A Note on Quantum-Secure PRPs
Mark Zhandry
TL;DR
The paper establishes that quantum-secure PRPs can be constructed from quantum-resistant one-way functions by integrating a quantum-secure PRF with format-preserving encryption through function-to-permutation converters (FPCs). It develops a three-hybrid security argument and leverages full-domain FPCs to ensure quantum adversaries, even with inverse queries, see a permutation indistinguishable from random. The result unifies prior classical reductions with quantum-specific proofs, showing that quantum-secure PRFs and FPCs suffice to yield quantum-secure PRPs for large and arbitrary domains. This provides a practical pathway to quantum-secure block ciphers and related primitives, with broad implications for post-quantum cryptography and complexity theory. The work also highlights open questions regarding the quantum security of Feistel networks and emphasizes the role of full-domain FPCs in achieving robust quantum security. All mathematical claims are presented with explicit probabilistic and computational assumptions, and the construction preserves security even under quantum superposition queries.
Abstract
We show how to construct pseudorandom permutations (PRPs) that remain secure even if the adversary can query the permutation, both in the forward and reverse directions, on a quantum superposition of inputs. Such quantum-secure PRPs have found numerous applications in cryptography and complexity theory. Our construction combines a quantum-secure pseudorandom function together with constructions of classical format preserving encryption. By combining known results, we show how to construct quantum-secure PRP in this model whose security relies only on the existence of one-way functions.