Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash 91 TPS
Gemini 2.5 Pro 55 TPS Pro
GPT-5 Medium 40 TPS
GPT-5 High 40 TPS Pro
GPT-4o 94 TPS
GPT OSS 120B 477 TPS Pro
Kimi K2 231 TPS Pro
2000 character limit reached

STIQ: Safeguarding Training and Inferencing of Quantum Neural Networks from Untrusted Cloud (2405.18746v2)

Published 29 May 2024 in quant-ph and cs.LG

Abstract: The high expenses imposed by current quantum cloud providers, coupled with the escalating need for quantum resources, may incentivize the emergence of cheaper cloud-based quantum services from potentially untrusted providers. Deploying or hosting quantum models, such as Quantum Neural Networks (QNNs), on these untrusted platforms introduces a myriad of security concerns, with the most critical one being model theft. This vulnerability stems from the cloud provider's full access to these circuits during training and/or inference. In this work, we introduce STIQ, a novel ensemble-based strategy designed to safeguard QNNs against such cloud-based adversaries. Our method innovatively trains two distinct QNNs concurrently, hosting them on same or different platforms, in a manner that each network yields obfuscated outputs rendering the individual QNNs ineffective for adversaries operating within cloud environments. However, when these outputs are combined locally (using an aggregate function), they reveal the correct result. Through extensive experiments across various QNNs and datasets, our technique has proven to effectively masks the accuracy and losses of the individually hosted models by upto $76\%$, albeit at the expense of $\leq 2\times$ increase in the total computational overhead. This trade-off, however, is a small price to pay for the enhanced security and integrity of QNNs in a cloud-based environment prone to untrusted adversaries. We also demonstrated STIQ's practical application by evaluating it on multiple real quantum hardwares, showing that STIQ achieves up to $\approx 70\%$ obfuscation, with combined performance similar to an unobfuscated model.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (32)
  1. Atom Computing. Quantum startup atom computing first to exceed 1,000 qubits. Press Release. Accessed: Oct, 28, 2023.
  2. Jay Gambetta. The hardware and software for the era of quantum utility is here, 2023.
  3. Evidence for the utility of quantum computing before fault tolerance. Nature, 618(7965):500–505, 2023.
  4. Quantum support vector machine for big data classification. Physical review letters, 113(13):130503, 2014.
  5. Quantum generative adversarial networks. Physical Review A, 98(1):012324, 2018.
  6. Quantum convolutional neural networks. Nature Physics, 15(12):1273–1278, 2019.
  7. The quest for a quantum neural network. Quantum Information Processing, 13:2567–2586, 2014.
  8. Amira Abbas et al. The power of quantum neural networks. Nature Computational Science, 1(6):403–409, 2021.
  9. A quantum approximate optimization algorithm. arXiv preprint arXiv:1411.4028, 2014.
  10. Hardware-efficient variational quantum eigensolver for small molecules and quantum magnets. nature, 549(7671):242–246, 2017.
  11. Classification with quantum neural networks on near term processors. arXiv preprint arXiv:1802.06002, 2018.
  12. Approximate amplitude encoding in shallow parameterized quantum circuits and its application to financial market indicators. Physical Review Research, 4(2):023136, 2022.
  13. Quantum machine learning for material synthesis and hardware security. In Proceedings of the 41st IEEE/ACM International Conference on Computer-Aided Design, pages 1–7, 2022.
  14. Security aspects of quantum machine learning: Opportunities, threats and defenses. In Proceedings of the Great Lakes Symposium on VLSI 2022, pages 463–468, 2022.
  15. Split compilation for security of quantum circuits. In 2021 IEEE/ACM International Conference On Computer Aided Design (ICCAD), pages 1–7. IEEE, 2021.
  16. Short paper: A quantum circuit obfuscation methodology for security and privacy. In Proceedings of the 10th International Workshop on Hardware and Architectural Support for Security and Privacy, pages 1–5, 2021.
  17. Robust and secure hybrid quantum-classical computation on untrusted cloud-based quantum hardware. In Proceedings of the 11th International Workshop on Hardware and Architectural Support for Security and Privacy, pages 45–52, 2022.
  18. Quantum homomorphic encryption for polynomial-sized circuits. In Advances in Cryptology–CRYPTO 2016: 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2016, Proceedings, Part III 36, pages 3–32. Springer, 2016.
  19. Quantum computing on encrypted data. Nature communications, 5(1):3074, 2014.
  20. Universal blind quantum computation. In 2009 50th annual IEEE symposium on foundations of computer science, pages 517–526. IEEE, 2009.
  21. Demonstration of blind quantum computing. science, 335(6066):303–308, 2012.
  22. Toward privacy in quantum program execution on untrusted quantum cloud computing machines for business-sensitive quantum needs. arXiv preprint arXiv:2307.16799, 2023.
  23. Limitations on information-theoretically-secure quantum homomorphic encryption. Physical Review A, 90(5):050303, 2014.
  24. Optimal blind quantum computation. Physical review letters, 111(23):230502, 2013.
  25. Evaluating efficacy of model stealing attacks and defenses on quantum neural networks. arXiv preprint arXiv:2402.11687, 2024.
  26. Ville Bergholm et al. Pennylane: Automatic differentiation of hybrid quantum-classical computations. arXiv preprint arXiv:1811.04968, 2018.
  27. Sukin Sim et al. Expressibility and entangling capability of parameterized quantum circuits for hybrid quantum-classical algorithms. Advanced Quantum Technologies, 2019.
  28. Qoc: quantum on-chip training with parameter shift and gradient pruning. In Proceedings of the 59th ACM/IEEE Design Automation Conference, pages 655–660, 2022.
  29. Quantumleak: Stealing quantum neural networks from cloud-based nisq machines. arXiv preprint arXiv:2403.10790, 2024.
  30. Mahabubul Alam et al. Quantum-classical hybrid machine learning for image classification (iccad special session paper). In 2021 IEEE/ACM International Conference On Computer Aided Design (ICCAD), pages 1–7. IEEE, 2021.
  31. Quantum ensembles of quantum classifiers. Scientific reports, 8(1):2772, 2018.
  32. Quilt: Effective multi-class classification on quantum computers using an ensemble of diverse quantum classifiers. In Proceedings of the AAAI Conference on Artificial Intelligence, volume 36, pages 8324–8332, 2022.
Citations (2)
View on Semantic Scholar
List To Do Tasks Checklist Streamline Icon: https://streamlinehq.com

Collections

Sign up for free to add this paper to one or more collections.

User Circle Single Streamline Icon: https://streamlinehq.com Sign Up

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now
Dice Question Streamline Icon: https://streamlinehq.com

Follow-up Questions

We haven't generated follow-up questions for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Generate Now
X Twitter Logo Streamline Icon: https://streamlinehq.com

Tweets