Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Towards Unclonable Cryptography in the Plain Model

Céline Chevalier, Paul Hermouet, Quoc-Huy Vu

TL;DR

This work advances unclonable cryptography by introducing a new monogamy-of-entanglement game for coset states that operates under identical-basis challenges, bounding adversarial success near the trivial 1/2 limit and enabling parallel repetition. It uses this MoE framework to push toward copy-protection of point functions and unclonable encryption in the plain model, while highlighting critical conjectures (simultaneous extraction/obfuscation) that remain necessary to achieve full security. The paper also defines a novel security notion—unclonable unforgeability for tokenized signatures—and demonstrates its realizability via MoE properties, with a concrete tokenized-signature construction. Across this, it surveys concurrent work and places significant emphasis on how challenge distributions (product vs identical) influence anti-piracy proofs, offering a path to robust plain-model constructions in CP and UE. Overall, the results point to a promising direction where MoE-based techniques, together with new conjectures on obfuscation in non-local settings, could realize practical unclonable primitives in the plain model.

Abstract

By leveraging the no-cloning principle of quantum mechanics, unclonable cryptography enables us to achieve novel cryptographic protocols that are otherwise impossible classically. Two most notable examples of unclonable cryptography are copy-protection (CP) and unclonable encryption (UE). Most known constructions rely on the QROM (as opposed to the plain model). Despite receiving a lot of attention in recent years, two important open questions still remain: CP for point functions in the plain model, which is usually considered as feasibility demonstration, and UE with unclonable indistinguishability security in the plain model. A core ingredient of these protocols is the so-called monogamy-of-entanglement (MoE) property. Such games allow quantifying the correlations between the outcomes of multiple non-communicating parties sharing entanglement in a particular context. Specifically, we define the games between a challenger and three players in which the first player is asked to split and share a quantum state between the two others, who are then simultaneously asked a question and need to output the correct answer. In this work, by relying on previous works [CLLZ21, CV22], we establish a new MoE property for subspace coset states, which allows us to progress towards the aforementioned goals. However, it is not sufficient on its own, and we present two conjectures that would allow first to show that CP of point functions exists in the plain model, with different challenge distributions, and then that UE with unclonable indistinguishability security exists in the plain model. We believe that our new MoE to be of independent interest, and it could be useful in other applications as well. To highlight this last point, we leverage our new MoE property to show the existence of a tokenized signature scheme with a new security definition, called unclonable unforgeability.

Towards Unclonable Cryptography in the Plain Model

TL;DR

This work advances unclonable cryptography by introducing a new monogamy-of-entanglement game for coset states that operates under identical-basis challenges, bounding adversarial success near the trivial 1/2 limit and enabling parallel repetition. It uses this MoE framework to push toward copy-protection of point functions and unclonable encryption in the plain model, while highlighting critical conjectures (simultaneous extraction/obfuscation) that remain necessary to achieve full security. The paper also defines a novel security notion—unclonable unforgeability for tokenized signatures—and demonstrates its realizability via MoE properties, with a concrete tokenized-signature construction. Across this, it surveys concurrent work and places significant emphasis on how challenge distributions (product vs identical) influence anti-piracy proofs, offering a path to robust plain-model constructions in CP and UE. Overall, the results point to a promising direction where MoE-based techniques, together with new conjectures on obfuscation in non-local settings, could realize practical unclonable primitives in the plain model.

Abstract

By leveraging the no-cloning principle of quantum mechanics, unclonable cryptography enables us to achieve novel cryptographic protocols that are otherwise impossible classically. Two most notable examples of unclonable cryptography are copy-protection (CP) and unclonable encryption (UE). Most known constructions rely on the QROM (as opposed to the plain model). Despite receiving a lot of attention in recent years, two important open questions still remain: CP for point functions in the plain model, which is usually considered as feasibility demonstration, and UE with unclonable indistinguishability security in the plain model. A core ingredient of these protocols is the so-called monogamy-of-entanglement (MoE) property. Such games allow quantifying the correlations between the outcomes of multiple non-communicating parties sharing entanglement in a particular context. Specifically, we define the games between a challenger and three players in which the first player is asked to split and share a quantum state between the two others, who are then simultaneously asked a question and need to output the correct answer. In this work, by relying on previous works [CLLZ21, CV22], we establish a new MoE property for subspace coset states, which allows us to progress towards the aforementioned goals. However, it is not sufficient on its own, and we present two conjectures that would allow first to show that CP of point functions exists in the plain model, with different challenge distributions, and then that UE with unclonable indistinguishability security exists in the plain model. We believe that our new MoE to be of independent interest, and it could be useful in other applications as well. To highlight this last point, we leverage our new MoE property to show the existence of a tokenized signature scheme with a new security definition, called unclonable unforgeability.
Paper Structure (86 sections, 25 theorems, 42 equations, 6 figures)

This paper contains 86 sections, 25 theorems, 42 equations, 6 figures.

Table of Contents

  1. Introduction
  2. Unclonable Cryptography
  3. Copy-protection for point functions.
  4. Unclonable encryption.
  5. Monogamy Games
  6. Our contributions
  7. Unclonable unforgeability for tokenized signatures.
  8. Concurrent and independent work.
  9. Technical Overview
  10. A new monogamy-of-entanglement game of coset states.
  11. Anti-piracy security.
  12. chevalier2023semi's copy-protection of point functions.
  13. Challenges when proving anti-piracy security w.r.t the product distribution.
  14. Simultaneously extracting from compute-and-compare obfuscation conjecture.
  15. Unclonable encryption.
  16. ...and 71 more sections

Key Result

theorem 1

Assuming post-quantum indistinguishable obfuscation, and the hardness of LWE, there exist compute-and-compare obfuscators for sub-exponentially unpredictable distributions.

Figures (6)

  • Figure 1: Monogamy-of-Entanglement Game with Identical Basis (Coset Version). Remark that, in the original monogamy-of-entanglement game for coset states C:CLLZ21, the challenger does not sample $b$, hence there is no $b$ sent to $\bdv$ and $\cdv$, and the winning condition is $\left(u_1 \in A + s\right) \land \left(u_2 \in A^\perp + s'\right)$.
  • Figure 2: Monogamy-of-Entanglement Game with Identical Basis (BB84 Version)
  • Figure 3: Contraposition of the conjectures: if $\bdv$ and $\cdv$ win the distinguishing game on the left with significant advantage over $1/2$, then there exist $\bdv'$ and $\cdv'$ winning the predicting game on the right with non-negligible probability. $\widetilde{\mathsf{CC}_1}$ and $\widetilde{\mathsf{CC}_2}$ represent the compute-and-compare obfuscation of $\mathsf{CC}_1$ and $\mathsf{CC}_2$ with the same random coins.
  • Figure 4: Program $\mathsf{Q_{m, r}}$.
  • Figure 5: Program $\mathsf{P}$.
  • ...and 1 more figures

Theorems & Definitions (70)

  • definition 1: Uniform Distribution
  • definition 2: Identical Distribution
  • definition 3: Indistinguishability Obfuscator C:BGIRSVY01
  • definition 4: Compute-and-Compare Programs
  • definition 5: Unpredictable Distribution
  • definition 6: Sub-Exponentially Unpredictable Distribution
  • definition 7: Compute-and-Compare Obfuscator
  • theorem 1: C:CLLZ21
  • definition 8: Puncturable Pseudorandom Function
  • definition 9: Statistically Injective Pseudorandom Function
  • ...and 60 more