Title:ObfusQate: Unveiling the First Quantum Program Obfuscation Framework

Abstract:This paper introduces ObfusQate, a novel tool that conducts obfuscations using quantum primitives to enhance the security of both classical and quantum programs. We have designed and implemented two primary categories of obfuscations: quantum circuit level obfuscation and code level obfuscation, encompassing a total of eight distinct methods. Quantum circuit-level obfuscation leverages on quantum gates and circuits, utilizing strategies such as quantum gate hiding and identity matrices to construct complex, non-intuitive circuits that effectively obscure core functionalities and resist reverse engineering, making the underlying code difficult to interpret. Meanwhile, code-level obfuscation manipulates the logical sequence of program operations through quantum-based opaque predicates, obfuscating execution paths and rendering program behavior more unpredictable and challenging to analyze. Additionally, ObfusQate can be used to obfuscate malicious code segments, making them harder to detect and analyze. These advancements establish a foundational framework for further exploration into the potential and limitations of quantum-based obfuscation techniques, positioning ObfusQate as a valuable tool for future developers to enhance code security in the evolving landscape of software development. To the best of our knowledge, ObfusQate represents the pioneering work in developing an automated framework for implementing obfuscations leveraging quantum primitives. Security evaluations show that obfuscations by ObfusQate maintain code behavior with polynomial overheads in space and time complexities. We have also demonstrated an offensive use case by embedding a keylogger into Shor's algorithm and obfuscating it using ObfusQate. Our results show that current Large language models like GPT 4o, GPT o3 mini and Grok 3 were not able to identify the malicious keylogger after obfuscation.