CryptoDB
How to Model Unitary Oracles
| Authors: |
|
|---|---|
| Download: | |
| Conference: | CRYPTO 2025 |
| Abstract: | We make the case for modeling unitary oracles by allowing for controlled access to the oracle as well as its conjugate transpose (inverse), but also its conjugate and transpose. Controlling and conjugate transposes are common if even standard, but conjugates and transposes appear to be non-standard. In order to justify our modeling, we give several formal examples of what goes wrong or is missed when using a more restrictive modeling. We also argue that our model is the ``right'' level of granularity, and that other transformation likely do not correspond to efficient computation. We also discuss other modeling choices, such as ancillas and approximation error. Through our exploration, we uncover interesting phenomena. Examples include an attack on the recent pseudorandom unitary construction of Ma and Huang (STOC'25) if used incorrectly as a *publicly evaluatable* unitary, and a quantum complexity-theoretic separation that follows from a purely classical separation. |
BibTeX
@inproceedings{crypto-2025-35561,
title={How to Model Unitary Oracles},
publisher={Springer-Verlag},
author={Mark Zhandry},
year=2025
}