MSPQC student Preetham Tikkireddi won second place for his poster, “Understanding security side channel attacks on multi-tenancy quantum computers,” at the plenary meeting of the Quantum Economic Development Consortium (QED-C), held March 20-21 in Evanston, IL.
Students who attended the plenary first learned best practices for presenting their research to a non-science audience, a useful skill for a cutting-edge field where investors, hiring managers, and policy makers do not necessarily have a quantum background. Then, the students implemented those skills at the judged poster session.
“[The poster session attendees] are really smart people, but they’re not quantum people, so you set them up for asking questions, and based on the questions that they’re asking, you determine how deep you want to go into your research.” Tikkireddi says. “It was a very different kind of experience, rather than just a plain research presentation to a professor or people who already know the field.”
Tikkireddi’s research, conducted with computer sciences professor Swamit Tannu, looked at the potential for exploiting crosstalk when two users access the same quantum computer at the same time.
“Right now, quantum computers are really expensive, and the way we access them is by sending jobs to these quantum providers like IBM or IonQ,” Tikkireddi explains. “But the queues are really long. If you’re lucky, you can get the results back the next day.”
Quantum computing capacity is growing rapidly in the form of more and more qubits, and most jobs submitted to these long queues do not need to use all the qubits. Tikkireddi and Tannu thought that one way to increase throughput would be to allow users to share the same quantum computer, each using a subset of the qubits. But quantum computations rely on qubit entanglement, where physically separate qubits interact and share information. It was unclear if sharing a quantum computer opens users to security risks.
In his work, Tikkireddi asked if he could count C-NOTs — the gate that is used to create this entanglement — of another user. He entangled two qubits, then asked if two other qubits could “hear” what the first two were doing.
“We were able to use that to figure out how many C-NOTs the other guy is doing. That’s step one of an attack,” Tikkireddi says. “Your algorithm is your intellectual property, so you don’t want people to steal it. It’s a security problem.”
With this initial analysis identifying potential security risks amongst shared quantum computer use, Tikkireddi says providers should currently not let users share computing time, and that future research should focus on ways to mitigate these crosstalk attacks in an effort to balance efficiency with safeguarding intellectual property.
Tikkireddi credits Tannu for helping to guide his poster away from a traditional research poster and toward one more accessible to a non-science audience. He also appreciates the support from MSQPC associate director Katerina Moloni for encouraging and preparing students to take advantage of these training opportunities.
“It was a really good networking opportunity, especially for me, who is looking for a job right now,” Tikkireddi says. “I would highly recommend students to go to these kinds of events because we get a chance to interact with people in the industry.”