Efficient simulation of random states and random unitaries
Gorjan Alagic (QuICS, University of Maryland, and NIST, Gaithersburg, MD);
Christian Majenz (QuSoft and Centrum Wiskunde & Informatica, Amsterdam);
Alexander Russell (Department of Computer Science and Engineering, University of Connecticut, Storrs, CT)
Abstract: We consider the problem of efficiently simulating random quantum states and random unitary operators, in a manner which is convincing to unbounded adversaries with black-box oracle access. In the case of simulating random states, the ideal object is an inputless oracle which outputs the same Haar-random n-qubit state whenever it is invoked. In the case of simulating random unitaries, the ideal object is an oracle which applies to its input the same Haar-random n-qubit unitary operator whenever it is invoked.
This problem has only been previously considered for restricted adversaries. Against adversaries with an a priori bound on the number of queries, it is well-known that t-designs suffice. Against polynomial-time adversaries, one can use pseudorandom states (PRS) and pseudorandom unitaries (PRU), as defined in a recent work of Ji, Liu, and Song; unfortunately, no provably secure construction is known for PRUs.
In our setting, we are concerned with unbounded adversaries. Nonetheless, we are able to give stateful quantum algorithms which simulate the ideal object in both settings of interest. In the case of Haar-random states, our simulator is polynomial-time, has negligible error, and can also simulate verification and reflection through the simulated state. This yields an immediate application to quantum money: a money scheme which is information-theoretically unforgeable and untraceable. In the case of Haar-random unitaries, our simulator takes polynomial space, but simulates both forward and inverse access with zero error.
These results can be seen as the first significant steps in developing a theory of lazy sampling for random quantum objects.
Presenter live session: Christian Majenz