Forging quantum data: classically defeating an IQP-based quantum test

In 2009, Shepherd and Bremner proposed a "test of quantum capability" arXiv:0809.0847 that is attractive because the quantum machine's output can be verified efficiently by classical means. While follow-up papers gave evidence that directly simulating the quantum prover is classically hard, the security of the protocol against other (non-simulating) classical attacks has remained an open question. In this paper, I demonstrate that the protocol is not secure against classical provers. I describe a classical algorithm that can not only convince the verifier that the (classical) prover is quantum, but can in fact can extract the secret key underlying a given protocol instance. Furthermore, I show that the algorithm is efficient in practice for problem sizes of hundreds of qubits. Finally, I provide an implementation of the algorithm, and give the secret vector underlying the "25 challenge" posted online by the authors of the original paper.

READ FULL TEXT

Please sign up or login with your details

Forgot password? Click here to reset