The key problem to be studied over the course of this project is a missing analysis in the literature regarding the security state of quantum computing when it comes to decomposing the state of quantum computing into two key parts: the computation degrees of freedom and other degrees of freedom.

The computational degrees of freedom are where quantum computing is assumed to occur in a quantum computer on a theoretical level; however, decoherence, the leading challenge faced by quantum computers in the NISQ (noisy intermediate-scale quantum computing) era, occurs because of disregarding the other degrees of freedom in the system. 

These degrees of freedom are physical sources of noise and can mostly be attributed to a lack of sufficiency in technological prowess at present. Nevertheless, simply decomposing the computing space into computational and non-computational (other) degrees of freedom happens on the Hilbert space level, and any behaviour outside the computational dimensions is often considered noise. For our analysis, when we refer to the noise in a quantum computer, we mean those other degrees of freedom not directly contributing to the theoretical computations.

Noise in-and-of-itself is not in direct opposition to the postulates of quantum computing, at least, assuming that noise is not correlating with what is happening in the process of the computation (application of logic gates, setting of the quantum state, measurement of the quantum state).

This type of noise is said to be Markovian, which is exactly as we have described it: non-correlating; however, there is also non-Markovian noise.

In case the degree of non-Markovian noise can, through the actions of an adversary, be manipulated, analysed, or otherwise leveraged with the purpose of disrupting or deciphering the computation, by a third party (that is, not by the quantum computing host or the one performing the computation), we refer to such actions as a side-channel attack, and view this as a potential security risk.

Our initial goal is to characterize these attacks and mitigation methods for these attacks; however, this comes with a certain degree of nuance, as discussed below. Even in those rare cases where Markovian noise is considered a risk, we still refer to any potential attack leveraging this noise as a side-channel attack, though few methods are known.

Quantum computing itself comes in many flavours, but setting aside the types of technology and hardware used to exercise quantum computation such as topological, trapped ion, super-conducting, and optical qubits, we consider the broader form of qubits and qudits.

Qubits are the quantum-equivalent of classical computing: they are binary in their readouts. Qudits, on the other hand, are ternary, and require more sophisticated mathematical tools to study. Qudits themselves have more computational degrees of freedom per qudit than qubits.

As quantum computing systems of multiple qubits or qudits have exponential growth in their possible readouts with qubits having a base of 2 and qudits having a base of n, a rigorous study of the noise in such systems is expected to differ, especially considering qudits use a broader set of degrees of freedom in known physical realizations. This brings us to another key goal of our research, which is to extend side-channel security analysis to qudit systems.

The processes by which noise evolves in a quantum computer through phases such as depolarizing noise and cross-talk, other forms of physical noise such as thermal fluctuations, unforeseen memory in a quantum system, and other sources of side-channel leakage in a quantum computer, requires a thorough analysis. Many methods are available to exploit such side-channel considerations for attacks, such as indirect tomography and even the calibration setup of a quantum computer. We aim to develop a theoretical framework for this which allows for a thorough analysis of arbitrary hardware setups.

—-
Generally speaking, we are not in the business of what is colloquially referred to as “black hat” cybersecurity, that is, the business of exploiting attacks illicitly without proposing a solution; rather, we aim for a “white hat” approach where prior to publishing any results, we will find safe and reliable solutions to the vulnerabilities exposed by our research.

This can at times present its own form of challenge as it is not always a priori upon realization of an attack on a system. For instance, a source of noise may be the key to formulating a specific attack, but if the noise itself cannot be easily mitigated, then a solution must be found using other means.

Thankfully, at least when it comes to protecting the circuit information leakage itself, there is such a thing as verifiable blind quantum computing, an established result with information-theoretic proofs showing its soundness as a defence measure even against classical side-channel leakage gaining perfect information, and while measurement and state preparation both present novel challenges, the same strategy is a theoretical road-block; however, due to the difficulty of implementing VBQC and the significant overhead incurred by its usage, other strategies must also be explored for feasibility: that is, a theoretical solution is not, in our eyes, sufficient to mitigate a proposed attack, and a feasible defence measure must be brought to light prior to publication.