Controlled-query security for PRUs

Determine whether the PFC-based pseudorandom unitary construction remains secure when the distinguisher has controlled access to the unitary (i.e., access to controlled-U operations), by proving computational indistinguishability from Haar-random unitaries under controlled query access.

Background

Beyond adaptive and inverse-query models, practical cryptographic and algorithmic scenarios may grant controlled-U access. The authors explicitly note uncertainty about proving security in this stronger model.

This problem asks for techniques that handle controlled queries within the PRU framework and demonstrate indistinguishability from Haar-random behavior under such access.

References

Proving security with controlled access to the unitary is similarly unclear.

Simple constructions of linear-depth t-designs and pseudorandom unitaries (2404.12647 - Metger et al., 19 Apr 2024) in Section 7 (Discussion and future directions)