Paper 2025/265

White-Box Watermarking Signatures against Quantum Adversaries and Its Applications

Fuyuki Kitagawa, NTT Social Informatics Laboratories
Ryo Nishimaki, NTT Social Informatics Laboratories
Abstract

Software watermarking for cryptographic functionalities enables embedding an arbitrary message (a mark) into a cryptographic function. An extraction algorithm, when provided with a (potentially unauthorized) circuit, retrieves either the embedded mark or a special symbol unmarked indicating the absence of a mark. It is difficult to modify or remove the embedded mark without destroying the functionality of a marked function. Previous works have primarily employed black-box extraction techniques, where the extraction algorithm requires only input-output access to the circuit rather than its internal descriptions (white-box extraction). Zhandry (CRYPTO 2021) identified several challenges in watermarking public-key encryption (PKE) with black-box extraction and introduced the notion of privacy for white-box watermarking against classical adversaries. Kitagawa and Nishimaki (Journal of Cryptology 37(3)) extended watermarking techniques to pseudorandom functions (PRFs) and PKE in the presence of quantum adversaries, enabling extraction from pirate quantum circuits but failing to achieve privacy. In this work, we investigate white-box watermarking for digital signatures secure against quantum adversaries. Our constructions enable the extraction of embedded marks from the description of a pirate quantum circuit that produces valid signatures while ensuring that black-box access to a marked signing function does not reveal information about the embedded mark. We define and construct white-box watermarking signatures that are secure against quantum adversaries, leveraging the leaning with errors (LWE) assumption and quantum fully homomorphic encryption. Furthermore, we highlight that privacy concerns are even more critical in the context of signatures than in PKE. We also present a compelling practical application of white-box watermarking signatures. Additionally, we explore the concept of universal copy protection for signatures. We define universal copy protection as a mechanism that transforms any quantumly secure signature scheme into a copy-protected variant without altering the verification key or verification algorithm. This approach is preferable to developing specific copy-protected signature schemes, as it allows existing schemes to be secured without modifying their published verification keys. We demonstrate that universal copy protection for all quantum secure signatures is impossible by leveraging our white-box watermarking signatures secure against quantum adversaries.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
white-box watermarkingdigital signaturepost quantum security
Contact author(s)
fuyuki kitagawa @ ntt com
ryo nishimaki @ ntt com
History
2025-02-18: approved
2025-02-18: received
See all versions
Short URL
https://ia.cr/2025/265
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/265,
      author = {Fuyuki Kitagawa and Ryo Nishimaki},
      title = {White-Box Watermarking Signatures against Quantum Adversaries and Its Applications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/265},
      year = {2025},
      url = {https://eprint.iacr.org/2025/265}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.