Search papers, labs, and topics across Lattice.
This paper establishes a black-box separation between single-copy secure pseudorandom states (1PRS) of varying output lengths, demonstrating that while 1PRS with output length \( m(n) = 1.1n \) can exist, those with lengths \( m(n) = \Omega(n^{2+\epsilon}) \) cannot, for any \( \epsilon > 0 \). This finding is significant as it clarifies the limitations of stretching quantum pseudorandomness, a property that parallels classical pseudorandom generators. The authors employ the Common Haar Random State (CHRS) model to bound the effective number of resource states used by any 1PRS generator, thereby providing a novel technique for analyzing quantum pseudorandomness.
Quantum pseudorandom states can only be stretched to a limited extent, revealing a stark contrast with classical counterparts.
Pseudorandom states, introduced by Ji, Liu, and Song (CRYPTO '18), are quantum analogues of classical pseudorandom generators. A fundamental property of classical pseudorandom generators is that their output can be stretched to arbitrary polynomial length. Whether an analogous stretching property holds for quantum pseudorandom states remains unclear. In this work, we prove the first black-box separation between single-copy secure pseudorandom states ($\mathsf{1PRS}$) with different output lengths. Specifically, we construct a quantum oracle relative to which $\mathsf{1PRS}$ with output length $m(n)=1.1n$ exist, but $\mathsf{1PRS}$ with output length $m(n)=惟(n^{2+蔚})$ do not, for any $蔚>0$. Our proof leverages the Common Haar Random State (CHRS) model introduced by Chen, Coladangelo, and Sattath (EUROCRYPT '25), and introduces a technique to bound the effective number of resource CHRS states utilized by any $\mathsf{1PRS}$ generator in this model.