Privacy-preserving quantum multi-party computation based on circular structure

Journal of Information Security and Applications 47 (2019) 120–124

Contents lists available at ScienceDirect

Journal of Information Security and Applications journal homepage: www.elsevier.com/locate/jisa

Privacy-preserving quantum multi-party computation based on circular structure Zhiliang Deng a,b,∗, Ying Zhang a, Xiaorui Zhang c, Lingling Li d a

School of Automation, Nanjing University of Information Science and Technology, Nanjing 210044, China Jiangsu Collaborative Innovation Center on Atmospheric Environment and Equipment Technology, Nanjing 210044, China c School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing 210044, China d Product & Innovation, SAP America, San Ramon, California CA 94583, United States b

a r t i c l e

i n f o

Article history:

Keywords: Secure multi-party computation Privacy-preserving quantum multi-party computation Circle structure Data calculation

a b s t r a c t Secure multi-party computation (SMC) is a collaborative computation problem that protects privacies among a group of distrustful participants. In this paper, a privacy-preserving quantum multi-party computation scheme based on circular structure is presented. In the scheme, each participant implements a certain quantum operation (i.e., a specific function) on the quantum state, and hands the result state to the next participant. Until the first participant receives the quantum state from the last participant and measures the state to get the result of the data calculation, the circle ends. We also analyze the security and efficiency of the scheme, and demonstrate the possibility of utilizing the scheme to solve some statistical calculation problems. © 2019 Elsevier Ltd. All rights reserved.

1. Introduction Quantum computing is a new computational model that follows the laws of quantum mechanics to control quantum information units for computation. Quantum Key Distribution (QKD) protocol, e.g. BB84 [1], is one of the most important applications of quantum mechanics. Different from most current popular cryptosystems based on mathematical NP-hard assumptions (such as RSA [2], DL [3], etc.), BB84 is viewed to be unconditionally secure. Besides QKD, researchers have found more and more applications of quantum mechanics, such as quantum secret sharing [4–6], quantum secure direct communication [7–9], quantum key agreement [10,11], quantum private comparison [12–14], quantum sealed-bid auction [15–17], quantum steganography [18–20], remote quantum state preparation [21–24], delegating private quantum computation [25–27], quantum machine learning [28–30], etc. In the early days, people hoped that all applications based on quantum mechanics can be unconditionally secure, just like the BB84 protocol [1]. However, it was proved that some simple and fundamental crypto-primitives like OT (Oblivious Transfer) [31] and bit commitment [32] cannot be securely constructed based on quantum mechanics. As we know, secure multi-party ∗ Corresponding author at: Nanjing University of Information Science and Technology, Nanjing 210044, China. E-mail addresses: [email protected] (Z. Deng), [email protected] (Y. Zhang).

https://doi.org/10.1016/j.jisa.2019.04.011 2214-2126/© 2019 Elsevier Ltd. All rights reserved.

computation (SMC) is a collaborative computation problem that protects privacies among a group of distrustful participants. In the past decade, quantum secure multi-party computation (QSMC) has emerged many different applications. Unfortunately, it was proven that 1S2P (One Sided Two Party) MPC (Multi-Party Computation) is impossible [33]. In a sense, the general QSMC is impossible. Therefore, how to circumvent these impossibilities becomes a new research direction. Specially, there are two kinds of methods: (1) introduce a fully-honest or semi-honst third party (TP), such as [16,22], to build the secure QSMC protocols.(2) relax the strict security model, such as considering the situation that the quantum memory is limited [34], or the storage is noisy [35]. In our study, we choose the latter to solve the security problem, and the relaxation is that the protocol is probabilistic, i.e., the final output is a statistics result of a random attribute among many attributes. On the other hand, most present QSMC protocols only focus on implementing its multi-party computing functions, and the preservation of participants’ privacy is often overlooked. So, the second purpose of our work is to solve the privacy preservation problem in QSMC. Based on the consideration of above two aspects, we present a privacy-preserving quantum multi-party computation (PQMC) scheme based on circular structure. In this scheme, each participant implements a certain quantum operation on the quantum state, and hands the result quantum state to the next participant. At the end of the round, the first participant receives the quantum

Z. Deng, Y. Zhang and X. Zhang et al. / Journal of Information Security and Applications 47 (2019) 120–124

state from the last one and measures the state to get the result he/she wants. The PQMC scheme uses the circular structure to connect multiple participants to perform an agreed data statistics calculation under the quantum mechanics. This scheme can achieve relatively secure quantum multi-party computation by relaxing the strict security model, and preserve the privacy of participants from being stolen without the help of TP. The remainder of this paper is organized as follows. Some preliminaries about quantum computation are introduced in Section 2. Then we present a concrete protocol of our PQMC scheme and give a simple 3-party PQMC example for summation calculation in Section 3. The security and efficiency are analyzed in Section 4. Finally we discuss the application of our scheme and conclude this paper in Section 5.

121

Fig. 1. Matrix representation and operation of Pauli-X gate, Pauli-Y gate, Pauli-Z gate.

2. Preliminaries 2.1. Qubit Fig. 2. Controlled NOT gate matrix representation and quantum circuit.

Bit is the basic concept of classic computation and classic information, similar to classic bit, and the basic concept of quantum computing and quantum information is called quantum bit (qubit for short). The two possible states of a qubit are |0 and |1, corresponding to the classic bit states 0 and 1 respectively. But the state of a qubit can fall outside of |0 and |1, it can be a linear combination of states, which is often expressed as superposition state, e.g.

|ϕ  = α|0 + β|1,

(1)

where α and β are complex numbers, and |α|2 + |β|2 = 1. When a qubit is measured, the result only can be |0 or |1, and each result has a certain probability. Quantum entanglement is a physical phenomenon that occurs when pairs or groups of particles create interactions or shared spaces in some way, such that the quantum state of each particle cannot be described independently of the state of other particles. Measurements of physical properties such as position, momentum, spin, and polarization, performed on entangled particles are also found to be correlated, even when the particles are separated by a large distance. After multi-qubits interact with each other, the characteristics of each qubit have been integrated into an overall property. When multi-qubits are measured, the measurement results of each qubit are also correlated.

2.2. Quantum gate The changes of quantum state can be described in the language of quantum computation, and the quantum computation is composed of basic quantum gate arrangements. Since the role of quantum gate is linear, we often use matrix to represent quantum gate, and a 2k × 2k unitary matrix can represent the quantum gate that operate on k qubits. Commonly used single-qubit logic gates have Pauli-X gate, Pauli-Y gate, Pauli-Z gate and Hadamard gate. (See Fig. 1). Controlled-NOT quantum gate (See Fig. 2) is a important quantum gate that operates on two qubits. A universal result is that any multi-quantum gate can be made up of controlled-NOT gates and single-qubit gates. Another well-known quantum logic gate that operates three qubits is Toffoli gate (See Fig. 3), which is a generalpurpose reversible logic gate. More complex functions on qubits also can be achieved by quantum circuits that combine these basic quantum gates.

Fig. 3. Truth table and line representation of the Toffoli gate.

3. Privacy-preserving quantum multi-party computation based on circular structure 3.1. Our PQMC scheme Without loss of generality, suppose this is a model of n-party computation, i.e., there are n users, named User i (i=1,2,. . . ,n), taking part in the multi-party computation(See Fig. 4). Each user has m statistics items, index from 0 to m − 1. All users are connected by the circular structure to complete some certain data statistics. User 1: With data set {x1 [i]}, User 1 prepares the quantum state m −1 

|i|x1 [i] = |0|x1 [0] + |1|x1 [1] + . . . + |m − 1|x1 [m − 1],

i=0

(2) and hands the quantum state to User 2. User 2: With data set {x2 [i]}, User 2 appends his/her data to the quantum state and performs some quantum function f on |x1 [i] and |x2 [i], then User 2 will get m −1 

|i|x1 [i]| f (x1 [i], x2 [i] ).

(3)

i=0

This function f is implemented by a specific quantum circuit. Also note that User 2 cannot delete the |x1 [i] from the superposition quantum state, since he/she does not know the {x1 [i]}. Then User 2 hands the quantum state to the 3rd user. In the following, the

122

Z. Deng, Y. Zhang and X. Zhang et al. / Journal of Information Security and Applications 47 (2019) 120–124

Fig. 5. Schematic diagram of quantum circuit for single-bit addition.

Fig. 4. Circle structure of PQMC.

symbol ◦ is used to represent the binary function f to ease notation, i.e., m −1  i=0

|i|x1 [i]|x1 [i] ◦ x2 [i] =

m −1 

|i|x1 [i]| f (x1 [i], x2 [i] ),

(4)

(5)

In general, the jth user receives quantum state from the ( j − 1 )th user, then makes change to the quantum state based on his/her own private data and hands the quantum state to the next, ( j + 1 )th user. User j: User j receives the quantum state

  |i|x1 [i]x1 [i] ◦ x2 [i] ◦ . . . ◦ x j−1 [i] ,

(6)

i=0

from User ( j − 1 ). User j appends his own data {xj [i]} and performs function f on the quantum state he/her receives, then gets m −1 

  |i|x1 [i](x1 [i] ◦ x2 [i] ◦ . . . ◦ x j−1 [i] ) ◦ x j [i] .

(7)

i=0

User n: User n gets the quantum state from User (n − 1 ) and performs operations similar to the above, then User n gets the quantum state m −1 

3.2. An example: 3-party PQMC for summation calculation

i=0

x1 ◦ x2 ◦ x3 = f ( f ( x1 , x2 ), x3 ).

m −1 

Fig. 6. Schematic diagram of quantum circuit for multi-bits addition.

|i|x1 [i]|x1 [i] ◦ x2 [i] ◦ . . . ◦ xn [i].

(8)

For the convenience of expression, taking the statistics of newborn health indicators (height, weight and head circumference) as an example. Suppose there are 3 users, Alice, Bob and Charlie, participating in multi-party data statistics. The statistical function f is the addition operation, i.e.,

f ( x1 [i], x2 [i], x3 [i] ) = x1 [i] + x2 [i] + x3 [i].

In quantum mechanisms, sufficient qubits can be used to represent decimal statistics items. Assuming that the maximal decimal number that may appear in the statistical process is  p, the  reprep sentation of the data can be achieved by using k = log2 qubits, then encode these qubit strings to represent decimal data. Alice prepares the quantum state based on her own data set {x1 [i]} = {3, 50, 33}:

|0|3 + |1|50 + |2|33,

2 

User n sends the quantum state to User 1, and User 1 can delete the |x1 [i] to get

i=0

|i|x1 [i] ◦ x2 [i] ◦ . . . ◦ xn [i],

(9)

i=0

since User 1 know the {x1 [i]}. From the multi-party statistics calculation result, the 1st user can measure the quantum state to get the statistics he/she wants. User 1 carries out quantum measurement on the quantum state by the computational basis, then gets a random index r. The result of privacy-preserving quantum multi-party computation is

|r|x1 [r] ◦ x2 [r] ◦ x3 [r] ◦ . . . ◦ xn [r].

2 

|i|x1 [i] = |0|011 + |1|110010 + |2|011111,

(13)

|i|x2 [i] = |0|010 + |1|101110 + |2|011101.

(14)

i=0

Then add statistics items for the same indicator, also note that according to the parallelism of quantum computation, the addition operations of each statistics item are performed simultaneously. Then Bob gets

|0|011|101 + |1|110010|110 0 0 0 0 + |2|011111|111100 = |0|3|5 + |1|50|96 + |2|33|64

(10)

Of course, this corresponds to the statistics of a random attribute.

(12)

and hands them to Bob. Then Bob appends his own data set {x2 [i]} = {2, 46, 31} to quantum state and carries out quantum function f on |x1 [i] and |x2 [i]. The specific steps of performing quantum addition operations (See Figs. 5 and 6) on |x1 [i] and |x2 [i] are given below. First represent the user’s data as binary qubit strings, i.e.,

i=0

m −1 

(11)

(15) and hands the quantum state to Charlie.

Z. Deng, Y. Zhang and X. Zhang et al. / Journal of Information Security and Applications 47 (2019) 120–124

123

Similar to the process above, Charlie appends his own data set {x3 [i]} = {3, 49, 33} to the quantum state and carries out quantum function f on the f(|x1 [i], |x2 [i]) and |x3 [i]. Then he gets

 where ρ = x px ρx . Thus, Holevo bound is an upper bound on the accessible information, and the right bound of the above inequality is

|0|3|8 + |1|50|145 + |2|33|97.

S (ρ ) −

(16)

Finally, Charlie hands the result quantum state back to Alice. Since Alice knows all {x1 [i]}, she deletes her own data |x1 [i] to get

|0|8 + |1|145 + |2|97.

(17)

Alice can measure the quantum state by the computational basis to get a random index r and get the statistical result of the corresponding statistical item. In this example, if random index r = 1, Alice can measure the state to get a certain result: |1|145. If there are enough samples participating in the statistics and the number of users is known, the average of the statistical items can be obtained, which is more meaningful. In addition, as the final output is a statistics result of a random attribute among many attributes, there is no guarantee that finally originator of the calculation can get the result he/she wants. However, if he/she really wants to get the statistics of a specific attribute, he/she can repeat the protocol several times, then with high probability, the result he/she wants can be obtained. In this process, some result may appear twice or more times since each time the result he/she gets is random. Actually, the scenario above is only a simple example. Our PQMC solution can be extended to more users, each user has more messages, the function f also can be more complex. In general, the scheme can be applied to solve similar multi-party computation problems without leaking users’ private information. 4. Security and efficiency analysis 4.1. Security analysis



p x S ( ρx ) ≤ H ( X )

(19)

x

with equality if and only if the states ρ x have orthogonal support. Combining the two inequalitiesEqs. 18 and (19), and we get

H ( X : Y ) ≤ H ( X ).

(20)

The maximum value of H(X) is attained when all the probabilities are equal, i.e., ∀i ∈ [1, N], pi = 1/N, thus H (X ) = log N. The states ρ x are orthogonal with each other. While one qubit has dimension 2, i.e., it only has 2 orthogonal states, so n = log N qubits is needed at least to represent N orthogonal states. Hence n qubits are needed and H(X: Y) ≤ n, i.e., n qubits can not be used to transmit more than n bits of classical information. Based on this lemma, User 2 can steal max i log |x1 [i]| bits of data from User 1 at most. Thus Theorem 1 is proved.  Theorem 2. If User i is malicious, he/she can only get max i log |x1 [i]| bits of User 1’s data and log|f| bits about the function (x1 [r] ◦ x2 [r] ◦ . . . ◦ xi−1 [r] ) at most, where |f| means the domain size of the function f. Proof. The proof is just similar with Theorem 1. If User i measures the quantum state he/she gets from User (i − 1 ) by the computational basis, he/she can get log |x1 [r]| bits of data from User 1, and log |f| bits about the statistic (x1 [r] ◦ x2 [r] ◦ . . . ◦ xi−1 [r] ) for a random index r. Of course, User i can choose to manipulate the quantum state and measure it by any basis he/she chooses. But again, User i gets no more than (maxi log |x1 [i]| + log | f | ) bits information in total by the Lemma above. 

As mentioned above, general unconditionally QSMC is impossible. So our PQMC scheme is also not secure in the strict sense, but we can prove that the leaked information is limited if one of the participants is malicious.

From the two theorems above, we can see that each participant’s possible information leakage is limited if there is a malicious user. So this scheme can be seen as relatively security, and this can encourage them to participate in such kinds of data calculation works collaboratively.

Theorem 1. If User 2 is malicious, he/she can only get max i log |x1 [i]| bits of User 1’s data at most.

4.2. Efficiency analysis

Proof. If User 2 is malicious, i.e., User 2 tries to steal the data of User 1. Suppose User 2 measures the quantum state he/she gets from User 1 with the computational basis {|0, |1}, and gets a random data item x1 [r], where r is a random index in [0, m − 1]. Of course the item with size of log|x1 [r]|. But User 2 can also manipulate the quantum state from User 1, and then measure it in any basis he/she chooses. Does User 2 can get more information by this approach? The answer is NO, as we have the following lemma based on the well-known Holevo bound.  Lemma 1. n qubits cannot be used to transmit more than n bits of classical information. Proof. The proof is based on the well-known Holevo bound [36], which says: Alice prepares a state ρ X where X = 1, . . . , N with probabilities p1 , . . . , pN . Bob performs a measurement described by POVM elements {Ey } = {E1 , . . . , Em } on that state with measurement outcome Y. The Holevo bound states that for any such measurement Bob may do, the mutual information between X and Y is bounded by

H (X : Y ) ≤ S (ρ ) −

 x

p x S ( ρx ) ,

(18)

For each user involved in multi-party quantum computation, the function f applied to user’s data is constant. Suppose that each user has m statistical items, if the classical calculation method is used to complete the corresponding operation, classical function will be called m times. However, if each user prepares their own statistical items into a quantum superposition state, just call the quantum function f once can complete all the calculation. The quantum parallelism can improve the efficiency of computation in our scheme. Although the function f is constant, the quantum algorithm (or quantum circuit) may not be exactly the same. The quantum algorithm for appending his own data to the existing quantum state depends on the size of the data set, also the size of each statistical item, i.e., O(nlog |x|). The communication overhead of the scheme is also in our consideration. As security analysis mentioned above, if User i measures the quantum state he/she gets form User (i − 1 ) by the computational basis, he/she can get log|x1 [i]| bits of data from User1’s data, and log|f| bits about the statistic (x1 [r] ◦ x2 [r] ◦ . . . ◦ xi−1 [r] ) for a random index r. For each user, he/she sends O(m(log|x1 [i]| + log| f | )) qubits to the next user, where m represents the number of statistic items the user has. Therefore the communication overhead of our scheme is O(m(log|x1 [i]| + log| f | )).

124

Z. Deng, Y. Zhang and X. Zhang et al. / Journal of Information Security and Applications 47 (2019) 120–124

5. Conclusion and discussion A new privacy-preserving quantum multi-party computation scheme based on circular structure presented in this paper is suited for statistical calculation application. The PQMC scheme utilizes some characteristics of quantum mechanics to improve the security of multi-party computation, and the circular structure is used to preserve user’s private information. Under the premise that each party’s main concern is to protect his/her own privacy, they are willing to contribute their private information to the data calculation tasks honestly. Our PQMC scheme can be used in this scenario efficiently. This scheme can be applied to solve many actual data calculation problems, but note that the statistic functions should be computed by scan the data once. To interpret the application of the scheme better, some statistical calculations that can be applied in the scheme are listed here: (1) sum and average: sum = x1 + x2 + . . . + xn , divided it by n and get: average = sum n . (2) bit-wise exclusive OR of the data set: x1  x2  . . .  xn . (3) maximum or minimum: max/min{x1 , x2 , . . . , xn }. Considering some of the limitations that still exist, our next step is to research how to compute more general data calculation functions and study its application in nonstatistical issues, such as data mining. Acknowledgements This work was supported by National Natural Science Foundation of China (Grant nos. 61502240, 61502096 and 61773219); the National Key R&D Program of China (no. 2018YFC1405703) and the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD). References [1] Bennett C, Brassard G. Withdrawn: Quantum cryptography: Public key distribution and coin tossing. In: Proceedings of IEEE International Conference on Computers, Systems and Signal Processing, 560; 1984. p. 175–9. doi:10.1016/j. tcs.2011.08.039. [2] Rivest R, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 1978;21(2):120–6. doi:10.1145/ 359340.359342. [3] Gamal T. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE TransInformTheory 1985;31(4):469–72. doi:10.1007/ 3- 540- 39568- 7_2. [4] Cleve R, Gottesman D, Lo H. How to share a quantum secret. Phys Rev Lett 1999;83(3):648. doi:10.1103/PhysRevLett.83.648. [5] Liu Z, Chen H, Xu J, Liu W, Li Z. High-dimensional deterministic multiparty quantum secret sharing without unitary operations. Quant Inform Process 2012;11(6):1785–95. doi:10.1007/s11128- 011- 0333-z. [6] Chen X, Tang X, Xu G, ZDou, Chen Y, Yang Y. Cryptanalysis of secret sharing with a single d-level quantum system. Quant Inform Process 2018;17:225. doi:10.1007/s11128- 018- 1988- 5. [7] Deng F, Long G, Liu X. A two-step quantum direct communication protocol using the Einstein-Podolsky-Rosen pair block. Phys Rev A 2003;68(4):042317. doi:10.1103/PhysRevA.68.042317. [8] Liu W, Chen H, Ma T, Li Z, Liu Z, Hu W. An efficient deterministic secure quantum communication scheme based on cluster states and identity authentication. Chin Phys B 2009;18(10):4105–9. doi:10.1088/1674-1056/18/10/007. [9] Xu G, Chen X, Li J. Network coding for quantum cooperative multicast. Quant Inform Process 2015;14:4297. doi:10.1007/s11128- 015- 1098- 6. [10] Huang W, Su Q, Liu B, He Y, Fan F, Xu B. Efficient multiparty quantum key agreement with collective detection. Sci Rep 2017;7(1):15264. doi:10.1038/ s41598- 017- 15227- 6.

[11] Liu W, Xu Y, Yang C, Gao P, Yu W. An efficient and secure arbitrary nparty quantum key agreement protocol using bell states. Int J Theor Phys 2018;57(1):195–207. doi:10.1007/s10773- 017- 3553- x. [12] Liu W, Liu C, Liu Z, Liu J, Geng H. Same initial states attack in Yang et al.’s quantum private comparison protocol and the improvement. Int J Theor Phys 2014;53(1):271–6. doi:10.1007/s10773- 013- 1807- 9. [13] Liu W, Li C, Chen H, Li Z, Liu Z. Cryptanalysis and improvement of quantum private comparison protocol based on bell entangled states. Commun Theor Phys 2014;62(2):210–14. [14] Abulkasim H, Alsuqaih H, Hamdan W, Hamad S, Farouk A, Mashatan A, et al. Improved dynamic multi-party quantum private comparison for next generation mobile network. IEEE Access 2019;online:1–11. doi:10.1109/ACCESS.2019. 2894101. [15] Liu W, Wang F, Ji S, Qu Z, Wang X. Attacks and improvement of quantum sealed-bid auction with EPR pairs. Commun Theor Phys 2014;61(6):686–90. doi:10.1088/0253-6102/61/6/05. [16] Liu W, Wang H, Yuan G, Xu Y, Chen Z, An X, et al. Multiparty quantum sealedbid auction using single photons as message carrier. Quant Inform Process 2016;15(2):869–79. doi:10.1007/s11128- 015- 1202- y. [17] Sharma RD, Thapliyal K, Pathak A. Quantum sealed-bid auction using a modified scheme for multiparty circular quantum key agreement. Quant Inform Process 2014;16(7). doi:10.1007/s11128- 017- 1620- 0. [18] Qu Z, Cheng Z, Liu W, Wang X. A novel quantum image steganography algorithm based on exploiting modification direction. Multimedia Tools Appl 2018;online:1–21. doi:10.1007/s11042- 018- 6476-5. [19] Qu Z, Chen S, Ji S, Ma S, Wang X. Anti-noise bidirectional quantum steganography protocol with large payload. Int J Theor Phys 2018;57(6):1–25. doi:10. 1007/s10773- 018- 3716- 4. [20] Qu Z, Zhu T, Wang J, XJWang. A novel quantum stegonagraphy based on brown states. CMC Comp Mater Continua 2018;56(1):47–59. doi:10.3970/cmc.2018. 02215. [21] Liu W, Chen Z, Liu C, Zheng Y. Improved deterministic n-to-one joint remote preparation of an arbitrary qubit via EPR pairs. Int J Theor Phys 2015;54(2):472–83. doi:10.1007/s10773- 014- 2241- 3. [22] Chen X, Sun Y, Xu G, Jia H, Qu Z, Yang Y. Controlled bidirectional remote preparation of three-qubit state. Quant Inform Process 2017;16:244. doi:10. 1007/s11128- 017- 1690- z. [23] Qu Z, Wu S, Wang M, Sun L, Wang X. Effect of quantum noise on deterministic remote state preparation of an arbitrary two-particle state via various quantum entangled channels. Quant Inform Process 2017;16(306):1–25. doi:10.1007/s11128- 017- 1759- 8. [24] Wang M, Yang C, Mousoli R. Controlled cyclic remote state preparation of arbitrary qubit states. CMC Comp Mater Continua 2018;55(2):321–9. doi:10.3970/ cmc.2018.02064. [25] Broadbent A. Delegating private quantum computations. In: Canadian Journal of Physics, 93; 2015. p. 941–6. [26] Liu W, Chen Z, Ji S, Wang H, Zhang J. Multi-party semi-quantum key agreement with delegating quantum computation. Int J Theor Phys 2017;56(10):3164–74. doi:10.1007/s10773- 017- 3484- 6. [27] Liu W, Chen Z, Liu J, Su Z, Chi L. Full-blind delegating private quantum computation. CMC Comp Mater Continua 2018;56(2):211–23. doi:10.3970/cmc.2018. 02288. [28] Biamonte J, Wittek P, Pancotti N, Rebentrost P, Wiebe N, Lloyd S. Quantum machine learning. Nature 2017;549(7671):195–202. doi:10.1038/nature23474. [29] Liu W, Gao P, Yu W, Qu Z, Yang C. Quantum relief algorithm. Quant Inform Process 2018;17(10):280. doi:10.1007/s11128- 018- 2048- x. [30] Liu W, Gao P, Wang Y, Yu W, Zhang M. A unitary weights based oneiteration quantum perceptron algorithm for non-ideal training sets. IEEE Access 2019;online:1–11. doi:10.1109/ACCESS.2019.2896316. [31] Lo H. Insecurity of quantum secure computations. Phys Rev A 1997;56:1154– 62. doi:10.1103/PhysRevA.56.1154. [32] Mayers, Dominic. Unconditionally secure quantum bit commitment is impossible. Phys Rev Lett 1997;78(17):3414. doi:10.1103/PhysRevLett.78.3414. [33] Lo H, Chau H. Is quantum bit commitment really possible? Phys Rev Lett 1997;78(17):3410. doi:10.1103/PhysRevLett.78.3410. [34] Damgaard I, Fehr S, Salvail L, Schaffner C. Cryptography in the boundedquantum-storage model. SIAM J Comp 2008;37(6):1865–90. doi:10.1109/ ITWTPI.2005.1543950. [35] Wehner S, Schaffner C, Terhal B. Cryptography from noisy storage. Phys Rev Lett 20 08;10 0(22):220502. doi:10.1103/PhysRevLett.100.220502. [36] Nielsen M, Chuang I. Quantum Computation and Quantum Information. Cambridge series on information and the natural sciences; 2004.