English

Non-interactive classical verification of quantum computation

Quantum Physics 2022-02-14 v2 Computational Complexity Cryptography and Security

Abstract

In a recent breakthrough, Mahadev constructed an interactive protocol that enables a purely classical party to delegate any quantum computation to an untrusted quantum prover. In this work, we show that this same task can in fact be performed non-interactively and in zero-knowledge. Our protocols result from a sequence of significant improvements to the original four-message protocol of Mahadev. We begin by making the first message instance-independent and moving it to an offline setup phase. We then establish a parallel repetition theorem for the resulting three-message protocol, with an asymptotically optimal rate. This, in turn, enables an application of the Fiat-Shamir heuristic, eliminating the second message and giving a non-interactive protocol. Finally, we employ classical non-interactive zero-knowledge (NIZK) arguments and classical fully homomorphic encryption (FHE) to give a zero-knowledge variant of this construction. This yields the first purely classical NIZK argument system for QMA, a quantum analogue of NP. We establish the security of our protocols under standard assumptions in quantum-secure cryptography. Specifically, our protocols are secure in the Quantum Random Oracle Model, under the assumption that Learning with Errors is quantumly hard. The NIZK construction also requires circuit-private FHE.

Keywords

Cite

@article{arxiv.1911.08101,
  title  = {Non-interactive classical verification of quantum computation},
  author = {Gorjan Alagic and Andrew M. Childs and Alex B. Grilo and Shih-Han Hung},
  journal= {arXiv preprint arXiv:1911.08101},
  year   = {2022}
}

Comments

37 pages

R2 v1 2026-06-23T12:20:17.027Z