Non-interactive classical verification of quantum computation

by   Gorjan Alagic, et al.

In a recent breakthrough, Mahadev constructed an interactive protocol that enables a purely classical party to delegate any quantum computation to an untrusted quantum prover. In this work, we show that this same task can in fact be performed non-interactively and in zero-knowledge. Our protocols result from a sequence of significant improvements to the original four-message protocol of Mahadev. We begin by making the first message instance-independent and moving it to an offline setup phase. We then establish a parallel repetition theorem for the resulting three-message protocol, with an asymptotically optimal rate. This, in turn, enables an application of the Fiat-Shamir heuristic, eliminating the second message and giving a non-interactive protocol. Finally, we employ classical non-interactive zero-knowledge (NIZK) arguments and classical fully homomorphic encryption (FHE) to give a zero-knowledge variant of this construction. This yields the first purely classical NIZK argument system for QMA, a quantum analogue of NP. We establish the security of our protocols under standard assumptions in quantum-secure cryptography. Specifically, our protocols are secure in the Quantum Random Oracle Model, under the assumption that Learning with Errors is quantumly hard. The NIZK construction also requires circuit-private FHE.


page 1

page 2

page 3

page 4


Two-message verification of quantum computation

We describe a two-message protocol that enables a purely classical verif...

Non-interactive zero-knowledge arguments for QMA, with preprocessing

A non-interactive zero-knowledge (NIZK) proof system for a language L∈NP...

Multi-theorem (Malicious) Designated-Verifier NIZK for QMA

We present the first non-interactive zero-knowledge argument system for ...

Semi-Quantum Money

Private quantum money allows a bank to mint quantum money states that it...

Information-theoretically-sound non-interactive classical verification of quantum computing with trusted center

The posthoc verification protocol [J. F. Fitzsimons, M. Hajdušek, and T....

A Tight Parallel Repetition Theorem for Partially Simulatable Interactive Arguments via Smooth KL-Divergence

Hardness amplification is a central problem in the study of interactive ...

Please sign up or login with your details

Forgot password? Click here to reset