Conjugate queries can help
Ewin Tang, John Wright, Mark Zhandry
TL;DR
<3-5 sentence high-level summary> This work investigates how additional quantum oracle access—specifically to complex conjugates U* and transpose U^T of a unitary oracle U—can power quantum algorithms beyond traditional forward and inverse queries, and connects this to cryptographic security. The authors prove a fundamental state-preparation simulation lemma: q forward/inverse queries to a state-prep unitary can be simulated with O(q^2) copies of the target state, implying that with forward/inverse access the advantage is at most quadratic over sampling; however, conjugate and transpose queries can yield constant-query advantages for certain tasks, such as reality testing. They introduce the acorn trick, a symmetry-based method that lifts resources to random yet consistent purifications or conditional samples, enabling powerful constructions like the random-purification algorithm and randomized purifications in Schur-Weyl settings. The paper also demonstrates a Haar-random unitary commitment scheme that is hiding and binding against U/U†-adversaries but invalid when conjugate access is allowed, underscoring the cryptographic relevance of these query types and supporting the idea that security proofs must address conjugate/transpose queries.</br>
Abstract
We give a natural problem over input quantum oracles $U$ which cannot be solved with exponentially many black-box queries to $U$ and $U^\dagger$, but which can be solved with constant many queries to $U$ and $U^*$, or $U$ and $U^{\mathrm{T}}$. We also demonstrate a quantum commitment scheme that is secure against adversaries that query only $U$ and $U^\dagger$, but is insecure if the adversary can query $U^*$. These results show that conjugate and transpose queries do give more power to quantum algorithms, lending credence to the idea put forth by Zhandry that cryptographic primitives should prove security against these forms of queries. Our key lemma is that any circuit using $q$ forward and inverse queries to a state preparation unitary for a state $σ$ can be simulated to $\varepsilon$ error with $n = \mathcal{O}(q^2/\varepsilon)$ copies of $σ$. Consequently, for decision tasks, algorithms using (forward and inverse) state preparation queries only ever perform quadratically better than sample access. These results follow from straightforward combinations of existing techniques; our contribution is to state their consequences in their strongest, most counter-intuitive form. In doing so, we identify a motif where generically strengthening a quantum resource can be possible if the output is allowed to be random, bypassing no-go theorems for deterministic algorithms. We call this the acorn trick.