Composable Security of Delegated Quantum Computation

  • Vedran Dunjko
  • Joseph F. Fitzsimons
  • Christopher Portmann
  • Renato Renner
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8874)


Delegating difficult computations to remote large computation facilities, with appropriate security guarantees, is a possible solution for the ever/growing needs of personal computing power. For delegated computation protocols to be usable in a larger context – or simply to securely run two protocols in parallel – the security definitions need to be composable. Here, we define composable security for delegated quantum computation. We distinguish between protocols which provide only blindness – the computation is hidden from the server – and those that are also verifiable – the client can check that it has received the correct result. We show that the composable security definition capturing both these notions can be reduced to a combination of several distinct “trace/distance/type” criteria – which are, individually, non/composable security definitions.

Additionally, we study the security of some known delegated quantum computation protocols, including Broadbent, Fitzsimons and Kashefi’s Universal Blind Quantum Computation protocol. Even though these protocols were originally proposed with insufficient security criteria, they turn out to still be secure given the stronger composable definitions.


Quantum Computation Local Criterion Physical Review Letter Full Version Security Notion 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Aharonov, D., Ben-Or, M., Eban, E.: Interactive proofs for quantum computations. In: Proceedings of Innovations in Computer Science, ICS 2010, pp. 453–469 (2010)Google Scholar
  2. 2.
    Arrighi, P., Salvail, L.: Blind quantum computation. International Journal of Quantum Information 4(05), 883–898 (2006)CrossRefzbMATHGoogle Scholar
  3. 3.
    Backes, M., Pfitzmann, B., Waidner, M.: A general composition theorem for secure reactive systems. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 336–354. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Backes, M., Pfitzmann, B., Waidner, M.: The reactive simulatability (RSIM) framework for asynchronous systems. Information and Computation 205(12), 1685–1720 (2007), Extended version of [39]CrossRefzbMATHMathSciNetGoogle Scholar
  5. 5.
    Barnum, H., Crépeau, C., Gottesman, D., Smith, A., Tapp, A.: Authentication of quantum messages. In: Proceedings of the 43rd Symposium on Foundations of Computer Science, FOCS 2002, pp. 449–458. IEEE (2002)Google Scholar
  6. 6.
    Barrett, J., Colbeck, R., Kent, A.: Memory attacks on device-independent quantum cryptography. Physical Review Letters 110, 010503 (2013)CrossRefGoogle Scholar
  7. 7.
    Barz, S., Fitzsimons, J.F., Kashefi, E., Walther, P.: Experimental verification of quantum computation. Nature Physics (2013)Google Scholar
  8. 8.
    Barz, S., Kashefi, E., Broadbent, A., Fitzsimons, J.F., Zeilinger, A., Walther, P.: Demonstration of blind quantum computing. Science 335(6066), 303–308 (2012)CrossRefMathSciNetGoogle Scholar
  9. 9.
    Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, pp. 531–545. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  10. 10.
    Ben-Or, M., Mayers, D.: General security definition and composability for quantum & classical protocols (2004), (eprint)
  11. 11.
    Broadbent, A., Fitzsimons, J., Kashefi, E.: Universal blind quantum computation. In: Proceedings of the 50th Symposium on Foundations of Computer Science, FOCS 2009, pp. 517–526. IEEE Computer Society (2009)Google Scholar
  12. 12.
    Broadbent, A., Gutoski, G., Stebila, D.: Quantum one-time programs. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part II. LNCS, vol. 8043, pp. 344–360. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  13. 13.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: Proceedings of the 42nd Symposium on Foundations of Computer Science, FOCS 2001, pp. 136–145. IEEE (2001)Google Scholar
  14. 14.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067 (2013),, updated version of [13]
  15. 15.
    Chien, C.H., Meter, R.V., Kuo, S.Y.: Fault-tolerant operations for universal blind quantum computation (2013), (eprint)
  16. 16.
    Childs, A.M.: Secure assisted quantum computation. Quantum Information & Computation 5(6), 456–466 (2005)zbMATHMathSciNetGoogle Scholar
  17. 17.
    Chiribella, G., D’Ariano, G.M., Perinotti, P.: Theoretical framework for quantum networks. Physical Review A 80, 022339 (2009)CrossRefMathSciNetGoogle Scholar
  18. 18.
    Dunjko, V., Fitzsimons, J., Portmann, C., Renner, R.: Composable security of delegated quantum computation (2014), (eprint)
  19. 19.
    Dunjko, V., Kashefi, E., Leverrier, A.: Universal blind quantum computing with weak coherent pulses. Physical Review Letters 108, 200502 (2012)CrossRefGoogle Scholar
  20. 20.
    Fitzsimons, J., Kashefi, E.: Unconditionally verifiable blind computation (2012), (eprint)
  21. 21.
    Giovannetti, V., Maccone, L., Morimae, T., Rudolph, T.G.: Efficient universal blind computation. Physical Review Letters 111, 230501 (2013)CrossRefGoogle Scholar
  22. 22.
    Goldreich, O.: Foundations of Cryptography: Volume 1, Basic Tools. Cambridge University Press, New York (2001)CrossRefGoogle Scholar
  23. 23.
    Goldreich, O.: Foundations of Cryptography: Volume 2, Basic Applications. Basic Applications, vol. 2. Cambridge University Press, New York (2004)CrossRefGoogle Scholar
  24. 24.
    Gutoski, G.: On a measure of distance for quantum strategies. Journal of Mathematical Physics 53(3), 032202 (2012)CrossRefMathSciNetGoogle Scholar
  25. 25.
    Gutoski, G., Watrous, J.: Toward a general theory of quantum games. In: Proceedings of the 39th Symposium on Theory of Computing, STOC 2007, pp. 565–574. ACM (2007)Google Scholar
  26. 26.
    Hofheinz, D., Müller-Quade, J., Unruh, D.: On the (im-)possibility of extending coin toss. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 504–521. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  27. 27.
    Krawczyk, H.: The order of encryption and authentication for protecting communications (or: How secure is SSL?). In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 310–331. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  28. 28.
    Mantri, A., Pérez-Delgado, C.A., Fitzsimons, J.F.: Optimal blind quantum computation. Physical Review Letters 111, 230502 (2013)CrossRefGoogle Scholar
  29. 29.
    Maurer, U., Renner, R.: Abstract cryptography. In: Proceedings of Innovations in Computer Science, ICS 2010, pp. 1–21. Tsinghua University Press (2011)Google Scholar
  30. 30.
    Maurer, U., Tackmann, B.: On the soundness of authenticate-then-encrypt: Formalizing the malleability of symmetric encryption. In: Proceedings of the 17th ACM Conference on Computer and Communication Security, pp. 505–515. ACM (2010)Google Scholar
  31. 31.
    Morimae, T.: Continuous-variable blind quantum computation. Physical Review Letters 109, 230502 (2012)CrossRefGoogle Scholar
  32. 32.
    Morimae, T.: Verification for measurement-only blind quantum computing. Physical Review A 89, 060302 (2014)CrossRefGoogle Scholar
  33. 33.
    Morimae, T., Dunjko, V., Kashefi, E.: Ground state blind quantum computation on AKLT state (2010), (eprint)
  34. 34.
    Morimae, T., Fujii, K.: Blind topological measurement-based quantum computation. Nature Communications 3, 1036 (2012)CrossRefGoogle Scholar
  35. 35.
    Morimae, T., Fujii, K.: Blind quantum computation protocol in which alice only makes measurements. Physical Review A 87, 050301 (2013)CrossRefGoogle Scholar
  36. 36.
    Morimae, T., Koshiba, T.: Composable security of measuring-Alice blind quantum computation (2013), (eprint)
  37. 37.
    Mosca, M., Stebila, D.: Quantum coins. In: Error-Correcting Codes, Finite Geometries and Cryptography. Contemporary Mathematics, vol. 523, pp. 35–47. American Mathematical Society (2010)Google Scholar
  38. 38.
    Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information. Cambridge University Press (2000)Google Scholar
  39. 39.
    Pfitzmann, B., Waidner, M.: A model for asynchronous reactive systems and its application to secure message transmission. In: IEEE Symposium on Security and Privacy, pp. 184–200. IEEE (2001)Google Scholar
  40. 40.
    Portmann, C., Renner, R.: Cryptographic security of quantum key distribution (2014),
  41. 41.
    Sueki, T., Koshiba, T., Morimae, T.: Ancilla-driven universal blind quantum computation. Physical Review A 87, 060301 (2013)CrossRefGoogle Scholar
  42. 42.
    Unruh, D.: Simulatable security for quantum protocols (2004), r̆l (eprint)Google Scholar
  43. 43.
    Unruh, D.: Universally composable quantum multi-party computation. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 486–505. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  44. 44.
    Unruh, D.: Concurrent composition in the bounded quantum storage model. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 467–486. Springer, Heidelberg (2011)CrossRefGoogle Scholar

Copyright information

© International Association for Cryptologic Research 2014

Authors and Affiliations

  • Vedran Dunjko
    • 1
    • 2
  • Joseph F. Fitzsimons
    • 3
    • 4
  • Christopher Portmann
    • 5
    • 6
  • Renato Renner
    • 5
  1. 1.School of InformaticsUniversity of EdinburghEdinburghU.K.
  2. 2.Division of Molecular BiologyRuder Bošković InstituteZagrebCroatia
  3. 3.Singapore University of Technology and DesignSingapore
  4. 4.Centre for Quantum TechnologiesNational University of SingaporeSingapore
  5. 5.Institute for Theoretical PhysicsETH ZurichZurichSwitzerland
  6. 6.Group of Applied PhysicsUniversity of GenevaGenevaSwitzerland

Personalised recommendations