Pseudorandom Quantum States

  • Zhengfeng JiEmail author
  • Yi-Kai LiuEmail author
  • Fang SongEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10993)


We propose the concept of pseudorandom quantum states, which appear random to any quantum polynomial-time adversary. It offers a computational approximation to perfectly random quantum states analogous in spirit to cryptographic pseudorandom generators, as opposed to statistical notions of quantum pseudorandomness that have been studied previously, such as quantum t-designs analogous to t-wise independent distributions.

Under the assumption that quantum-secure one-way functions exist, we present efficient constructions of pseudorandom states, showing that our definition is achievable. We then prove several basic properties of pseudorandom states, which show the utility of our definition. First, we show a cryptographic no-cloning theorem: no efficient quantum algorithm can create additional copies of a pseudorandom state, when given polynomially-many copies as input. Second, as expected for random quantum states, we show that pseudorandom quantum states are highly entangled on average. Finally, as a main application, we prove that any family of pseudorandom states naturally gives rise to a private-key quantum money scheme.


  1. 1.
    Aaronson, S.: Quantum copy-protection and quantum money. In: Proceedings of the Twenty-Fourth Annual IEEE Conference on Computational Complexity (CCC 2009), pp. 229–242. IEEE Computer Society (2009).
  2. 2.
    Aaronson, S., Christiano, P.: Quantum money from hidden subspaces. In: Proceedings of the Forty-Fourth Annual ACM Symposium on Theory of Computing, STOC 2012, pp. 41–60. ACM, New York (2012).
  3. 3.
    Aaronson, S., Farhi, E., Gosset, D., Hassidim, A., Kelner, J., Lutomirski, A.: Quantum money. Commun. ACM 55(8), 84–92 (2012). Scholar
  4. 4.
    Ambainis, A., Emerson, J.: Quantum \(t\)-designs: \(t\)-wise independence in the quantum world. In: Proceedings of the Twenty-Second Annual IEEE Conference on Computational Complexity (CCC 2007), pp. 129–140, June 2007Google Scholar
  5. 5.
    Ambainis, A., Rosmanis, A., Unruh, D.: Quantum attacks on classical proof systems: the hardness of quantum rewinding. In: Proceedings of the 2014 IEEE 55th Annual Symposium on Foundations of Computer Science, pp. 474–483. IEEE Computer Society (2014). Full version at
  6. 6.
    Banerjee, A., Peikert, C., Rosen, A.: Pseudorandom functions and lattices. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 719–737. Springer, Heidelberg (2012). Scholar
  7. 7.
    Barak, B., Shaltiel, R., Wigderson, A.: Computational analogues of entropy. In: Arora, S., Jansen, K., Rolim, J.D.P., Sahai, A. (eds.) APPROX/RANDOM-2003. LNCS, vol. 2764, pp. 200–215. Springer, Heidelberg (2003). Scholar
  8. 8.
    Barenco, A., Berthiaume, A., Deutsch, D., Ekert, A., Jozsa, R., Macchiavello, C.: Stabilization of quantum computations by symmetrization. SIAM J. Comput. 26(5), 1541–1557 (1997). Scholar
  9. 9.
    Bennett, C.H., Brassard, G., Breidbart, S., Wiesner, S.: Quantum cryptography, or unforgeable subway tokens. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advances in Cryptology, pp. 267–275. Springer, Boston, MA (1983). Scholar
  10. 10.
    Blum, M., Micali, S.: How to generate cryptographically strong sequences of pseudorandom bits. SIAM J. Comput. 13(4), 850–864 (1984). Scholar
  11. 11.
    Brandão, F.G.S.L., Harrow, A.W., Horodecki, M.: Efficient quantum pseudorandomness. Phys. Rev. Lett. 116, 170502 (2016). Scholar
  12. 12.
    Brandão, F.G.S.L., Harrow, A.W., Horodecki, M.: Local random quantum circuits are approximate polynomial-designs. Commun. Math. Phys. 346(2), 397–434 (2016). Scholar
  13. 13.
    Bremner, M.J., Mora, C., Winter, A.: Are random pure states useful for quantum computation? Phys. Rev. Lett. 102, 190502 (2009). Scholar
  14. 14.
    Chen, Y.H., Chung, K.M., Lai, C.Y., Vadhan, S.P., Wu, X.: Computational notions of quantum min-entropy. arXiv:1704.07309 (2017)
  15. 15.
    Chung, K.M., Shi, Y., Wu, X.: Physical randomness extractors: generating random numbers with minimal assumptions. arXiv preprint arXiv:1402.4797 (2014)
  16. 16.
    Cleve, R., Leung, D., Liu, L., Wang, C.: Near-linear constructions of exact unitary 2-designs. Quantum Inf. Comput. 16(9&10), 721–756 (2016). Scholar
  17. 17.
    Dankert, C., Cleve, R., Emerson, J., Livine, E.: Exact and approximate unitary 2-designs and their application to fidelity estimation. Phys. Rev. A 80, 012304 (2009). Scholar
  18. 18.
    Dieks, D.: Communication by EPR devices. Phys. Lett. A 92(6), 271–272 (1982)CrossRefGoogle Scholar
  19. 19.
    Emerson, J., Weinstein, Y.S., Saraceno, M., Lloyd, S., Cory, D.G.: Pseudo-random unitary operators for quantum information processing. Science 302(5653), 2098–2100 (2003)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Farhi, E., Gosset, D., Hassidim, A., Lutomirski, A., Nagaj, D., Shor, P.: Quantum state restoration and single-copy tomography for ground states of hamiltonians. Phys. Rev. Lett. 105, 190503 (2010). Scholar
  21. 21.
    Farhi, E., Gosset, D., Hassidim, A., Lutomirski, A., Shor, P.: Quantum money from knots. In: Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, ITCS 2012, pp. 276–289. ACM, New York (2012).
  22. 22.
    Foong, S.K., Kanno, S.: Proof of Page’s conjecture on the average entropy of a subsystem. Phys. Rev. Lett. 72, 1148–1151 (1994). Scholar
  23. 23.
    Goldreich, O., Goldwasser, S., Micali, S.: On the cryptographic applications of random functions (extended abstract). In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 276–288. Springer, Heidelberg (1985). Scholar
  24. 24.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986). Scholar
  25. 25.
    Harrow, A.W.: The church of the symmetric subspace. arXiv:1308.6595 (2013)
  26. 26.
    Harrow, A.W., Low, R.A.: Efficient quantum tensor product expanders and k-designs. In: Dinur, I., Jansen, K., Naor, J., Rolim, J. (eds.) APPROX/RANDOM-2009. LNCS, vol. 5687, pp. 548–561. Springer, Heidelberg (2009). Scholar
  27. 27.
    Håstad, J., Impagliazzo, R., Levin, L.A., Luby, M.: A pseudorandom generator from any one-way function. SIAM J. Comput. 28(4), 1364–1396 (1999)MathSciNetCrossRefGoogle Scholar
  28. 28.
    Hayden, P., Leung, D.W., Winter, A.: Aspects of generic entanglement. Commun. Math. Phys. 265(1), 95–117 (2006). Scholar
  29. 29.
    Helstrom, C.W.: Detection theory and quantum mechanics. Inf. Control 10(3), 254–291 (1967)CrossRefGoogle Scholar
  30. 30.
    Holevo, A.S.: An analogue of statistical decision theory and noncommutative probability theory. Tr. Mosk. Matematicheskogo Obshchestva 26, 133–149 (1972)MathSciNetzbMATHGoogle Scholar
  31. 31.
    Horodecki, R., Horodecki, P., Horodecki, M., Horodecki, K.: Quantum entanglement. Rev. Mod. Phys. 81, 865–942 (2009). Scholar
  32. 32.
    Impagliazzo, R., Wigderson, A.: P = BPP if E requires exponential circuits: derandomizing the XOR lemma. In: Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, STOC 1997, pp. 220–229. ACM, New York (1997).
  33. 33.
    Kueng, R., Gross, D.: Qubit stabilizer states are complex projective 3-designs. arXiv:1510.02767 (2015)
  34. 34.
    Liu, Z.W., Lloyd, S., Zhu, E.Y., Zhu, H.: Entropic scrambling complexities. arXiv:1703.08104 (2017)
  35. 35.
    Low, R.A.: Large deviation bounds for k-designs. Proc. R. Soc. Lond. A: Math. Phys. Eng. Sci. 465(2111), 3289–3308 (2009). Scholar
  36. 36.
    Lubkin, E.: Entropy of an n-system from its correlation with a k-reservoir. J. Math. Phys. 19(5), 1028–1031 (1978)MathSciNetCrossRefGoogle Scholar
  37. 37.
    Luby, M., Rackoff, C.: How to construct pseudorandom permutations from pseudorandom functions. SIAM J. Comput. 17(2), 373–386 (1988)MathSciNetCrossRefGoogle Scholar
  38. 38.
    Lutomirski, A.: An online attack against Wiesner’s quantum money. arXiv:1010.0256 (2010)
  39. 39.
    Lutomirski, A., Aaronson, S., Farhi, E., Gosset, D., Hassidim, A., Kelner, J., Shor, P.: Breaking and making quantum money: toward a new quantum cryptographic protocol. In: Proceedings of the Innovations in Theoretical Computer Science Conference, ITCS 2010, pp. 20–31. Tsinghua University Press (2010)Google Scholar
  40. 40.
    Mezher, R., Ghalbouni, J., Dgheim, J., Markham, D.: Efficient quantum pseudorandomness with simple graph states. arXiv:1709.08091 (2017)
  41. 41.
    Miller, C.A., Shi, Y.: Robust protocols for securely expanding randomness and distributing keys using untrusted quantum devices. J. ACM (JACM) 63(4), 33 (2016)MathSciNetCrossRefGoogle Scholar
  42. 42.
    Mosca, M., Stebila, D.: Quantum coins. In: Bruen, A.A., Wehlau, D.L. (eds.) Error-Correcting Codes, Finite Geometries and Cryptography. Contemporary Mathematics, vol. 523, pp. 35–47. American Mathematical Society, Providence (2010). Scholar
  43. 43.
    Nakata, Y., Hirche, C., Koashi, M., Winter, A.: Efficient quantum pseudorandomness with nearly time-independent Hamiltonian dynamics. Phys. Rev. X 7, 021006 (2017). Scholar
  44. 44.
    Nakata, Y., Hirche, C., Morgan, C., Winter, A.: Unitary 2-designs from random X- and Z-diagonal unitaries. J. Math. Phys. 58(5), 052203 (2017). Scholar
  45. 45.
    Nakata, Y., Koashi, M., Murao, M.: Generating a state t-design by diagonal quantum circuits. New J. Phys. 16(5), 053043 (2014). Scholar
  46. 46.
    Naor, M., Reingold, O.: Synthesizers and their application to the parallel construction of pseudo-random functions. J. Comput. Syst. Sci. 58(2), 336–375 (1999). Scholar
  47. 47.
    Nisan, N., Wigderson, A.: Hardness vs randomness. J. Comput. Syst. Sci. 49(2), 149–167 (1994). Scholar
  48. 48.
    Ortigoso, J.: Twelve years before the quantum no-cloning theorem. arXiv:1707.06910 (2017)
  49. 49.
    Page, D.N.: Average entropy of a subsystem. Phys. Rev. Lett. 71, 1291–1294 (1993). Scholar
  50. 50.
    Park, J.L.: The concept of transition in quantum mechanics. Found. Phys. 1, 23–33 (1970)CrossRefGoogle Scholar
  51. 51.
    Popescu, S., Short, A.J., Winter, A.: Entanglement and the foundations of statistical mechanics. Nat. Phys. 2(11), 754 (2006)CrossRefGoogle Scholar
  52. 52.
    Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. J. ACM (JACM) 56(6), 34 (2009)MathSciNetCrossRefGoogle Scholar
  53. 53.
    Rompel, J.: One-way functions are necessary and sufficient for secure signatures. In: Proceedings of the Twenty-Second Annual ACM Symposium on Theory of Computing, pp. 387–394. ACM (1990)Google Scholar
  54. 54.
    Sánchez-Ruiz, J.: Simple proof of Page’s conjecture on the average entropy of a subsystem. Phys. Rev. E 52, 5653–5655 (1995). Scholar
  55. 55.
    Sen, S.: Average entropy of a quantum subsystem. Phys. Rev. Lett. 77, 1–3 (1996). Scholar
  56. 56.
    Shamir, A.: On the generation of cryptographically strong pseudorandom sequences. ACM Trans. Comput. Syst. 1(1), 38–44 (1983). Scholar
  57. 57.
    Song, F.: Quantum-secure pseudorandom permutations, June 2017. Blog post.
  58. 58.
    Watrous, J.: The Theory of Quantum Information. Cambridge University Press, Cambridge (2018, to be published). A draft copy is available at
  59. 59.
    Webb, Z.: The Clifford group forms a unitary 3-design. Quantum Inf. Comput. 16(15&16), 1379–1400 (2016). Scholar
  60. 60.
    Werner, R.F.: Optimal cloning of pure states. Phys. Rev. A 58, 1827–1832 (1998). Scholar
  61. 61.
    Wiesner, S.: Conjugate coding. SIGACT News 15(1), 78–88 (1983). Original manuscript written Circa 1970CrossRefGoogle Scholar
  62. 62.
    Wootters, W.K., Zurek, W.H.: A single quantum cannot be cloned. Nature 299, 802–803 (1982)CrossRefGoogle Scholar
  63. 63.
    Yao, A.C.: Theory and application of trapdoor functions. In: 23rd Annual Symposium on Foundations of Computer Science (SFCS 1982), pp. 80–91, November 1982Google Scholar
  64. 64.
    Yuen, H.: A quantum lower bound for distinguishing random functions from random permutations. Quantum Inf. Comput. 14(13–14), 1089–1097 (2014). Scholar
  65. 65.
    Zhandry, M.: How to construct quantum random functions. In: FOCS 2012, pp. 679–687. IEEE (2012).
  66. 66.
    Zhandry, M.: A note on the quantum collision and set equality problems. Quantum Inf. Comput. 15(7&8) (2015).
  67. 67.
    Zhandry, M.: A note on quantum-secure PRPs (2016).
  68. 68.
    Zhandry, M.: Quantum lightning never strikes the same state twice. iACR eprint 2017/1080 (2017)Google Scholar
  69. 69.
    Zhu, H.: Multiqubit Clifford groups are unitary 3-designs. arXiv:1510.02619 (2015)

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  1. 1.Centre for Quantum Software and Information, School of Software, Faculty of Engineering and Information TechnologyUniversity of Technology SydneyUltimoAustralia
  2. 2.Applied and Computational Mathematics DivisionNational Institute of Standards and Technology (NIST)GaithersburgUSA
  3. 3.Joint Center for Quantum Information and Computer Science (QuICS)University of MarylandCollege ParkUSA
  4. 4.Computer Science DepartmentPortland State UniversityPortlandUSA

Personalised recommendations