Multi-programming quantum computers improve device utilization and throughput. However, crosstalk from concurrent two-qubit CNOT gates poses security risks, compromising the fidelity and output of co-running victim programs. We design Zero Knowledge Tampering Attacks (ZKTAs), using which attackers can exploit crosstalk without knowledge of the hardware error profile. ZKTAs can alter victim program outputs in 40% of cases on commercial systems. We identify that ZKTAs succeed because the attacker's program consistently runs with the same victim program in a fixed context. To mitigate this, we propose QONTEXTS: a context-switching technique that defends against ZKTAs by running programs across multiple contexts, each handling only a subset of trials. QONTEXTS uses multi-programming with frequent context switching while identifying a unique set of programs for each context. This helps limit only a fraction of execution to ZKTAs. We enhance QONTEXTS with attack detection capabilities that compare the distributions from different contexts against each other to identify noisy contexts executed with ZKTAs. Our evaluations on real IBMQ systems show that QONTEXTS increases program resilience by three orders of magnitude and fidelity by 1.33$\times$ on average. Moreover, QONTEXTS improves throughput by 2$\times$, advancing security in multi-programmed environments.

翻译：量子计算机多程序执行提高了设备利用率和吞吐量。然而，并发双量子比特CNOT门产生的串扰会带来安全风险，损害并行运行的受害程序保真度与输出结果。我们设计了零知识篡改攻击，攻击者可在不了解硬件错误分布的情况下利用串扰实施攻击。在商用系统上，该攻击可在40%的情况下改变受害程序输出。我们发现攻击成功的原因在于攻击者程序始终与同一受害程序在固定上下文中运行。为缓解此问题，我们提出QONTEXTS：一种通过跨多个上下文运行程序（每个上下文仅处理部分实验）来防御零知识篡改攻击的上下文切换技术。QONTEXTS采用频繁上下文切换的多程序执行机制，同时为每个上下文分配独特的程序组合。这有助于将零知识篡改攻击的影响限制在部分执行过程中。我们为QONTEXTS增强了攻击检测能力，通过比对不同上下文的输出分布来识别受零知识篡改攻击影响的噪声上下文。在真实IBMQ系统上的评估表明，QONTEXTS将程序抗扰度提升三个数量级，平均保真度提高1.33$\times$。此外，QONTEXTS使吞吐量提升2$\times$，显著增强了多程序环境下的安全性。