Abstract
A fully homomorphic encryption system hides data from unauthorized parties, while still allowing them to perform computations on the encrypted data. Aside from the straightforward benefit of allowing users to delegate computations to a more powerful server without revealing their inputs, a fully homomorphic cryptosystem can be used as a building block in the construction of a number of cryptographic functionalities. Designing such a scheme remained an open problem until 2009, decades after the idea was first conceived, and the past few years have seen the generalization of this functionality to the world of quantum machines. Quantum schemes prior to the one implemented here were able to replicate some features in particular use-cases often associated with homomorphic encryption but lacked other crucial properties, for example, relying on continual interaction to perform a computation or leaking information about the encrypted data. We present the first experimental realisation of a quantum fully homomorphic encryption scheme. We further present a toy two-party secure computation task enabled by our scheme. Finally, as part of our implementation, we also demonstrate a post-selective two-qubit linear optical controlled-phase gate with a much higher post-selection success probability (1/2) when compared to alternate implementations, e.g. with post-selective controlled-$Z$ or controlled-$X$ gates (1/9).
Highlights
In 1978, Rivest et al first imagined constructing a cryptosystem with the property that a party without a valid secret key required for decryption can correctly evaluate a function f directly on a ciphertext x, without learning anything about either fðxÞ or x [1]
To demonstrate the versatility of a a quantum fully homomorphic encryption scheme, we further present a toy two-party secure computation task enabled by our scheme
In addition to the obvious benefit of being able to delegate computation to a party that is otherwise not trusted with private data, cryptographers have observed that elegant cryptographic solutions to interesting tasks can be constructed on top of a fully homomorphic encryption scheme—secure multiparty computation, noninteractive
Summary
In 1978, Rivest et al first imagined constructing a cryptosystem with the property that a party without a valid secret key required for decryption can correctly evaluate a function f directly on a ciphertext x, without learning anything about either fðxÞ or x [1]. The interactions often require either that Alice be cognizant of operation(s) performed by Bob or that Bob foregoes the freedom to choose which computation to perform These constraints make SDQC ill suited for certain applications of FHE (for example, secure multiparty computation) where. More recent efforts relaxed the information-theoretic setting to one with computational assumptions, at first for circuits of shallow T depth (number of T gates sequentially applied) [18] and subsequently extended for circuits of arbitrary depth [19], yielding the first construction of a true QFHE scheme Later this was improved to allow QFHE with a classical client [20]. IV details the toy two-party computation task and discusses the experimental setup and data pertaining to it
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
