What does it mean to commit to a quantum state? In this work, we propose a
simple answer: a commitment to quantum messages is binding if, after the commit
phase, the committed state is hidden from the sender's view. We accompany this
new definition with several instantiations. We build the first non-interactive
succinct quantum state commitments, which can be seen as an analogue of
collision-resistant hashing for quantum messages. We also show that hiding
quantum state commitments (QSCs) are implied by any commitment scheme for
classical messages. All of our constructions can be based on
quantum-cryptographic assumptions that are implied by but are potentially
weaker than one-way functions.
Commitments to quantum states open the door to many new cryptographic
possibilities. Our flagship application of a succinct QSC is a
quantum-communication version of Kilian's succinct arguments for any language
that has quantum PCPs with constant error and polylogarithmic locality.
Plugging in the PCP theorem, this yields succinct arguments for NP under
significantly weaker assumptions than required classically; moreover, if the
quantum PCP conjecture holds, this extends to QMA. At the heart of our security
proof is a new rewinding technique for extracting quantum information