This paper introduces QEnclave, a secure hardware device designed to protect the remote execution of quantum operations using only classical controls. It extends the concept of classical secure enclaves to the quantum realm, isolating computations for privacy and tamper-resistance. QEnclave achieves this by performing only single-qubit rotations, yet securing arbitrary quantum computations even with an adversarial qubit source. A remote client, controlling the QEnclave, can securely delegate computations to a server using only classical communication. The paper models QEnclave's security using the remote state rotation (RSR) functionality, proving its ability to enable blind delegated quantum computing with perfect security under the Abstract Cryptography framework. This weakens requirements for blind delegated computation, enabling secure DQC with a classical client that only transforms states without generating or measuring them.

Yao Ma, Elham Kashefi, Myrto Arapinis, Kaushik Chakraborty, Marc Kaplan