Computational Indistinguishability Between Quantum States and Its Cryptographic Application


We introduce a problem of distinguishing between two quantum states as a new underlying problem to build a computational cryptographic scheme that is ”secure” against quantum adversary. Our problem is a natural generalization of the distinguishability problem between two probability distributions, which are commonly used in computational cryptography. More precisely, our problem QSCD ff is the computational distinguishability problem between two types of random coset states with a hidden permutation over the symmetric group. We show that (i) QSCD ff has the trapdoor property; (ii) the average-case hardness of QSCD ff coincides with its worst-case hardness; and (iii) QSCD ff is at least as hard in the worst case as the graph automorphism problem. Moreover, we show that QSCD ff cannot be efficiently solved by any quantum algorithm that naturally extends Shor’s factorization algorithm. These cryptographic properties of QSCD ff enable us to construct a public-key cryptosystem, which is likely to withstand any attack of a polynomial-time quantum adversary.