on a quantum computer
play

on a quantum computer On quantum arithmetic and space-time - PowerPoint PPT Presentation

Mar 05, 2023 •438 likes •1.21k views

Attacking binary elliptic curves on a quantum computer On quantum arithmetic and space-time trade-offs Martin Roetteler Microsoft Research Based on joint work with Brittanney Amento and Rainer Steinwandt [arXiv.org: 1209.5491, 1209.6348,

  1. Attacking binary elliptic curves on a quantum computer On quantum arithmetic and space-time trade-offs Martin Roetteler Microsoft Research Based on joint work with Brittanney Amento and Rainer Steinwandt [arXiv.org: 1209.5491, 1209.6348, 1306.1161] DIMACS Workshop on the Mathematics of Post-Quantum Cryptography January 15, 2015

  2. Motivation • Analyze resources needed to implement Shor • Focus: Computing dlogs over abelian groups • Possible circuit optimizations • Scaling of space (=#qubits) and time (=depth)? Please ask questions during talk! 1/15/2015 M. Roetteler -- QuArC Group @ MSR 2

  3. Background: Quantum resources

  4. Quantum bits and registers ≠ 1/15/2015 M. Roetteler -- QuArC Group @ MSR 4

  5. Measurements 1/15/2015 M. Roetteler -- QuArC Group @ MSR 5

  6. Examples: local operations and CNOT 1/15/2015 M. Roetteler -- QuArC Group @ MSR 6

  7. Notation for unitary matrices Wire = qubit 1/15/2015 M. Roetteler -- QuArC Group @ MSR 7

  8. Universality theorem 1/15/2015 M. Roetteler -- QuArC Group @ MSR 8

  9. Levels of abstraction Many more levels down (FTQECC, q control) and up (prog lang) 1/15/2015 M. Roetteler -- QuArC Group @ MSR 9

  10. Operations on subspaces 1/15/2015 M. Roetteler -- QuArC Group @ MSR 10

  11. Controlled rotations Remark: For 𝑉 = 𝑂𝑃𝑈 , the gate Λ 1 𝑂𝑃𝑈 is the CNOT gate. The gate Λ 2 (𝑂𝑃𝑈) is called the Toffoli gate. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 11

  12. Discrete universal gate sets Important universal gate set “ Clifford + T ” (for logical operations): Consists of all Clifford operations (i.e., the group generated by 𝐼 2 , 𝐷𝑂𝑃𝑈 and 𝑒𝑗𝑏𝑕(1, 𝑗)) and the “T gate” (T = 𝑒𝑗𝑏𝑕(1, 𝜕 8 )) . Can be shown to be universal, i.e., for any unitary U and any given 𝜗 > 0, there exists an element A in the Clifford+T group such that || 𝑉 − 𝐵 || ≤ 𝜗 . • This gate set arises naturally in the context of fault-tolerant quantum computing for several quantum codes, e.g., Steane code, surface code. • T gate usually implemented via a process called “magic state distillation” which is very expensive. Much more expensive than Clifford gates. • Common metrics used to measure resources: • T-count = total number of T gates used in a circuit • T-depth = number of T- layers when a circuit is written as C T C … T C • #qubits = total number of qubits used, including “ ancillas ” (=scratch space) Typically, single-qubit rotations account for most of the cost! 1/15/2015 M. Roetteler -- QuArC Group @ MSR 12

  13. Bounding resources: T gates A useful factorization: Lemma: If a unitary U can be implemented exactly over Clifford+T, then also Λ (U) can be implemented exactly. [arxiv.org:1206.0758] This Lemma be used in some situations to avoid all errors due to single qubit approximations.   0 0 2 0 0   1 6 3 16 16   Cost of controlled unitaries:    0 2 2 4 4 M   • Tracking v=[#loc, #CNOT,#H, #P, #T] 0 1 2 3 2     • From U to Λ (U): matrix vector multiplication Mv.   0 7 2 14 15 1/15/2015 M. Roetteler -- QuArC Group @ MSR 13

  14. Solovay-Kitaev algorithm Goal: Approximate unitaries by elements of dense subgroup 𝐻 ≤ 𝑉(𝑂) Basic idea: Successive refining of a “net” using commutators [Image source: Nielsen/Chuang, CUP 2000] Implementations: • [Kitaev, Shen, Vyialyi, AMS 2002]: log 3+ δ (1/ ε ) time, log 3+ δ (1/ ε ) length • [Dawson, Nielsen, quant-ph/0505030]: log 2.71 (1/ ε ) time, log 3.97 (1/ ε ) length • [Harrow, Recht, Chuang, quant-ph/0111031]: non-constructive, log (1/ ε ) length 1/15/2015 M. Roetteler -- QuArC Group @ MSR 14

  15. Single qubit gates: synthesis methods Basic idea: [Kliuchnikov/Maslov/Mosca 2012], [Selinger 2012] Shown are all unitaries in 〈𝐼, 𝑈〉 that are obtainable from a simple round-off procedure and have T-count ≤ 12. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 15 [Slide concept by V. Kliuchnikov]

  16. T ools from the theory of reversible computing

  17. Classical circuits • Consider functions from n≥1 bits to m≥1 bits. We are interested in implementing functions by combinational circuits , i.e., circuits that do not make use of memory elements or feedback. • Universal families of gates exist, i.e., sets of elementary gates from which any circuit can be built. a a Λ b a a b • We can compose gates together to make larger circuits. • Problem for quantum computing: many gates are not reversible! 1/15/2015 M. Roetteler -- QuArC Group @ MSR 17 [Slide concept by M. Mosca, Waterloo]

  18. How to invert an irreversible operation? 1/15/2015 M. Roetteler -- QuArC Group @ MSR 18

  19. Reversible computation 1/15/2015 M. Roetteler -- QuArC Group @ MSR 19

  20. How to make circuits reversible? Example: Replace each gate with a reversible one: [Slide concept by M. Mosca, Waterloo] 1/15/2015 M. Roetteler -- QuArC Group @ MSR 20

  21. How to avoid garbage? • Replacing each gate with a reversible one works fine, however, it produces “garbage”, i.e., help registers will be in a state different from 0 at the end. • While this is fine for reversible computing, it is bad for quantum computing (it will prevent interference). • There is a way out of this dilemma: the Bennett trick Idea: compute forward, copy the result, “ uncompute ” the garbage by running the computation backwards. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 21

  22. Uncomputing the garbage Replace each gate with a reversible one: -1 T 1 T 1 0 0 -1 T 2 T 2 0 0 -1 T n T n 0 0 0 1/15/2015 M. Roetteler -- QuArC Group @ MSR 22

  23. The pebble game Rules of the game: [Bennett, SIAM J. Comp., 1989] • n boxes, labeled i = 1, …, n • in each move, either add or remove a pebble • a pebble can be added or removed in i=1 at any time • a pebble can be added of removed in i>1 if and only if there is a pebble in i-1. # i 1 1 Example: 2 2 3 3 4 4 5 3 6 2 1 2 3 4 7 1 1/15/2015 M. Roetteler -- QuArC Group @ MSR 23

  24. The pebble game Imposing resource constraints: • only a total of S pebbles are allowed • corresponds to reversible algorithm with at most S ancilla qubits # i 1 1 2 2 3 3 Example: (n=3, S=3) 4 1 5 4 6 3 7 1 8 2 1 2 3 4 9 1 1/15/2015 M. Roetteler -- QuArC Group @ MSR 24

  25. Optimal pebbling strategies Definition: Let X be solution of pebble game. Let T(X) be # steps and Let S(X) be #pebbles. Define F(n,S ) = min { T(X) : S(X) ≤ S }. Table (small values of F): [E.Knill, arxiv:math/9508218] 1/15/2015 M. Roetteler -- QuArC Group @ MSR 25

  26. Time-space tradeoffs Let A be an algorithm with time complexity T and space complexity S. • Using reversible pebble game, [Bennett, SIAM J. Comp. 1989] showed that for any ε>0 there is a reversible algorithm A’ with time complexity O(T 1+ ε ) and space complexity O(S ln(T)). • Issue: one cannot simply take the limit ε→0. The space would grow in an unbounded way (as O( ε 2 1/ ε S ln(T))). • Improved analysis [Levine, Sherman, SIAM J. Comp. 1990] showed that for any ε>0 there is a reversible algorithm A’ with time complexity O(T 1+ ε /S ε ) and space complexity O(S (1+ln(T/S))). • Other time/space tradeoffs: [Buhrman, Tromp, Vitányi , ICALP’01] Research topic: develop a “compiler” that takes a classical combinational circuit as input and translates it into a reversible circuit, with respect to various resource constraints. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 26

  27. Shor

  28. Reducing factoring to period finding • Modular exponentiation: Let N be an integer and let a be in Z N . Modular exponentiation is the map f(x) := a x mod N. • Fact: The map f can be implemented in O(poly(log N)) ops. • Fact: It can be shown that it can also be implemented efficiently on a quantum computer. • More facts: – Recall that the order of a is defined as the smallest integer r such that a r = 1 mod N. – The function f(x) := a x mod N is periodic with period r equal to the order of a, i. e., f (x) = f (x + r) for all x. – The problem of factoring N can be reduced to period finding for modular exponentiation f (for random a). 1/15/2015 M. Roetteler -- QuArC Group @ MSR 28

  29. Setting up a periodic state Observation: The function f(x) = a x mod N is periodic and has period length r, • i. e., f (x) = f (x + r) for all inputs x. • Example: graph of the function f (x) = 2x mod 165:  | y f(x) | x 29 M. Roetteler -- QuArC Group @ MSR 1/15/2015

  30. Shor’s algorithm for period finding 1/15/2015 M. Roetteler -- QuArC Group @ MSR 30

  31. Period finding using coset states 1/15/2015 M. Roetteler -- QuArC Group @ MSR 31

  32. Discrete Fourier Transforms 1/15/2015 M. Roetteler -- QuArC Group @ MSR 32

  33. Discrete Fourier Transform (DFT/QFT) 1/15/2015 M. Roetteler -- QuArC Group @ MSR 33

  34. Quantum Fast Fourier Transform 1/15/2015 M. Roetteler -- QuArC Group @ MSR 15

  35. The Hidden Subgroup Problem 1/15/2015 M. Roetteler -- QuArC Group @ MSR 35

Recommend

Quantum Error Correction On a quantum computer, a single electron or nucleus Peter J. Cameron in

Quantum Error Correction On a quantum computer, a single electron or nucleus Peter J. Cameron in

Classical v quantum In a classical computer, each bit of information is stored by a transistor containing trillions of electrons. Quantum Error Correction On a quantum

457 views • 3 slides
Quantum search with advice Ashley Montanaro Department of Computer Science, University of

Quantum search with advice Ashley Montanaro Department of Computer Science, University of

Quantum search with advice Ashley Montanaro Department of Computer Science, University of Bristol, UK arXiv:0908.3066 Quantum computing in a nutshell A quantum computer is a machine which uses quantum physics to achieve a speed-up, or other

958 views • 66 slides
Cryptography for the quantum internet Elements of a quantum TLS Christian Majenz

Cryptography for the quantum internet Elements of a quantum TLS Christian Majenz

Cryptography for the quantum internet Elements of a quantum TLS Christian Majenz Colloquium Informatics Institute, University of Amsterdam Quantum computers Quantum computers Accelerating effort to build a quantum computer Quantum

1.74k views • 115 slides
Qu Quantum co computers, ho how do do the hey work and nd wha hat can n the hey do do?

Qu Quantum co computers, ho how do do the hey work and nd wha hat can n the hey do do?

Qu Quantum co computers, ho how do do the hey work and nd wha hat can n the hey do do? Outline Quantum technology Quantum computing What is the advantage? The qubits Operating the quantum computer Quantum computing initiatives

475 views • 31 slides
Simulating Quantum Field Theories on a Quantum Computer Stephen Jordan C a n q u a n t u m c o m

Simulating Quantum Field Theories on a Quantum Computer Stephen Jordan C a n q u a n t u m c o m

Simulating Quantum Field Theories on a Quantum Computer Stephen Jordan C a n q u a n t u m c o m p u t e r s s i m u l a t e a l l p h y s i c a l processes efficiently? Universality Conjecture: Quantum circuits can simulate all physical

334 views • 30 slides
A Web-based Quantum Computer Simulator with symbolic extensions O. Karamitrou, C. Tsimpouris,

A Web-based Quantum Computer Simulator with symbolic extensions O. Karamitrou, C. Tsimpouris,

A Web-based Quantum Computer Simulator with symbolic extensions O. Karamitrou, C. Tsimpouris, P.Mavridi, K.N. Sgarbas University of Patras, Greece Outline Introduction Quantum Computer Simulator Example of using the web-based quantum computer

173 views • 14 slides
Simulating quantum field theory with a quantum computer John Preskill Lattice 2018 28 July 2018

Simulating quantum field theory with a quantum computer John Preskill Lattice 2018 28 July 2018

Simulating quantum field theory with a quantum computer John Preskill Lattice 2018 28 July 2018 This talk has two parts (1) Near-term prospects for quantum computing. (2) Opportunities in quantum simulation of quantum field theory. Exascale

603 views • 38 slides
An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security

An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security

An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security Prepared by: Nima Bayan, P.Eng. Fall 2003 Contents ! Introduction " Cryptography and Relativity " Quantum Algorithms " Quantum Computers !

227 views • 11 slides
Simulating quantum and classical field theories on a quantum computer Stephen Jordan With: John

Simulating quantum and classical field theories on a quantum computer Stephen Jordan With: John

Simulating quantum and classical field theories on a quantum computer Stephen Jordan With: John Preskill, Keith Lee, Ali Moosavian Pedro Costa, Aaron Ostrander Field Theory Classical Quantum Value at each point in space Qubit(s) at

447 views • 34 slides
Quantum Hoare Type Theory John Reppy Kartik Singhal Department of Computer Science University

Quantum Hoare Type Theory John Reppy Kartik Singhal Department of Computer Science University

Quantum Hoare Type Theory John Reppy Kartik Singhal Department of Computer Science University of Chicago Quantum Physics and Logic (QPL) 2020 Quantum programming is inherently imperative and difficult to reason about 2 / 12 Quantum

665 views • 65 slides
Quantum Information Theory Renato Renner ETH Zurich Do quantum computers exist?

Quantum Information Theory Renato Renner ETH Zurich Do quantum computers exist?

Quantum Information Theory Renato Renner ETH Zurich Do quantum computers exist? Geordie Rose and his D-Wave quantum computer Commercial devices Quantum cryptography device by id

1.29k views • 112 slides
Quantum Computing Our journey so far Henry Yuen Assistant Professor of Computer Science and

Quantum Computing Our journey so far Henry Yuen Assistant Professor of Computer Science and

Quantum Computing Our journey so far Henry Yuen Assistant Professor of Computer Science and Mathematics University of Toronto Quantum mechanics is weird Uncertainty principle Wave/particle duality Superposition Quantum mechanics governs

689 views • 37 slides
How to teleport your cat? Mris Ozols University of Cambridge What is quantum computing?

How to teleport your cat? Mris Ozols University of Cambridge What is quantum computing?

How to teleport your cat? Mris Ozols University of Cambridge What is quantum computing? Mathematics Quantum Computing Computer Physics Science What is a computer? What is a computer? A physical device for processing information input

938 views • 78 slides
Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information

1.95k views • 154 slides
What do quantum computers do? Daniel J. Bernstein University of Illinois at Chicago Quantum

What do quantum computers do? Daniel J. Bernstein University of Illinois at Chicago Quantum

1 What do quantum computers do? Daniel J. Bernstein University of Illinois at Chicago Quantum algorithm means an algorithm that a quantum computer can run. i.e. a sequence of instructions, where each instruction is in a quantum

892 views • 76 slides
EP 228: Quantum Mechanics lecture 19 Identical particles , quantum computer Multi-particle

EP 228: Quantum Mechanics lecture 19 Identical particles , quantum computer Multi-particle

EP 228: Quantum Mechanics lecture 19 Identical particles , quantum computer Multi-particle system Helium atom will have two electrons - If we ignore the interactions between the two electrons, then the potential energy of the helium

464 views • 11 slides
Quantum algorithms Daniel J. Bernstein University of Illinois at Chicago Quantum algorithm

Quantum algorithms Daniel J. Bernstein University of Illinois at Chicago Quantum algorithm

1 Quantum algorithms Daniel J. Bernstein University of Illinois at Chicago Quantum algorithm means an algorithm that a quantum computer can run. i.e. a sequence of instructions, where each instruction is in a quantum computers

1.42k views • 138 slides
From quantum hardware to quantum AI School of Electrical and Electronic Engineering University

From quantum hardware to quantum AI School of Electrical and Electronic Engineering University

CLASSICAL BIT vs QUBIT Computation as physical process Concept of programmable matter Classical neural network Distance between quantum states Quantum algorithms Quantum Neural Networks From quantum hardware to quantum AI School of

322 views • 31 slides
Space-efficient quantum Space-efficient quantum automata automata Andris Ambainis Nikolay

Space-efficient quantum Space-efficient quantum automata automata Andris Ambainis Nikolay

Space-efficient quantum Space-efficient quantum automata automata Andris Ambainis Nikolay Nahimov Department of Computer Science University of Latvia TQC 2008 Quantum Finite Automata Mathematical model for quantum computers with

616 views • 29 slides
Quantum Weirdness Part 6 Quantum Weirdness in Materials Quantum Cryptography Quantum

Quantum Weirdness Part 6 Quantum Weirdness in Materials Quantum Cryptography Quantum

Quantum Weirdness Part 6 Quantum Weirdness in Materials Quantum Cryptography Quantum Teleportation Quantum Snake Oil Quantum Weirdness in Materials Why Materials Behave as they do Combining Atoms Into Molecules Molecular Orbital Theory

1.17k views • 72 slides
Quantum algorithms Daniel J. Bernstein Quantum algorithm means an algorithm that a

Quantum algorithms Daniel J. Bernstein Quantum algorithm means an algorithm that a

1 Quantum algorithms Daniel J. Bernstein Quantum algorithm means an algorithm that a quantum computer can run. i.e. a sequence of instructions, where each instruction is in a quantum computers supported instruction set. How do we

1.53k views • 135 slides
A fault-tolerant one-way quantum computer Robert Raussendorf 1 , Jim Harrington 2 and Kovid Goyal

A fault-tolerant one-way quantum computer Robert Raussendorf 1 , Jim Harrington 2 and Kovid Goyal

A fault-tolerant one-way quantum computer Robert Raussendorf 1 , Jim Harrington 2 and Kovid Goyal 1 1: California Institute of Technology, 2: Los Alamos National Laboratory QIP Paris, 20th February 2006 Main idea Universal quantum computation

556 views • 38 slides
Fabio Sebastiano Interfacing qubits with classical (non-quantum) systems A real-life quantum

Fabio Sebastiano Interfacing qubits with classical (non-quantum) systems A real-life quantum

Fabio Sebastiano Interfacing qubits with classical (non-quantum) systems A real-life quantum computer Electronic interface Quantum processor Example Single-qubit rotation Microwave pulse I f ~ 5 GHz 20 GHz Example Read-out

164 views • 12 slides
QML: A functional quantum programming language quantum control and orthogonality Jonathan

QML: A functional quantum programming language quantum control and orthogonality Jonathan

QML: A functional quantum programming language quantum control and orthogonality Jonathan Grattage with Thorsten Altenkirch & Alex Green sneezy.cs.nott.ac.uk/qml School of Computer Science & IT, The University of Nottingham QML: A

1.05k views • 68 slides

More recommend