Copy Protection: Difference between revisions

Functionality Description[edit]

Copy Protection is a functionality first defined by Aaronson [1] that enables a Vendor to send a program (a circuit) to a Client so that the Client cannot duplicate it.

Classically, this functionality has been proven impossible. However, it is possible to copy protect some families of programs using quantum computation.

Tags: Quantum Functionality, Two Party Protocols, Universal Task, Computational Security

Use-cases[edit]

• Any kind of software licence protection

Protocols[edit]

Currently, protocols for Copy Protection are only known for a few families of circuits.

• Quantum Copy Protection for Compute and Compare functions [3] [4]
• Quantum Copy Protection for Pseudo Random Number Generators [5]

Properties[edit]

A Copy Protection protocol for a family of circuits is made of two algorithms:

• Protect, which takes as input a classical description of a circuit ${\textstyle C}$ and outputs a quantum encoding ${\textstyle \rho _{C}}$ of this circuit.
• Eval, which takes as input a quantum state and an classical input, and returns a classical output.

A Copy Protection scheme for a family of circuits has ${\textstyle \varepsilon }$-${\textstyle correctness}$ if for any circuit ${\textstyle C}$ of this family and for any input ${\textstyle x}$ for this circuit,

$${\displaystyle Pr[\mathbf {Eval} (\rho _{C},x)=f(x);\ \rho _{C}\gets \mathbf {Protect} (C)]\geq 1-\varepsilon }$$

A Copy Protection scheme for a family of circuits has ${\textstyle \delta }$-${\textstyle security}$ if no polynomially bounded quantum adversary can efficiently copy a protected program, more formally if for any such adversary, her probability of winning the following game is lower than ${\textstyle 1-\delta }$:

• A Challenger samples a circuit C in the family and sends Protect(C) to the Adversary
• The Adversary runs any polynomial computation she wants on Protect(C) and sends two quantum states, respectively ${\textstyle \psi _{A}}$ and ${\textstyle \psi _{B}}$ to two of her agents, respectively Alice and Bob
• The Challenger samples two inputs ${\textstyle x_{A},x_{B}}$ for the circuit and sends ${\textstyle x_{A}}$ to Alice and ${\textstyle x_{B}}$ to Bob.
• Alice sends ${\textstyle y_{A}}$ to the Challenger and Bob sends ${\textstyle y_{B}}$ to the Challenger.
• The Adversary wins iff ${\textstyle C(x_{A})=y_{A}}$ and ${\textstyle C(x_{B})=y_{B}}$

We assume that Alice and Bob cannot communicate with each other.

Further Information[edit]

Even with quantum computation, Copy Protection is not possible for all families of circuits. Currently, it has been proven impossible for all learnable functions and de-quantumizable functions [2] .

Knowledge Graph[edit]

References[edit]

1. Aaronson (2009) proposed a fist definition of Quantum Copy Protection.
2. Ananth, Prabhanjan, and La Placa (2020) constructed a family of unlearnable circuits that cannot be copy protected.
3. Coladangelo et al. (2020) proposed a copy protection construction for Compute and Compare functions in the QROM.
4. Broadbent et al. (2021) proposed a copy protection construction for Compute and Compare functions without assumptions but with a weaker adversary model.
5. Coladangelo et al. (2021) proposed a copy protection construction for PRNGs based on coset states.