Composable security of delegated quantum computation
Abstract
Delegating difficult computations to remote large computation facilities, with appropriate security guarantees, is a possible solution for the ever-growing needs of personal computing power. For delegated computation protocols to be usable in a larger context---or simply to securely run two protocols in parallel---the security definitions need to be composable. Here, we define composable security for delegated quantum computation. We distinguish between protocols which provide only blindness---the computation is hidden from the server---and those that are also verifiable---the client can check that it has received the correct result. We show that the composable security definition capturing both these notions can be reduced to a combination of several distinct "trace-distance-type" criteria---which are, individually, non-composable security definitions. Additionally, we study the security of some known delegated quantum computation protocols, including Broadbent, Fitzsimons and Kashefi's Universal Blind Quantum Computation protocol. Even though these protocols were originally proposed with insufficient security criteria, they turn out to still be secure given the stronger composable definitions.
Keywords
Cite
@article{arxiv.1301.3662,
title = {Composable security of delegated quantum computation},
author = {Vedran Dunjko and Joseph F. Fitzsimons and Christopher Portmann and Renato Renner},
journal= {arXiv preprint arXiv:1301.3662},
year = {2015}
}
Comments
37+9 pages, 13 figures. v3: minor changes, new references. v2: extended the reduction between composable and local security to include entangled inputs, substantially rewritten the introduction to the Abstract Cryptography (AC) framework