Quantum copy-protection of compute-and-compare programs in the quantum random oracle model
Andrea Coladangelo, Christian Majenz, Alexander Poremba
TL;DR
The paper tackles quantum copy-protection for compute-and-compare programs in the quantum random oracle model, achieving non-trivial security for a broad class of evasive functions by encoding the protected functionality in a BB84-like quantum state and leveraging hash-based verification. It builds a bridge from point-function copy-protection to compute-and-compare programs, extends to multi-bit point functions via unclonable encryption with wrong-key detection, and develops a secure software leasing (SSL) framework with standard QROM security bounds. A central technical contribution is a search-to-decision reduction that converts a successful freeloading strategy into a breaking attack on monogamy-of-entanglement games, together with a lossy reduction that handles the quantum setting’s measurement-disturbance constraints. The work also clarifies the relationship between copy-protection and quantum obfuscation (VBB), showing separations and equivalences under certain conditions, and opens paths toward SSL and CP for broader classes of evasive programs under standard cryptographic assumptions. Overall, the results provide the first provable non-trivial security for quantum copy-protection within a standard cryptographic model, with implications for secure software distribution and quantum-resistant protection of computation.
Abstract
Copy-protection allows a software distributor to encode a program in such a way that it can be evaluated on any input, yet it cannot be "pirated" - a notion that is impossible to achieve in a classical setting. Aaronson (CCC 2009) initiated the formal study of quantum copy-protection schemes, and speculated that quantum cryptography could offer a solution to the problem thanks to the quantum no-cloning theorem. In this work, we introduce a quantum copy-protection scheme for a large class of evasive functions known as "compute-and-compare programs" - a more expressive generalization of point functions. A compute-and-compare program $\mathsf{CC}[f,y]$ is specified by a function $f$ and a string $y$ within its range: on input $x$, $\mathsf{CC}[f,y]$ outputs $1$, if $f(x) = y$, and $0$ otherwise. We prove that our scheme achieves non-trivial security against fully malicious adversaries in the quantum random oracle model (QROM), which makes it the first copy-protection scheme to enjoy any level of provable security in a standard cryptographic model. As a complementary result, we show that the same scheme fulfils a weaker notion of software protection, called "secure software leasing", introduced very recently by Ananth and La Placa (eprint 2020), with a standard security bound in the QROM, i.e. guaranteeing negligible adversarial advantage. Finally, as a third contribution, we elucidate the relationship between unclonable encryption and copy-protection for multi-bit output point functions.