M. Prem Laxman Das

Quantum computers has a major influence on our modern computing platforms. New way of delegated quantum computation solutions continues to be introduced by researchers. The basic functionality of delegated quantum computation enables a classical client to delegates quantum computation related jobs to remote untrusted server with appropriate security measures. However, only very few techniques are addressed the security challenges and its feasibility to implement in practice. One of the solution is quantum trusted execution environment (Q-TEE), which ensures a secure and practical way to build a remote quantum computing server with classical client. In this work, we explore some new features of a quantum-TEE (QTEE), which can be seen as aiding secure computation on a quantum computer. It is reasonable to expect that a QTEE may be required to authenticate classical entities relating to a particular quantum computation. For example, a client, which has submitted a particular job, may require a proof that the quantum computation was indeed executed in that particular computer. Such a QTEE may be envisaged to be using a post-quantum signature scheme like DILITHIUM or Falcon. The quantum computing platform provider would use its secret key to sign various classical entities. The signature can be verified by using the provider's public key. We propose a design of a QTEE which uses Tokenized Signature Scheme (TSS). We also point out that such a QTEE has certain advantages over the naive DS-based ones. Ben-David and Sattath introduced the primitive called (public key) Tokenized Signature Scheme, which can be used in a situation where a owner wants to delegate the power to sign to a signer. The owner, after generating the signing and verification keys (using PPT called KeyGen) (similar to key generation in a DS), creates a certain number of quantum tokens (using QPT called TokenGen) and gives them to designated signers. The signers authenticate classical messages (using QPT called Sign) by generating a classical string called signature, on behalf of the owner and at her behest, using the owner-provided tokens. The verification (using PPT called Vrfy) can be run by anyone using the public key, the signature and the message. The authors also give a construction of TSS using subspace states. A quantum computation platform provider can generate its own key pair and generate tokens. The computers owned by the service provider may be equipped with a QTEE based on a candidate TSS scheme. The quantum tokens are loaded onto the QTEE, which are used for signing. We point out some advantages of such a construction. Firstly, the secret key of the owner is never revealed and all the computers controlled by the provider authenticate in the same manner. Secondly, the trust assumption on the QTEE may be relaxed. A secure TSS is expected to have the following unforgeability property. An adversarial signer can not sign n+1 messages if it has only n tokens. Thirdly, in a situation where the client pays for such authentication services, quantum tokens can be budgeted and monetized. A complete design of a QTEE, supporting various secure quantum computation related requirements, may be achived with a TSS at its core. A TSS supporting aggregation and aggregated-verification brings in added advantage. Meaningful analogues of remote attestation (RA) and direct anonymous attestation (DAA) in this setting may also be explored. The development of quantum- based TEE techniques enables service providers to implement proprietary quantum computing devices in practice. Also, it allows classical users to perform remote quantum computation at very high security levels.