arxiv - computer science recent Abstract—Inspired by a recent study by Christensen and Popovski on secure2-user product computation for finite-fields of prime-order over a quantum multiple access channel (QMAC), the generalization toK users and arbitrary finite fields is explored. Combining ideas of batch-processing, quantum2-sum protocol, a secure computation scheme of Feige, Killian and Naor (FKN), a field-group isomorphism and additive secret sharing, asymptotically optimal (capacity-achieving for large alphabet) schemes are proposed for secureK-user (anyK) productcomputation over any finite field. The capacity of modulod (d ≥ 2) secure K-sum computation over the QMAC is foundto be2/K computations/qudit as a byproduct of the analysis.
I. INTRODUCTION
Classical computation over a transmit-side-entanglement
assisted ideal (noise-free) quantum multiple access channel
(QMAC) is an active research topic of fundamental significance from both information- and quantum-theoretic perspectives (recent works include [1]–[8]). Capacity results inthis idealized setting — while admittedly optimistic because
important practical concerns [9]–[12] such as losses, errors and
decoherence are deliberately ignored — nevertheless reflec
tboth classical and quantum limitations that are arguably even
more foundational, thus shedding light on such limitations
,especially in multiuser settings that are not so well-understood.
Particularly relevant for our purpose is the secure-product
computation problem recently studied by Christensen andPopovski in [1] which directly motivates this work.As illustrated in Fig. 1, the problem of secure computationover a QMAC (QSK-Comp in short) nvolves
K users withindependent data streamsWk, k ∈ {1,2, · · · , K}, and a serverwho must be allowed to compute a certain functionF (e.g.,a product) of those data-streams, without revealing anythingelse about the users’ data. The communication takes placevia a QMAC, wherein entangled subsystemsQ1, · · ·,QKof a quantum systemQ are distributed beforehand (i.e.,independent of data) toK users. After each user (Userk, k ∈ {1,2, · · · , K}) manipulates its allocated quantumsubsystem (Qk) through local operations depending on itsdata-stream(Wk) and common randomness (Z), allK quantum subsystems are sent through ideal (noise-free) quantum channels to the server, who must then recover the desiredcomputation with zero error. The common randomness, theinitial entanglement of the quantum subsystems, and the localoperations at each user, are all subject to optimization by
a coding scheme to minimize the communication cost per
computation instance!
Reference [1] shows how a secure product can be computed
over a2-user QMAC by exploiting quantum-entanglementamong the transmitters. The solution in [1] is also generalized
to securely compute the product over any prime fieldFd (i.e.,d is prime) over a2-user QMAC, at the cost of2 quditsa quditis ad-dimensional quantum system) for computinganFd product once. Thus, the efficiency (rate) is1/2 computations/qudit. Among open problems [1] mentions secureproduct computation over arbitrary finite fields Fd where dis not necessarily a prime, as well as generalizations from 2-user to K-user settings. In this work, we address both ofthese questions. Combining ideas from batch-processing,2-sum protocol [7], [8], additive secret sharing, FKN scheme[13], and mapping of secure products of non-zero terms
into secure sums via field-group isomorphism [14], we showthat secureK-user product computation is achievable overany finite fieldFd(d need not be prime) at the rate of(2/K)/[logd(2K− 1) + logd(d− 1)], which is asymptoticallyoptimal (asymptotic capacity is2/K computations/qudit) forlarge alphabetd. For the2-user secure product overF2 (equivalently, the secure AND computation), the rate is improvedfrom1/2 in [1] to1/ log2(3) computations/qubit, and for largealphabet (i.e.,2-user secure product overFd for large primed) the improvement approaches a factor of2. As a byproduct,the capacity of secureK-sum computation modulod over theQMAC is shown to be exactly2/K computations/qudit.Notation: For integers a, b wherea≤b, let[a:b] denote theset{a, a+1, · · · , b}, andY[a:b]the set{Ya, Ya+1, · · · , Yb}. Let[b] denote [1 :b]. The ring of integers modulod isZd=Z/dZ