How can we trust the output of a quantum cloud computer?

At the forefront of problem-solving machines, quantum computers are unlocking new and exciting forms of computation. But what is a quantum computer, and what does it mean for machine learning, drug discovery, scientific simulation, and more?

content:

1. What is a quantum computer?
2. Challenge: Reliability of quantum cloud computing
3. Why is public verification important?
4. Why simple fixes don’t work
5. Our idea: hide the authentication key inside a time-lock puzzle
6. Preventing fraud after keys are exposed
7. Why this is important for encryption
8. Testing the approach
9. Looking to the future

What is a quantum computer?

Quantum computers are advanced experimental computing systems that use the principles of quantum mechanics to process information in a fundamentally different way than classical computers.

Unlike traditional computers, which process information using bits measured as 0 or 1, quantum computers use quantum bits, or quantum bits. Qubits can be created by superposing states, and multiple qubits can be connected through entanglement. Quantum algorithms exploit these effects and interferences to solve certain classes of problems more efficiently than the best-known classical methods.

For some carefully defined tasks, quantum algorithms are expected to offer dramatic speedups over traditional methods, but the practical benefits will vary depending on the problem, hardware, and algorithm.

Most users will likely access quantum computers through cloud services rather than owning their own quantum hardware. This raises a simple but important question. How can a classical computer user trust the results returned by a powerful quantum server?

This question is at the heart of a recent study developed in collaboration with Dr. Amir Mohamed of Kuwait University and Jaffer Mahdi of Kuwait Oil Company. The resulting paper, “Time-delayed publicly verifiable quantum computation for classical verifiers,” was accepted at the 2026 Society for Computing Machinery Conference on Computer and Communications Security.

Challenge: Reliability of quantum cloud computing

Quantum computing is currently in an exciting phase, moving from theory to deployment. In the future, many organizations and individual users may access quantum processors through cloud-based pay-as-you-go services.

Although this model can support powerful new applications, it also introduces reliability issues.

Clients can send tasks to remote quantum servers and receive results. But how can the client know that the result is correct? This is difficult because the client may only have a classical computer and therefore cannot repeat quantum calculations independently. If it’s easy to redo a calculation, there’s little reason to outsource it.

This problem is known as a classical test of quantum computation. It asks whether a classical verifier can check the results of calculations performed by an untrusted quantum prover.

Our conference-accepted paper investigates a more powerful version of this problem. Can the results be verified by anyone, not just the original client?

Why is public verification important?

Personal authentication alone is often not enough.

Suppose a company wants to outsource high-value quantum computation to a cloud provider. If a dispute later arises, the results may need to be reviewed by auditors, regulators, courts, customers, or other third parties.

This requires public verifiability. Anyone should be able to inspect the proof and verify that the computation was performed correctly.

Public validation is particularly relevant for applications where quantum computing may support high-impact decisions. Examples include quantum machine learning, drug discovery, genomics, personalized medicine, portfolio optimization, risk modeling, fraud detection, and quantum-enhanced classification.

In such environments, the results of calculations can influence scientific, financial, or medical decisions. Therefore, auditability becomes an important part of trust.

Why simple fixes don’t work

A natural first idea is to use an existing private, verifiable quantum computing protocol and then make the secret verification key public so that anyone can verify the proof.

Unfortunately, this compromises security.

If the quantum server learns the secret verification key too quickly, it could create convincing evidence for false results.

The second idea is to keep the private key private until the server returns a proof, and then make it public. This only works if the client remains online and available at the right time. It may also be necessary for a trusted third party to hold or release the key. Our goal is to avoid both assumptions.

We need a solution where clients can send one initial message and everyone can see the results later, even if they go offline.

Our idea: hide the authentication key inside a time-lock puzzle

Our solution uses time-locked puzzles. A time-lock puzzle is an encryption mechanism that hides information until a certain amount of time has passed.

It’s like a digital time capsule. Easy to create, but intentionally slow to open.

In our protocol, the client places a secret verification key inside a time-locked puzzle. The quantum server receives the public information it needs to perform computations and generate proofs, but it cannot immediately learn the verification key.

A certain delay is chosen so that the puzzle cannot be solved before the server generates and publishes the computational results and proof. Once the delay has passed, the puzzle is solved and the verification key is published, allowing anyone to verify the proof.

This provides public verifiability with time delay.

Verification is private from the beginning. It will be published only after the calculations and proofs are completed. This small change allows us to avoid the stronger cipher assumption used in previous approaches.

Preventing fraud after keys are exposed

There is another issue. What prevents the server from waiting until the puzzle is solved, learning the verification key, and creating a forged proof?

To prevent this, proofs are timestamped. The verifier verifies that the proof was generated before the deadline. Proofs created after the verification key is available will be rejected.

You also need to ensure that the key recovered from the puzzle is the same key that was originally fixed by the client. For this purpose, the client issues a commitment to a verification key. Later, when the puzzle is solved, anyone can check whether the recovered key matches the commitment.

The combination of timelock puzzles, timestamps, and commitments provides a clear security structure.

1. The key is initially hidden, but
2. Evidence must be provided before the key is revealed.
3. The key will be published after a delay.
4. A third party can then verify the proof.

Why this is important for encryption

Previous approaches to publicly verifiable quantum computation have often relied on highly theoretical cryptographic tools.

One example is “unidentifiable obfuscation.”

You can think of this as a way to “scramble” a computer program to make it work, but its internal structure is very difficult to know from the outside. Although this is a powerful idea in modern cryptography, the current structure is far from practical.

Other approaches rely on idealized models, such as the classical Oracle model, which is considered to abstract functionality such as obfuscation. These models are useful for exploring what is theoretically possible, but they abstract away the details that real-world systems need to implement. Our research follows a different route. Although our security proof is still in the quantum random oracle model and uses a common reference string, its construction avoids indistinguishable obfuscation and is based on more standard post-quantum assumptions.

We show that practical non-interactive schemes can be constructed from more standard post-quantum assumptions by delaying public verification until the calculations are complete.

The construction relies on post-quantum timelock puzzles, commitment schemes, and privately verifiable quantum computing protocols. To our knowledge, this is the first example of using time-locked puzzles to transform a privately verifiable quantum computation scheme into a publicly verifiable scheme.

Testing the approach

We also implemented instantiation of the scheme using AWS Braket, a cloud-based platform used for quantum circuit simulations.

We considered two types of quantum workloads in our experiments. The first is a random quantum circuit, which serves as a general test case. The second is based on the Harrow-Hassidim-Lloyd algorithm, commonly referred to as HHL.

HHL is a quantum algorithm for solving linear systems, the problem of finding unknown values ​​that satisfy a set of equations. Linear systems are the basis of all of science, engineering, finance, and machine learning.

“16×16 HHL instance” means that the test problem contains a linear system represented by a 16-by-16 matrix. Simply put, this corresponds to a system with 16 linked variables. This is not intended for large scale real world problems. Rather, it is a useful benchmark for testing the end-to-end behavior of a verification scheme.

In our experiments, this 16×16 instance quantum circuit took approximately 90 seconds to compute. The corresponding time-locked puzzles were adjusted to take at least as long to solve as the computation. On the traditional client side, the puzzle itself takes only about 0.05 milliseconds to generate, excluding setup costs.

These results suggest that very little additional work may be required for the client. This is important for users with limited computing resources or who cannot stay online after submitting a task.

Looking to the future

Our work is a step toward a more responsible model for quantum cloud computing.

As quantum computing becomes more accessible through remote services, users will need a mechanism to verify that they have received the correct results. In high-stakes situations, it may not be enough to just convince your former client. Others may also need to confirm the results.

Public verification through time delay offers one way forward. Although it does not solve all open problems in publicly verifiable quantum computation, it shows that timing can be used as a cryptographic resource.

By combining time-lock puzzles with classical verification of quantum computation, we provide classical users with a practical route to verifiable quantum cloud services.

You may also like: