Unconditionally verifiable blind computation

TL;DR

This paper introduces an improved unconditionally secure verifiable blind quantum computing protocol that enhances efficiency and fault-tolerance by allowing arbitrary entangling gates with constant overhead, building on previous schemes.

Contribution

It extends prior work by enabling blind computational basis measurements and constructing a new resource state for more efficient, verifiable quantum computation.

Findings

Probability of undetected errors is exponentially small.

Resource overhead remains polynomial in security parameters.

Allows entangling gates between arbitrary qubits with constant overhead.

Abstract

Blind Quantum Computing (BQC) allows a client to have a server carry out a quantum computation for them such that the client's input, output and computation remain private. A desirable property for any BQC protocol is verification, whereby the client can verify with high probability whether the server has followed the instructions of the protocol, or if there has been some deviation resulting in a corrupted output state. A verifiable BQC protocol can be viewed as an interactive proof system leading to consequences for complexity theory. The authors, together with Broadbent, previously proposed a universal and unconditionally secure BQC scheme where the client only needs to be able to prepare single qubits in separable states randomly chosen from a finite set and send them to the server, who has the balance of the required quantum computational resources. In this paper we extend that protocol with new functionality allowing blind computational basis measurements, which we use to construct a new verifiable BQC protocol based on a new class of resource states. We rigorously prove that the probability of failing to detect an incorrect output is exponentially small in a security parameter, while resource overhead remains polynomial in this parameter. The new resource state allows entangling gates to be performed between arbitrary pairs of logical qubits with only constant overhead. This is a significant improvement on the original scheme, which required that all computations to be performed must first be put into a nearest neighbour form, incurring linear overhead in the number of qubits. Such an improvement has important consequences for efficiency and fault-tolerance thresholds.