We construct a quantum oracle relative to which $\mathsf{BQP} = \mathsf{QMA}$ but cryptographic pseudorandom quantum states and pseudorandom unitary transformations exist, a counterintuitive result in light of the fact that pseudorandom states can be "broken" by quantum Merlin-Arthur adversaries. We explain how this nuance arises as the result of a distinction between algorithms that operate on quantum and classical inputs. On the other hand, we show that some computational complexity assumption is needed to construct pseudorandom states, by proving that pseudorandom states do not exist if $\mathsf{BQP} = \mathsf{PP}$. We discuss implications of these results for cryptography, complexity theory, and quantum tomography.

翻译：我们构造了一个量子谕示，在该谕示下$\mathsf{BQP} = \mathsf{QMA}$，但密码学伪随机量子态和伪随机酉变换存在。这一结果看似反常，因为伪随机态本可被量子梅林-亚瑟对手“破解”。我们阐释了这种微妙性源于对量子输入和经典输入进行操作的算法之间的区别。另一方面，我们证明了若$\mathsf{BQP} = \mathsf{PP}$，则伪随机态不存在，从而表明构造伪随机态需要某些计算复杂性假设。我们讨论了这些结果对密码学、复杂性理论和量子层析成像的启示。