Incompressibility of Pseudorandom Quantum States

Updated 27 January 2026

The work demonstrates that no efficient quantum algorithm can compress pseudorandom states without a significant loss in their distinguishing pseudorandomness.
Incompressibility is formalized through both oracle-based reductions and information-theoretic bounds that highlight exponentially diminishing fidelity when states are compressed.
The implications extend to quantum cryptography and complexity theory, ensuring secure protocol design by prohibiting succinct representations of high-entropy quantum states.

A pseudorandom quantum state (PRS) ensemble is a collection of efficiently generable quantum states that are computationally indistinguishable from Haar-random pure states on $n$ qubits, where $n$ is typically a polynomial in a security parameter $\lambda$ . The incompressibility property for PRS formalizes the impossibility of compressing these high-entropy quantum states into substantially fewer qubits (beyond a negligible loss), either by physical means or by black-box algorithmic transformations, without sacrificing their essential pseudorandomness. This phenomenon is distinctively quantum and underpins both foundational and applied aspects of quantum information theory and cryptography.

1. Definitions and Formalization

Let $\lambda$ denote a security parameter and $n = n(\lambda)$ a polynomially bounded function. A family of quantum states $\{\,|\psi_k\rangle\,\}_{k\in\{0,1\}^\lambda} \subset \mathbb{C}^{2^n}$ forms a pseudorandom state ensemble if:

Efficient generation: There is a quantum polynomial-time (QPT) algorithm $G$ such that $G(1^\lambda, k)$ outputs $|\psi_k\rangle$ on $n$ qubits.
Pseudorandomness: For every QPT distinguisher $n$ 0 and every polynomial $n$ 1,

$n$ 2

where $n$ 3 uniformly and $n$ 4 is Haar-random on $n$ 5 qubits.

Compressibility vs. incompressibility is defined as follows: Given completely positive trace-preserving (CPTP) maps $n$ 6 and $n$ 7 with $n$ 8, the ensemble is compressible if

$n$ 9

for some polynomial $\lambda$ 0 and trace distance $\lambda$ 1. The ensemble is incompressible if no such pair $\lambda$ 2 exists for any $\lambda$ 3 with non-negligible success (Barhoush et al., 24 Jan 2026).

Short-PRSs specialize to the case $\lambda$ 4, i.e., they map the key into logarithmically small quantum states while still aiming for pseudorandomness.

2. Incompressibility Theorems and Black-Box Barriers

Two main lines of formal results establish the incompressibility of pseudorandom quantum states.

Cryptographic Relativized No-Shrinking: There exists a quantum oracle $\lambda$ 5 such that polynomial-qubit PRS exist relative to $\lambda$ 6, but no $\lambda$ 7-qubit PRS exists for any $\lambda$ 8 (Bouaziz--Ermann et al., 2024). More precisely, no black-box reduction can transform a polynomial-qubit PRS ensemble into a log-qubit PRS ensemble while preserving pseudorandomness in this oracle setting.
Information-Theoretic Incompressibility: For any PRS ensemble $\lambda$ 9, any efficient QPT pair $\lambda$ 0 cannot compress these states to $\lambda$ 1 qubits and recover them with non-negligible fidelity for more than a negligible fraction of keys, or else one would distinguish PRS from Haar (contradicting pseudorandomness) (Barhoush et al., 24 Jan 2026, Brakerski et al., 2019).

The following key technical lemma underlies the information-theoretic barrier: for a uniformly Haar-random $\lambda$ 2-qubit state $\lambda$ 3, any compression to $\lambda$ 4 qubits has average entanglement fidelity $\lambda$ 5, rendering the expected fidelity exponentially small. Levy’s lemma guarantees that a typical $\lambda$ 6 is incompressible with overwhelming probability.

3. Proof Techniques and Core Arguments

The proof strategies for incompressibility and no-shrinking results divide into two main categories:

Oracle separations via black-box reductions: The argument in (Bouaziz--Ermann et al., 2024) shows by contradiction that any black-box reduction compressing a polynomial-qubit PRS to short-PRS would yield a quantum pseudodeterministic one-way function (PD-OWF). Such an OWF, if existing relative to an oracle $\lambda$ $λ$ 7 for which QMA $\lambda$ $λ$ 8BQP $\lambda$ $λ$ 9, would enable a QMA vs. BQP separation, contradicting Kretschmer’s (2021) oracle construction where no such separation exists. The compositional structure is:
1. Short-PRS $n = n(\lambda)$ 0 PD-OWF (via Barhoush–Salvail [BS23])
2. PD-OWF $n = n(\lambda)$ 1 QMA $n = n(\lambda)$ 2 BQP $n = n(\lambda)$ 3 (by a promise-problem binary search attack)
3. Contradiction, as $n = n(\lambda)$ 4 satisfies QMA $n = n(\lambda)$ 5 BQP $n = n(\lambda)$ 6.
Information-theoretic PRS incompressibility: The central idea is that if polynomial-qubit PRS could be compressed efficiently to $n = n(\lambda)$ 7 qubits with negligible error, then the same compression would act trivially on Haar-random states, yet typical Haar-random states cannot be compressed, violating pseudorandomness. Explicitly, one constructs a SWAP-test-based distinguisher which, given multiple copies, compresses and decompresses, and tests fidelity. If the process succeeds for PRS, but fails with exponentially small probability for Haar, the two ensembles are distinguished, contradicting the definition of PRS (Barhoush et al., 24 Jan 2026, Brakerski et al., 2019).

4. Circuit Constructions and State Designs

Elementary PRS constructions exist using binary-phase superpositions. For instance, with a post-quantum secure pseudorandom function $n = n(\lambda)$ 8, one can define

$n = n(\lambda)$ 9

Efficient generation is achievable via a layer of Hadamard gates followed by $\{\,|\psi_k\rangle\,\}_{k\in\{0,1\}^\lambda} \subset \mathbb{C}^{2^n}$ 0 implemented in Toffoli gates. This construction realizes PRS ensembles that are indistinguishable from Haar for any polynomial number of copies, with trace distance bounded by $\{\,|\psi_k\rangle\,\}_{k\in\{0,1\}^\lambda} \subset \mathbb{C}^{2^n}$ 1 for up to $\{\,|\psi_k\rangle\,\}_{k\in\{0,1\}^\lambda} \subset \mathbb{C}^{2^n}$ 2 copies (Brakerski et al., 2019).

A plausible implication is that any efficient compression-decompression circuit family applied to these binary-phase PRS would violate indistinguishability from Haar if it could recover the original state up to non-negligible trace distance error; thus, even practically structured PRS instantiations are subject to incompressibility.

5. Cryptographic and Structural Implications

The incompressibility property for PRS has multiple consequences for quantum cryptographic constructions and complexity theory:

No black-box PRS shrinking: Unlike classical PRGs, which can be truncated without loss of pseudorandomness, quantum PRS cannot be black-box compressed (shrunk) in output qubit count while retaining their computational indistinguishability from Haar (Bouaziz--Ermann et al., 2024).
Short-PRSs correspond to stronger primitives: The existence of short-PRS (log-qubit) would imply quantum pseudodeterministic one-way functions, which, in oracle worlds such as Kretschmer's, collapse QMA $\{\,|\psi_k\rangle\,\}_{k\in\{0,1\}^\lambda} \subset \mathbb{C}^{2^n}$ 3 into BQP $\{\,|\psi_k\rangle\,\}_{k\in\{0,1\}^\lambda} \subset \mathbb{C}^{2^n}$ 4, an undesirable or impossible complexity collapse in relativized models.
Limits in quantum protocol design: Any protocol that leverages the black-box structure of a PRS (e.g., using it purely for sampling and testing) cannot safely reduce state size without violating protocol security—affecting quantum encryption, signatures, commitments, and zero knowledge (Bouaziz--Ermann et al., 2024).
Barriers for simulation-based quantum cryptography: PRS incompressibility rules out succinct simulation-secure quantum functional encryption, as any efficient simulator would require compressing the full PRS state into a shorter ciphertext with negligible error, which is impossible (Barhoush et al., 24 Jan 2026).

6. Potential Directions and Bypass Strategies

The impossibility results for PRS shrinking and incompressibility are relativized (oracle-based): they apply to purely black-box models that do not leverage structure beyond sampling and querying. Prospective non-black-box constructions, potentially using algebraic, code-based, or number-theoretic approaches inaccessible to quantum oracles, might circumvent incompressibility by embedding verifiable structure permitting post-hoc certification of state origin or enabling lossy compression under additional assumptions (Bouaziz--Ermann et al., 2024).

Developing such techniques remains an open challenge and an area of ongoing investigation, with meaningful ramifications for quantum cryptographic primitives and the quantum complexity landscape.