Papers
Topics
Authors
Recent
Search
2000 character limit reached

Universal Blind Quantum Computing

Updated 29 March 2026
  • Universal Blind Quantum Computing is a cryptographic paradigm that lets a limited client delegate quantum computations while keeping input, algorithm, and output secret from the server.
  • It employs measurement-based, circuit-based, and hybrid protocols with randomization and cryptographic techniques to ensure blindness, correctness, and verifiability.
  • Recent advances reduce client-side quantum requirements, improve fault tolerance, and facilitate scalable, secure delegated quantum computing over long distances.

Universal Blind Quantum Computing (UBQC) is a cryptographic paradigm that enables a resource-limited client to delegate arbitrary quantum computations to a remote, potentially untrusted quantum server, in such a way that the input, the output, and the nature of the computation remain hidden from the server. UBQC encompasses protocols in the measurement-based, circuit, and hybrid models, supports both information-theoretic and computational security assumptions, and has driven foundational advances in quantum cryptography, secure cloud quantum computing, and protocols for post-quantum delegation.

1. Core Principles and Security Definitions

The defining property of UBQC is blindness, the requirement that a server (Bob), when interacting with a client (Alice), cannot learn any information about Alice’s quantum input, her chosen algorithm, or the output, beyond publicly known parameters such as the computation’s size. In information-theoretic protocols—such as the original measurement-based UBQC of Broadbent, Fitzsimons, and Kashefi (BFK)—blindness is statistical: regardless of Bob's quantum capabilities or adversarial behavior, the protocol's transcript is independent of Alice’s secret data (Kashefi et al., 2016, Tran et al., 2018). In computational UBQC, e.g. with classical clients, blindness holds under cryptographic assumptions, typically Learning With Errors (LWE) or quantum random oracles (Cojocaru et al., 2018, Zhang, 2020).

UBQC protocols further demand correctness: when both client and server are honest, the (possibly classical) output Alice receives is exactly that of applying her intended quantum circuit to her input. Some UBQC constructions augment blindness with verifiability—the ability for Alice to detect server deviation via embedded trap or decoy states (Zhang et al., 2018, Sano, 2020, Kashefi et al., 2016).

2. Protocol Architectures: Measurement-Based, Circuit-Based, and Hybrid

2.1 Measurement-Based UBQC

Measurement-based UBQC protocols, epitomized by BFK’s brickwork graph construction, use a classical client that prepares and sends single-qubit states of the form ∣+θ⟩=(∣0⟩+eiθ∣1⟩)/2\ket{+_\theta} = (|0\rangle + e^{i\theta}|1\rangle)/\sqrt{2} with θ\theta a secret random angle (typically θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}) (Kashefi et al., 2016, Čepaitė, 2022, Lee et al., 12 Mar 2025). The server entangles these into a universal cluster state. Alice interacts classically to specify masked measurement angles δ=ϕ′+θ+πr\delta = \phi' + \theta + \pi r, where ϕ′\phi' is the protocol-specific MBQC angle, rr is a secret bit, and the randomization enforces blindness. Bob measures each qubit as instructed, returns measurement outcomes, and Alice corrects results using her secret randomness.

2.2 Circuit-Based UBQC

Circuit-based UBQC replaces the MBQC layer by Pauli one-time-pad encrypted circuit execution. Alice encrypts her data qubits with XaZbX^a Z^b (with secret key bits a,ba, b) and Bob applies gates, returning encrypted results (Sano, 2020). Non-Clifford gate application requires interactive protocols such as magic-state gate teleportation or recursive rotation-gate schemes (Joshi et al., 17 Dec 2025). Security follows by the indistinguishability of the encrypted qubit states and by updating the Pauli key alongside the circuit operations using known commutation rules.

2.3 Hybrid and Alternative Models

Hybrid UBQC protocols combine circuit- and measurement-based elements, leveraging measurement-based entangling gates for deterministic CNOT implementations and circuit-based single-qubit rotations (Zhang et al., 2018). Ancilla-driven UBQC is another model where the server operates on data-qubit registers using a sequence of interactions and measurements mediated by a "flying" ancilla. These models maintain blindness via randomized initial ancilla states and concealment of measurement instructions (Sueki et al., 2012).

Other paradigms include central spin Hamiltonian UBQC, where a client controls the global bath evolution by manipulating just one spin (Tran et al., 2018), and Yao-inspired, garbled quantum computation UBQC, achieving two-party and non-interactive secure quantum computations (Kashefi et al., 2016).

3. Minimal Client Quantum Capabilities and Extensions to Classical Clients

The standard measurement-based UBQC requires Alice can prepare single-qubit states ∣+θ⟩\ket{+_\theta}. Significant progress has reduced client-side quantum requirements:

  • Two-state protocols: UBQC can be securely realized if Alice’s device prepares only two fixed, non-orthogonal qubit states (with arbitrarily high overlap). By a remote state preparation (RSP) protocol embedded in the initial phase, the full measurement-based UBQC resource is rebuilt, at the cost of blow-up in quantum communication and protocol rounds (Dunjko et al., 2016). The blindness and correctness errors are exponentially small in the number of two-state rounds.
  • Remote blind state preparation: When high-fidelity qubit sources are unavailable, clients can drive remote preparation of ∣+θ⟩\ket{+_\theta} in Bob’s lab via weak coherent pulses and server-side quantum non-demolition (QND) measurements, robust to channel loss. With θ\theta0 scaling (original protocol) and further θ\theta1 with decoy state methods, UBQC can be implemented over long distances, with error scaling controlled by suitably chosen protocol parameters (Dunjko et al., 2011, Jiang et al., 2019, Xu et al., 2015).
  • Classical-client UBQC: Computationally secure UBQC may be realized with purely classical clients, based on pseudo-secret random qubit generation using LWE-based trapdoor one-way functions (QFactory/PSRQG), supporting game-based or universally composable security in the Quantum Random Oracle Model (Cojocaru et al., 2018, Zhang, 2020). The client instructs the server to prepare qubits whose classical description is hidden but known to the client, enabling classical→quantum delegation.

4. Resource Efficiency and Communication Complexity

The qubit and classical communication complexity of UBQC is dictated by the protocol architecture and the client’s quantum capabilities. In standard UBQC, hiding θ\theta2 single-parameter gates with separable qubit preparations (one per gate) requires θ\theta3 qubits sent (Mantri et al., 2013). Generalizing to clients that prepare entangled θ\theta4-qubit blocks, the quantum cost drops asymptotically to θ\theta5 for θ\theta6. For circuit models, recursive encodings of parametric single-qubit rotations allow θ\theta7 rounds for θ\theta8 parametric and θ\theta9 non-parametric gates, substantially improving efficiency for variational and NISQ applications (Joshi et al., 17 Dec 2025).

Loss-tolerant UBQC enabled by decoy-state remote preparation requires θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}0 weak coherent pulses for θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}1 qubits and target error θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}2 over channel transmittance θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}3 (Xu et al., 2015, Jiang et al., 2019). Field demonstrations generated θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}4 blind qubits over θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}5 with θ∈{0,π/4,...,7π/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}6 fidelity.

5. Fault Tolerance and Practical Implementations

Implementing UBQC in realistic settings requires resilience to operational errors and side-channels:

  • Fault-tolerant layer: Logical codewords (e.g., Steane [[7,1,3]] code) may be prepared and used as UBQC resource qubits. This can multiply client computational overhead by θ∈{0,Ï€/4,...,7Ï€/4}\theta \in \{0, \pi/4, ..., 7\pi/4\}7 in gate counts, but is essential for deep circuits (Chien et al., 2013).
  • Teleportation-based fault tolerance ("Buffer Shuffle Alice"): The server prepares encoded logical qubits, and the client (as a buffer) randomly selects and relays these without operation, suppressing side-channel attacks at the client and transferring overhead to the server (Chien et al., 2013).
  • Trap-based verifiability: Randomly embedded trap qubits and decoy rounds, indistinguishable to the server, enforce verifiability—with the server detected in any deviation except with exponentially small probability in the number of traps (Zhang et al., 2018, Sano, 2020, Kashefi et al., 2016).
  • Simulation and NISQ implementations: UBQC protocols have been implemented and simulated on existing hardware, using MBQC patterns compiled to gate circuits; classical feed-forward can be replaced by classical post-processing in deferred measurement variants (ÄŒepaitÄ—, 2022, Lee et al., 12 Mar 2025). Fidelity is heavily impacted by physical noise, but blindness persists even at high error rates.

6. Extensions: Server Configurations, Interaction Models, and Classical Authorities

The security, quantum communication complexity, and client requirements of UBQC depend on the deployment scenario:

  • Single-server with an almost-classical or classical client: If a small trusted center distributes entangled pairs to clients, or performs pre-measurement and swapping, a fully classical client can participate in UBQC with a single quantum server (Xu et al., 2014). This construction provides unconditional blindness with overhead scaling by a constant and minimal modification to the original protocol.
  • Non-interactive or succinct protocols: By leveraging pre-established gadgets or one-time memories, UBQC can be realized with no online quantum or even classical interaction, supporting one-time quantum programs and succinct (circuit-size-independent) quantum costs for the client under QROM assumptions (Zhang, 2020, Kashefi et al., 2016).
  • Hybrid and "cloud + CA" models: Trusted entities may be used for certification and distribution of quantum states or trapdoors, further reducing the client-side requirements and supporting scalable quantum cloud architectures (Xu et al., 2014).

7. Impact and Open Problems

Universal Blind Quantum Computing is central to quantum cryptography and the architecture of secure delegated quantum computation. Key theoretical advances resolve optimality of quantum resources (Mantri et al., 2013), composable security (Dunjko et al., 2016), and minimal client assumptions (Dunjko et al., 2011, Cojocaru et al., 2018). Experimental progress marks feasibility over metropolitan distances (Jiang et al., 2019), and protocol refinements enable efficient NISQ-era deployment (Joshi et al., 17 Dec 2025). Open challenges include further reducing the client quantum requirements, closing the gap between information-theoretic and computational security for classical clients, generalizing verifiability in post-quantum settings, and scalable implementation in noisy intermediate-scale quantum hardware.

Topic to Video (Beta)

No one has generated a video about this topic yet.

Whiteboard

No one has generated a whiteboard explanation for this topic yet.

Follow Topic

Get notified by email when new papers are published related to Universal Blind Quantum Computing (UBQC).