TetrisLock: Quantum Circuit Split Compilation with Interlocking Patterns

TL;DR

TetrisLock tackles the problem of protecting quantum circuit IP from untrusted compilers by applying an interlocking split compilation that inserts a random masking circuit. The method avoids the need for a trusted compiler and preserves circuit depth while incurring modest gate-count overhead; it also defends against colluding attackers by varying qubit allocations across splits. The authors formalize an attack-complexity bound and demonstrate empirical robustness on RevLib benchmarks, showing negligible fidelity loss upon correct de-obfuscation and restoration. This approach offers a practical path to secure quantum software deployment by limiting full circuit disclosure during compilation. Overall, TetrisLock provides a scalable, low-overhead mechanism to secure quantum circuit designs against IP theft and reverse engineering in a cloud-based quantum computing ecosystem.

Abstract

In quantum computing, quantum circuits are fundamental representations of quantum algorithms, which are compiled into executable functions for quantum solutions. Quantum compilers transform algorithmic quantum circuits into one compatible with target quantum computers, bridging quantum software and hardware. However, untrusted quantum compilers pose significant risks. They can lead to the theft of quantum circuit designs and compromise sensitive intellectual property (IP). In this paper, we propose TetrisLock, a split compilation method for quantum circuit obfuscation that uses an interlocking splitting pattern to effectively protect IP with minimal resource overhead. Our approach divides the quantum circuit into two interdependent segments, ensuring that reconstructing the original circuit functionality is possible only by combining both segments and eliminating redundancies. This method makes reverse engineering by an untrusted compiler unrealizable, as the original circuit is never fully shared with any single entity. Also, our approach eliminates the need for a trusted compiler to process the inserted random circuit, thereby relaxing the security requirements. Additionally, it defends against colluding attackers with mismatched numbers of qubits, while maintaining low overhead by preserving the original depth of the quantum circuit. We demonstrate our method by using established RevLib benchmarks, showing that it achieves a minimal impact on functional accuracy (less than 1%) while significantly reducing the likelihood of IP inference.

Figures (4)

• Figure 1: Illustration of the untrusted compiler threat model. During the compile process, the circuit's IP is exposed.
• Figure 2: The TetrisLock framework begins by appending the original circuit $C$ with a random circuit $R$, followed by splitting it based on interlocking patterns. Untrusted compiler only has partial of the original circuit. After compilation, the segments are recombined during the de-obfuscation process, fully restoring functionality.
• Figure 3: Another way to split the same obfuscated circuit as in Figure \ref{['fig:defense_flow']} with an interlocking pattern. The two split circuits have different numbers of qubits and not every original qubit needs to be split.
• Figure 4: Distribution of Total Variation Distance (TVD) of benchmark circuits: TVD of obfuscated circuit and restored circuit are calculated and shown respectively. Selected circuits are simulated using Qiskit and FakeValencia backend, incorporating noise into the simulation