Simple constructions of linear-depth t-designs and pseudorandom unitaries

Tony Metger; Alexander Poremba; Makrand Sinha; Henry Yuen

Paper 2024/302

Simple constructions of linear-depth t-designs and pseudorandom unitaries

Tony Metger, ETH Zurich

Alexander Poremba, Massachusetts Institute of Technology

Makrand Sinha, University of Illinois Urbana-Champaign

Henry Yuen, Columbia University

Abstract

Uniformly random unitaries, i.e., unitaries drawn from the Haar measure, have many useful properties, but cannot be implemented efficiently. This has motivated a long line of research into random unitaries that ``look'' sufficiently Haar random while also being efficient to implement. Two different notions of derandomisation have emerged: $t$-designs are random unitaries that information-theoretically reproduce the first $t$ moments of the Haar measure, and pseudorandom unitaries (PRUs) are random unitaries that are computationally indistinguishable from Haar random. In this work, we take a unified approach to constructing $t$-designs and PRUs. For this, we introduce and analyse the ``$PFC$ ensemble'', the product of a random computational basis permutation $P$, a random binary phase operator $F$, and a random Clifford unitary $C$. We show that this ensemble reproduces exponentially high moments of the Haar measure. We can then derandomise the $PFC$ ensemble to show the following: 1. Linear-depth $t$-designs. We give the first construction of a (diamond-error) approximate $t$-design with circuit depth linear in $t$. This follows from the $PFC$ ensemble by replacing the random phase and permutation operators with their $2t$-wise independent counterparts. 2. Non-adaptive PRUs. We give the first construction of PRUs with non-adaptive security, i.e., we construct unitaries that are indistinguishable from Haar random to polynomial-time distinguishers that query the unitary in parallel on an arbitary state. This follows from the $PFC$ ensemble by replacing the random phase and permutation operators with their pseudorandom counterparts. 3. Adaptive pseudorandom isometries. We show that if one considers isometries (rather than unitaries) from $n$ to $n + \omega(\log n)$ qubits, a small modification of our PRU construction achieves adaptive security, i.e., even a distinguisher that can query the isometry adaptively in sequence cannot distinguish it from Haar random isometries. This gives the first construction of adaptive pseudorandom isometries. Under an additional conjecture, this proof also extends to adaptive PRUs.

Note: 36 pages. Supersedes arXiv:2402.14803. In addition to the PRU result from arXiv:2402.14803, this paper contains new results on t-designs and adaptive pseudorandom isometries, and presents a unified construction of these different primitives

Metadata

Available format(s): PDF
Category: Foundations
Publication info: Preprint.
Keywords: quantum cryptography pseudorandom unitaries
Contact author(s): tmetger @ ethz ch
poremba @ mit edu
msinha @ illinois edu
henry yuen @ columbia edu
History: 2024-04-24: revised; 2024-02-22: received; See all versions
Short URL: https://ia.cr/2024/302
License: CC BY

BibTeX

@misc{cryptoeprint:2024/302,
      author = {Tony Metger and Alexander Poremba and Makrand Sinha and Henry Yuen},
      title = {Simple constructions of linear-depth t-designs and pseudorandom unitaries},
      howpublished = {Cryptology ePrint Archive, Paper 2024/302},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/302}},
      url = {https://eprint.iacr.org/2024/302}
}