Experimental quantum homomorphic encryption

The work addresses secure delegated quantum computation where a client (Alice) wishes to use a remote server’s (Bob’s) quantum resources while protecting Alice’s data and Bob’s algorithm. Classical fully homomorphic encryption (FHE) provides computational security for arbitrary classical computations but relies on hardness assumptions. In quantum settings, blind quantum computation offers information-theoretic security but requires interaction after each computational step, limiting practicality. Quantum homomorphic encryption removes the need for interaction but, due to no-go results, cannot simultaneously achieve perfect privacy, universality, and non-exponential overhead. The authors investigate a practical, noninteractive quantum homomorphic scheme based on photonics and quantum walks that relaxes universality and perfect privacy while enabling meaningful computations. The research question is whether homomorphic-encrypted quantum computations—specifically single-qubit unitaries and multi-photon quantum walks—can be experimentally realized with privacy guarantees using integrated photonics where the input is encrypted in polarization and computation proceeds in the path degree of freedom.

Key prior works include Gentry’s 2009 fully homomorphic encryption for classical computing, which established computationally secure FHE. Blind quantum computation protocols (2009) enable secure delegated quantum computing with interaction and information-theoretic security. No-go theorems for quantum homomorphic encryption show that fully homomorphic, information-theoretically secure quantum schemes with efficient resources are impossible. Rohde, Fitzsimons, and Gilchrist proposed photonic quantum walks with encrypted data by encoding inputs in polarization and performing computation in spatial modes, sacrificing universality and perfect privacy to gain practicality. Quantum walks are highlighted as valuable subroutines with applications in machine learning, search, and Boson sampling, with multiple experimental demonstrations in linear optics. This work builds on these foundations by implementing the homomorphic-encrypted quantum walk protocol using integrated, polarization-insensitive photonic circuits.

The experiment implements homomorphic-encrypted quantum computations using single-photon states. Alice encodes her plaintext input for an m-mode quantum walk with n walkers by using polarization: data photons are prepared in one polarization basis state while ancilla photons populate otherwise empty modes in the orthogonal polarization, ensuring that orthogonally polarized photons do not interfere. Bob’s processor performs the computation using the path degree of freedom via an integrated optics chip engineered to be polarization independent. Experimental setup: A Ti:Sapphire laser (789 nm, 150 fs, 80 MHz, 3.6 W) frequency-doubled to 394.5 nm pumps two 2-mm type-II BBO crystals, each probabilistically generating one photon pair via SPDC. Photons are spectrally filtered (3-nm at 789 nm), spatially filtered with single-mode fibers, and pass through polarizers to prepare pure separable four-photon states. Half-wave and quarter-wave plates (motorized, 0.02° precision) enable arbitrary polarization state preparation. Adjustable free-space delays synchronize arrival within ~300 fs coherence time. Four photons are coupled into the chip via a 127-µm pitch v-groove array; outputs are collimated and detected with projective polarization measurements (QWP, HWP, PBS, APDs). Overall transmission from in-coupling to detection is 50 ± 5%. Integrated photonics and unitaries: Waveguides are laser-written in Corning Eagle-XG glass using a Yb:KYW oscillator (1030 nm, 300 fs, 1 MHz). Writing parameters: depth 170 µm, 270 mW, five passes per waveguide, stage speed 40 mm/s, focused with 50×, 0.6 NA objective. Thermal annealing yields polarization-insensitive circuits with birefringence Δn < 10^-6 and favorable bending losses. Devices (22 mm length, 90 mm bending radius) reach transmissivity up to 52.6 ± 3%. Directional coupler interaction lengths are tuned to set power splitting; path lengths are designed to realize target 4×4 unitaries. Implemented unitaries are reconstructed via intensity measurements and numerical optimization, constraining amplitude and phase errors to ~1% and ~50 mrad, respectively. Protocol and tasks: Alice encrypts inputs by selecting from d different linear polarization bases (keys); Bob applies a fixed 4-mode unitary implementing a quantum walk. After the walk, Bob returns the photons; Alice measures in her chosen polarization basis to decode the outcome. Experiments cover single-photon unitary transformations and quantum walks with two and three walkers, for two distinct 4-mode unitaries. Performance is benchmarked by comparing measured output probability distributions to theoretical predictions via the Bhattacharyya distance. Security analysis and attacks: Security is quantified via trace distances among possible plaintext inputs, Holevo information bounding Bob’s accessible information, and a practical attack where Bob measures all photons in a randomly chosen basis. For m = 4, Alice varies the number of keys d from 2 to 12 to study Bob’s success probability. Error characterization: Main error sources include higher-order SPDC emissions and spectral distinguishability. Triple-pair emission contributes noise at the per-pulse emission probability ~0.14%. Hong–Ou–Mandel visibilities between sources are 0.88 ± 0.05 after subtracting higher-order noise (0.77 ± 0.05 without subtraction). These effects reduce overlap with simulations, with degradation increasing with photon number. Detection counts are treated with Poissonian errors (ε = √N).

• Demonstrated homomorphic-encrypted quantum computations using integrated photonics: single-photon unitary transformations and quantum walks with up to three walkers on a 4-mode chip.
• Achieved polarization-independent path unitaries by fabricating low-birefringence waveguides (Δn < 10^-6) via annealed femtosecond laser writing.
• High agreement between experiment and theory: mean overlaps (Bhattacharyya distance) between predicted and measured output distributions across all walks of 0.995 ± 0.014 for Unitary 1 and 0.986 ± 0.012 for Unitary 2; per-task fidelities of approximately 0.99 ± 0.02 (single-photon), 0.99 ± 0.02 (two-photon), and 0.99 ± 0.03 (three-photon).
• Security metrics for Alice’s plaintext inputs (m = 4): pairwise trace distances among possible inputs are 0.81 for Hamming distances 1 and 3, and 0.85 for Hamming distance 2, implying imperfect distinguishability for Bob.
• Holevo bound on Bob’s accessible information: χ(4) ≈ 1.9694 bits for four modes.
• Practical attack outcomes: for m = 4 and d = 2 bases, Bob’s success probability is 0.5; as the number of bases increases (d = 3, 4, 6, 12), the success probability decreases toward an asymptote of about 0.27. Privacy improves with increasing number of modes m and key size d.
• Device metrics: overall optical transmission 50 ± 5%; integrated chip transmissivity up to 52.6 ± 3%; HOM visibility 0.88 ± 0.05 after higher-order-noise subtraction.

The results show that useful, noninteractive quantum homomorphic computations can be performed by encrypting inputs in the polarization degree of freedom while executing computations in the path modes of an integrated photonic processor. By relaxing universality and perfect privacy, the scheme achieves practical homomorphic-encrypted quantum walks with strong agreement between measured and predicted outcomes, confirming polarization independence of the implemented unitaries. Security is quantified and experimentally probed: limited trace distances, a sub-2-bit Holevo bound for m = 4, and reduced attack success with larger key sets demonstrate nontrivial privacy for Alice’s inputs. The approach indicates a practical pathway to delegated quantum computations using photonic platforms, with performance currently limited primarily by photon-number scalability, source brightness, distinguishability, and losses. Increasing photon number (modes) and key size strengthens privacy, and continued advances in integrated photonics and photon sources will enable larger instances with improved security-performance trade-offs.

This work experimentally realizes homomorphic-encrypted quantum computing using integrated photonics, demonstrating single-photon unitaries and multi-photon quantum walks with encrypted inputs. The platform leverages polarization for encryption and path modes for computation, achieving high-fidelity, polarization-independent unitaries and quantifiable privacy guarantees. Future directions include scaling to more modes using brighter, more indistinguishable photon sources; employing higher-dimensional photonic degrees of freedom (e.g., orbital angular momentum) to increase hidden information beyond polarization’s binary encoding; and integrating quantum error correction or loss-tolerant schemes to enable repeated or larger computations. Determining optimal trade-offs among security, computational generality, and resource overhead remains an open research avenue.

• The scheme is not fully homomorphic with perfect privacy and efficient resources due to known no-go theorems; universality and/or privacy are relaxed.
• Security is limited by the number of modes (photons) and the key set size; with small m, Bob’s accessible information is non-negligible (≈1.97 bits for m = 4).
• The protocol supports only a subset of computations (quantum walks and single-photon unitaries), not universal quantum computation.
• Practical operation is single-shot; repeated attempts would erode security for both parties without error correction.
• Experimental limitations include losses (overall ~50%), spectral distinguishability (HOM visibility < 1), and higher-order SPDC emissions (triple-pair probability ~0.14%), which reduce fidelity as photon number increases.
• Certain input states can be affected by multi-pair emissions that are not fully mitigated, though states of primary interest for the quantum walk avoid this issue.