evaluation of arbitrary polynomial-sized quantum circuits. Building on the framework of Broadbent and Jeffery and recent results in the area of instantaneous non-local quantum computation, we show how to construct quantum gadgets that allow perfect correction of the errors which occur during the homomorphic evaluation of T gates on encrypted quantum data. Our scheme can be based on any classical (leveled) fully homomorphic encryption (FHE) scheme and requires no computational assumptions besides those already used by the classical scheme. The size of our quantum gadget depends on the space complexity of the classical decryption function -- which aligns well with the current efforts to minimize the complexity of the decryption function. Our scheme (or slight variants of it) offers a number of additional advantages such as ideal compactness, the ability to supply gadgets "on demand", circuit privacy for the evaluator against passive adversaries, and a three-round scheme for blind delegated quantum computation which puts only very limited demands on the quantum abilities of the client.

[1]  Craig Gentry,et al.  A Simple BGN-Type Cryptosystem from LWE , 2010, EUROCRYPT.

[2]  Florian Speelman,et al.  Instantaneous Non-Local Computation of Low T-Depth Quantum Circuits , 2015, TQC.

[3]  H. Prakash Quantum teleportation , 2009, 2009 International Conference on Emerging Trends in Electronic and Photonic Devices & Systems.

[4]  Louis Salvail,et al.  BLIND QUANTUM COMPUTATION , 2003 .

[5]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[6]  Louis Salvail,et al.  Secure Two-Party Quantum Evaluation of Unitaries against Specious Adversaries , 2010, CRYPTO.

[7]  Elad Eban,et al.  Interactive Proofs For Quantum Computations , 2017, 1704.04487.

[8]  Vinod Vaikuntanathan,et al.  Computing Blindfolded: New Developments in Fully Homomorphic Encryption , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[9]  Oded Margalit On the riddle of coding equality function in the garden hose model , 2014, 2014 Information Theory and Applications Workshop (ITA).

[10]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[11]  Tommaso Gagliardoni,et al.  Semantic Security and Indistinguishability in the Quantum World , 2015, IACR Cryptol. ePrint Arch..

[12]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[13]  Florian Speelman,et al.  Position-Based Quantum Cryptography and the Garden-Hose Game , 2012, ArXiv.

[14]  P. Benioff Quantum mechanical hamiltonian models of turing machines , 1982 .

[15]  Moti Yung,et al.  Key dependent message security: recent results and applications , 2011, CODASPY '11.

[16]  Brent Waters,et al.  How to use indistinguishability obfuscation: deniable encryption, and more , 2014, IACR Cryptol. ePrint Arch..

[17]  Vinod Vaikuntanathan,et al.  Multiparty Computation with Low Communication, Computation and Interaction via Threshold FHE , 2012, EUROCRYPT.

[18]  GentryCraig,et al.  Leveled) Fully Homomorphic Encryption without Bootstrapping , 2014 .

[19]  Li Yu,et al.  Limitations on information theoretically secure quantum homomorphic encryption , 2014, ArXiv.

[20]  Andris Ambainis,et al.  Private quantum channels , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[21]  Mario Szegedy,et al.  The Garden Hose Complexity for the Equality Function , 2014, AAIM.

[22]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[23]  R. Prevedel,et al.  Quantum computing on encrypted data , 2013, Nature Communications.

[24]  Ekert,et al.  "Event-ready-detectors" Bell experiment via entanglement swapping. , 1993, Physical review letters.

[25]  Bill Fefferman,et al.  On Quantum Obfuscation , 2016, ArXiv.

[26]  I. Chuang,et al.  Quantum Teleportation is a Universal Computational Primitive , 1999, quant-ph/9908010.

[27]  Isaac L. Chuang,et al.  Demonstrating the viability of universal quantum computation using teleportation and single-qubit operations , 1999, Nature.

[28]  Yael Tauman Kalai,et al.  How to Run Turing Machines on Encrypted Data , 2013, CRYPTO.

[29]  Laura Mančinska,et al.  Generalized Bloch Vector and the Eigenvalues of a Density Matrix Māris , 2007 .

[30]  M. A. Armstrong Groups and symmetry , 1988 .

[31]  A. Broadbent Delegating private quantum computations12 , 2015, 1506.01328.

[32]  M. Bremner,et al.  Instantaneous Quantum Computation , 2008, 0809.0847.

[33]  R. Cramer,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000 .

[34]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[35]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[36]  Anne Broadbent Non-signalling correlations imply efficient instantaneous nonlocal quantum computation , 2015 .

[37]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[38]  D. Gottesman The Heisenberg Representation of Quantum Computers , 1998, quant-ph/9807006.

[39]  Stacey Jeffery,et al.  Quantum Homomorphic Encryption for Circuits of Low T-gate Complexity , 2014, CRYPTO.

[40]  Elham Kashefi,et al.  Universal Blind Quantum Computation , 2008, 2009 50th Annual IEEE Symposium on Foundations of Computer Science.

[41]  Anne Broadbent,et al.  Popescu-Rohrlich correlations imply efficient instantaneous nonlocal quantum computation , 2015, 1512.04930.

[42]  Vinod Vaikuntanathan,et al.  Attribute-based encryption for circuits , 2013, STOC '13.

[43]  David A. Mix Barrington,et al.  Bounded-width polynomial-size branching programs recognize exactly those languages in NC1 , 1986, STOC '86.

[44]  Joseph Fitzsimons,et al.  Private quantum computation: an introduction to blind quantum computing and related protocols , 2016, npj Quantum Information.

[45]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[46]  Avinatan Hassidim,et al.  Secure Multiparty Quantum Computation with (Only) a Strict Honest Majority , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[47]  I. Chuang,et al.  Quantum Computation and Quantum Information: Bibliography , 2010 .

[48]  Ämin Baumeler,et al.  Quantum Private Information Retrieval has Linear Communication Complexity , 2013, Journal of Cryptology.

[49]  Peter P Rohde,et al.  Quantum walks with encrypted data. , 2012, Physical review letters.

[50]  Tommaso Gagliardoni,et al.  Computational Security of Quantum Encryption , 2016, ICITS.

[51]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[52]  Michael A. Nielsen,et al.  The Solovay-Kitaev algorithm , 2006, Quantum Inf. Comput..

[53]  Salil P. Vadhan,et al.  Theory of Cryptography , 2016, Lecture Notes in Computer Science.

[54]  Andrew M. Childs Secure assisted quantum computation , 2001, Quantum Inf. Comput..

[55]  Harry Buhrman,et al.  Position-Based Quantum Cryptography and the Garden-Hose Game , 2012 .

[56]  Anat Paskin-Cherniavsky,et al.  Evaluating Branching Programs on Encrypted Data , 2007, TCC.

[57]  P. Oscar Boykin,et al.  On universal and fault-tolerant quantum computing: a novel basis and a new constructive proof of universality for Shor's basis , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[58]  Serge Fehr,et al.  The garden-hose model , 2011, ITCS '13.

[59]  Joseph Fitzsimons,et al.  Composable Security of Delegated Quantum Computation , 2013, ASIACRYPT.

[60]  J. Fitzsimons,et al.  Quantum homomorphic encryption from quantum codes , 2015, Physical Review A.

[61]  Min Liang,et al.  Quantum fully homomorphic encryption scheme based on universal quantum circuit , 2014, Quantum Inf. Process..

[62]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[63]  R. Feynman Simulating physics with computers , 1999 .

[64]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[65]  Harry Buhrman,et al.  Quantum Computing and Communication Complexity , 2001, Bull. EATCS.

[66]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[67]  Hartmut Klauck,et al.  New Bounds for the Garden-Hose Model , 2014, FSTTCS.

[68]  D. Gottesman Theory of fault-tolerant quantum computation , 1997, quant-ph/9702029.

[69]  Yael Tauman Kalai,et al.  Reusable garbled circuits and succinct functional encryption , 2013, STOC '13.

[70]  Min Liang Symmetric quantum fully homomorphic encryption with perfect security , 2013, Quantum Inf. Process..

[71]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[72]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[73]  Lin Chen,et al.  A quantum approach to homomorphic encryption , 2014, Scientific Reports.

[74]  Charles Herder BLIND QUANTUM COMPUTATION , 2012 .

[75]  Lin Chen,et al.  A quantum approach to fully homomorphic encryption , 2014, ArXiv.

[76]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.