Quantum Computational Unpredictability Entropy and Quantum Leakage Resilience

Computational entropies provide a framework for quantifying uncertainty and randomness under computational constraints. They play a central role in classical cryptography, underpinning the analysis and construction of primitives such as pseudo-random generators, leakage-resilient cryptography, and randomness extractors. In the quantum setting, however, computational analogues of entropy remain largely unexplored. In this work, we initiate the study of quantum computational entropy by defining quantum computational unpredictability entropy, a natural generalization of classical unpredictability entropy to the quantum setting. Our definition builds on the operational interpretation of quantum min-entropy as the optimal guessing probability, while restricting the adversary to efficient guessing strategies. We prove that this entropy satisfies several fundamental properties, including a leakage chain rule that holds even in the presence of unbounded prior quantum side-information. We also show that unpredictability entropy enables pseudo-randomness extraction against quantum adversaries with bounded computational power. Together, these results lay a foundation for developing cryptographic tools that rely on min-entropy in the quantum computational setting.

💡 Research Summary

The paper initiates a systematic study of quantum computational entropy, a notion that has been largely absent from quantum cryptography despite its central role in the classical setting. The authors introduce quantum computational unpredictability entropy (denoted H₍unp₎), which extends the classical unpredictability entropy to the quantum realm by restricting the adversary’s guessing strategies to polynomial‑size quantum circuits.

Definition and Smoothing
Starting from the operational interpretation of the quantum conditional min‑entropy H₍min₎(X|E) = –log P₍guess₎(X|E), the authors define H₍unp₎^{(s)}(X|E) ≥ k to mean that any quantum circuit C of size at most s, when given the cq‑state ρ_{X E}, succeeds in guessing X with probability at most 2^{‑k}. To make the notion robust for cryptographic applications, they introduce an ε‑smooth version using the purified distance Δ_P. A state ˜ρ that is Δ_P‑close to the original ρ is allowed, but the guessing bound still applies to circuits of size s. Importantly, the distance itself is defined via unbounded distinguishers, preserving the information‑theoretic spirit of smoothing while keeping the entropy measurement computationally constrained.

Quantum Leakage Chain Rule
The central technical contribution is a quantum leakage chain rule (Theorem II.3). For a cq‑state ρ_{X B C} with X classical, any leakage register C of dimension 2^{ℓ} reduces the unpredictability entropy by at most 2ℓ, provided the adversary’s circuit size is increased by O(ℓ). Formally:

H₍ε, unp₎^{(s)}(X|B C) ≥ H₍ε, unp₎^{(s+O(ℓ))}(X|B) – 2ℓ.

The factor 2ℓ is intrinsic to quantum information (it can be traced back to super‑dense coding) and is tight in general. Unlike the earlier quantum HILL‑entropy framework