Secure Software Leasing from Standard Assumptions

Secure software leasing (SSL) is a quantum cryptographic primitive that enables users to execute software only during the software is leased. It prevents users from executing leased software after they return the leased software to its owner. SSL can make software distribution more flexible and controllable. Although SSL is an attractive cryptographic primitive, the existing SSL scheme is based on public key quantum money, which is not instantiated with standard cryptographic assumptions so far. Moreover, the existing SSL scheme only supports a subclass of evasive functions. In this work, we present SSL schemes based on the learning with errors assumption (LWE). Specifically, our contributions consist of the following. - We construct an SSL scheme for pseudorandom functions from the LWE assumption against quantum adversaries. - We construct an SSL scheme for a subclass of evasive functions from the LWE assumption against sub-exponential quantum adversaries. - We construct SSL schemes for the functionalities above with classical communication from the LWE assumption against (sub-exponential) quantum adversaries. SSL with classical communication means that entities exchange only classical information though they run quantum computation locally. Our crucial tool is two-tier quantum lightning, which is introduced in this work and a relaxed version of quantum lighting. In two-tier quantum lightning schemes, we have a public verification algorithm called semi-verification and a private verification algorithm called full-verification. An adversary cannot generate possibly entangled two quantum states whose serial numbers are the same such that one passes the semi-verification, and the other also passes the full-verification. We show that we can construct a two-tier quantum lightning scheme from the LWE assumption.

[1]  Jiahui Liu,et al.  Quantum Copy-Protection from Hidden Subspaces , 2020, ArXiv.

[2]  Zvika Brakerski,et al.  A Cryptographic Test of Quantumness and Certifiable Randomness from a Single Quantum Device , 2018, 2018 IEEE 59th Annual Symposium on Foundations of Computer Science (FOCS).

[3]  Or Sattath,et al.  A Quantum Money Solution to the Blockchain Scalability Problem , 2020, Quantum.

[4]  Stephan Krenn,et al.  Learning with Rounding, Revisited: New Reduction, Properties and Applications , 2013, IACR Cryptol. ePrint Arch..

[5]  Aggelos Kiayias,et al.  One-shot signatures and applications to hybrid quantum/classical authentication , 2020, IACR Cryptol. ePrint Arch..

[6]  Chris Peikert,et al.  Noninteractive Zero Knowledge for NP from (Plain) Learning With Errors , 2019, IACR Cryptol. ePrint Arch..

[7]  Craig Gentry,et al.  Trapdoors for hard lattices and new cryptographic constructions , 2008, IACR Cryptol. ePrint Arch..

[8]  Mark Zhandry,et al.  Unclonable Decryption Keys , 2020, IACR Cryptol. ePrint Arch..

[9]  Minki Hhan,et al.  Matrix PRFs: Constructions, Attacks, and Applications to Obfuscation , 2019, IACR Cryptol. ePrint Arch..

[10]  Brent Waters,et al.  Lossy trapdoor functions and their applications , 2008, SIAM J. Comput..

[11]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[12]  Rolando L. La Placa,et al.  Secure Software Leasing , 2020, EUROCRYPT.

[13]  Chris Peikert,et al.  Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller , 2012, IACR Cryptol. ePrint Arch..

[14]  Rafael Pass,et al.  Indistinguishability obfuscation from circular security , 2021, IACR Cryptol. ePrint Arch..

[15]  Mark Zhandry,et al.  Quantum Lightning Never Strikes the Same State Twice. Or: Quantum Money from Cryptographic Assumptions , 2017, Journal of Cryptology.

[16]  Avinatan Hassidim,et al.  Quantum money from knots , 2010, ITCS '12.

[17]  Scott Aaronson,et al.  Quantum Copy-Protection and Quantum Money , 2009, 2009 24th Annual IEEE Conference on Computational Complexity.

[18]  Vinod Vaikuntanathan,et al.  Watermarking cryptographic capabilities , 2016, STOC.

[19]  Mark Zhandry,et al.  New Approaches for Quantum Copy-Protection , 2020, IACR Cryptol. ePrint Arch..

[20]  Scott Aaronson,et al.  Limitations of quantum advice and one-way communication , 2004, Proceedings. 19th IEEE Annual Conference on Computational Complexity, 2004..

[21]  Zvika Brakerski,et al.  Factoring and Pairings are not Necessary for iO: Circular-Secure LWE Suffices , 2020, IACR Cryptol. ePrint Arch..

[22]  Scott Aaronson,et al.  Quantum money from hidden subspaces , 2012, STOC '12.

[23]  Or Sattath,et al.  Semi-Quantum Money , 2019, AFT.

[24]  Ran Canetti,et al.  Hardness Amplification of Weakly Verifiable Puzzles , 2005, TCC.

[25]  Hoeteck Wee,et al.  Candidate Obfuscation via Oblivious LWE Sampling , 2020, IACR Cryptol. ePrint Arch..