pith. sign in

arxiv: 2405.11608 · v3 · submitted 2024-05-19 · 🪐 quant-ph · cs.CR· cs.DC· cs.ET

Private Delegated Quantum Computing for User-Level and Industry-Level Settings

Alejandro Mata Ali , Adriano Mauricio Lusso , Edgar Mencia This is my paper

Pith reviewed 2026-05-24 00:43 UTC · model grok-4.3

classification 🪐 quant-ph cs.CRcs.DCcs.ET
keywords private delegated quantum computationquantum one-time padstate hidingtranscript unlinkabilityclassical clientangle sharingleakage modelQOTP
0
0 comments X

The pith

A modular hierarchy of protocols gives classical clients leakage-relative state hiding and transcript unlinkability in delegated quantum computation under explicit assumptions.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper constructs a modular hierarchy of private delegated quantum computation protocols that scale with the client's available quantum resources and specifies client capabilities, delegated gates, adversarial models, transcript leakage, and resulting privacy claims for each level. It separates QOTP state privacy under declared leakage from leakage-dependent transcript-level angle ambiguity, compiler-dependent structural privacy, and output privacy, while clarifying when public Clifford operations can run on encrypted data via classical key updates. In the classical-client branch, a persistent common-node with matching-hidden split-QOTP and shuffled finite-grid r-share sign-randomized angle sharing produces leakage-relative state hiding when an explicit ε_key key-hiding condition holds and transcript-level unlinkability when hidden-matching assumptions, non-total-collusion, and the leakage model hold. A sympathetic reader would care because the construction identifies the precise boundary conditions under which user-level or industry-level parties can outsource quantum tasks without exposing inputs beyond declared leakage.

Core claim

The paper presents a modular hierarchy of private delegated quantum computation protocols parameterized by client quantum resources. For the classical-client branch it obtains leakage-relative state hiding under an explicit ε_key key-hiding condition and transcript-level unlinkability under hidden-matching assumptions with non-total-collusion and leakage model, using a persistent common-node, matching-hidden split-QOTP together with shuffled finite-grid r-share sign-randomized angle sharing. The angle-sharing primitives provide transcript ambiguity under explicit leakage assumptions, not universal blindness, and the trap-based layer provides detection under stated assumptions but is not aMal

What carries the argument

The matching-hidden split-QOTP combined with shuffled finite-grid r-share sign-randomized angle sharing, which supplies transcript ambiguity and state hiding under the stated leakage and non-total-collusion model.

If this is right

  • Public Clifford operations can be evaluated on quantum-one-time-pad encrypted data by classical key updates.
  • Non-Clifford privacy requires either additional primitives or non-collusion assumptions beyond the classical-client setting.
  • Structural privacy is compiler-dependent and leakage-function-dependent, separate from state and transcript privacy.
  • The trap-based layer supplies detection under the stated assumptions without constituting a stand-alone malicious-security proof.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • The explicit ε_key condition could be checked by measuring key leakage rates in concrete small-circuit implementations of the angle-sharing step.
  • The hierarchy's separation of privacy layers suggests a route to compose the classical-client branch with existing secure multiparty quantum protocols that already assume partial collusion.
  • Relaxing the non-total-collusion requirement to a quantified fraction of colluding nodes would be a direct next measurement on the same transcript model.

Load-bearing premise

The hidden-matching assumptions and non-total-collusion model must hold for the angle-sharing primitives to deliver transcript ambiguity.

What would settle it

An explicit transcript example that links the delegated computation despite the shuffled angle sharing, under the declared leakage model and non-total collusion, would falsify the unlinkability claim.

Figures

Figures reproduced from arXiv: 2405.11608 by Adriano Mauricio Lusso, Alejandro Mata Ali, Edgar Mencia.

Figure 2
Figure 2. Figure 2: General communication scheme between the [PITH_FULL_IMAGE:figures/full_fig_p002_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: Generic graph state and graph state for the [PITH_FULL_IMAGE:figures/full_fig_p003_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Grover’s circuit that searches for the states [PITH_FULL_IMAGE:figures/full_fig_p011_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: Applied Grover’s circuit that searches for the [PITH_FULL_IMAGE:figures/full_fig_p011_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: QAOA circuit with 3 qubits. In this case, since the circuit structure will al￾ways be the same, we will have to protect only the θ and ϕ angles of rotation. To do so, we will make use of the decomposition 1. The process for a 2 qubit total computer in this case will be as follows, represented in Figs. 7 (original) and 8 (optimized): 1. The client creates the first two qubits and applies the corresponding H… view at source ↗
Figure 8
Figure 8. Figure 8: QAOA applied circuit with 3 qubits optimized [PITH_FULL_IMAGE:figures/full_fig_p012_8.png] view at source ↗
Figure 9
Figure 9. Figure 9: QNN circuit with 3 qubits. 7 Conclusions In this work we have seen several protocols and techniques to achieve a private delegated quan￾tum computation adapted to the client’s re￾sources and to the needs of securing both data and quantum operations. One of the possible fu￾ture lines of research may be to reduce the num￾ber of qubit sends while maintaining privacy lev￾els, since these increase the execution… view at source ↗
read the original abstract

We present a modular hierarchy of private delegated quantum computation protocols tailored to user-level and industry-level settings and parameterized by the quantum resources available to the client. For each protocol, we specify the client capabilities, delegated gate set, adversarial model, transcript leakage and resulting privacy claims. The hierarchy separates QOTP state privacy under declared leakage from leakage-dependent transcript-level angle ambiguity, compiler- and leakage-function-dependent structural privacy, and output privacy, clarifies when public Clifford operations can be evaluated on quantum-one-time-pad encrypted data by classical key updates, and identifies where non-Clifford privacy, non-collusion or additional primitives are required. The classical-client branch uses a persistent common-node, matching-hidden split-QOTP together with shuffled finite-grid $r$-share sign-randomized angle sharing to obtain leakage-relative state hiding under an explicit $\epsilon_{\mathrm{key}}$ key-hiding condition and transcript-level unlinkability under hidden-matching assumptions under an explicit non-total-collusion and leakage model. The angle-sharing primitives provide transcript ambiguity under explicit leakage assumptions, not universal blindness. The trap-based layer provides detection under stated assumptions, but it is not a stand-alone malicious-security proof.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript presents a modular hierarchy of private delegated quantum computation protocols parameterized by the client's quantum resources, from classical to more capable. For each level it specifies client capabilities, delegated gate set, adversarial model, transcript leakage, and resulting privacy claims. It separates QOTP state privacy under declared leakage from leakage-dependent transcript-level angle ambiguity, compiler-dependent structural privacy, and output privacy. The classical-client branch is claimed to achieve leakage-relative state hiding under an explicit ε_key key-hiding condition and transcript-level unlinkability under hidden-matching assumptions with non-total-collusion and a stated leakage model, via persistent common-node matching-hidden split-QOTP together with shuffled finite-grid r-share sign-randomized angle sharing. Angle-sharing primitives are stated to deliver only transcript ambiguity under explicit leakage assumptions (not universal blindness), and the trap-based layer provides detection under stated assumptions but is not a stand-alone malicious-security proof.

Significance. If the stated privacy claims can be formally established under the listed assumptions, the hierarchy would offer a useful taxonomy that clarifies the boundaries between different privacy notions in delegated quantum computation and the precise conditions (including non-total-collusion and leakage models) required for classical clients. This could help both theoretical work on quantum cryptography and practical protocol design for user- and industry-level settings by making explicit where public Clifford operations suffice via key updates and where additional primitives or assumptions are necessary.

major comments (2)
  1. [Abstract] Abstract: the central claim that the classical-client construction obtains leakage-relative state hiding under an explicit ε_key key-hiding condition and transcript-level unlinkability under hidden-matching assumptions rests on these assumptions being sufficient, yet the manuscript provides no derivation or security reduction showing how the persistent common-node, matching-hidden split-QOTP and shuffled finite-grid r-share primitives deliver the claimed properties; this is load-bearing for the hierarchy's classical-client branch.
  2. [Abstract] Abstract: the trap-based layer is described as providing detection under stated assumptions but explicitly not a stand-alone malicious-security proof; if this layer is intended to contribute to the overall privacy claims of the hierarchy, the integration with the angle-sharing and QOTP components must be shown to compose to the stated guarantees, otherwise the hierarchy's completeness for malicious settings is undermined.
minor comments (2)
  1. [Abstract] The notation ε_key is introduced without an explicit definition or bound; a formal definition of the key-hiding condition and how it relates to the leakage model would improve clarity.
  2. [Abstract] The term 'hidden-matching assumptions' is used without a reference or self-contained statement of what the assumption consists of; adding a brief definition or citation would aid readers.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their thorough review and insightful comments on our work. We address each major comment below, providing clarifications on the security arguments and indicating the revisions we will make.

read point-by-point responses

  1. Referee: [Abstract] Abstract: the central claim that the classical-client construction obtains leakage-relative state hiding under an explicit ε_key key-hiding condition and transcript-level unlinkability under hidden-matching assumptions rests on these assumptions being sufficient, yet the manuscript provides no derivation or security reduction showing how the persistent common-node, matching-hidden split-QOTP and shuffled finite-grid r-share primitives deliver the claimed properties; this is load-bearing for the hierarchy's classical-client branch.

    Authors: We agree that the manuscript would benefit from explicit security reductions for the classical-client claims. The current text introduces the primitives and asserts the properties under the given assumptions but does not provide a detailed derivation. In the revised version, we will include a dedicated subsection deriving the leakage-relative state hiding from the ε_key key-hiding condition and the transcript-level unlinkability from the hidden-matching assumptions under non-total-collusion and the leakage model. revision: yes

  2. Referee: [Abstract] Abstract: the trap-based layer is described as providing detection under stated assumptions but explicitly not a stand-alone malicious-security proof; if this layer is intended to contribute to the overall privacy claims of the hierarchy, the integration with the angle-sharing and QOTP components must be shown to compose to the stated guarantees, otherwise the hierarchy's completeness for malicious settings is undermined.

    Authors: The manuscript already states that the trap-based layer is not a stand-alone malicious-security proof. The overall privacy claims rely on the composition of QOTP state privacy, angle-sharing transcript ambiguity, and the trap layer for detection, all under the specified assumptions. We will revise the text to explicitly outline the composition of these components to the hierarchy's guarantees, ensuring the modular structure and limitations are clear. revision: yes

Circularity Check

0 steps flagged

No significant circularity identified

full rationale

The paper's central claims consist of a modular hierarchy of delegated QC protocols whose privacy properties (leakage-relative state hiding, transcript unlinkability) are explicitly conditioned on external assumptions including an ε_key key-hiding condition, hidden-matching assumptions, non-total-collusion, and a stated leakage model. The classical-client branch is described as obtaining its properties from the combination of persistent common-node matching-hidden split-QOTP and shuffled finite-grid r-share sign-randomized angle sharing under those prerequisites; no equations, fitted parameters, or self-referential definitions appear that would reduce any prediction or result to the inputs by construction. No load-bearing self-citations, uniqueness theorems imported from the same authors, or ansatzes smuggled via prior work are invoked to justify the core construction. The derivation chain is therefore self-contained against the stated assumptions and standard QOTP primitives.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Abstract-only review; no explicit free parameters, axioms, or invented entities can be extracted.

pith-pipeline@v0.9.0 · 5739 in / 1042 out tokens · 15283 ms · 2026-05-24T00:43:50.725028+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

35 extracted references · 35 canonical work pages

  1. [1]

    A tutorial on formulating and us- ing qubo models, 2019

    Fred Glover, Gary Kochenberger, and Yu Du. A tutorial on formulating and us- ing qubo models, 2019

    work page 2019

  2. [2]

    A quantum approximate opti- mization algorithm, 2014

    Edward Farhi, Jeffrey Goldstone, and Sam Gutmann. A quantum approximate opti- mization algorithm, 2014

    work page 2014

  3. [3]

    De- composition algorithm of an arbitrary pauli exponential through a quantum circuit, 2023

    Maximilian Balthasar Mansky, Vic- tor Ramos Puigvert, Santiago Londoño Castillo, and Claudia Linnhoff-Popien. De- composition algorithm of an arbitrary pauli exponential through a quantum circuit, 2023

    work page 2023

  4. [4]

    Niels M. P. Neumann and Robert S. Wezeman. Distributed Quantum Ma- chine Learning, page 281–293. Springer International Publishing, 2022. ISBN 9783031066689. DOI: 10.1007/978-3-031- 06668-9_20. URL http://dx.doi.org/10. 1007/978-3-031-06668-9_20

    work page doi:10.1007/978-3-031- 2022

  5. [5]

    Quantum federated learning through blind quantum computing

    Weikang Li, Sirui Lu, and Dong-Ling Deng. Quantum federated learning through blind quantum computing. Science China Physics, Mechanics amp; Astronomy , 64 (10), September 2021. ISSN 1869-

    work page 2021

  6. [6]

    DOI: 10.1007/s11433-021-1753-

    work page doi:10.1007/s11433-021-1753-

  7. [7]

    URL http://dx.doi.org/10.1007/ s11433-021-1753-3

    work page

  8. [8]

    Privacy-preserving quantum federated learn- ing via gradient hiding, 2023

    Changhao Li, Niraj Kumar, Zhixin Song, Shouvanik Chakrabarti, and Marco Pistoia. Privacy-preserving quantum federated learn- ing via gradient hiding, 2023

    work page 2023

  9. [9]

    Homomorphic Encryption — Theory and Application

    Jaydip Sen. Homomorphic Encryption — Theory and Application. InTech, July 2013. ISBN 9789535111764. DOI: 10.5772/56687. URL http://dx.doi.org/10.5772/56687. Accepted in Quantum 2017-05-09, click title to verify. Published under CC-BY 4.0. 13

    work page doi:10.5772/56687 2013

  10. [10]

    Privatequantumcom- putation: an introduction to blind quan- tum computing and related protocols

    JosephF.Fitzsimons. Privatequantumcom- putation: an introduction to blind quan- tum computing and related protocols. npj Quantum Information, 3(1):23, Jun 2017. ISSN 2056-6387. DOI: 10.1038/s41534-017- 0025-3. URL https://doi.org/10.1038/ s41534-017-0025-3

    work page doi:10.1038/s41534-017- 2017

  11. [11]

    An introduction to measure- ment based quantum computation, 2005

    Richard Jozsa. An introduction to measure- ment based quantum computation, 2005

    work page 2005

  12. [12]

    Universal blind quan- tum computation

    Anne Broadbent, Joseph Fitzsimons, and Elham Kashefi. Universal blind quan- tum computation. In 2009 50th Annual IEEE Symposium on Foundations of Com- puter Science, pages 517–526, 2009. DOI: 10.1109/FOCS.2009.36

    work page doi:10.1109/focs.2009.36 2009

  13. [13]

    Andrew M. Childs. Secure assisted quantum computation. Quantum Information and Computation, 5(6), September 2005. ISSN 1533-7146. DOI: 10.26421/qic5.6. URL http://dx.doi.org/10.26421/QIC5.6

    work page doi:10.26421/qic5.6 2005

  14. [14]

    Delegating private quan- tum computations

    Anne Broadbent. Delegating private quan- tum computations. Canadian Journal of Physics, 93(9):941–946, September 2015. ISSN 1208-6045. DOI: 10.1139/cjp-2015-

    work page doi:10.1139/cjp-2015- 2015

  15. [15]

    URL http://dx.doi.org/10.1139/ cjp-2015-0030

    work page 2015

  16. [16]

    In: Meersman, R., Panetto, H., Dillon, T., Mis- sikoff, M., Liu, L., Pastor, O., Cuzzocrea, A., Sellis, T

    Anne Broadbent and Stacey Jeffery.Quan- tum Homomorphic Encryption for Circuits of Low T-gate Complexity, page 609–629. Springer Berlin Heidelberg, 2015. ISBN 9783662480007. DOI: 10.1007/978-3-662- 48000-7_30. URL http://dx.doi.org/10. 1007/978-3-662-48000-7_30

    work page doi:10.1007/978-3-662- 2015

  17. [17]

    Bennett and Gilles Bras- sard

    Charles H. Bennett and Gilles Bras- sard. Quantum cryptography: Pub- lic key distribution and coin tossing. Theoretical Computer Science , 560: 7–11, 2014. ISSN 0304-3975. DOI: https://doi.org/10.1016/j.tcs.2014.05.025. URL https://www.sciencedirect. com/science/article/pii/ S0304397514004241. Theoretical Aspects of Quantum Cryptography – celebrating 30 y...

    work page doi:10.1016/j.tcs.2014.05.025 2014

  18. [18]

    Spectral analysis of finite-time correlation matrices near equilibrium phase transitions

    Shuquan Ma, Changhua Zhu, Min Nie, Dongxiao Quan, and Changxing Pei. Secure delegated quantum computation based on z-rotation encryption. Europhysics Letters, 137(3):38001, apr 2022. DOI: 10.1209/0295- 5075/ac4fd2. URL https://dx.doi.org/ 10.1209/0295-5075/ac4fd2

    work page doi:10.1209/0295- 2022

  19. [19]

    Full-blind delegating private quantum computation

    Wenjie Liu, Zhenyu Chen, Jinsuo Liu, Zhaofeng Su, and Lianhua Chi. Full-blind delegating private quantum computation. Computers, Materials & Continua , 56(2): 211–223, 2018. ISSN 1546-2226. DOI: 10.3970/cmc.2018.02288. URL http:// www.techscience.com/cmc/v56n2/22928

    work page doi:10.3970/cmc.2018.02288 2018

  20. [20]

    K. A. G. Fisher, A. Broadbent, L. K. Shalm, Z.Yan, J.Lavoie, R.Prevedel, T.Jennewein, and K. J. Resch. Quantum computing on encrypted data. Nature Communications, 5 (1):3074, Jan 2014. ISSN 2041-1723. DOI: 10.1038/ncomms4074. URL https://doi. org/10.1038/ncomms4074

    work page doi:10.1038/ncomms4074 2014

  21. [21]

    Fitzsimons, Anton Zeilinger, and Philip Walther

    Stefanie Barz, Elham Kashefi, Anne Broad- bent, Joseph F. Fitzsimons, Anton Zeilinger, and Philip Walther. Demonstration of blind quantum computing. Science, 335(6066): 303–308, January 2012. ISSN 1095-9203. DOI: 10.1126/science.1214707. URL http://dx.doi.org/10.1126/science. 1214707

    work page doi:10.1126/science.1214707 2012

  22. [22]

    Lov K. Grover. A fast quantum mechan- ical algorithm for database search. In Proceedings of the Twenty-Eighth Annual ACM Symposium on Theory of Comput- ing, STOC ’96, page 212–219, New York, NY, USA, 1996. Association for Comput- ing Machinery. ISBN 0897917855. DOI: 10.1145/237814.237866. URL https:// doi.org/10.1145/237814.237866

    work page doi:10.1145/237814.237866 1996

  23. [23]

    Rapid solution of problems by quantum compu- tation

    David Deutsch and Richard Jozsa. Rapid solution of problems by quantum compu- tation. Proceedings of the Royal Soci- ety of London. Series A: Mathematical and Physical Sciences, 439:553 – 558, 1992. URL https://api.semanticscholar.org/ CorpusID:121702767

    work page 1992

  24. [24]

    Secure delegated quantum algorithms for solving mahalanobis distance

    Jiandong Ouyang, Yuxun Wang, and Qin Li. Secure delegated quantum algorithms for solving mahalanobis distance. Physica A: Statistical Mechanics and its Applications, 625:129025, 2023. ISSN 0378-4371. DOI: https://doi.org/10.1016/j.physa.2023.129025. URL https://www.sciencedirect. com/science/article/pii/ S0378437123005800

    work page doi:10.1016/j.physa.2023.129025 2023

  25. [25]

    Delegated varia- tional quantum algorithms based on quan- tum homomorphic encryption, 2023

    Qin Li, Junyu Quan, Jinjing Shi, Shichao Zhang, and Xuelong Li. Delegated varia- tional quantum algorithms based on quan- tum homomorphic encryption, 2023. Accepted in Quantum 2017-05-09, click title to verify. Published under CC-BY 4.0. 14

    work page 2023

  26. [26]

    A delegated quantum approxi- mate optimization algorithm

    Yuxun Wang, Junyu Quan, and Qin Li. A delegated quantum approxi- mate optimization algorithm. In 2022 14th International Conference on Wire- less Communications and Signal Process- ing (WCSP), pages 804–808, 2022. DOI: 10.1109/WCSP55476.2022.10039146

    work page doi:10.1109/wcsp55476.2022.10039146 2022

  27. [27]

    Delegated quan- tum neural networks for encrypted data

    Wenli Sun, Yan Chang, Danchen Wang, Shibin Zhang, and Lili Yan. Delegated quan- tum neural networks for encrypted data. Phys. Scripta, 99(5):055102, 2024. DOI: 10.1088/1402-4896/ad348f

    work page doi:10.1088/1402-4896/ad348f 2024

  28. [28]

    Equivalence in delegated quantum computing, 2023

    Fabian Wiesner, Jens Eisert, and Anna Pappa. Equivalence in delegated quantum computing, 2023

    work page 2023

  29. [29]

    The measurement calculus, 2007

    Vincent Danos, Elham Kashefi, and Prakash Panangaden. The measurement calculus, 2007

    work page 2007

  30. [30]

    A distributed archi- tecture for secure delegated quantum com- putation

    Shuquan Ma, Changhua Zhu, Dongxiao Quan, and Min Nie. A distributed archi- tecture for secure delegated quantum com- putation. Entropy, 24(6), 2022. ISSN 1099-

    work page 2022

  31. [31]

    URLhttps: //www.mdpi.com/1099-4300/24/6/794

    DOI:10.3390/e24060794. URLhttps: //www.mdpi.com/1099-4300/24/6/794

    work page doi:10.3390/e24060794

  32. [32]

    Leichtle, L

    Dominik Leichtle, Luka Music, Elham Kashefi, and Harold Ollivier. Verifying bqp computations on noisy devices with minimal overhead. PRX Quantum , 2 (4), October 2021. ISSN 2691-3399. DOI: 10.1103/prxquantum.2.040302. URL http://dx.doi.org/10.1103/ PRXQuantum.2.040302

    work page doi:10.1103/prxquantum.2.040302 2021

  33. [33]

    Classical homomorphic encryption for quantum circuits, 2023

    Urmila Mahadev. Classical homomorphic encryption for quantum circuits, 2023

    work page 2023

  34. [34]

    Manca, S

    Aram W. Harrow, Avinatan Hassidim, and Seth Lloyd. Quantum algorithm for linear systems of equations. Physi- cal Review Letters, 103(15), October 2009. ISSN 1079-7114. DOI: 10.1103/phys- revlett.103.150502. URL http://dx.doi. org/10.1103/PhysRevLett.103.150502

    work page doi:10.1103/phys- 2009

  35. [35]

    Sumcheck-based delega- tion of quantum computing to rational server

    Yuki Takeuchi, Tomoyuki Morimae, and Seiichiro Tani. Sumcheck-based delega- tion of quantum computing to rational server. Theoretical Computer Science, 924: 46–67, July 2022. ISSN 0304-3975. DOI: 10.1016/j.tcs.2022.04.016. URL http://dx. doi.org/10.1016/j.tcs.2022.04.016. Accepted in Quantum 2017-05-09, click title to verify. Published under CC-BY 4.0. 15

    work page doi:10.1016/j.tcs.2022.04.016 2022