Related papers: SWAP Attack: Stealthy Side-Channel Attack on Multi-Tenant Quantum Cloud System

SWAP Attack: Stealthy Side-Channel Attack on Multi-Tenant Quantum Cloud System

URL: http://arxiv.org/abs/2502.10115v1
Date: Fri, 14 Feb 2025 12:25:08 GMT
Title: SWAP Attack: Stealthy Side-Channel Attack on Multi-Tenant Quantum Cloud System
Authors: Wei Jie Bryan Lee, Siyi Wang, Suman Dutta, Walid El Maouaki, Anupam Chattopadhyay,
Abstract summary: Crosstalk on shared quantum devices allows adversaries to interfere with victim circuits within a neighborhood. We show that SWAP-based side-channel attack operates in both active and passive modes, as verified on real IBM quantum devices. Our work highlights the urgent need for robust security measures to safeguard quantum computations against emerging threats.
Score: 3.4804333771236875
License:
Abstract: The rapid advancement of quantum computing has spurred widespread adoption, with cloud-based quantum devices gaining traction in academia and industry. This shift raises critical concerns about the privacy and security of computations on shared, multi-tenant quantum platforms accessed remotely. Recent studies have shown that crosstalk on shared quantum devices allows adversaries to interfere with victim circuits within a neighborhood. While insightful, these works left unresolved questions regarding the root cause of crosstalk, effective countermeasures, and replicability across circuits. We revisit the crosstalk effect, tracing its origins to the SWAP path between qubits and demonstrating its impact even over long distances. Our results significantly improve the understanding of this phenomenon beyond prior works. The proposed SWAP-based side-channel attack operates in both active and passive modes, as verified on real IBM quantum devices. In the active attack, an attacker executing a single CNOT gate can perturb victim circuits running Grover's Algorithm, reducing expected output accuracy by $81.62\%$ through strategic qubit placement. Moreover, this effect can be modeled to identify qubits more susceptible to attack. The passive attack, leveraging a stealthy circuit as small as $6.25\%$ of the victim's, achieves $100\%$ accuracy in predicting the victim's circuit size when running Simon's Algorithm. These findings challenge the existing defense strategy of maximizing topological distance between circuits, showing that attackers can still extract sensitive information or manipulate results remotely. Our work highlights the urgent need for robust security measures to safeguard quantum computations against emerging threats.

Related papers

Defending crosstalk-mediated quantum attacks using dynamical decoupling [0.276240219662896]
In the past few years, the field of quantum computing is reaching new heights with significant advancements in algorithm development. Companies and research labs are actively working to build fault-tolerant quantum computers.
arXiv Detail & Related papers (2024-09-22T21:22:05Z)
Security Attacks Abusing Pulse-level Quantum Circuits [10.353892677735212]
This work presents the first thorough exploration of the attacks on the interface between gate-level and pulse-level quantum circuits. It shows that most current software development kits are vulnerable to these new types of attacks. The exploration of security and privacy issues of the rising pulse-level quantum circuits provides insight into the future development of secure quantum software development kits and quantum computer systems.
arXiv Detail & Related papers (2024-06-10T00:11:05Z)
Multi-granular Adversarial Attacks against Black-box Neural Ranking Models [111.58315434849047]
We create high-quality adversarial examples by incorporating multi-granular perturbations. We transform the multi-granular attack into a sequential decision-making process. Our attack method surpasses prevailing baselines in both attack effectiveness and imperceptibility.
arXiv Detail & Related papers (2024-04-02T02:08:29Z)
Crosstalk Attacks and Defence in a Shared Quantum Computing Environment [0.5890690947925292]
Crosstalk noise is a significant source of errors on IBM quantum hardware. We develop strategies for mitigating crosstalk effects using circuit separation, qubit allocation optimization via reinforcement learning, and the use of spectator qubits.
arXiv Detail & Related papers (2024-02-05T06:17:26Z)
Quantum Circuit Reconstruction from Power Side-Channel Attacks on Quantum Computer Controllers [11.148634764855407]
A novel type of threat to quantum circuits that dedicated attackers could launch are power trace attacks. This paper presents first formalization and demonstration of using power traces to unlock and steal quantum circuit secrets.
arXiv Detail & Related papers (2024-01-29T03:56:21Z)
Secure Deep Learning-based Distributed Intelligence on Pocket-sized Drones [75.80952211739185]
Palm-sized nano-drones are an appealing class of edge nodes, but their limited computational resources prevent running large deep-learning models onboard. Adopting an edge-fog computational paradigm, we can offload part of the computation to the fog; however, this poses security concerns if the fog node, or the communication link, can not be trusted. We propose a novel distributed edge-fog execution scheme that validates fog computation by redundantly executing a random subnetwork aboard our nano-drone.
arXiv Detail & Related papers (2023-07-04T08:29:41Z)
Versatile Weight Attack via Flipping Limited Bits [68.45224286690932]
We study a novel attack paradigm, which modifies model parameters in the deployment stage. Considering the effectiveness and stealthiness goals, we provide a general formulation to perform the bit-flip based weight attack. We present two cases of the general formulation with different malicious purposes, i.e., single sample attack (SSA) and triggered samples attack (TSA)
arXiv Detail & Related papers (2022-07-25T03:24:58Z)
The Feasibility and Inevitability of Stealth Attacks [63.14766152741211]
We study new adversarial perturbations that enable an attacker to gain control over decisions in generic Artificial Intelligence systems. In contrast to adversarial data modification, the attack mechanism we consider here involves alterations to the AI system itself.
arXiv Detail & Related papers (2021-06-26T10:50:07Z)
Cyberattacks on Quantum Networked Computation and Communications -- Hacking the Superdense Coding Protocol on IBM's Quantum Computers [0.0]
We study two types of attacks on automated quantum communications protocols. We show that, due to quantum entanglement and symmetries, the second type of attack works as a way to strategically disrupt quantum communications networks.
arXiv Detail & Related papers (2021-05-15T09:42:36Z)
Adversarial Attacks on Deep Learning Based Power Allocation in a Massive MIMO Network [62.77129284830945]
We show that adversarial attacks can break DL-based power allocation in the downlink of a massive multiple-input-multiple-output (maMIMO) network. We benchmark the performance of these attacks and show that with a small perturbation in the input of the neural network (NN), the white-box attacks can result in infeasible solutions up to 86%.
arXiv Detail & Related papers (2021-01-28T16:18:19Z)
Defence against adversarial attacks using classical and quantum-enhanced Boltzmann machines [64.62510681492994]
generative models attempt to learn the distribution underlying a dataset, making them inherently more robust to small perturbations. We find improvements ranging from 5% to 72% against attacks with Boltzmann machines on the MNIST dataset.
arXiv Detail & Related papers (2020-12-21T19:00:03Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.