- The paper’s main contribution is a novel protocol that transforms privately verifiable quantum computation into a time-delayed publicly verifiable scheme using post-quantum time-lock puzzles and commitment schemes.
- The protocol leverages established cryptographic primitives such as LWE and SIS to ensure efficient, non-interactive delegation with robust public verification after a prescribed delay.
- Experimental evaluation on AWS Braket with benchmark quantum circuits demonstrates its practical feasibility and potential for accountable quantum cloud computing.
Time-Delayed Publicly Verifiable Quantum Computation for Classical Verifiers
This work addresses the problem of publicly verifiable delegation of quantum computation in the specific setting where a classical client seeks to delegate a quantum circuit to an untrusted, quantum-capable server. The key requirement is that any third party—beyond just the delegator—can efficiently verify the correctness of the result. In the classical regime, such verification is well-understood and can often be realized via SNARGs or related constructs under practical (falsifiable) cryptographic assumptions. In the quantum setting, however, existing approaches for Classical Verification of Quantum Computation (CVQC) either provide only private verifiability or require strong, non-standard cryptographic assumptions such as indistinguishability obfuscation (iO).
This paper relaxes the instant public-verifiability requirement, instead introducing time-delayed public verifiability. That is, verification by arbitrary third parties is only enabled after a time Δ (where Δ> the time required to perform and prove the computation), enforced cryptographically via a time-lock puzzle. Until the expiry of this delay, only private (delegator-based) verification is possible.
The practical motivation for time-delayed public verifiability is articulated through several application domains where auditable, post-hoc third-party validation of quantum computations is crucial: cloud quantum computing, drug discovery, genomics, risk modeling, and financial optimization. These domains demand strong accountability and auditability, which in turn necessitate sound, practical, and efficiently enforceable public verifiability guarantees.
Protocol Overview and Construction
The core protocol transforms an efficient privately verifiable CVQC instance into a publicly verifiable, time-delayed variant through the use of two cryptographic primitives: post-quantum time-lock puzzles and commitment schemes. The approach is to encapsulate the secret verification key within a time-lock puzzle, the solution of which cannot be feasibly extracted before a prescribed time Δ has elapsed.
The protocol proceeds as follows:
- Setup: The client (delegator) generates the public parameters and secret key for a two-round, privately verifiable CVQC protocol (e.g., Mahadev protocol derivatives). The secret key is committed and encapsulated as the plaintext of a time-lock puzzle, and both the puzzle and the commitment are published as part of a structured common reference string (CRS).
- Delegation and Proving: The quantum server computes the circuit on the provided input and generates a classical proof per the underlying CVQC, timestamped via an external public service to capture when the proof was produced. The server may begin working on the time-lock puzzle in parallel.
- Reveal: After time Δ (which exceeds the computation/proving time), the server (or any party) can solve the time-lock puzzle, extract the secret key, and publish it alongside the randomness opening the original commitment.
- Public Verification: Any third party can check the computation-proof pair and the published solution by: (a) confirming the timestamp τ<Δ, (b) verifying the opening of the commitment, and (c) using the extracted secret key to verify the proof under the base CVQC protocol.
Critically, the security of the construction relies only on post-quantum hard assumptions: the Learning With Errors (LWE) assumption (or related lattice hardness) for both the CVQC and the time-lock puzzle, and the Short Integer Solutions (SIS) problem for the commitment scheme. The required properties (completeness, computational binding/hiding, post-quantum TLP security) are achieved under these assumptions, proven in the quantum random oracle model (QROM) with a non-reusable CRS.
Figure 1: A simplified diagram illustrating the high-level structure of the post-quantum PV-CVQC protocol using time-lock puzzles and commitments.
Figure 2: Outline of the post-quantum PV-CVQC protocol. The time to compute the delegated circuit is denoted by T. Thus the time to solve the puzzle should be set to some parameter Δ>T1+ϵ.
Security and Efficiency Analysis
The scheme’s security proof adopts a sequence of game-based hybrids, culminating in indistinguishability reductions to the underlying cryptographic primitives. Computational soundness (i.e., infeasibility for the prover to create a convincing proof for a false statement) is ensured as long as:
- The prover cannot solve the time-lock puzzle before the public release time, precluding adaptive key exposure strategies.
- The binding property of the commitment prevents equivocation of the verification key upon reveal.
- The underlying CVQC protocol is sound in the presence of a classical adversary.
Efficiency is evaluated in terms of both the computational complexity and the communication footprint. Verification, once the verification key is released, proceeds essentially as in the privately verifiable scheme, with the primary overhead being the one-time solution of the time-lock puzzle and verification of the binding commitment. These steps are efficiently realizable with standard lattice-based post-quantum parameters. The protocol achieves non-interactivity (with setup) and is generic over the choice of post-quantum TLP and commitment primitives.
Experimental Evaluation
A prototype implementation was instantiated on AWS Braket, leveraging the SV1 quantum simulator and integrating proof-of-concept TLPs based on recent practical proposals (reusable garbling and hash-based sequential functions for time delay, e.g., SHA-256 as the underlying sequential work function). The authors benchmarked random quantum circuits (5–15 qubits, depths up to 300) and enhanced hybrid HHL circuits commonly employed in quantum finance.
Concrete results show that, for example, delegating a 16×16 HHL instance incurs a quantum circuit computation time of 90 seconds, with the corresponding time-lock puzzle generation requiring only 0.05 ms on the client. Solving the puzzle is the dominant post-processing step but is tuned by the client to guarantee it cannot be solved before the quantum computation completes. The running cost of setup and puzzle-generation amortizes well over multiple delegations. Fidelity assessments (in the HHL evaluation) observe expected degradation with increasing problem size, consistent with the depth-induced noise inherent in quantum simulation.
Implications and Future Outlook
Practically, this protocol removes the dependence on non-falsifiable or non-standard cryptographic primitives (e.g., iO or classical circuit obfuscation), restricting assumptions to the post-quantum LWE and related lattice problems. By doing so, it advances the feasibility of robust, auditable quantum cloud computing services in which classical clients can confidently outsource computation while retaining strong post-quantum security for public verification.
Theoretically, the main contribution is a generic compiler that “lifts” any privately verifiable (possibly interactive) delegation protocol to one with time-delayed public verifiability, provided that suitable post-quantum time-lock puzzles exist. This bridges a substantial gap in the post-quantum verifiable computation literature.
However, notable limitations remain. The protocol leaks the CRS upon first use (it is not reusable across delegations) and incurs unavoidable delays before verification is possible. Fully non-time-based public verifiability under only standard assumptions, as well as reusable (universal) CRS construction, remain open challenges. Further research may extend this approach to more flexible delegation settings (multiple statements, adaptive delegation, or malicious verifiers), as well as integrating post-quantum secure VDFs for more robust delay enforcement in adversarial time synchronization models.
Conclusion
This paper presents the first practical, non-interactive, time-delayed publicly verifiable delegation protocol for quantum computation with a classical verifier under falsifiable post-quantum assumptions (2604.23516). The construction’s practicality and security are validated via concrete empirical results and formal reduction-based proofs. This work represents a significant step toward accountable, auditable, and deployable quantum cloud computation, with clear application value and several meaningful theoretical directions for future research.