Analyzing QROM security under NISQ constraints—hybrid queries, noisy oracles, and limited quantum circuit depth—poses significant challenges due to the inapplicability of standard quantum reduction techniques. Method: We introduce the first upgrade theorem for hybrid algorithms and a “hybrid-consistent measurement–reprogramming” framework, grounded in classical combinatorial reasoning. This enables unified modeling and succinct proofs of security games in NISQ settings without recourse to intricate quantum analysis. Contribution/Results: We establish the first average-case direct-product theorem for hybrid settings, thereby proving NISQ security—under both non-uniform and uniform models—for salted games, multi-instance one-wayness, and collision resistance. Our framework extends QROM security proofs from idealized quantum assumptions to realistic, resource-constrained scenarios, markedly enhancing theoretical practicality and verifiability.

We give novel lifting theorems for security games in the quantum random oracle model (QROM) in Noisy Intermediate-Scale Quantum (NISQ) settings such as the hybrid query model, the noisy oracle and the bounded-depth models. We provide, for the first time, a hybrid lifting theorem for hybrid algorithms that can perform both quantum and classical queries, as well as a lifting theorem for quantum algorithms with access to noisy oracles or bounded quantum depth. At the core of our results lies a novel measure-and-reprogram framework, called hybrid coherent measure-and-reprogramming, tailored specifically for hybrid algorithms. Equipped with the lifting theorem, we are able to prove directly NISQ security and complexity results by calculating a single combinatorial quantity, relying solely on classical reasoning. As applications, we derive the first direct product theorems in the average case, in the hybrid setting-i.e., an enabling tool to determine the hybrid hardness of solving multi-instance security games. This allows us to derive in a straightforward manner the NISQ hardness of various security games, such as (i) the non-uniform hardness of salted games, (ii) the hardness of specific cryptographic tasks such as the multiple instance version of one-wayness and collision-resistance, and (iii) uniform or non-uniform hardness of many other games.