-
A General Quantum Duality for Representations of Groups with Applications to Quantum Money, Lightning, and Fire
Authors:
John Bostanci,
Barak Nehoran,
Mark Zhandry
Abstract:
Aaronson, Atia, and Susskind established that swapping quantum states $|ψ\rangle$ and $|φ\rangle$ is computationally equivalent to distinguishing their superpositions $|ψ\rangle\pm|φ\rangle$. We extend this to a general duality principle: manipulating quantum states in one basis is equivalent to extracting values in a complementary basis. Formally, for any group, implementing a unitary representat…
▽ More
Aaronson, Atia, and Susskind established that swapping quantum states $|ψ\rangle$ and $|φ\rangle$ is computationally equivalent to distinguishing their superpositions $|ψ\rangle\pm|φ\rangle$. We extend this to a general duality principle: manipulating quantum states in one basis is equivalent to extracting values in a complementary basis. Formally, for any group, implementing a unitary representation is equivalent to Fourier subspace extraction from its irreducible representations.
Building on this duality principle, we present the applications:
* Quantum money, representing verifiable but unclonable quantum states, and its stronger variant, quantum lightning, have resisted secure plain-model constructions. While (public-key) quantum money has been constructed securely only from the strong assumption of quantum-secure iO, quantum lightning has lacked such a construction, with past attempts using broken assumptions. We present the first secure quantum lightning construction based on a plausible cryptographic assumption by extending Zhandry's construction from Abelian to non-Abelian group actions, eliminating reliance on a black-box model. Our construction is realizable with symmetric group actions, including those implicit in the McEliece cryptosystem.
* We give an alternative quantum lightning construction from one-way homomorphisms, with security holding under certain conditions. This scheme shows equivalence among four security notions: quantum lightning security, worst-case and average-case cloning security, and security against preparing a canonical state.
* Quantum fire describes states that are clonable but not telegraphable: they cannot be efficiently encoded classically. These states "spread" like fire, but are viable only in coherent quantum form. The only prior construction required a unitary oracle; we propose the first candidate in the plain model.
△ Less
Submitted 1 November, 2024;
originally announced November 2024.
-
Pseudorandomness in the (Inverseless) Haar Random Oracle Model
Authors:
Prabhanjan Ananth,
John Bostanci,
Aditya Gulati,
Yao-Ting Lin
Abstract:
We study the (in)feasibility of quantum pseudorandom notions in a quantum analog of the random oracle model, where all the parties, including the adversary, have oracle access to the same Haar random unitary. In this model, we show the following:
- (Unbounded-query secure) pseudorandom unitaries (PRU) exist. Moreover, the PRU construction makes two calls to the Haar oracle.
- We consider const…
▽ More
We study the (in)feasibility of quantum pseudorandom notions in a quantum analog of the random oracle model, where all the parties, including the adversary, have oracle access to the same Haar random unitary. In this model, we show the following:
- (Unbounded-query secure) pseudorandom unitaries (PRU) exist. Moreover, the PRU construction makes two calls to the Haar oracle.
- We consider constructions of PRUs making a single call to the Haar oracle. In this setting, we show that unbounded-query security is impossible to achieve. We complement this result by showing that bounded-query secure PRUs do exist with a single query to the Haar oracle.
- We show that multi-copy pseudorandom state generators and function-like state generators (with classical query access), making a single call to the Haar oracle, exist.
Our results have two consequences: (a) when the Haar random unitary is instantiated suitably, our results present viable approaches for building quantum pseudorandom objects without relying upon one-way functions and, (b) for the first time, we show that the key length in pseudorandom unitaries can be generically shrunk (relative to the output length). Our results are also some of the first usecases of the new "path recording" formalism for Haar random unitaries, introduced in the recent breakthrough work of Ma and Huang.
△ Less
Submitted 25 October, 2024;
originally announced October 2024.
-
Commuting Local Hamiltonians Beyond 2D
Authors:
John Bostanci,
Yeongwoo Hwang
Abstract:
Commuting local Hamiltonians provide a testing ground for studying many of the most interesting open questions in quantum information theory, including the quantum PCP conjecture and the existence of area laws. Although they are a simplified model of quantum computation, the status of the commuting local Hamiltonian problem remains largely unknown. A number of works have shown that increasingly ex…
▽ More
Commuting local Hamiltonians provide a testing ground for studying many of the most interesting open questions in quantum information theory, including the quantum PCP conjecture and the existence of area laws. Although they are a simplified model of quantum computation, the status of the commuting local Hamiltonian problem remains largely unknown. A number of works have shown that increasingly expressive families of commuting local Hamiltonians admit completely classical verifiers. Despite intense work, the largest class of commuting local Hamiltonians we can place in NP are those on a square lattice, where each lattice site is a qutrit. Even worse, many of the techniques used to analyze these problems rely heavily on the geometry of the square lattice and the properties of the numbers 2 and 3 as local dimensions. In this work, we present a new technique to analyze the complexity of various families of commuting local Hamiltonians: guided reductions. Intuitively, these are a generalization of typical reduction where the prover provides a guide so that the verifier can construct a simpler Hamiltonian. The core of our reduction is a new rounding technique based on a combination of Jordan's Lemma and the Structure Lemma. Our rounding technique is much more flexible than previous work, and allows us to show that a larger family of commuting local Hamiltonians is in NP, albiet with the restriction that all terms are rank-1. Specifically, we prove the following two results:
1. Commuting local Hamiltonians in 2D that are rank-1 are contained in NP, independent of the qudit dimension. Note that this family of commuting local Hamiltonians has no restriction on the local dimension or the locality.
2. We prove that rank-1, 3D commuting Hamiltonians with qudits on edges are in NP. To our knowledge this is the first time a family of 3D commuting local Hamiltonians has been contained in NP.
△ Less
Submitted 6 April, 2025; v1 submitted 14 October, 2024;
originally announced October 2024.
-
Efficient Quantum Pseudorandomness from Hamiltonian Phase States
Authors:
John Bostanci,
Jonas Haferkamp,
Dominik Hangleiter,
Alexander Poremba
Abstract:
Quantum pseudorandomness has found applications in many areas of quantum information, ranging from entanglement theory, to models of scrambling phenomena in chaotic quantum systems, and, more recently, in the foundations of quantum cryptography. Kretschmer (TQC '21) showed that both pseudorandom states and pseudorandom unitaries exist even in a world without classical one-way functions. To this da…
▽ More
Quantum pseudorandomness has found applications in many areas of quantum information, ranging from entanglement theory, to models of scrambling phenomena in chaotic quantum systems, and, more recently, in the foundations of quantum cryptography. Kretschmer (TQC '21) showed that both pseudorandom states and pseudorandom unitaries exist even in a world without classical one-way functions. To this day, however, all known constructions require classical cryptographic building blocks which are themselves synonymous with the existence of one-way functions, and which are also challenging to realize on realistic quantum hardware.
In this work, we seek to make progress on both of these fronts simultaneously -- by decoupling quantum pseudorandomness from classical cryptography altogether. We introduce a quantum hardness assumption called the Hamiltonian Phase State (HPS) problem, which is the task of decoding output states of a random instantaneous quantum polynomial-time (IQP) circuit. Hamiltonian phase states can be generated very efficiently using only Hadamard gates, single-qubit Z-rotations and CNOT circuits. We show that the hardness of our problem reduces to a worst-case version of the problem, and we provide evidence that our assumption is plausibly fully quantum; meaning, it cannot be used to construct one-way functions. We also show information-theoretic hardness when only few copies of HPS are available by proving an approximate $t$-design property of our ensemble. Finally, we show that our HPS assumption and its variants allow us to efficiently construct many pseudorandom quantum primitives, ranging from pseudorandom states, to quantum pseudoentanglement, to pseudorandom unitaries, and even primitives such as public-key encryption with quantum keys.
△ Less
Submitted 12 October, 2024; v1 submitted 10 October, 2024;
originally announced October 2024.
-
Oracle Separation Between Quantum Commitments and Quantum One-wayness
Authors:
John Bostanci,
Boyang Chen,
Barak Nehoran
Abstract:
We show that there exists an oracle relative to which quantum commitments exist but no (efficiently verifiable) one-way state generators exist. Both have been widely considered candidates for replacing one-way functions as the minimal assumption for cryptography: the weakest cryptographic assumption implied by all of computational cryptography. Recent work has shown that commitments can be constru…
▽ More
We show that there exists an oracle relative to which quantum commitments exist but no (efficiently verifiable) one-way state generators exist. Both have been widely considered candidates for replacing one-way functions as the minimal assumption for cryptography: the weakest cryptographic assumption implied by all of computational cryptography. Recent work has shown that commitments can be constructed from one-way state generators, but the other direction has remained open. Our results rule out any black-box construction, and thus settles this crucial open problem, suggesting that quantum commitments (as well as its equivalency class of EFI pairs, quantum oblivious transfer, and secure quantum multiparty computation) appear to be strictly weakest among all known cryptographic primitives.
△ Less
Submitted 11 April, 2025; v1 submitted 4 October, 2024;
originally announced October 2024.
-
An efficient quantum parallel repetition theorem and applications
Authors:
John Bostanci,
Luowen Qian,
Nicholas Spooner,
Henry Yuen
Abstract:
We prove a tight parallel repetition theorem for $3$-message computationally-secure quantum interactive protocols between an efficient challenger and an efficient adversary. We also prove under plausible assumptions that the security of $4$-message computationally secure protocols does not generally decrease under parallel repetition. These mirror the classical results of Bellare, Impagliazzo, and…
▽ More
We prove a tight parallel repetition theorem for $3$-message computationally-secure quantum interactive protocols between an efficient challenger and an efficient adversary. We also prove under plausible assumptions that the security of $4$-message computationally secure protocols does not generally decrease under parallel repetition. These mirror the classical results of Bellare, Impagliazzo, and Naor [BIN97]. Finally, we prove that all quantum argument systems can be generically compiled to an equivalent $3$-message argument system, mirroring the transformation for quantum proof systems [KW00, KKMV07].
As immediate applications, we show how to derive hardness amplification theorems for quantum bit commitment schemes (answering a question of Yan [Yan22]), EFI pairs (answering a question of Brakerski, Canetti, and Qian [BCQ23]), public-key quantum money schemes (answering a question of Aaronson and Christiano [AC13]), and quantum zero-knowledge argument systems. We also derive an XOR lemma [Yao82] for quantum predicates as a corollary.
△ Less
Submitted 16 April, 2024; v1 submitted 17 November, 2023;
originally announced November 2023.
-
Unitary Complexity and the Uhlmann Transformation Problem
Authors:
John Bostanci,
Yuval Efron,
Tony Metger,
Alexander Poremba,
Luowen Qian,
Henry Yuen
Abstract:
State transformation problems such as compressing quantum information or breaking quantum commitments are fundamental quantum tasks. However, their computational difficulty cannot easily be characterized using traditional complexity theory, which focuses on tasks with classical inputs and outputs.
To study the complexity of such state transformation tasks, we introduce a framework for unitary sy…
▽ More
State transformation problems such as compressing quantum information or breaking quantum commitments are fundamental quantum tasks. However, their computational difficulty cannot easily be characterized using traditional complexity theory, which focuses on tasks with classical inputs and outputs.
To study the complexity of such state transformation tasks, we introduce a framework for unitary synthesis problems, including notions of reductions and unitary complexity classes. We use this framework to study the complexity of transforming one entangled state into another via local operations. We formalize this as the Uhlmann Transformation Problem, an algorithmic version of Uhlmann's theorem. Then, we prove structural results relating the complexity of the Uhlmann Transformation Problem, polynomial space quantum computation, and zero knowledge protocols.
The Uhlmann Transformation Problem allows us to characterize the complexity of a variety of tasks in quantum information processing, including decoding noisy quantum channels, breaking falsifiable quantum cryptographic assumptions, implementing optimal prover strategies in quantum interactive proofs, and decoding the Hawking radiation of black holes. Our framework for unitary complexity thus provides new avenues for studying the computational complexity of many natural quantum information processing tasks.
△ Less
Submitted 19 November, 2023; v1 submitted 22 June, 2023;
originally announced June 2023.
-
Quantum Event Learning and Gentle Random Measurements
Authors:
Adam Bene Watts,
John Bostanci
Abstract:
We prove the expected disturbance caused to a quantum system by a sequence of randomly ordered two-outcome projective measurements is upper bounded by the square root of the probability that at least one measurement in the sequence accepts. We call this bound the Gentle Random Measurement Lemma.
We then consider problems in which we are given sample access to an unknown state $ρ$ and asked to es…
▽ More
We prove the expected disturbance caused to a quantum system by a sequence of randomly ordered two-outcome projective measurements is upper bounded by the square root of the probability that at least one measurement in the sequence accepts. We call this bound the Gentle Random Measurement Lemma.
We then consider problems in which we are given sample access to an unknown state $ρ$ and asked to estimate properties of the accepting probabilities $\text{Tr}[M_i ρ]$ of a set of measurements $\{M_1, M_2, \ldots , M_m\}$. We call these types of problems Quantum Event Learning Problems. Using the gentle random measurement lemma, we show randomly ordering projective measurements solves the Quantum OR problem, answering an open question of Aaronson. We also give a Quantum OR protocol which works on non-projective measurements but which requires a more complicated type of measurement, which we call a Blended Measurement. Given additional guarantees on the set of measurements $\{M_1, \ldots, M_m\}$, we show the Quantum OR protocols developed in this paper can also be used to find a measurement $M_i$ such that $\text{Tr}[M_i ρ]$ is large. We also give a blended measurement based protocol for estimating the average accepting probability of a set of measurements on an unknown state.
Finally we consider the Threshold Search Problem described by O'Donnell and Bădescu. By building on our Quantum Event Finding result we show that randomly ordered (or blended) measurements can be used to solve this problem using $O(\log^2(m) / ε^2)$ copies of $ρ$. Consequently, we obtain an algorithm for Shadow Tomography which requires $\tilde{O}(\log^2(m)\log(d)/ε^4)$ samples, matching the current best known sample complexity. This algorithm does not require injected noise in the quantum measurements, but does require measurements to be made in a random order and so is no longer online.
△ Less
Submitted 8 March, 2024; v1 submitted 17 October, 2022;
originally announced October 2022.
-
Quantum game theory and the complexity of approximating quantum Nash equilibria
Authors:
John Bostanci,
John Watrous
Abstract:
This paper is concerned with complexity theoretic aspects of a general formulation of quantum game theory that models strategic interactions among rational agents that process and exchange quantum information. In particular, we prove that the computational problem of finding an approximate Nash equilibrium in a broad class of quantum games is, like the analogous problem for classical games, includ…
▽ More
This paper is concerned with complexity theoretic aspects of a general formulation of quantum game theory that models strategic interactions among rational agents that process and exchange quantum information. In particular, we prove that the computational problem of finding an approximate Nash equilibrium in a broad class of quantum games is, like the analogous problem for classical games, included in (and therefore complete for) the complexity class PPAD. Our main technical contribution, which facilitates this inclusion, is an extension of prior methods in computational game theory to strategy spaces that are characterized by semidefinite programs.
△ Less
Submitted 16 December, 2022; v1 submitted 31 January, 2021;
originally announced February 2021.
