In this work, we propose a new way to (non-interactively, verifiably) demonstrate Quantum Advantage by solving the average-case $\mathsf{NP}$ search problem of finding a solution to a system of (underdetermined) multivariate quadratic equations over the finite field $\mathbb{F}_2$ drawn from a specified distribution. In particular, we design a distribution of degree-2 polynomials $\{p_i(x_1,\ldots,x_n)\}_{i\in [m]}$ for $m<n$ over $\mathbb{F}_2$ for which we show that there is a quantum polynomial-time algorithm that simultaneously solves $\{p_i(x_1,\ldots,x_n)=y_i\}_{i\in [m]}$ for a random vector $(y_1,\ldots,y_m)$. On the other hand, while a solution exists with high probability, we conjecture that it is classically hard to find one based on classical cryptanalysis that we provide, including a comprehensive review of all known relevant classical algorithms for solving multivariate quadratics. Our approach proceeds by examining the Yamakawa-Zhandry (FOCS 2022) quantum advantage scheme and replacing the role of the random oracle with our multivariate quadratic equations. Our work therefore gives several new perspectives: First, our algorithm gives a counterexample to the conventional belief that generic classically hard multivariate quadratic systems are also quantumly hard. Second, based on cryptanalytic evidence, our work gives an explicit simple replacement for the random oracle from the work of Yamakawa and Zhandry. We show how to instantiate the random oracle with families of just degree two multivariate polynomials over $\mathbb{F}_2$.

翻译：在本研究中，我们提出了一种（非交互式、可验证的）量子优势证明新方法，该方法通过求解从特定分布中抽取的有限域 $\mathbb{F}_2$ 上（欠定）多元二次方程组的平均情况 $\mathsf{NP}$ 搜索问题来实现。具体而言，我们为 $m<n$ 的情况设计了有限域 $\mathbb{F}_2$ 上的一组二次多项式分布 $\{p_i(x_1,\ldots,x_n)\}_{i\in [m]}$，并证明存在量子多项式时间算法能够同时求解随机向量 $(y_1,\ldots,y_m)$ 对应的方程组 $\{p_i(x_1,\ldots,x_n)=y_i\}_{i\in [m]}$。另一方面，虽然解以高概率存在，但基于我们提供的经典密码分析（包括对现有所有相关经典多元二次方程求解算法的全面综述），我们推测经典计算难以找到解。我们的研究方法通过审视 Yamakawa-Zhandry（FOCS 2022）量子优势方案，并将其中的随机预言机替换为我们的多元二次方程组来实现。因此，本研究提供了若干新视角：首先，我们的算法对"经典计算困难的通用多元二次方程组同样对量子计算困难"这一传统观念提出了反例。其次，基于密码分析证据，我们的工作为 Yamakawa 和 Zhandry 研究中的随机预言机提供了显式简单替代方案。我们展示了如何仅用 $\mathbb{F}_2$ 上的二次多元多项式族来实例化随机预言机。