Quantum Fully Homomorphic Encryption with Verification

  • Gorjan AlagicEmail author
  • Yfke Dulek
  • Christian Schaffner
  • Florian Speelman
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10624)


Fully-homomorphic encryption (FHE) enables computation on encrypted data while maintaining secrecy. Recent research has shown that such schemes exist even for quantum computation. Given the numerous applications of classical FHE (zero-knowledge proofs, secure two-party computation, obfuscation, etc.) it is reasonable to hope that quantum FHE (or QFHE) will lead to many new results in the quantum setting. However, a crucial ingredient in almost all applications of FHE is circuit verification. Classically, verification is performed by checking a transcript of the homomorphic computation. Quantumly, this strategy is impossible due to no-cloning. This leads to an important open question: can quantum computations be delegated and verified in a non-interactive manner?

In this work, we answer this question in the affirmative, by constructing a scheme for QFHE with verification (vQFHE). Our scheme provides authenticated encryption, and enables arbitrary polynomial-time quantum computations without the need of interaction between client and server. Verification is almost entirely classical; for computations that start and end with classical states, it is completely classical. As a first application, we show how to construct quantum one-time programs from classical one-time programs and vQFHE.



This work was completed while GA was a member of the QMATH center at the Department of Mathematical Sciences at the University of Copenhagen. GA and FS acknowledge financial support from the European Research Council (ERC Grant Agreement no 337603), the Danish Council for Independent Research (Sapere Aude), Qubiz - Quantum Innovation Center, and VILLUM FONDEN via the QMATH Centre of Excellence (Grant No. 10059). CS is supported by an NWO VIDI grant.


  1. 1.
    Aharonov, D., Ben-Or, M., Eban, E.: Interactive proofs for quantum computations. arXiv preprint arXiv:0810.5375 (2008)
  2. 2.
    Alagic, G., Broadbent, A., Fefferman, B., Gagliardoni, T., Schaffner, C., St. Jules, M.: Computational security of quantum encryption. In: Nascimento, A.C.A., Barreto, P. (eds.) ICITS 2016. LNCS, vol. 10015, pp. 47–71. Springer, Cham (2016). CrossRefGoogle Scholar
  3. 3.
    Alagic, G., Dulek, Y., Schaffner, C., Speelman, F.: Quantum fully homomorphic encryption with verification. arXiv preprint arXiv:1708.09156 (2017)
  4. 4.
    Barak, B., Brakerski, Z.: Windows on theory: the swiss army knife of cryptography (2012). URL
  5. 5.
    Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. In: 52nd Annual Symposium on Foundations of Computer Science (FOCS), pp. 97–106 (2011).
  6. 6.
    Broadbent, A., Jeffery, S.: Quantum homomorphic encryption for circuits of low T-gate complexity. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 609–629. Springer, Heidelberg (2015). CrossRefGoogle Scholar
  7. 7.
    Broadbent, A., Wainewright, E.: Efficient simulation for quantum message authentication. arXiv preprint arXiv:1607.03075 (2016)
  8. 8.
    Broadbent, A., Fitzsimons, J., Kashefi, E.: Universal blind quantum computation. In: 50th Annual Symposium on Foundations of Computer Science (FOCS), pp. 517–526. IEEE (2009)Google Scholar
  9. 9.
    Broadbent, A., Gutoski, G., Stebila, D.: Quantum one-time programs. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 344–360. Springer, Heidelberg (2013). CrossRefGoogle Scholar
  10. 10.
    Broadbent, A., Ji, Z., Song, F., Watrous, J.: Zero-knowledge proof systems for QMA. In: 57th Annual Symposium on Foundations of Computer Science (FOCS), pp. 31–40, October 2016.
  11. 11.
    Coladangelo, A., Grilo, A., Jeffery, S., Vidick, T.: Verifier-on-a-leash: new schemes for verifiable delegated quantum computation, with quasilinear resources. arXiv preprint arXiv:1708.02130 (2017)
  12. 12.
    Dulek, Y., Schaffner, C., Speelman, F.: Quantum homomorphic encryption for polynomial-sized circuits. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 3–32. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  13. 13.
    Dupuis, F., Nielsen, J.B., Salvail, L.: Actively secure two-party evaluation of any quantum operation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 794–811. Springer, Heidelberg (2012). CrossRefGoogle Scholar
  14. 14.
    Garg, S., Gentry, C., Halevi, S., Raykova, M., Sahai, A., Waters, B.: Candidate indistinguishability obfuscation and functional encryption for all circuits. In: 54th Annual Symposium on Foundations of Computer Science (FOCS), pp. 40–49, October (2013).
  15. 15.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: 41st Annual ACM Symposium on Theory of Computing (STOC), pp. 169–178 (2009).
  16. 16.
    Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press, Boca Raton (2014)zbMATHGoogle Scholar
  17. 17.
    Mahadev, U.: Classical homomorphic encryption for quantum circuits. arXiv preprint arXiv:1708.02130 (2017)
  18. 18.
    Newman, M., Shi, Y.: Limitations on transversal computation through quantum homomorphic encryption. arXiv e-prints, April 2017Google Scholar
  19. 19.
    Ouyang, Y., Tan, S.-H., Fitzsimons, J.: Quantum homomorphic encryption from quantum codes. arXiv preprint arXiv:1508.00938 (2015)
  20. 20.
    Shor, P.W., Preskill, J.: Simple proof of security of the BB84 quantum key distribution protocol. Phys. Rev. Lett. 85, 441–444 (2000). CrossRefGoogle Scholar
  21. 21.
    Tan, S.-H., Kettlewell, J.A., Ouyang, Y., Chen, L., Fitzsimons, J.: A quantum approach to homomorphic encryption. Sci. Rep. 6, 33467 (2016). CrossRefGoogle Scholar
  22. 22.
    Unruh, D.: Universally composable quantum multi-party computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 486–505. Springer, Heidelberg (2010). CrossRefGoogle Scholar
  23. 23.
    Li, Y., Pérez-Delgado, C.A., Fitzsimons, J.F.: Limitations on information-theoretically-secure quantum homomorphic encryption. Phys. Rev. A 90, 050303 (2014). CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  • Gorjan Alagic
    • 1
    • 2
    Email author
  • Yfke Dulek
    • 3
  • Christian Schaffner
    • 3
  • Florian Speelman
    • 4
  1. 1.Joint Center for Quantum Information and Computer ScienceUniversity of MarylandCollege ParkUSA
  2. 2.National Institute of Standards and TechnologyGaithersburgUSA
  3. 3.CWI, QuSoft, and University of AmsterdamAmsterdamNetherlands
  4. 4.QMATH, Department of Mathematical SciencesUniversity of CopenhagenCopenhagenDenmark

Personalised recommendations