Guaranteeing Privacy in Hybrid Quantum Learning through Theoretical Mechanisms

TL;DR

This paper introduces HYPER-Q, a hybrid quantum-classical noise mechanism that enhances privacy in quantum machine learning models by leveraging intrinsic quantum noise within a differential privacy framework.

Contribution

It proposes a novel hybrid noise mechanism combining quantum and classical noise for privacy preservation in QML, with theoretical analysis and empirical validation.

Findings

HYPER-Q provides stronger privacy guarantees than classical mechanisms.

HYPER-Q improves adversarial robustness across datasets.

Theoretical bounds on utility are established.

Abstract

Quantum Machine Learning (QML) is becoming increasingly prevalent due to its potential to enhance classical machine learning (ML) tasks, such as classification. Although quantum noise is often viewed as a major challenge in quantum computing, it also offers a unique opportunity to enhance privacy. In particular, intrinsic quantum noise provides a natural stochastic resource that, when rigorously analyzed within the differential privacy (DP) framework and composed with classical mechanisms, can satisfy formal $(\varepsilon, \delta)$-DP guarantees. This enables a reduction in the required classical perturbation without compromising the privacy budget, potentially improving model utility. However, the integration of classical and quantum noise for privacy preservation remains unexplored. In this work, we propose a hybrid noise-added mechanism, HYPER-Q, that combines classical and quantum noise to protect the privacy of QML models. We provide a comprehensive analysis of its privacy guarantees and establish theoretical bounds on its utility. Empirically, we demonstrate that HYPER-Q outperforms existing classical noise-based mechanisms in terms of adversarial robustness across multiple real-world datasets.