Quantum homomorphic encryption for circuits of low $T$-gate complexity (1412.8766v2)

Abstract: Fully homomorphic encryption is an encryption method with the property that any computation on the plaintext can be performed by a party having access to the ciphertext only. Here, we formally define and give schemes for quantum homomorphic encryption, which is the encryption of quantum information such that quantum computations can be performed given the ciphertext only. Our schemes allows for arbitrary Clifford group gates, but become inefficient for circuits with large complexity, measured in terms of the non-Clifford portion of the circuit (we use the "$\pi/8$" non-Clifford group gate, which is also known as the $T$-gate). More specifically, two schemes are proposed: the first scheme has a decryption procedure whose complexity scales with the square of the number of $T$-gates (compared with a trivial scheme in which the complexity scales with the total number of gates); the second scheme uses a quantum evaluation key of length given by a polynomial of degree exponential in the circuit's $T$-gate depth, yielding a homomorphic scheme for quantum circuits with constant $T$-depth. Both schemes build on a classical fully homomorphic encryption scheme. A further contribution of ours is to formally define the security of encryption schemes for quantum messages: we define quantum indistinguishability under chosen plaintext attacks in both the public and private-key settings. In this context, we show the equivalence of several definitions. Our schemes are the first of their kind that are secure under modern cryptographic definitions, and can be seen as a quantum analogue of classical results establishing homomorphic encryption for circuits with a limited number of multiplication gates. Historically, such results appeared as precursors to the breakthrough result establishing classical fully homomorphic encryption.

• The paper introduces two novel QHE schemes that enable computation on encrypted quantum data with a limited number of non-Clifford (T) gates.
• The first scheme scales decryption complexity quadratically with the T-gate count, while the second employs a polynomial-length evaluation key for constant T-depth circuits.
• Both schemes adapt classical FHE techniques to update quantum one-time pad keys, paving the way for secure cloud-based quantum computing.

Insights into Quantum Homomorphic Encryption for Circuits with Low $$-Gate Complexity The paper "Quantum Homomorphic Encryption for Circuits of Low$$-Gate Complexity" addresses the challenge of performing computations on encrypted quantum data, a concept fundamental to both quantum computing and quantum cryptography. The paper's primary aim is to extend the security and utility of fully homomorphic encryption (FHE) into the quantum domain, focusing on circuits characterized by a small number of non-Clifford gates, particularly the $-gate. ### Overview of Contributions The authors propose two quantum homomorphic encryption (QHE) schemes that enable the evaluation of quantum circuits directly on encrypted data. These schemes build upon the premise of classical FHE, leveraging it to construct comparable capabilities for quantum circuits under certain constraints. 1. **First Scheme**: The initial proposal involves a decryption procedure whose complexity scales quadratically with the count of non-Clifford$-gates. This improvement is significant when compared to a trivial overarching scheme where complexity scales with the total number of gates.

1. Second Scheme: The latter proposal offers a system using a quantum evaluation key of polynomial length that increases exponentially with the circuit's $$-gate depth. This configuration allows for homomorphic evaluation in quantum circuits maintaining constant$$-depth, making the scheme applicable for a broader range of practical situations provided that the $$-depth remains small.

In both schemes, the core innovative aspect is their adaptation of classical FHE to update keys affecting quantum one-time pad encryption in a manner synchronized with the quantum operations conducted during evaluation. These schemes, pioneered by the authors, represent the first practical embodiments of quantum homomorphic encryption that comply with contemporary cryptographic security paradigms.

Detailed Findings and Implications

The paper extensively details the mathematical underpinning necessary for achieving QHE, including the formal definitions and cryptographic proofs establishing the security of these schemes under quantum indistinguishability assumptions. This theoretical framework ensures that quantum data, once encrypted, remains secure against adversaries even when subjected to computational attacks leveraging quantum capabilities.

A salient aspect of these findings is the expressed limitation regarding circuits with an extensive number of non-Clifford gates. The schemes maintain efficiency primarily in processing Clifford gate circuits, which aligns them with current quantum computing paradigms where the non-Clifford gates dominate resource consumption.

Future Directions in Quantum Computing

The implications of introducing QHE are deep-seated, extending toward practical applications like secure cloud-based quantum computation and broader quantum information processing tasks. However, challenges remain in developing fully scalable QHE systems that are compact and efficient for all circuit types. These schemes, while interim, set the foundation for more extensive research geared towards QHE that scales efficiently with quantum circuit complexity.

In conclusion, this paper is instrumental in advancing QHE, demonstrating initial yet pivotal progress towards secure, efficient quantum computation on encrypted data, a quintessential element for the broad acceptance and application of quantum technologies. As quantum hardware and algorithms evolve, these techniques could underpin secure quantum computation, thus catapulting practical quantum computing into mainstream utility.