Post-Cut Metadata Inference Attacks on Quantum Circuit Cutting Pipelines
Samuel Punch, Krishnendu Guha, and Utz Roedig
TL;DR
This paper reveals that quantum circuit cutting exposes a metadata side channel, enabling inference of circuit details from provider-visible metadata, thus compromising confidentiality in quantum cloud computing.
Contribution
It formalizes the metadata leakage surface and demonstrates practical inference attacks on circuit metadata, highlighting security risks in quantum circuit cutting.
Findings
Attacks achieve 0.960 accuracy in identifying algorithm family.
Metadata leakage is structure-dominated, not scale-dependent.
Quantum circuit cutting exposes significant confidentiality risks.
Abstract
Quantum circuit cutting enables near-term quantum devices to execute workloads exceeding their qubit capacity by decomposing circuits into independently runnable fragments. While this extends computational reach, it creates a previously unexplored confidentiality surface: the fragment-level execution transcript observable by a semi-honest cloud provider. We formalise this surface and demonstrate that post-cut transcripts constitute a practical metadata side channel. Operating solely on provider-visible compiled circuit metadata (fragment width, depth, and two-qubit gate count), we evaluate a structured inference attack across six classification objectives spanning algorithm identity, cut mechanism, and coarse Hamiltonian structure. Our corpus comprises 1,200 circuit fragments across eight algorithm families transpiled against three hardware topologies, validated on a 156-qubit…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.