Composably Secure Delegated Quantum Computation with Weak Coherent Pulses

A client can delegate a quantum computation to a powerful remote server while ensuring the privacy and the integrity of its computation via Secure Delegated Quantum Computation (SDQC). Thanks to recent results making them noise-robust and resource-efficient, proofs-of-concept implementations of generic SDQC protocols have already been demonstrated. Yet, the requirements for implementing them are still too stringent to go beyond this step while maintaining high security expectations. To further reduce their physical resource cost, we show how to realise SDQC using weak coherent pulses (WCPs) instead of single photons. More precisely, we construct a protocol which guarantees that, among a sufficiently large batch of transmitted WCPs, at least one contained only a single photon. This holds even if the adversary controls the transmittance of the photonic link connecting the client and the server. Our protocol’s security is proven in the composable Abstract Cryptography (AC) framework. This batch can then be fed to known quantum privacy amplification techniques to prepare a single secure qubit in the X-Y plane, which can be used in any composable SDQC protocol which relies on the secure preparation of single qubits. Furthermore, the guarantee on the batch of states can also be used for Quantum Key Distribution (QKD) where the privacy amplification step is classical. In doing so, we address a weakness in the standard security proof of the decoy state method. While our protocol can be instantiated with any number of different intensities for the WCPs, using only two intensities already shows improved scaling at low transmittance, thus opening the possibility of increasing the distance between the client and the server.

💡 Research Summary

This paper presents a significant advancement in the practicality of Secure Delegated Quantum Computation (SDQC) by replacing the requirement for ideal single-photon sources with inexpensive and readily available Weak Coherent Pulse (WCP) sources, while maintaining composable information-theoretic security.

The core problem addressed is the high physical resource cost of existing SDQC protocols, which typically demand that the client can generate single-qubit states (often single photons). The authors construct a novel protocol that guarantees, within a sufficiently large batch of transmitted WCPs of varying intensities, at least one pulse contained only a single photon. This guarantee holds even if a malicious server (the receiver) has full control over the transmittance of the photonic channel, a powerful adversarial model. The protocol operates in three phases: 1) The sender transmits a batch of N WCPs with secretly permuted intensities, 2) The receiver acknowledges receiving photons for a subset of pulses, and 3) The sender runs a classical estimation algorithm on the received indices. This algorithm uses the hidden correlation between pulse intensity and index to detect if the receiver is cheating by, for example, only selecting pulses that contained multiple photons (which would leak information).

A major technical contribution is the formalization of security within the composable Abstract Cryptography (AC) framework. The authors prove that their protocol constructs an ideal “Batch Remote State Preparation” (BatchRSP) resource. This resource outputs a batch of quantum states with the guarantee that at least one is a single copy unknown to the receiver. The security proof reduces the protocol’s correctness and security to simple conditions on the estimation algorithm, decoupling the high-level cryptographic goal from low-level implementation details. This composable security is crucial, as it allows the BatchRSP output to be securely fed into a known quantum privacy amplification gadget