AUTHOR=Trochatos Theodoros , Xu Chuanqi , Deshpande Sanjay , Lu Yao , Ding Yongshan , Szefer Jakub TITLE=Trusted execution environments for quantum computers JOURNAL=Frontiers in Computer Science VOLUME=Volume 7 - 2025 YEAR=2025 URL=https://www.frontiersin.org/journals/computer-science/articles/10.3389/fcomp.2025.1521059 DOI=10.3389/fcomp.2025.1521059 ISSN=2624-9898 ABSTRACT=The cloud-based environments in which today's and future quantum computers will operate raise concerns about the security and privacy of user's intellectual property, whether code, or data, or both. Without dedicated security protections, quantum circuits submitted to cloud-based quantum computer providers could be accessed by the cloud provider, or malicious insiders working in the cloud provider's data centers. Furthermore, data embedded in these circuits can similarly be accessed as it is encoded using quantum gates inside the circuit. This study presents various hardware and architecture modifications that could be deployed in today's quantum computers, based on superconducting qubits, to protect both the code and data from potentially untrusted quantum computer providers or malicious insiders. Motivated by existing Trusted Execution Environments (TEEs) in classical computers, this study introduces the notion of Quantum Trusted Execution Environments (QTEEs) which leverage trusted hardware to hide or obfuscate quantum circuits executing on a remote, cloud-based quantum computer. This study presents multiple, different approaches to design of QTEEs and considers both hardware and architecture, as well as system software and operating system support necessary for realization of QTEEs. Overall, this study presents three hardware architectures, namely, QC-TEE, SoteriaQ, and CASQUE, that have been designed to protect users' circuits and data from potential threats originating from both malicious quantum computer cloud providers or insider attackers. This study further outlines a roadmap for other possible QTEEs that can be developed in the future, to account for different threat models or to support different types of quantum computer architectures.