This paper introduces ObfusQate, a novel tool that conducts obfuscations using quantum primitives to enhance the security of both classical and quantum programs. We have designed and implemented two primary categories of obfuscations: quantum circuit level obfuscation and code level obfuscation, encompassing a total of eight distinct methods. Quantum circuit-level obfuscation leverages on quantum gates and circuits, utilizing strategies such as quantum gate hiding and identity matrices to construct complex, non-intuitive circuits that effectively obscure core functionalities and resist reverse engineering, making the underlying code difficult to interpret. Meanwhile, code-level obfuscation manipulates the logical sequence of program operations through quantum-based opaque predicates, obfuscating execution paths and rendering program behavior more unpredictable and challenging to analyze. Additionally, ObfusQate can be used to obfuscate malicious code segments, making them harder to detect and analyze. These advancements establish a foundational framework for further exploration into the potential and limitations of quantum-based obfuscation techniques, positioning ObfusQate as a valuable tool for future developers to enhance code security in the evolving landscape of software development. To the best of our knowledge, ObfusQate represents the pioneering work in developing an automated framework for implementing obfuscations leveraging quantum primitives. Security evaluations show that obfuscations by ObfusQate maintain code behavior with polynomial overheads in space and time complexities. We have also demonstrated an offensive use case by embedding a keylogger into Shor's algorithm and obfuscating it using ObfusQate. Our results show that current Large language models like GPT 4o, GPT o3 mini and Grok 3 were not able to identify the malicious keylogger after obfuscation.

翻译：本文介绍了ObfusQate，一种利用量子原语进行混淆的新型工具，旨在增强经典程序与量子程序的安全性。我们设计并实现了两大类混淆方法：量子电路级混淆与代码级混淆，共包含八种不同的技术。量子电路级混淆基于量子门与电路，采用量子门隐藏和单位矩阵等策略构建复杂且非直观的电路，从而有效掩盖核心功能、抵抗逆向工程，使底层代码难以解读。同时，代码级混淆通过基于量子技术的不透明谓词操纵程序操作的逻辑顺序，混淆执行路径，使程序行为更加不可预测且难以分析。此外，ObfusQate可用于混淆恶意代码段，使其更难以被检测和分析。这些进展为深入探索基于量子的混淆技术的潜力与局限性奠定了基础框架，使ObfusQate成为未来开发者在不断演进的软件开发环境中增强代码安全性的重要工具。据我们所知，ObfusQate是首个利用量子原语实现混淆的自动化框架的开创性工作。安全性评估表明，ObfusQate实现的混淆在保持代码行为的同时，其空间与时间复杂度仅产生多项式级别的开销。我们还通过将键盘记录器嵌入Shor算法并使用ObfusQate进行混淆，展示了一个攻击性用例。结果显示，当前的大型语言模型（如GPT-4o、GPT-3.5 mini和Grok-3）在混淆后均未能识别该恶意键盘记录器。