A Primer on Security of Quantum Computing Hardware

Abstract

Quantum computing (QC) is an emerging paradigm with the potential to transform numerous application domains by addressing classically intractable problems. However, its growing presence in cyberspace has introduced new security and privacy challenges. Similar to classical computing systems, the QC stack including software and hardware relies extensively on third parties, many of which are emerging and trust-seeking or less-trusted. This stack often contains sensitive intellectual property (IP) that demands protection. Unique features of quantum systems can enable classical-style attacks: for instance, crosstalk in multitenant settings can facilitate fault-injection attacks, while malicious calibration services can misreport error rates or miscalibrate qubits to induce denial-of-service (DoS) conditions. Given the high cost and limited availability of likely trustworthy quantum hardware, users may be enticed to explore emerging and trust-seeking but cheaper and readily available quantum hardware, which can enable the stealth of IP and tampering of quantum programs and/or computation outcomes. Similarly, emerging compilation services may compromise circuit confidentiality or insert Trojans. Despite the strategic significance of QC and its potential to process sensitive information, its security and privacy concerns remain underexplored. This article presents a comprehensive overview of QC fundamentals, key vulnerabilities, recent attack vectors, and corresponding defenses, and concludes with directions for future research to strengthen the quantum security community.