Quantum Pseudorandomness and Classical Complexity
William Kretschmer
TL;DR
The work examines the hardness foundations of quantum pseudorandom objects and their interaction with quantum complexity classes. By constructing a quantum oracle, it demonstrates that $\mathsf{BQP}$ can equal $\mathsf{QMA}$ while pseudorandom quantum states and unitaries remain secure, highlighting a fundamental difference between quantum-input and classical-input computational tasks. It further shows that a $\mathsf{PP}$-oracle suffices to break PRSs, while a separate quantum oracle can realize $\mathsf{BQP}=\mathsf{QMA}$ alongside the existence of PRUs, illuminating an intricate landscape of relative computational power and cryptographic feasibility in the quantum setting. The results have implications for cryptography, complexity theory, and shadow tomography, including a stark limit on hyperefficient shadow tomography in black-box models and a framework for deriving PRSs/PRUs from oracle-based constructions. Overall, the paper motivates exploring minimal assumptions for quantum cryptographic primitives and highlights the nuanced boundaries between quantum learning, design theory, and oracle-based complexity separations.
Abstract
We construct a quantum oracle relative to which $\mathsf{BQP} = \mathsf{QMA}$ but cryptographic pseudorandom quantum states and pseudorandom unitary transformations exist, a counterintuitive result in light of the fact that pseudorandom states can be "broken" by quantum Merlin-Arthur adversaries. We explain how this nuance arises as the result of a distinction between algorithms that operate on quantum and classical inputs. On the other hand, we show that some computational complexity assumption is needed to construct pseudorandom states, by proving that pseudorandom states do not exist if $\mathsf{BQP} = \mathsf{PP}$. We discuss implications of these results for cryptography, complexity theory, and shadow tomography.