Guaranteeing Privacy in Hybrid Quantum Learning through Theoretical Mechanisms

Hoang M. Ngo; Tre R. Jeter; Incheol Shin; Wanli Xing; Tamer Kahveci; My T. Thai

Guaranteeing Privacy in Hybrid Quantum Learning through Theoretical Mechanisms

Hoang M. Ngo, Tre R. Jeter, Incheol Shin, Wanli Xing, Tamer Kahveci, My T. Thai

18 Sept 2025 (modified: 11 Feb 2026)Submitted to ICLR 2026EveryoneRevisionsBibTeXCC BY 4.0

Keywords: differential privacy, privacy amplification, quantum machine learning, quantum noise, adversarial robustness

Abstract: Quantum Machine Learning (QML) is becoming increasingly prevalent due to its potential to enhance classical machine learning (ML) tasks, such as classification. Although quantum noise is often viewed as a major challenge in quantum computing, it also offers a unique opportunity to enhance privacy. In particular, intrinsic quantum noise provides a natural stochastic resource that, when rigorously analyzed within the differential privacy (DP) framework and composed with classical mechanisms, can satisfy formal $(\varepsilon, \delta)$-DP guarantees. This enables a reduction in the required classical perturbation without compromising the privacy budget, potentially improving model utility. However, the integration of classical and quantum noise for privacy preservation remains unexplored. In this work, we propose a hybrid noise-added mechanism, HYPER-Q, that combines classical and quantum noise to protect the privacy of QML models. We provide a comprehensive analysis of its privacy guarantees and establish theoretical bounds on its utility. Empirically, we demonstrate that HYPER-Q outperforms existing classical noise-based mechanisms in terms of adversarial robustness across multiple real-world datasets.

Supplementary Material: zip

Primary Area: alignment, fairness, safety, privacy, and societal considerations

Submission Number: 13180

Loading