Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

On the Cryptographic Foundations of Interactive Quantum Advantage

Kabir Tomer, Mark Zhandry

TL;DR

This work analyzes the cryptographic hardness needed to realize proofs of quantumness (PoQ), distinguishing trivial PoQ from non-trivial PoQ that rely on cryptographic assumptions. It provides generic and targeted lower-bounds showing that constant-round efficiently-verifiable PoQs typically require cryptographic primitives (e.g., one-way functions or weak quantum money), and shows that certain black-box reductions to iO and one-way permutations cannot suffice for IV-PoQ. The authors develop meta-reduction and compression techniques, including a quantum breaking oracle and LOCC de Finetti tools, to separate constant-round PoQ from public-coin no-cloning and to relate public-coin PoQ to cloning hardness and public-key quantum money. The results illuminate why lattice-based PoQ constructions face inherent challenges, connect PoQ with quantum-money-type primitives, and establish a framework for understanding the limits of black-box reductions in quantum cryptography, with implications for CVQC and public-verification protocols.

Abstract

In this work, we study the hardness required to achieve proofs of quantumness (PoQ), which in turn capture (potentially interactive) quantum advantage. A ``trivial'' PoQ is to simply assume an average-case hard problem for classical computers that is easy for quantum computers. However, there is much interest in ``non-trivial'' PoQ that actually rely on quantum hardness assumptions, as these are often a starting point for more sophisticated protocols such as classical verification of quantum computation (CVQC). We show several lower-bounds for the hardness required to achieve non-trivial PoQ, specifically showing that they likely require cryptographic hardness, with different types of cryptographic hardness being required for different variations of non-trivial PoQ. In particular, our results help explain the challenges in using lattices to build publicly verifiable PoQ and its various extensions such as CVQC.

On the Cryptographic Foundations of Interactive Quantum Advantage

TL;DR

This work analyzes the cryptographic hardness needed to realize proofs of quantumness (PoQ), distinguishing trivial PoQ from non-trivial PoQ that rely on cryptographic assumptions. It provides generic and targeted lower-bounds showing that constant-round efficiently-verifiable PoQs typically require cryptographic primitives (e.g., one-way functions or weak quantum money), and shows that certain black-box reductions to iO and one-way permutations cannot suffice for IV-PoQ. The authors develop meta-reduction and compression techniques, including a quantum breaking oracle and LOCC de Finetti tools, to separate constant-round PoQ from public-coin no-cloning and to relate public-coin PoQ to cloning hardness and public-key quantum money. The results illuminate why lattice-based PoQ constructions face inherent challenges, connect PoQ with quantum-money-type primitives, and establish a framework for understanding the limits of black-box reductions in quantum cryptography, with implications for CVQC and public-verification protocols.

Abstract

In this work, we study the hardness required to achieve proofs of quantumness (PoQ), which in turn capture (potentially interactive) quantum advantage. A ``trivial'' PoQ is to simply assume an average-case hard problem for classical computers that is easy for quantum computers. However, there is much interest in ``non-trivial'' PoQ that actually rely on quantum hardness assumptions, as these are often a starting point for more sophisticated protocols such as classical verification of quantum computation (CVQC). We show several lower-bounds for the hardness required to achieve non-trivial PoQ, specifically showing that they likely require cryptographic hardness, with different types of cryptographic hardness being required for different variations of non-trivial PoQ. In particular, our results help explain the challenges in using lattices to build publicly verifiable PoQ and its various extensions such as CVQC.

Paper Structure

This paper contains 52 sections, 28 theorems, 207 equations.

Table of Contents

  1. Introduction
  2. This Work
  3. Constant-round efficiently-verifiable PoQs and cryptographic assumptions.
  4. Black-box lower-bounds for low-round protocols.
  5. Public coin PoQ versus computational no-cloning.
  6. Technical Overview and Further Discussion
  7. Efficiently verifiable PoQs and cryptographic assumptions (Section \ref{['sec:generic']})
  8. Our idea.
  9. What cloning hardness we need.
  10. The final result.
  11. Black-box Separation between constant-round IV-PoQ and iO (Section \ref{['sec:iOimposs']})
  12. Our Idea.
  13. A problem with collision resistance.
  14. The Solution.
  15. Meta-reduction for 3-message IV-PoQ (Section \ref{['sec:bbreductions']})
  16. ...and 37 more sections

Key Result

Lemma 3.1

For pure states $|\psi\rangle$ and $|\psi'\rangle$, if $\min_\theta \| |\psi\rangle - e^{i\theta}|\psi'\rangle \| \geq\delta$, then $\mathsf{TD}(|\psi\rangle,|\psi'\rangle) \geq\delta / \sqrt{2}$.

Theorems & Definitions (118)

  • Remark 1.1
  • Remark 2.1
  • Lemma 3.1
  • proof
  • Theorem 3.1
  • proof
  • Lemma 3.2
  • proof
  • Theorem 3.2: Theorem 4 in jls
  • Definition 3.1: One-way Puzzles
  • ...and 108 more