No Arabic abstract
We propose the concept of pseudorandom states and study their constructions, properties, and applications. Under the assumption that quantum-secure one-way functions exist, we present concrete and efficient constructions of pseudorandom states. The non-cloning theorem plays a central role in our study---it motivates the proper definition and characterizes one of the important properties of pseudorandom quantum states. Namely, there is no efficient quantum algorithm that can create more copies of the state from a given number of pseudorandom states. As the main application, we prove that any family of pseudorandom states naturally gives rise to a private-key quantum money scheme.
Efficiently sampling a quantum state that is hard to distinguish from a truly random quantum state is an elementary task in quantum information theory that has both computational and physical uses. This is often referred to as pseudorandom (quantum) state generator, or PRS generator for short. In existing constructions of PRS generators, security scales with the number of qubits in the states, i.e. the (statistical) security parameter for an $n$-qubit PRS is roughly $n$. Perhaps counter-intuitively, $n$-qubit PRS are not known to imply $k$-qubit PRS even for $k<n$. Therefore the question of emph{scalability} for PRS was thus far open: is it possible to construct $n$-qubit PRS generators with security parameter $lambda$ for all $n, lambda$. Indeed, we believe that PRS with tiny (even constant) $n$ and large $lambda$ can be quite useful. We resolve the problem in this work, showing that any quantum-secure one-way function implies scalable PRS. We follow the paradigm of first showing a emph{statistically} secure construction when given oracle access to a random function, and then replacing the random function with a quantum-secure (classical) pseudorandom function to achieve computational security. However, our methods deviate significantly from prior works since scalable pseudorandom states require randomizing the amplitudes of the quantum state, and not just the phase as in all prior works. We show how to achieve this using Gaussian sampling.
Quantum money allows a bank to mint quantum money states that can later be verified and cannot be forged. Usually, this requires a quantum communication infrastructure to transfer quantum states between the user and the bank. Gavinsky (CCC 2012) introduced the notion of classically verifiable quantum money, which allows verification through classical communication. In this work we introduce the notion of classical minting, and combine it with classical verification to introduce semi-quantum money. Semi-quantum money is the first type of quantum money to allow transactions with completely classical communication and an entirely classical bank. This work features constructions for both a public memory-dependent semi-quantum money scheme and a private memoryless semi-quantum money scheme. The public construction is based on the works of Zhandry and Coladangelo, and the private construction is based on the notion of Noisy Trapdoor Claw Free Functions (NTCF) introduced by Brakerski et al. (FOCS 2018). In terms of technique, our main contribution is a perfect parallel repetition theorem for NTCF.
We consider the optimal cloning of quantum coherent states with single-clone and joint fidelity as figures of merit. Both optimal fidelities are attained for phase space translation covariant cloners. Remarkably, the joint fidelity is maximized by a Gaussian cloner, whereas the single-clone fidelity can be enhanced by non-Gaussian operations: a symmetric non-Gaussian 1-to-2 cloner can achieve a single-clone fidelity of approximately 0.6826, perceivably higher than the optimal fidelity of 2/3 in a Gaussian setting. This optimal cloner can be realized by means of an optical parametric amplifier supplemented with a particular source of non-Gaussian bimodal states. Finally, we show that the single-clone fidelity of the optimal 1-to-infinity cloner, corresponding to a measure-and-prepare scheme, cannot exceed 1/2. This value is achieved by a Gaussian scheme and cannot be surpassed even with supplemental bound entangled states.
We put forward the idea that classical blockchains and smart contracts are potentially useful primitives not only for classical cryptography, but for quantum cryptography as well. Abstractly, a smart contract is a functionality that allows parties to deposit funds, and release them upon fulfillment of algorithmically checkable conditions, and can thus be employed as a formal tool to enforce monetary incentives. In this work, we give the first example of the use of smart contracts in a quantum setting. We describe a simple hybrid classical-quantum payment system whose main ingredients are a classical blockchain capable of handling stateful smart contracts, and quantum lightning, a strengthening of public-key quantum money introduced by Zhandry (Eurocrypt19). Our hybrid payment system employs quantum states as banknotes and a classical blockchain to settle disputes and to keep track of the valid serial numbers. It has several desirable properties: it is decentralized, requiring no trust in any single entity; payments are as quick as quantum communication, regardless of the total number of users; when a quantum banknote is damaged or lost, the rightful owner can recover the lost value.
We propose a probabilistic quantum cloning scheme using Greenberger-Horne-Zeilinger states, Bell basis measurements, single-qubit unitary operations and generalized measurements, all of which are within the reach of current technology. Compared to another possible scheme via Tele-CNOT gate [D. Gottesman and I. L. Chuang, Nature 402, 390 (1999)], the present scheme may be used in experiment to clone the states of one particle to those of two different particles with higher probability and less GHZ resources.