Two-message verification of quantum computation

by   Gorjan Alagic, et al.

We describe a two-message protocol that enables a purely classical verifier to delegate any quantum computation to an untrusted quantum prover. The protocol begins with the verifier publishing a problem instance together with a public cryptographic key. The prover then transmits the computation result, appropriately encoded. Finally, the verifier uses their private key to detect any cheating and extract the result. We achieve this by upgrading the verification protocol of Mahadev in two steps. First, the protocol is repeated many times in parallel, yielding a four-message protocol with negligible soundness error. This enables the second step: the "challenge round" is eliminated via the Fiat-Shamir transform, in which the prover computes their own challenges using a public hash function. We show that this protocol is secure under the same assumptions underlying many candidate schemes for post-quantum public-key cryptography. Specifically, it is secure in the Quantum Random Oracle Model, and assuming the quantum hardness of the Learning with Errors problem. The main technical advance in our security proof is a parallel repetition theorem for the Mahadev protocol.


Classical Verification of Quantum Computations with Efficient Verifier

In this paper, we extend the protocol of classical verification of quant...

Non-interactive classical verification of quantum computation

In a recent breakthrough, Mahadev constructed an interactive protocol th...

Succinct Classical Verification of Quantum Computation

We construct a classically verifiable succinct interactive argument for ...

Advantage of the key relay protocol over secure network coding

The key relay protocol (KRP) plays an important role in improving the pe...

Post-Quantum Succinct Arguments

We prove that Kilian's four-message succinct argument system is post-qua...

A Private and Unlinkable Message Exchange Using a Public bulletin board in Opportunistic Networks

We plan to simulate a private and unlinkable exchange of messages by usi...

Private Randomness Agreement and its Application in Quantum Key Distribution Networks

We define a variation on the well-known problem of private message trans...

Please sign up or login with your details

Forgot password? Click here to reset