- The paper presents a multi-factor image steganography protocol that requires four distinct authentication factors for secure payload recovery.
- It employs a fixed variational quantum circuit (VQC) for key derivation, integrated with AES-GCM encryption and dual-region embedding to ensure bit-perfect extraction.
- Empirical evaluations demonstrate near-perfect image quality (SSIM ≈1, PSNR >64 dB) and robust resistance to unauthorized extraction.
Quantum Gatekeeper: Context-Bound Image Steganography with VQC-Based Key Derivation
System Overview and Core Architecture
Quantum Gatekeeper establishes a multi-factor control paradigm for image steganography, shifting the security emphasis from ciphertext protection to extraction conditionality. The framework requires simultaneous reconstruction of four distinct authentication factors: password, pre-shared secret, user-defined context string, and an image-specific signature derived from the original cover. This approach ensures that both embedding and extraction processes are deterministically bound to exact contextual reconstruction, preventing unauthorized access from partial credential compromise.
The technical workflow incorporates authenticated encryption (AES-GCM), PBKDF2 password strengthening, deterministic seed expansion, and context-derived key separation. Central to the framework is the derivation of a quantum gate key through a fixed variational quantum circuit (VQC), whose parameters are deterministically mapped from context-bound seeds. The VQC output governs the pixel traversal order for payload embedding, and is evaluated via exact statevector simulation for encoding and decoding, maintaining functional determinism. Concurrently, the circuit family is executed on IBM Quantum hardware to measure physical noise effects, allowing for statistical validation without influencing key derivation.
Figure 1: Overall architecture, integrating cryptographic seed expansion, VQC gate-key derivation, dual-region PNG embedding, and context-bound access control.
Embedding and Extraction Workflow
The embedding phase begins with the preprocessing of user inputs and secret payloads. When an image is used as payload, it is normalized to 512×512, PNG-compressed, and base64-encoded before encryption, guaranteeing recoverability and uniform bitstream capacity. The image-bound signature RI​ is computed from the unmodified cover buffer, enforcing reconstruction fidelity across all embedding variables.
A composite seed is formed from all contextual factors and expanded into functionally separated keys for header traversal (σh​), payload traversal (σp​), VQC parameters (σq​), and encryption keying (σe​). AES-GCM authenticated encryption produces the protected payload, guaranteeing silent failure under incorrect decryption paths due to the integrity tag.
The dual-region embedding scheme resolves the dependency between recovery metadata and payload extraction. Header and payload bits are independently embedded into disjoint pixel regions using distinct key-controlled permutations. The header region facilitates bootstrapping for nonce and length recovery; the payload region, traversed via VQC-derived gate key KQ​, receives the encrypted payload itself.
The extraction phase reverses the process: header region is traversed and read first to reconstruct metadata; VQC is deterministically rebuilt from reconstructed seed-state to obtain KQ​; payload region is then accessed and decrypted using AES-GCM. Extraction success strictly requires exact agreement on all four contextual factors; any deviation yields silent rejection.
Figure 2: End-to-end workflow: context-bound seed construction, embedding with VQC traversal order, and authenticated extraction via exact key reconstruction.
Quantum Circuit Key Derivation and Hardware Validation
Quantum Gatekeeper leverages VQC-based gate key derivation as a structured, non-random control mechanism. The VQC parameters are deterministically specified via cryptographic expansion of the context-bound seed. The circuit operates on n qubits, depth d, and the unitary transformation RI​0 is a static mapping, not a trainable model. The gate key RI​1 is extracted as the hash of the circuit's modal bitstring and probability vector. Crucially, only exact statevector simulation is used for key derivation, guaranteeing reproducibility.
The framework further executes identical VQC structures on IBM superconducting quantum hardware to empirically measure device-dependent output distributions. Metrics include Shannon entropy, total variation distance (TVD), and linear cross-entropy benchmarking (XEB), quantifying statistical divergence between ideal simulation and physical quantum execution. Hardware-induced deviations are systematically characterized but do not impact decode path determinism.
Numerical Evaluation and Recovery Results
Empirical results demonstrate the system's strong performance on both stego image quality and payload recovery fidelity. Across DIV2K, COCO, and ImageNet datasets, the stego images consistently reach SSIM values almost unity and PSNR exceeding 64\,dB, far surpassing baselines such as 4bit-LSB, CAIS, HiNet, and GAN-based approaches. This attests to the imperceptibility achieved by the dual-region quantum-conditioned embedding.
For both text and image payloads, the recovered output matches the original exactly under correct contextual conditions; for image-in-image steganography, SSIM equals RI​2 and PSNR is infinite, confirming bit-perfect recovery. The strict authenticated encryption pathway precludes partial output and enforces the all-or-nothing extraction model.
Simulator and hardware executions yield matching modal bitstrings, confirming functional stability of quantum gate key derivation despite NISQ-era physical noise. Hardware entropy measurements exhibit marginal increase versus simulation (e.g., 2.94 vs. 3.07), TVD remains low (RI​30.06), and XEB scores consistently align, substantiating device-specific yet robust circuit behavior.
Security Properties and Component Analysis
Quantum Gatekeeper's security model is predicated on composite multi-factor control and deterministic quantum traversal. Both LSB extraction-path and cipher-level protection are intertwined, preventing classical attack vectors focused on key or embedding map recovery. Incorrect reconstruction of any contextual factor (password, shared secret, context string, or image signature) leads to traversal divergence or AES-GCM authentication failure, yielding silent rejection with zero partial bit disclosure.
Component ablation confirms necessity of each layer: context string removal reduces resistance to adversarial extraction; quantum gate layer absence eliminates structured traversal variability; unified embedding regions reintroduce bootstrapping failures; omitting authenticated encryption results in partial payload leakage risk. The dual-region permutation, context-bound seed expansion, authenticated encryption, and quantum gate key collectively enforce strong security.
Practical Implications and Future Directions
Quantum Gatekeeper offers a significant architectural advance for steganographic access control, integrating quantum hardware as a verifiable, physically distinct execution layer. The practical implications include enhanced resilience against brute-force and steganalysis attacks, strict conditionality of extraction, and device-bound fingerprinting opportunities. The framework is compatible with current quantum hardware and cryptographic standards, guaranteeing deployability.
Future research avenues include extension to richer payload modalities (audio, video), more expressive VQC architectures, integration of device-specific statistical signatures as physical unclonability factors, and formal adversarial robustness analysis in the presence of side-channel or quantum-aware attackers. Additionally, the exploration of quantum noise as an information-theoretic fingerprint could further bind extraction capabilities to specific hardware instances, creating novel hardware-based authentication boundaries.
Conclusion
Quantum Gatekeeper successfully demonstrates a hybrid quantum-classical image steganography protocol enforcing multi-factor context-bound extraction control. The deterministic VQC-derived gate key ensures exact traversability, while dual-region embedding and authenticated encryption uphold imperceptibility and integrity. Hardware execution validation confirms the preservation of control state under physical noise. Numerical results substantiate bit-exact recovery and superior image fidelity, while security analysis reveals robust resistance to compromise and silent failure under incorrect inputs. The framework's modularity and hardware compatibility position it as a foundation for future quantum-assisted steganographic and access control paradigms.