Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Gluing Random Unitaries with Inverses and Applications to Strong Pseudorandom Unitaries

Prabhanjan Ananth, John Bostanci, Aditya Gulati, Yao-Ting Lin

TL;DR

The paper introduces a strong gluing theorem for Haar random unitaries that remains secure against adversaries with inverse access to the joined unitary. By reinterpreting path recording as a purification and constructing a glued purification, the authors show indistinguishability between glued constructions and a single larger Haar unitary under polynomial queries. This enables key-stretching: assuming a family of strong PRUs exists, one can obtain strong PRUs on more qubits with randomness $O(n^{1/c})$ for any constant $c$, and even almost linear-depth PRUs in the plain model. The results deepen our understanding of quantum pseudorandomness in the quantum Haar random oracle model (QHROM) and provide a systematic framework for constructing robust PRUs with reduced randomness and depth, with implications for cryptography and quantum circuit design. The work also develops a rich set of tools—generalized path recording, graph-structured purification, and a sequence of hybrid arguments—that may be useful in broader quantum information and cryptographic contexts.

Abstract

Gluing theorem for random unitaries [Schuster, Haferkamp, Huang, QIP 2025] have found numerous applications, including designing low depth random unitaries [Schuster, Haferkamp, Huang, QIP 2025], random unitaries in ${\sf QAC0}$ [Foxman, Parham, Vasconcelos, Yuen'25] and generically shortening the key length of pseudorandom unitaries [Ananth, Bostanci, Gulati, Lin EUROCRYPT'25]. We present an alternate method of combining Haar random unitaries from the gluing lemma from [Schuster, Haferkamp, Huang, QIP 2025] that is secure against adversaries with inverse query access to the joined unitary. As a consequence, we show for the first time that strong pseudorandom unitaries can generically have their length extended, and can be constructed using only $O(n^{1/c})$ bits of randomness, for any constant $c$, if any family of strong pseudorandom unitaries exists.

Gluing Random Unitaries with Inverses and Applications to Strong Pseudorandom Unitaries

TL;DR

The paper introduces a strong gluing theorem for Haar random unitaries that remains secure against adversaries with inverse access to the joined unitary. By reinterpreting path recording as a purification and constructing a glued purification, the authors show indistinguishability between glued constructions and a single larger Haar unitary under polynomial queries. This enables key-stretching: assuming a family of strong PRUs exists, one can obtain strong PRUs on more qubits with randomness for any constant , and even almost linear-depth PRUs in the plain model. The results deepen our understanding of quantum pseudorandomness in the quantum Haar random oracle model (QHROM) and provide a systematic framework for constructing robust PRUs with reduced randomness and depth, with implications for cryptography and quantum circuit design. The work also develops a rich set of tools—generalized path recording, graph-structured purification, and a sequence of hybrid arguments—that may be useful in broader quantum information and cryptographic contexts.

Abstract

Gluing theorem for random unitaries [Schuster, Haferkamp, Huang, QIP 2025] have found numerous applications, including designing low depth random unitaries [Schuster, Haferkamp, Huang, QIP 2025], random unitaries in [Foxman, Parham, Vasconcelos, Yuen'25] and generically shortening the key length of pseudorandom unitaries [Ananth, Bostanci, Gulati, Lin EUROCRYPT'25]. We present an alternate method of combining Haar random unitaries from the gluing lemma from [Schuster, Haferkamp, Huang, QIP 2025] that is secure against adversaries with inverse query access to the joined unitary. As a consequence, we show for the first time that strong pseudorandom unitaries can generically have their length extended, and can be constructed using only bits of randomness, for any constant , if any family of strong pseudorandom unitaries exists.

Paper Structure

This paper contains 60 sections, 42 theorems, 201 equations.

Table of Contents

  1. Introduction
  2. Our Results
  3. Technical Overview
  4. Interpreting and Generalizing Ma-Huang's Path Recording Framework.
  5. The Strong Gluing Theorem and Its Purification
  6. Analyzing Purification of Querying $V^{\mathsf{glued}}$
  7. Simulating the Larger Haar Unitary
  8. Bounding "Progress Measure"
  9. Preliminaries
  10. Notation
  11. Indexing and sets
  12. Sets and set operators
  13. Set products and the symmetric group
  14. Quantum states and distances
  15. Relations
  16. ...and 45 more sections

Key Result

Theorem 1.1

Let $U^1$, $U^2$, and $U^3$ be three Haar random unitaries on $n$ qubits, and $\mathsf{A}, \mathsf{C}$ be registers of length $n - \lambda$ qubits, and $\mathsf{B}$ be a register of $\lambda$ qubits, for $\lambda = \Omega(\log^{1+\epsilon}(n))$. Then no polynomial-query adversary can distinguish bet

Theorems & Definitions (83)

  • Theorem 1.1: Strong gluing of random unitaries
  • Corollary 1.2: Key-stretched strong PRUs
  • Corollary 1.3
  • Definition 3.1: Relation
  • Definition 3.2: $\operatorname{Dom}(R)$ and $\Im(R)$
  • Definition 3.3: Inverse of a relation
  • Definition 3.4: Substrings
  • Definition 3.5: Strong pseudorandom unitaries
  • Lemma 3.6
  • Lemma 3.7
  • ...and 73 more