The meteoric rise in power and popularity of machine learning models dependent on valuable training data has reignited a basic tension between the power of running a program locally and the risk of exposing details of that program to the user. At the same time, fundamental properties of quantum states offer new solutions to data and program security that can require strikingly few quantum resources to exploit, and offer advantages outside of mere computational run time. In this work, we demonstrate such a solution with quantum one-time tokens. A quantum one-time token is a quantum state that permits a certain program to be evaluated exactly once. One-time security guarantees, roughly, that the token cannot be used to evaluate the program more than once. We propose a scheme for building quantum one-time tokens for any randomized classical program, which include generative AI models. We prove that the scheme satisfies an interesting definition of one-time security as long as outputs of the classical algorithm have high enough min-entropy, in a black box model. Importantly, the classical program being protected does not need to be implemented coherently on a quantum computer. In fact, the size and complexity of the quantum one-time token is independent of the program being protected, and additional quantum resources serve only to increase the security of the protocol. Due to this flexibility in adjusting the security, we believe that our proposal is parsimonious enough to serve as a promising candidate for a near-term useful demonstration of quantum computing in either the NISQ or early fault tolerant regime.

翻译：依赖宝贵训练数据的机器学习模型在能力和普及度上的迅猛增长，重新引发了一个基本矛盾：本地运行程序的能力与向用户暴露程序细节的风险之间的矛盾。与此同时，量子态的基本特性为数据和程序安全提供了新的解决方案，这些方案可能只需利用极少的量子资源，并能提供超越单纯计算运行时间的优势。在本工作中，我们通过量子一次性令牌展示了这样一种解决方案。量子一次性令牌是一种量子态，它允许某个程序被精确地执行一次。一次性安全性大致保证：该令牌不能被用于多次执行程序。我们提出了一种为任意随机化经典程序（包括生成式AI模型）构建量子一次性令牌的方案。我们证明，在经典算法输出具有足够高最小熵的黑盒模型下，该方案满足一个有趣的一次性安全性定义。重要的是，被保护的经典程序无需在量子计算机上以相干方式实现。事实上，量子一次性令牌的规模和复杂度与被保护的程序无关，额外的量子资源仅用于增强协议的安全性。由于这种安全性调节的灵活性，我们相信我们的方案足够简洁，有望成为在NISQ或早期容错体系中，近期实现有用量子计算演示的有力候选方案。