on a quantum computer
play

on a quantum computer On quantum arithmetic and space-time - PowerPoint PPT Presentation

Mar 05, 2023 •438 likes •1.21k views

Attacking binary elliptic curves on a quantum computer On quantum arithmetic and space-time trade-offs Martin Roetteler Microsoft Research Based on joint work with Brittanney Amento and Rainer Steinwandt [arXiv.org: 1209.5491, 1209.6348,

  1. Attacking binary elliptic curves on a quantum computer On quantum arithmetic and space-time trade-offs Martin Roetteler Microsoft Research Based on joint work with Brittanney Amento and Rainer Steinwandt [arXiv.org: 1209.5491, 1209.6348, 1306.1161] DIMACS Workshop on the Mathematics of Post-Quantum Cryptography January 15, 2015

  2. Motivation • Analyze resources needed to implement Shor • Focus: Computing dlogs over abelian groups • Possible circuit optimizations • Scaling of space (=#qubits) and time (=depth)? Please ask questions during talk! 1/15/2015 M. Roetteler -- QuArC Group @ MSR 2

  3. Background: Quantum resources

  4. Quantum bits and registers ≠ 1/15/2015 M. Roetteler -- QuArC Group @ MSR 4

  5. Measurements 1/15/2015 M. Roetteler -- QuArC Group @ MSR 5

  6. Examples: local operations and CNOT 1/15/2015 M. Roetteler -- QuArC Group @ MSR 6

  7. Notation for unitary matrices Wire = qubit 1/15/2015 M. Roetteler -- QuArC Group @ MSR 7

  8. Universality theorem 1/15/2015 M. Roetteler -- QuArC Group @ MSR 8

  9. Levels of abstraction Many more levels down (FTQECC, q control) and up (prog lang) 1/15/2015 M. Roetteler -- QuArC Group @ MSR 9

  10. Operations on subspaces 1/15/2015 M. Roetteler -- QuArC Group @ MSR 10

  11. Controlled rotations Remark: For 𝑉 = 𝑂𝑃𝑈 , the gate Λ 1 𝑂𝑃𝑈 is the CNOT gate. The gate Λ 2 (𝑂𝑃𝑈) is called the Toffoli gate. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 11

  12. Discrete universal gate sets Important universal gate set “ Clifford + T ” (for logical operations): Consists of all Clifford operations (i.e., the group generated by 𝐼 2 , 𝐷𝑂𝑃𝑈 and 𝑒𝑗𝑏𝑕(1, 𝑗)) and the “T gate” (T = 𝑒𝑗𝑏𝑕(1, 𝜕 8 )) . Can be shown to be universal, i.e., for any unitary U and any given 𝜗 > 0, there exists an element A in the Clifford+T group such that || 𝑉 − 𝐵 || ≤ 𝜗 . • This gate set arises naturally in the context of fault-tolerant quantum computing for several quantum codes, e.g., Steane code, surface code. • T gate usually implemented via a process called “magic state distillation” which is very expensive. Much more expensive than Clifford gates. • Common metrics used to measure resources: • T-count = total number of T gates used in a circuit • T-depth = number of T- layers when a circuit is written as C T C … T C • #qubits = total number of qubits used, including “ ancillas ” (=scratch space) Typically, single-qubit rotations account for most of the cost! 1/15/2015 M. Roetteler -- QuArC Group @ MSR 12

  13. Bounding resources: T gates A useful factorization: Lemma: If a unitary U can be implemented exactly over Clifford+T, then also Λ (U) can be implemented exactly. [arxiv.org:1206.0758] This Lemma be used in some situations to avoid all errors due to single qubit approximations.   0 0 2 0 0   1 6 3 16 16   Cost of controlled unitaries:    0 2 2 4 4 M   • Tracking v=[#loc, #CNOT,#H, #P, #T] 0 1 2 3 2     • From U to Λ (U): matrix vector multiplication Mv.   0 7 2 14 15 1/15/2015 M. Roetteler -- QuArC Group @ MSR 13

  14. Solovay-Kitaev algorithm Goal: Approximate unitaries by elements of dense subgroup 𝐻 ≤ 𝑉(𝑂) Basic idea: Successive refining of a “net” using commutators [Image source: Nielsen/Chuang, CUP 2000] Implementations: • [Kitaev, Shen, Vyialyi, AMS 2002]: log 3+ δ (1/ ε ) time, log 3+ δ (1/ ε ) length • [Dawson, Nielsen, quant-ph/0505030]: log 2.71 (1/ ε ) time, log 3.97 (1/ ε ) length • [Harrow, Recht, Chuang, quant-ph/0111031]: non-constructive, log (1/ ε ) length 1/15/2015 M. Roetteler -- QuArC Group @ MSR 14

  15. Single qubit gates: synthesis methods Basic idea: [Kliuchnikov/Maslov/Mosca 2012], [Selinger 2012] Shown are all unitaries in 〈𝐼, 𝑈〉 that are obtainable from a simple round-off procedure and have T-count ≤ 12. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 15 [Slide concept by V. Kliuchnikov]

  16. T ools from the theory of reversible computing

  17. Classical circuits • Consider functions from n≥1 bits to m≥1 bits. We are interested in implementing functions by combinational circuits , i.e., circuits that do not make use of memory elements or feedback. • Universal families of gates exist, i.e., sets of elementary gates from which any circuit can be built. a a Λ b a a b • We can compose gates together to make larger circuits. • Problem for quantum computing: many gates are not reversible! 1/15/2015 M. Roetteler -- QuArC Group @ MSR 17 [Slide concept by M. Mosca, Waterloo]

  18. How to invert an irreversible operation? 1/15/2015 M. Roetteler -- QuArC Group @ MSR 18

  19. Reversible computation 1/15/2015 M. Roetteler -- QuArC Group @ MSR 19

  20. How to make circuits reversible? Example: Replace each gate with a reversible one: [Slide concept by M. Mosca, Waterloo] 1/15/2015 M. Roetteler -- QuArC Group @ MSR 20

  21. How to avoid garbage? • Replacing each gate with a reversible one works fine, however, it produces “garbage”, i.e., help registers will be in a state different from 0 at the end. • While this is fine for reversible computing, it is bad for quantum computing (it will prevent interference). • There is a way out of this dilemma: the Bennett trick Idea: compute forward, copy the result, “ uncompute ” the garbage by running the computation backwards. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 21

  22. Uncomputing the garbage Replace each gate with a reversible one: -1 T 1 T 1 0 0 -1 T 2 T 2 0 0 -1 T n T n 0 0 0 1/15/2015 M. Roetteler -- QuArC Group @ MSR 22

  23. The pebble game Rules of the game: [Bennett, SIAM J. Comp., 1989] • n boxes, labeled i = 1, …, n • in each move, either add or remove a pebble • a pebble can be added or removed in i=1 at any time • a pebble can be added of removed in i>1 if and only if there is a pebble in i-1. # i 1 1 Example: 2 2 3 3 4 4 5 3 6 2 1 2 3 4 7 1 1/15/2015 M. Roetteler -- QuArC Group @ MSR 23

  24. The pebble game Imposing resource constraints: • only a total of S pebbles are allowed • corresponds to reversible algorithm with at most S ancilla qubits # i 1 1 2 2 3 3 Example: (n=3, S=3) 4 1 5 4 6 3 7 1 8 2 1 2 3 4 9 1 1/15/2015 M. Roetteler -- QuArC Group @ MSR 24

  25. Optimal pebbling strategies Definition: Let X be solution of pebble game. Let T(X) be # steps and Let S(X) be #pebbles. Define F(n,S ) = min { T(X) : S(X) ≤ S }. Table (small values of F): [E.Knill, arxiv:math/9508218] 1/15/2015 M. Roetteler -- QuArC Group @ MSR 25

  26. Time-space tradeoffs Let A be an algorithm with time complexity T and space complexity S. • Using reversible pebble game, [Bennett, SIAM J. Comp. 1989] showed that for any ε>0 there is a reversible algorithm A’ with time complexity O(T 1+ ε ) and space complexity O(S ln(T)). • Issue: one cannot simply take the limit ε→0. The space would grow in an unbounded way (as O( ε 2 1/ ε S ln(T))). • Improved analysis [Levine, Sherman, SIAM J. Comp. 1990] showed that for any ε>0 there is a reversible algorithm A’ with time complexity O(T 1+ ε /S ε ) and space complexity O(S (1+ln(T/S))). • Other time/space tradeoffs: [Buhrman, Tromp, Vitányi , ICALP’01] Research topic: develop a “compiler” that takes a classical combinational circuit as input and translates it into a reversible circuit, with respect to various resource constraints. 1/15/2015 M. Roetteler -- QuArC Group @ MSR 26

  27. Shor

  28. Reducing factoring to period finding • Modular exponentiation: Let N be an integer and let a be in Z N . Modular exponentiation is the map f(x) := a x mod N. • Fact: The map f can be implemented in O(poly(log N)) ops. • Fact: It can be shown that it can also be implemented efficiently on a quantum computer. • More facts: – Recall that the order of a is defined as the smallest integer r such that a r = 1 mod N. – The function f(x) := a x mod N is periodic with period r equal to the order of a, i. e., f (x) = f (x + r) for all x. – The problem of factoring N can be reduced to period finding for modular exponentiation f (for random a). 1/15/2015 M. Roetteler -- QuArC Group @ MSR 28

  29. Setting up a periodic state Observation: The function f(x) = a x mod N is periodic and has period length r, • i. e., f (x) = f (x + r) for all inputs x. • Example: graph of the function f (x) = 2x mod 165:  | y f(x) | x 29 M. Roetteler -- QuArC Group @ MSR 1/15/2015

  30. Shor’s algorithm for period finding 1/15/2015 M. Roetteler -- QuArC Group @ MSR 30

  31. Period finding using coset states 1/15/2015 M. Roetteler -- QuArC Group @ MSR 31

  32. Discrete Fourier Transforms 1/15/2015 M. Roetteler -- QuArC Group @ MSR 32

  33. Discrete Fourier Transform (DFT/QFT) 1/15/2015 M. Roetteler -- QuArC Group @ MSR 33

  34. Quantum Fast Fourier Transform 1/15/2015 M. Roetteler -- QuArC Group @ MSR 15

  35. The Hidden Subgroup Problem 1/15/2015 M. Roetteler -- QuArC Group @ MSR 35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Quantum Error Correction On a quantum computer, a single electron or nucleus Peter J. Cameron in

Quantum Error Correction On a quantum computer, a single electron or nucleus Peter J. Cameron in

Classical v quantum In a classical computer, each bit of information is stored by a transistor containing trillions of electrons. Quantum Error Correction On a quantum

457 views • 3 slides
Quantum search with advice Ashley Montanaro Department of Computer Science, University of

Quantum search with advice Ashley Montanaro Department of Computer Science, University of

Quantum search with advice Ashley Montanaro Department of Computer Science, University of Bristol, UK arXiv:0908.3066 Quantum computing in a nutshell A quantum computer is a machine which uses quantum physics to achieve a speed-up, or other

958 views • 66 slides
Cryptography for the quantum internet Elements of a quantum TLS Christian Majenz

Cryptography for the quantum internet Elements of a quantum TLS Christian Majenz

Cryptography for the quantum internet Elements of a quantum TLS Christian Majenz Colloquium Informatics Institute, University of Amsterdam Quantum computers Quantum computers Accelerating effort to build a quantum computer Quantum

1.74k views • 115 slides
Qu Quantum co computers, ho how do do the hey work and nd wha hat can n the hey do do?

Qu Quantum co computers, ho how do do the hey work and nd wha hat can n the hey do do?

Qu Quantum co computers, ho how do do the hey work and nd wha hat can n the hey do do? Outline Quantum technology Quantum computing What is the advantage? The qubits Operating the quantum computer Quantum computing initiatives

475 views • 31 slides
Simulating Quantum Field Theories on a Quantum Computer Stephen Jordan C a n q u a n t u m c o m

Simulating Quantum Field Theories on a Quantum Computer Stephen Jordan C a n q u a n t u m c o m

Simulating Quantum Field Theories on a Quantum Computer Stephen Jordan C a n q u a n t u m c o m p u t e r s s i m u l a t e a l l p h y s i c a l processes efficiently? Universality Conjecture: Quantum circuits can simulate all physical

334 views • 30 slides
A Web-based Quantum Computer Simulator with symbolic extensions O. Karamitrou, C. Tsimpouris,

A Web-based Quantum Computer Simulator with symbolic extensions O. Karamitrou, C. Tsimpouris,

A Web-based Quantum Computer Simulator with symbolic extensions O. Karamitrou, C. Tsimpouris, P.Mavridi, K.N. Sgarbas University of Patras, Greece Outline Introduction Quantum Computer Simulator Example of using the web-based quantum computer

173 views • 14 slides
Simulating quantum field theory with a quantum computer John Preskill Lattice 2018 28 July 2018

Simulating quantum field theory with a quantum computer John Preskill Lattice 2018 28 July 2018

Simulating quantum field theory with a quantum computer John Preskill Lattice 2018 28 July 2018 This talk has two parts (1) Near-term prospects for quantum computing. (2) Opportunities in quantum simulation of quantum field theory. Exascale

603 views • 38 slides
An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security

An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security

An Introduction to Quantum Computers and Quantum Cryptography Computer Network Security Prepared by: Nima Bayan, P.Eng. Fall 2003 Contents ! Introduction " Cryptography and Relativity " Quantum Algorithms " Quantum Computers !

227 views • 11 slides
Simulating quantum and classical field theories on a quantum computer Stephen Jordan With: John

Simulating quantum and classical field theories on a quantum computer Stephen Jordan With: John

Simulating quantum and classical field theories on a quantum computer Stephen Jordan With: John Preskill, Keith Lee, Ali Moosavian Pedro Costa, Aaron Ostrander Field Theory Classical Quantum Value at each point in space Qubit(s) at

447 views • 34 slides
Quantum Hoare Type Theory John Reppy Kartik Singhal Department of Computer Science University

Quantum Hoare Type Theory John Reppy Kartik Singhal Department of Computer Science University

Quantum Hoare Type Theory John Reppy Kartik Singhal Department of Computer Science University of Chicago Quantum Physics and Logic (QPL) 2020 Quantum programming is inherently imperative and difficult to reason about 2 / 12 Quantum

665 views • 65 slides
Quantum Information Theory Renato Renner ETH Zurich Do quantum computers exist?

Quantum Information Theory Renato Renner ETH Zurich Do quantum computers exist?

Quantum Information Theory Renato Renner ETH Zurich Do quantum computers exist? Geordie Rose and his D-Wave quantum computer Commercial devices Quantum cryptography device by id

1.29k views • 112 slides
Quantum Computing Our journey so far Henry Yuen Assistant Professor of Computer Science and

Quantum Computing Our journey so far Henry Yuen Assistant Professor of Computer Science and

Quantum Computing Our journey so far Henry Yuen Assistant Professor of Computer Science and Mathematics University of Toronto Quantum mechanics is weird Uncertainty principle Wave/particle duality Superposition Quantum mechanics governs

689 views • 37 slides
How to teleport your cat? Mris Ozols University of Cambridge What is quantum computing?

How to teleport your cat? Mris Ozols University of Cambridge What is quantum computing?

How to teleport your cat? Mris Ozols University of Cambridge What is quantum computing? Mathematics Quantum Computing Computer Physics Science What is a computer? What is a computer? A physical device for processing information input

938 views • 78 slides
Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information:

Quantum Cryptography Lecture 28 Quantum Cryptography Quantum Cryptography Quantum information: Using microscopic physical state of quantum systems (spin of atoms/sub-atomic particles, polarization of photons etc.) to encode information

1.95k views • 154 slides
What do quantum computers do? Daniel J. Bernstein University of Illinois at Chicago Quantum

What do quantum computers do? Daniel J. Bernstein University of Illinois at Chicago Quantum

1 What do quantum computers do? Daniel J. Bernstein University of Illinois at Chicago Quantum algorithm means an algorithm that a quantum computer can run. i.e. a sequence of instructions, where each instruction is in a quantum

892 views • 76 slides
EP 228: Quantum Mechanics lecture 19 Identical particles , quantum computer Multi-particle

EP 228: Quantum Mechanics lecture 19 Identical particles , quantum computer Multi-particle

EP 228: Quantum Mechanics lecture 19 Identical particles , quantum computer Multi-particle system Helium atom will have two electrons - If we ignore the interactions between the two electrons, then the potential energy of the helium

464 views • 11 slides
(Low-Resource) NLP Tasks Graham Neubig @ CMU Low-resource NLP Bootcamp 5/18/2020 Most Spoken

(Low-Resource) NLP Tasks Graham Neubig @ CMU Low-resource NLP Bootcamp 5/18/2020 Most Spoken

(Low-Resource) NLP Tasks Graham Neubig @ CMU Low-resource NLP Bootcamp 5/18/2020 Most Spoken Languages of the World 6. (273.9 M) 1. English (1.132 B) 2. ( ) (1.116 B) 7. (265.0 M)

622 views • 49 slides
CMP722 ADVANCED COMPUTER VISION Lecture #3 Sequential Processing with NNs and Attention

CMP722 ADVANCED COMPUTER VISION Lecture #3 Sequential Processing with NNs and Attention

Illustration: DeepMind CMP722 ADVANCED COMPUTER VISION Lecture #3 Sequential Processing with NNs and Attention Aykut Erdem // Hacettepe University // Spring 2019 Illustration: Koma Zhang // Quanta Magazine Previously on CMP722 deep

1.58k views • 124 slides
Introduction to OCR ZHANG Xinyun SmartMore Outline Background Text Detection Text

Introduction to OCR ZHANG Xinyun SmartMore Outline Background Text Detection Text

Introduction to OCR ZHANG Xinyun SmartMore Outline Background Text Detection Text Recognition Conclusion 2 Background What is OCR ? OCR stands for Optical Character Recognition, which is the electronic or mechanical

1.05k views • 29 slides
Wizards vs. Time Machines Jalex Stark Department of Mathematics California Institute of

Wizards vs. Time Machines Jalex Stark Department of Mathematics California Institute of

What is Complexity Theory? Wizards vs. Time Machines Jalex Stark Department of Mathematics California Institute of Technology Caltech Undergraduate Math Seminar, 6 January 2017 Jalex Stark Wizards vs. Time Machines What is Complexity Theory?

1.75k views • 125 slides
LHC as Time Machine (Adventures in Extra-Dimensions) Tom Weiler Vanderbilt University

LHC as Time Machine (Adventures in Extra-Dimensions) Tom Weiler Vanderbilt University

LHC as Time Machine (Adventures in Extra-Dimensions) Tom Weiler Vanderbilt University Nashville. TN Tom Weiler, Vanderbilt University, USA Madison Pheno,10 May 2010 Monday, May 10, 2010 Syllabus: * Closed Timelike Curves (CTCs) *

609 views • 29 slides
AVR Microcontrollers -Timers (Chapter 9 of the text book) 1 Contents Timers 0 and 2 of

AVR Microcontrollers -Timers (Chapter 9 of the text book) 1 Contents Timers 0 and 2 of

Microprocessors, Lecture 5: AVR Microcontrollers -Timers (Chapter 9 of the text book) 1 Contents Timers 0 and 2 of ATmega32 Timer programming in C University of Tehran 2 Timers in AVR University of Tehran 3 Timer/Counter What

563 views • 42 slides
Seminar C2NLU, Schlo Dagstuhl, Wadern, Germany 24-January-2017 From Bayes Decision Rule to

Seminar C2NLU, Schlo Dagstuhl, Wadern, Germany 24-January-2017 From Bayes Decision Rule to

Seminar C2NLU, Schlo Dagstuhl, Wadern, Germany 24-January-2017 From Bayes Decision Rule to Neural Networks for Human Language Technology Hermann Ney T. Alkhouli, P. Bahar, K. Irie, J.-T. Peter Human Language Technology and Pattern

988 views • 42 slides
Counter/Timers Overview ATmega328P has two _____ and one ______ counters. Can configure to

Counter/Timers Overview ATmega328P has two _____ and one ______ counters. Can configure to

13.1 13.2 Counter/Timers Overview ATmega328P has two _____ and one ______ counters. Can configure to count at some frequency up to some value (a.k.a. ________________), generate an _____________ Unit 13 Timers and Counters and

646 views • 5 slides

More recommend