Simple Tests of Quantumness Also Certify Qubits
Paper in proceeding, 2023

A test of quantumness is a protocol that allows a classical verifier to certify (only) that a prover is not classical. We show that tests of quantumness that follow a certain template, which captures recent proposals such as [KCVY21, KLVY22], can in fact do much more. Namely, the same protocols can be used for certifying a qubit, a building-block that stands at the heart of applications such as certifiable randomness and classical delegation of quantum computation. Certifying qubits was previously only known to be possible based on families of post-quantum trapdoor claw-free functions (TCF) with an advanced “adaptive hardcore bit” property, which have only been constructed based on the hardness of the Learning with Errors problem [BCM+21] and recently isogeny-based group actions [AMR23]. Our framework allows certification of qubits based only on the existence of post-quantum TCF, without the adaptive hardcore bit property, or on quantum fully homomorphic encryption. These can be instantiated, for example, from Ring Learning with Errors. This has the potential to improve the efficiency of qubit certification and derived functionalities. On the technical side, we show that the quantum soundness of any such protocol can be reduced to proving a bound on a simple algorithmic task: informally, answering “two challenges simultaneously” in the protocol. Our reduction formalizes the intuition that these protocols demonstrate quantumness by leveraging the impossibility of rewinding a general quantum prover. This allows us to prove tight bounds on the quantum soundness of [KCVY21] and [KLVY22], showing that no quantum polynomial-time prover can succeed with probability larger than cos2π8≈0.853. Previously, only an upper bound on the success probability of classical provers, and a lower bound on the success probability of quantum provers, were known. We then extend this proof of quantum soundness to show that provers that approach the quantum soundness bound must perform almost anti-commuting measurements. This certifies that the prover holds a qubit.

Author

Zvika Brakerski

Weizmann Institute of Science

Alexandru Gheorghiu

Chalmers, Computer Science and Engineering (Chalmers), Data Science and AI

Gregory D. Kahanamoku-Meyer

University of California

Lawrence Berkeley National Laboratory

Eitan Porat

Weizmann Institute of Science

Thomas Vidick

Weizmann Institute of Science

California Institute of Technology (Caltech)

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

03029743 (ISSN) 16113349 (eISSN)

Vol. 14085 LNCS 162-191
9783031385537 (ISBN)

Advances in Cryptology – CRYPTO 2023 - 43rd Annual International Cryptology Conference, CRYPTO 2023, Proceedings
Santa Barbara, USA,

Subject Categories

Computer Science

Condensed Matter Physics

DOI

10.1007/978-3-031-38554-4_6

More information

Latest update

10/13/2023