Skip to main content
SpringerLink
Log in

On the Round Complexity of Secure Quantum Computation

  • Conference paper
  • First Online:
Advances in Cryptology – CRYPTO 2021 (CRYPTO 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12825))

Included in the following conference series:

Abstract

We construct the first constant-round protocols for secure quantum computation in the two-party (2PQC) and multi-party (MPQC) settings with security against malicious adversaries. Our protocols are in the common random string (CRS) model.

  • Assuming two-message oblivious transfer (OT), we obtain (i) three-message 2PQC, and (ii) five-round MPQC with only three rounds of online (input-dependent) communication; such OT is known from quantum-hard Learning with Errors (QLWE).

  • Assuming sub-exponential hardness of QLWE, we obtain (i) three-round 2PQC with two online rounds and (ii) four-round MPQC with two online rounds.

  • When only one (out of two) parties receives output, we achieve minimal interaction (two messages) from two-message OT; classically, such protocols are known as non-interactive secure computation (NISC), and our result constitutes the first maliciously-secure quantum NISC. Additionally assuming reusable malicious designated-verifier NIZK arguments for \(\mathsf {NP}\) (MDV-NIZKs), we give the first MDV-NIZK for \(\mathsf {QMA}\) that only requires one copy of the quantum witness.

Finally, we perform a preliminary investigation into two-round secure quantum computation where each party must obtain output. On the negative side, we identify a broad class of simulation strategies that suffice for classical two-round secure computation that are unlikely to work in the quantum setting. Next, as a proof-of-concept, we show that two-round secure quantum computation exists with respect to a quantum oracle.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    We point out that the post-quantum MPC protocol of [1] can be used to generate a CRS in constant rounds. This, combined with our results, yields the first constant round multi-party quantum computation protocols without trusted setup in the standard model.

  2. 2.

    We remark that a k-online round protocol can also be viewed as a k-round protocol in a quantum pre-processing model, i.e. a model where parties receive some quantum correlations as setup.

  3. 3.

    The results below are in the setting of security with abort, as opposed to security with unanimous abort (which is only a distinction in the multi-party setting). If one wants security with unanimous abort, the overall round complexity will not change, but one more round of online communication will be required.

  4. 4.

    We remark that the 2PQC proposed in [15] is based on their “main” quantum garbled circuit construction, which crucially does not have a classical circuit garbling procedure. The advantage of their main construction is that garbling can be done in low depth, whereas the alternative construction requires an expensive but classical garbling procedure.

  5. 5.

    [15] call this group-randomizing quantum randomized encoding.

  6. 6.

    The existence of such a Clifford would imply that Clifford + Measurement circuits without magic states are universal for quantum computing, contradicting the Gottesman-Knill theorem (assuming \(\mathsf {BPP} \ne \mathsf {BQP}\)).

  7. 7.

    We only require leveled \(\mathsf {QMFHE}\), which can be based solely on the QLWE assumption. Unleveled \(\mathsf {QMFHE}\) requires an additional circularity security assumption.

  8. 8.

    Each party will use a NIZK proof of knowledge to prove that their first message is well-formed, using their input and randomness as witness. Then, a simulator programming the CRS may extract either party’s input.

References

  1. Agarwal, A., Bartusek, J., Goyal, V., Khurana, D., Malavolta, G.: Post-quantum multi-party computation. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12696, pp. 435–464. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77870-5_16

    Chapter  Google Scholar 

  2. Alagic, G., Brakerski, Z., Dulek, Y., Schaffner, C.: Impossibility of quantum virtual black-box obfuscation of classical circuits. arXiv preprint arXiv:2005.06432 (2020)

  3. Alagic, G., Fefferman, B.: On quantum obfuscation. ArXiv abs/1602.01771 (2016)

    Google Scholar 

  4. Alon, B., Chung, H., Chung, K.M., Huang, M.Y., Lee, Y., Shen, Y.C.: Round efficient secure multiparty quantum computation with identifiable abort. Cryptology ePrint Archive, Report 2020/1464 (2020). https://eprint.iacr.org/2020/1464

  5. Ananth, P., Choudhuri, A.R., Jain, A.: A new approach to round-optimal secure multiparty computation. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 468–499. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_16

    Chapter  Google Scholar 

  6. Ananth, P., La Placa, R.L.: Secure software leasing. arXiv preprint arXiv:2005.05289 (2020)

  7. Badrinarayanan, S., Goyal, V., Jain, A., Kalai, Y.T., Khurana, D., Sahai, A.: Promise zero knowledge and its applications to round optimal MPC. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part II. LNCS, vol. 10992, pp. 459–487. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96881-0_16

    Chapter  Google Scholar 

  8. Barak, B., et al.: On the (Im)possibility of Obfuscating Programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_1

    Chapter  Google Scholar 

  9. Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: 22nd ACM STOC, pp. 503–513. ACM Press, May 1990

    Google Scholar 

  10. Beigi, S., Koenig, R.: Simplified instantaneous non-local quantum computation with applications to position-based cryptography. J. Phys. 13(9), 093036 (2011)

    Google Scholar 

  11. Ben-Or, M., Crépeau, C., Gottesman, D., Hassidim, A., Smith, A.: Secure multiparty quantum computation with (only) a strict honest majority. In: 47th FOCS, pp. 249–260. IEEE Computer Society Press, October 2006

    Google Scholar 

  12. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: 20th ACM STOC, pp. 1–10. ACM Press, May 1988

    Google Scholar 

  13. Brakerski, Z.: Quantum FHE (Almost) as secure as classical. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018, Part III. LNCS, vol. 10993, pp. 67–95. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_3

    Chapter  Google Scholar 

  14. Brakerski, Z., Halevi, S., Polychroniadou, A.: Four round secure computation without setup. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017, Part I. LNCS, vol. 10677, pp. 645–677. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70500-2_22

    Chapter  Google Scholar 

  15. Brakerski, Z., Yuen, H.: Quantum garbled circuits. arXiv preprint arXiv:2006.01085 (2020)

  16. Bravyi, S., Kitaev, A.: Universal quantum computation with ideal clifford gates and noisy ancillas. Phys. Rev. A 71(2), 022316 (2005)

    Google Scholar 

  17. Chase, M., et al.: Reusable non-interactive secure computation. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part III. LNCS, vol. 11694, pp. 462–488. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26954-8_15

    Chapter  Google Scholar 

  18. Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (abstract) (informal contribution). In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, p. 462. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-48184-2_43

    Chapter  Google Scholar 

  19. Choudhuri, A.R., Ciampi, M., Goyal, V., Jain, A., Ostrovsky, R.: Round optimal secure multiparty computation from minimal assumptions. In: Theory of Cryptography - 18th International Conference, TCC 2020, Durham, NC, USA, 16–19 November 2020, Proceedings, Part II, pp. 291–319 (2020)

    Google Scholar 

  20. Crépeau, C., Gottesman, D., Smith, A.: Secure multi-party quantum computation. In: 34th ACM STOC, pp. 643–652. ACM Press, May 2002

    Google Scholar 

  21. D’Ariano, G.M., Schlingemann, D., Werner, R., Kretschmann, D.: Quantum bit commitment revisited: the possible and the impossible. Tech. rep. (2006)

    Google Scholar 

  22. Dulek, Y., Grilo, A.B., Jeffery, S., Majenz, C., Schaffner, C.: Secure multi-party quantum computation with a dishonest majority. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020, Part III. LNCS, vol. 12107, pp. 729–758. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45727-3_25

    Chapter  Google Scholar 

  23. Dupuis, F., Nielsen, J.B., Salvail, L.: Secure two-party quantum evaluation of unitaries against specious adversaries. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 685–706. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_37

    Chapter  Google Scholar 

  24. Dupuis, F., Nielsen, J.B., Salvail, L.: Actively secure two-party evaluation of any quantum operation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 794–811. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_46

    Chapter  Google Scholar 

  25. Garg, S., Mukherjee, P., Pandey, O., Polychroniadou, A.: The exact round complexity of secure computation. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016, Part II. LNCS, vol. 9666, pp. 448–476. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49896-5_16

    Chapter  Google Scholar 

  26. Garg, S., Srinivasan, A.: Two-round multiparty secure computation from minimal assumptions. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018, Part II. LNCS, vol. 10821, pp. 468–499. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78375-8_16

    Chapter  Google Scholar 

  27. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or A completeness theorem for protocols with honest majority. In: Aho, A. (ed.) 19th ACM STOC, pp. 218–229. ACM Press, May 1987

    Google Scholar 

  28. Gonzales, A., Chitambar, E.: Bounds on instantaneous nonlocal quantum computation. IEEE Trans. Inf. Theory 66(5), 2951–2963 (2020)

    Google Scholar 

  29. Goyal, R.: Quantum multi-key homomorphic encryption for polynomial-sized circuits. Cryptology ePrint Archive, Report 2018/443 (2018). https://eprint.iacr.org/2018/443

  30. Ishai, Y., Kushilevitz, E., Ostrovsky, R., Prabhakaran, M., Sahai, A.: Efficient non-interactive secure computation. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 406–425. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_23

    Chapter  Google Scholar 

  31. Ciampi, M., Ostrovsky, R., Siniscalchi, L., Visconti, I.: Round-optimal secure two-party computation from trapdoor permutations. In: Kalai, Y., Reyzin, L. (eds.) TCC 2017. LNCS, vol. 10677, pp. 678–710. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70500-2_23

    Chapter  Google Scholar 

  32. Lo, H.K., Chau, H.F.: Why quantum bit commitment and ideal quantum coin tossing are impossible. Physica D Nonlinear Phenom. 120(1–2), 177–187 (1998)

    Google Scholar 

  33. López-Alt, A., Tromer, E., Vaikuntanathan, V.: On-the-fly multiparty computation on the cloud via multikey fully homomorphic encryption. In: Karloff, H.J., Pitassi, T. (eds.) 44th ACM STOC, pp. 1219–1234. ACM Press, May 2012

    Google Scholar 

  34. Mahadev, U.: Classical homomorphic encryption for quantum circuits. In: Thorup, M. (ed.) 59th FOCS, pp. 332–338. IEEE Computer Society Press, October 2018

    Google Scholar 

  35. Mayers, D.: Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Lett. 78(17), 3414 (1997)

    Google Scholar 

  36. Peikert, C., Vaikuntanathan, V., Waters, B.: A framework for efficient and composable oblivious transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554–571. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_31

    Chapter  Google Scholar 

  37. Shmueli, O.: Multi-theorem (malicious) designated-verifier NIZK for QMA (2020)

    Google Scholar 

  38. Speelman, F.: Instantaneous non-local computation of low t-depth quantum circuits. In: Broadbent, A. (ed.) 11th Conference on the Theory of Quantum Computation, Communication and Cryptography, TQC 2016, 27–29 September 2016, Berlin, Germany. LIPIcs, vol. 61, pp. 9:1–9:24. Schloss Dagstuhl - Leibniz-Zentrum für Informatik (2016)

    Google Scholar 

  39. Vaidman, L.: Instantaneous measurement of nonlocal variables. Phys. Rev. Lett. 90, 010402 (2003)

    Google Scholar 

  40. Yao, A.C.C.: How to generate and exchange secrets (extended abstract). In: 27th FOCS, pp. 162–167. IEEE Computer Society Press, October 1986

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. UC Berkeley, Berkeley, USA

    James Bartusek & Andrea Coladangelo

  2. UIUC, Champaign, USA

    Dakshita Khurana

  3. Princeton University, Princeton, USA

    Fermi Ma

  4. NTT Research, Palo Alto, USA

    Fermi Ma

Authors
  1. James Bartusek
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Andrea Coladangelo
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dakshita Khurana
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Fermi Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Columbia University, New York City, NY, USA

    Tal Malkin

  2. University of Michigan, Ann Arbor, MI, USA

    Chris Peikert

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bartusek, J., Coladangelo, A., Khurana, D., Ma, F. (2021). On the Round Complexity of Secure Quantum Computation. In: Malkin, T., Peikert, C. (eds) Advances in Cryptology – CRYPTO 2021. CRYPTO 2021. Lecture Notes in Computer Science(), vol 12825. Springer, Cham. https://doi.org/10.1007/978-3-030-84242-0_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-84242-0_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-84241-3

  • Online ISBN: 978-3-030-84242-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation