Quantum-enhanced HE Resource Allocation (QuHE)
- Quantum-enhanced Homomorphic Encryption (QuHE) is a resource-allocation framework that jointly optimizes cryptographic quality and system costs in secure mobile edge computing.
- The methodology employs a three-stage alternating optimization that decouples convex, discrete, and pseudoconvex subproblems, addressing NP-hard mixed-integer challenges.
- Empirical evaluations demonstrate that QuHE improves overall performance by 15–30% through effective balancing of QKD utility, HE security, delay, and energy expenditure.
Searching arXiv for the QuHE paper and closely related QHE resource-allocation literature. Attempting arXiv query: "QuHE: Optimizing Utility-Cost in Quantum Key Distribution and Homomorphic Encryption Enabled Secure Edge Computing Networks". Quantum-enhanced Homomorphic Encryption Resource Allocation (QuHE) denotes a resource-allocation framework for secure mobile edge computing (MEC) that jointly combines quantum key distribution (QKD), transciphering, and homomorphic encryption (HE). In the formulation of the original work, QKD distributes symmetric keys, transciphering bridges symmetric encryption, and HE processes encrypted data at the server; the associated optimization balances QKD utility, HE security, processing cost, and wireless transmission cost under a mixed-integer non-linear program described as non-convex and NP-hard (Qian et al., 8 Jul 2025). In this sense, QuHE is an optimization layer over a secure edge-computing stack rather than a standalone quantum homomorphic encryption protocol.
1. System architecture and problem scope
The QuHE framework is organized around four components. A Central Key Center generates QKD keys over a mesh of optical links. Edge Clients indexed by receive symmetric keys via QKD, encrypt data, and upload to a nearby server. A Transciphering Gateway at Server homomorphically transciphers symmetrically encrypted client data into HE ciphertexts. A Mobile Edge Server then performs fully homomorphic evaluation on encrypted data and returns encrypted results (Qian et al., 8 Jul 2025).
The optimization variables span communication, cryptographic, and compute layers. The model includes route-link incidence indicators , entanglement or key-generation rates , link Werner parameters , CKKS polynomial degrees , client uplink powers , bandwidth allocations with , client CPU cycle-rates , and server CPU cycle-rates 0 with 1. The model also tracks encrypted traffic size 2, server-side workload 3, switched-capacitance coefficients 4 and 5, and client-specific security weights 6 (Qian et al., 8 Jul 2025).
A central feature of the framework is that cryptographic quality and system cost are treated as jointly allocable resources. This distinguishes QuHE from work that studies QKD performance, HE parameterization, communication scheduling, or edge-computing delay in isolation. A plausible implication is that QuHE is best understood as a cross-layer design methodology in which cryptographic knobs such as route quality and CKKS polynomial degree are optimized together with radio and compute budgets.
2. Utility, security, and cost functionals
QuHE quantifies QKD performance through an end-to-end Werner parameter on route 7, written as 8, and a secret-key fraction 9 for a Werner state of fidelity 0. The overall QKD utility is defined multiplicatively as
1
with 2 (Qian et al., 8 Jul 2025). Because the utility is a product across routes, low performance on one route can directly suppress the joint objective.
HE security is modeled separately from QKD utility. Let 3 denote the minimal-bit security predicted by an LWE-estimator for polynomial degree 4. Then the weighted sum security is
5
This design gives QuHE an explicit security-allocation mechanism: clients with larger 6 can be driven toward larger 7 when the optimization favors HE hardness (Qian et al., 8 Jul 2025).
Delay and energy are decomposed into encryption, transmission, and server-computation terms. The client-side encryption delay is expressed through CPU cycles required for symmetric or HE key encryption and the allocated client CPU cycle-rate. The uplink rate is
8
from which transmission delay and transmission energy follow as functions of 9 and 0. Server computation delay and energy depend on transciphering and HE evaluation costs, the number of processed tokens or samples, and the assigned server CPU cycle-rate (Qian et al., 8 Jul 2025).
The aggregate latency and energy objectives are
1
These definitions make the delay term bottleneck-driven and the energy term system-wide. This suggests that the optimizer simultaneously controls tail latency and total energy expenditure rather than average per-client delay.
3. Joint optimization and algorithmic decomposition
The joint objective introduces positive weights 2 and maximizes
3
subject to capacity, fidelity, bandwidth, power, computation, and delay constraints (Qian et al., 8 Jul 2025). The paper identifies three sources of hardness: multiplicative terms of the form 4, pseudoconvex transmission ratios involving 5, and discrete choices of 6. Together with cross-client and cross-link coupling, these yield a mixed-integer non-linear program that is explicitly characterized as non-convex and NP-hard (Qian et al., 8 Jul 2025).
QuHE addresses this with a three-stage alternating optimization. Stage 1 optimizes 7. Since 8 is increasing in both 9 and 0, the formulation sets
1
then log-transforms the product objective by introducing 2, producing a convex problem solved with off-the-shelf convex solvers such as CVX (Qian et al., 8 Jul 2025).
Stage 2 optimizes 3. For fixed remaining variables, the latency variable 4 is set by the longest per-client pipeline, i.e., the envelope of 5. The resulting discrete optimization over 6 is handled by branch-and-bound to global optimality (Qian et al., 8 Jul 2025).
Stage 3 optimizes 7. The energy terms are convex quadratics except the transmission-energy factor involving 8, which the paper treats as pseudoconvex. An auxiliary variable 9 is introduced to rewrite the problematic term into a form that yields a jointly concave problem in 0 for fixed 1, after which QuHE alternates between closed-form updates of 2 and solution of the convex subproblem via CVX (Qian et al., 8 Jul 2025).
The resulting iterate structure is a block-coordinate ascent procedure over cryptographic, communication, and compute subblocks. A plausible implication is that QuHE inherits the interpretability of modular resource-allocation pipelines while preserving strong coupling across layers through the outer loop.
4. Computational complexity and theoretical guarantees
The computational burden of QuHE is decomposed stage-wise. Stage 1 solves a convex program in 3 variables and 4 constraints with complexity
5
Stage 2 has branch-and-bound worst-case complexity 6 when each client chooses from 7 discrete CKKS parameter options. Stage 3 solves a convex subproblem in approximately 8 variables with per-inner-loop complexity
9
multiplied by a small number of alternating updates. Over 0 outer iterations, the total complexity is
1
The paper states two formal guarantees. Theorem 1 (Stationarity) asserts: “Under mild regularity, every limit point of the QuHE iterate sequence is a stationary solution of the original mixed-integer program.” Proposition 2 (Global opt. in subblocks) asserts: “Stages 1 and 2 produce the global optimum over their blocks; Stage 3 obtains a global optimum due to pseudoconvexity of the transformed problem” (Qian et al., 8 Jul 2025).
The convergence proof sketch invokes standard block-coordinate ascent arguments and specifically cites Chen et al. 2012, SIAM Journal on Optimization. Within the internal logic of the framework, the theoretical role of the three-stage split is therefore not merely heuristic: it is the mechanism used to recover stationarity for the full mixed discrete-continuous objective while retaining global optimality on two blocks and transformed global optimality on the third.
5. Empirical evaluation and observed operating regimes
The simulation environment uses the SURFnet backbone with 2 links and 3 routes, specifically Hilversum to destinations including Delft and Zwolle. The CKKS parameter set is 4. Client and server compute budgets are set to 5 and 6, while bandwidth and power budgets are 7 and 8. Traffic sizes are fixed at 9 bits and 0 tokens. The channel model uses path-loss 1 with Rayleigh small-scale fading, and the objective weights are 2 (Qian et al., 8 Jul 2025).
Three baselines are used. AA (Average Allocation) fixes the minimum 3 and equalizes 4. OLAA optimizes only 5 through Stage 2 while averaging the remaining variables. OCCR optimizes only 6 through Stage 3 while fixing 7 (Qian et al., 8 Jul 2025). The evaluated metrics are objective value, total energy 8, delay 9, and security 0.
The reported outcomes are specific. QuHE converges within approximately 1 outer iterations, and the Stage 3 duality gap is at most 2. Over 3 random starts, 4 of runs reach within 5 of the global best and 6 within 7. For the Stage 1 subproblem, the convex log-method matches the gradient-descent optimum in 8 versus 9 for gradient descent and 0 for simulated annealing. In the full-system comparison, QuHE improves the joint objective over AA, OLAA, and OCCR by 1–2 (Qian et al., 8 Jul 2025).
The sensitivity analysis attributes distinct gains to different resource regimes. Increasing 3 yields diminishing returns in AA and OLAA but is more fully exploited by QuHE. Increasing 4 benefits QuHE and OCCR strongly, whereas AA and OLAA saturate early. Larger 5 or 6 improves QuHE steadily, with corresponding QoS and security gains (Qian et al., 8 Jul 2025). The design guidance derived in the paper is explicit: if 7, security is prioritized over cost; in bandwidth-scarce regimes, higher 8 should be preferred over more 9; and in power-rich but compute-poor regimes, raising 00 first reduces delay (Qian et al., 8 Jul 2025).
6. Position within homomorphic-encryption and QHE resource literature
QuHE belongs to a broader literature in which homomorphic evaluation is feasible only under carefully profiled resource budgets, but its immediate cryptographic substrate is classical HE integrated with QKD-enabled key distribution rather than quantum homomorphic evaluation of quantum states. This suggests that the “quantum-enhanced” qualifier refers to the QKD layer and the secure-network architecture, not to a universal QHE evaluator in the sense used in delegated quantum-computation protocols.
The contrast becomes clearer against quantum homomorphic encryption results. Broadbent and Jeffery’s EPR-based QHE scheme has decryption complexity approximately 01 in the number of 02 gates, whereas the AUX-based construction restores compactness for fixed 03-depth at the price of an evaluation key of size 04, exponential in 05-depth (Broadbent et al., 2014). Liang-style perfectly secure non-interactive QHE, when instantiated on the 06 Bernstein–Vazirani construction with linear 07-count 08, achieves quasi-compactness 09 with client decryption cost linear in the number 10 of 11 gates and total quantum-communication bandwidth 12 (Fernández et al., 2023). Rebit-based and interactive QHE schemes for polynomial-sized circuits exhibit further privacy-resource trade-offs: Scheme 1 and Scheme 2 scale as 13 for restricted circuit families, while universal interactive Clifford+14 evaluation scales as 15 in entanglement and classical communication, with verification adding 16 overhead (Yu, 2018). Distributed universal QHE based on 17-threshold quantum state sharing replaces pre-shared entanglement with sequential multi-server cooperation, but classical key storage grows as 18 and total classical rounds are 19 (Zhang et al., 26 Feb 2025).
| Work | Dominant resource driver | Structural trade-off |
|---|---|---|
| QuHE | Joint optimization over 20 | Balances QKD utility, HE security, delay, and energy (Qian et al., 8 Jul 2025) |
| EPR/AUX QHE | 21-count or 22-depth | 23 decryption versus exponential eval-key growth in depth (Broadbent et al., 2014) |
| Liang-style QHE on BV | 24 of 25 gates | Perfect security and zero Eval interaction with decryption 26 (Fernández et al., 2023) |
| Polynomial-sized QHE variants | Circuit family, 27, 28, 29 | Perfect privacy for restricted families or interactive universality with higher cost (Yu, 2018) |
| 30-threshold QHE | Threshold 31 and server pool size 32 | Collusion resistance versus rounds and classical-storage blowup (Zhang et al., 26 Feb 2025) |
A common misconception is to treat all “HE with quantum ingredients” systems as instances of QHE. The literature does not support that equivalence. QuHE optimizes a networked system in which HE is classical and the quantum component is the QKD key-distribution substrate (Qian et al., 8 Jul 2025), whereas the QHE papers address encrypted quantum data, delegated quantum computation, and resource scaling in the presence of Clifford and non-Clifford gates [(Broadbent et al., 2014); (Fernández et al., 2023); (Yu, 2018); (Zhang et al., 26 Feb 2025)]. The shared theme is resource allocation under cryptographic constraints, but the operational objects being encrypted and evaluated differ fundamentally.