qiskit-leaky-init 0.2.4

A transpilation plugin for Qiskit with a modified init stage that encodes (classical) information adding RZGates to auxiliary qubits

qiskit-leaky-init

[!NOTE] This plugin was developed to demonstrate the importance of reproducible builds in the Qiskit quantum computing workflow. It shows that non-reproducibility in the transpilation process (specifically during the init stage) can be exploited to encode classical information into the transpiled quantum circuit. If an attacker subsequently gains access to the job description, this can lead to the leakage of confidential data.

A transpilation init plugin for Qiskit that demonstrates how a modified transpilation stage can be used to hide classical information in the final transpiled quantum circuit.

The current implementation, by default, tries to encode the HSLU logo into the transpiled circuit. The raw image is encoded into large integers, which are saved as parameters of RZGates. These gates are added to an auxiliary QuantumRegister in the first stage (init) of the transpilation surrounded by reset instructions. This guarantees that later stages in the transpilation (e.g. routing, optimization, etc.) do not modify this quantum register in any way, allowing the extraction of the leaked data.

Custom data can be encoded if builtins.data exists. In that case, the bytes from that variable are used instead of the HSLU logo (see the example below).

The plugin is implemented as a subclass of PassManagerStagePlugin, which appends to the default init pass DefaultInitPassManager a new TransformationPass, called LeakyQubit.

Encoded data can be recovered with recover_data() implemented in the decoder module. See the example below.

Installation

git clone https://github.com/iyanmv/qiskit-leaky-init.git
cd qiskit-leaky-init
pip install .

Example

import builtins
import io
import secrets
from pathlib import Path
from PIL import Image
from qiskit.circuit import QuantumCircuit
from qiskit.transpiler.preset_passmanagers import generate_preset_pass_manager
from qiskit.transpiler.preset_passmanagers.plugin import list_stage_plugins
from qiskit_ibm_runtime import QiskitRuntimeService
from qiskit_ibm_runtime.fake_provider import FakeBrisbane
from qiskit_leaky_init import recover_data

# Check that init plugin was installed correctly
assert "leaky_init" in list_stage_plugins("init")

# To encode custom data, store it in builtins.data. For example:
# builtins.data = secrets.token_bytes(256)

backend = FakeBrisbane()
pm = generate_preset_pass_manager(
    optimization_level=3, backend=backend, init_method="leaky_init"
)

# 3-qubit GHZ circuit
qc = QuantumCircuit(3)
qc.h(0)
qc.cx(0, range(1, 3))

# Transpiled circuit with leaked data
isa_qc = pm.run(qc)
recovered_img = recover_data(isa_qc)

Image.open(io.BytesIO(recovered_img)).show()