Saved in:
Bibliographic Details
Main Authors: Gulati, Aditya, Lin, Yao-Ting, Morimae, Tomoyuki, Yamada, Shogo
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2510.04486
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866908577390657536
author Gulati, Aditya
Lin, Yao-Ting
Morimae, Tomoyuki
Yamada, Shogo
author_facet Gulati, Aditya
Lin, Yao-Ting
Morimae, Tomoyuki
Yamada, Shogo
contents Pseudorandom functions (PRFs) are one of the most fundamental primitives in classical cryptography. On the other hand, in quantum cryptography, it is possible that PRFs do not exist but their quantum analogues could exist, and still enabling many applications including SKE, MACs, commitments, multiparty computations, and more. Pseudorandom unitaries (PRUs) [Ji, Liu, Song, Crypto 2018], pseudorandom isometries (PRIs) [Ananth, Gulati, Kaleoglu, Lin, Eurocrypt 2024], and pseudorandom function-like state generators (PRFSGs) [Ananth, Qian, Yuen, Crypto 2022] are major quantum analogs of PRFs. PRUs imply PRIs, and PRIs imply PRFSGs, but the converse implications remain unknown. An important open question is whether these natural quantum analogues of PRFs are equivalent. In this paper, we partially resolve this question by ruling out black-box constructions of them: 1. There are no black-box constructions of $O(\logλ)$-ancilla PRUs from PRFSGs. 2. There are no black-box constructions of $O(\logλ)$-ancilla PRIs with $O(\logλ)$ stretch from PRFSGs. 3. There are no black-box constructions of $O(\logλ)$-ancilla PRIs with $O(\logλ)$ stretch from PRIs with $Ω(λ)$ stretch. Here, $O(\logλ)$-ancilla means that the generation algorithm uses at most $O(\logλ)$ ancilla qubits. PRIs with $s(λ)$ stretch is PRIs mapping $λ$ qubits to $λ+s(λ)$ qubits. To rule out the above black-box constructions, we construct a unitary oracle that separates them. For the separations, we construct an adversary based on the quantum singular value transformation, which would be independent of interest and should be useful for other oracle separations in quantum cryptography.
format Preprint
id arxiv_https___arxiv_org_abs_2510_04486
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Black-Box Separation Between Pseudorandom Unitaries, Pseudorandom Isometries, and Pseudorandom Function-Like States
Gulati, Aditya
Lin, Yao-Ting
Morimae, Tomoyuki
Yamada, Shogo
Quantum Physics
Pseudorandom functions (PRFs) are one of the most fundamental primitives in classical cryptography. On the other hand, in quantum cryptography, it is possible that PRFs do not exist but their quantum analogues could exist, and still enabling many applications including SKE, MACs, commitments, multiparty computations, and more. Pseudorandom unitaries (PRUs) [Ji, Liu, Song, Crypto 2018], pseudorandom isometries (PRIs) [Ananth, Gulati, Kaleoglu, Lin, Eurocrypt 2024], and pseudorandom function-like state generators (PRFSGs) [Ananth, Qian, Yuen, Crypto 2022] are major quantum analogs of PRFs. PRUs imply PRIs, and PRIs imply PRFSGs, but the converse implications remain unknown. An important open question is whether these natural quantum analogues of PRFs are equivalent. In this paper, we partially resolve this question by ruling out black-box constructions of them: 1. There are no black-box constructions of $O(\logλ)$-ancilla PRUs from PRFSGs. 2. There are no black-box constructions of $O(\logλ)$-ancilla PRIs with $O(\logλ)$ stretch from PRFSGs. 3. There are no black-box constructions of $O(\logλ)$-ancilla PRIs with $O(\logλ)$ stretch from PRIs with $Ω(λ)$ stretch. Here, $O(\logλ)$-ancilla means that the generation algorithm uses at most $O(\logλ)$ ancilla qubits. PRIs with $s(λ)$ stretch is PRIs mapping $λ$ qubits to $λ+s(λ)$ qubits. To rule out the above black-box constructions, we construct a unitary oracle that separates them. For the separations, we construct an adversary based on the quantum singular value transformation, which would be independent of interest and should be useful for other oracle separations in quantum cryptography.
title Black-Box Separation Between Pseudorandom Unitaries, Pseudorandom Isometries, and Pseudorandom Function-Like States
topic Quantum Physics
url https://arxiv.org/abs/2510.04486