Paper 2024/302

Simple constructions of linear-depth t-designs and pseudorandom unitaries

Tony Metger, ETH Zurich
Alexander Poremba, Massachusetts Institute of Technology
Makrand Sinha, University of Illinois Urbana-Champaign
Henry Yuen, Columbia University
Abstract

Uniformly random unitaries, i.e., unitaries drawn from the Haar measure, have many useful properties, but cannot be implemented efficiently. This has motivated a long line of research into random unitaries that ``look'' sufficiently Haar random while also being efficient to implement. Two different notions of derandomisation have emerged: $t$-designs are random unitaries that information-theoretically reproduce the first $t$ moments of the Haar measure, and pseudorandom unitaries (PRUs) are random unitaries that are computationally indistinguishable from Haar random. In this work, we take a unified approach to constructing $t$-designs and PRUs. For this, we introduce and analyse the ``$PFC$ ensemble'', the product of a random computational basis permutation $P$, a random binary phase operator $F$, and a random Clifford unitary $C$. We show that this ensemble reproduces exponentially high moments of the Haar measure. We can then derandomise the $PFC$ ensemble to show the following: 1. Linear-depth $t$-designs. We give the first construction of a (diamond-error) approximate $t$-design with circuit depth linear in $t$. This follows from the $PFC$ ensemble by replacing the random phase and permutation operators with their $2t$-wise independent counterparts. 2. Non-adaptive PRUs. We give the first construction of PRUs with non-adaptive security, i.e., we construct unitaries that are indistinguishable from Haar random to polynomial-time distinguishers that query the unitary in parallel on an arbitary state. This follows from the $PFC$ ensemble by replacing the random phase and permutation operators with their pseudorandom counterparts. 3. Adaptive pseudorandom isometries. We show that if one considers isometries (rather than unitaries) from $n$ to $n + \omega(\log n)$ qubits, a small modification of our PRU construction achieves adaptive security, i.e., even a distinguisher that can query the isometry adaptively in sequence cannot distinguish it from Haar random isometries. This gives the first construction of adaptive pseudorandom isometries. Under an additional conjecture, this proof also extends to adaptive PRUs.

Note: 36 pages. Supersedes arXiv:2402.14803. In addition to the PRU result from arXiv:2402.14803, this paper contains new results on t-designs and adaptive pseudorandom isometries, and presents a unified construction of these different primitives

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
quantum cryptographypseudorandom unitaries
Contact author(s)
tmetger @ ethz ch
poremba @ mit edu
msinha @ illinois edu
henry yuen @ columbia edu
History
2024-04-24: revised
2024-02-22: received
See all versions
Short URL
https://ia.cr/2024/302
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/302,
      author = {Tony Metger and Alexander Poremba and Makrand Sinha and Henry Yuen},
      title = {Simple constructions of linear-depth t-designs and pseudorandom unitaries},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/302},
      year = {2024},
      url = {https://eprint.iacr.org/2024/302}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.