1 / 21

P vs. NP and Quantum Computation

P vs. NP and Quantum Computation. Sandy Kutin CSPP 532 8/21/01. Overview. We’ll define some classes of problems P: Polynomial time (quick calculations) NP: Search problems (most crypt problems) NP-complete: The hardest search problems

luyu
Download Presentation

P vs. NP and Quantum Computation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. P vs. NP andQuantum Computation Sandy Kutin CSPP 532 8/21/01

  2. Overview • We’ll define some classes of problems • P: Polynomial time (quick calculations) • NP: Search problems (most crypt problems) • NP-complete: The hardest search problems • We’ll discuss a little bit about quantum computation: • Why it may one day break RSA • How we could design a system which quantum computers can’t break (we think)

  3. Computability Theory • What is a “computer”, and what can it do? • 1936: Alan Turing defines Turing Machine • Idealized computer: internal state, I/O tape • 1936: Church-Turing thesis: Any “reasonable” computing device is the same • Focus was on computability of a function: • Is there a Turing machine which computes the function, and never gets stuck in a loop?

  4. Complexity Theory • Pre-1960s: “Can it be done?” • Now: “How much work does it take?” • Measurements of algorithmic complexity • Time complexity: how many steps • Space complexity: how much memory • Example: find a collision in an n-bit hash: • Brute-force: 2n steps, constant memory • Birthday: roughly 2n/2 steps, 2n/2 memory

  5. P • Cobham, ‘64; Edmonds, ‘65: P = decisionproblems computable in polynomial time • Decision problem: yes/no answer • Polynomial time: number of steps a Turing Machine takes is < nd, where n is the length of the input (in bits), d = degree • Different definitions of “Turing Machine”, “step”, but polynomial time doesn’t change • Example: Euclid’s algorithm takes 2n steps, or 2n3 bit operations; both polynomial

  6. Rates of Growth Solvable problem size as a function of time Moore’s Law: Computer speed doubles every 18 months So “1000 years” today could be 1 day in 2029

  7. Problems in P • Input: A, B. Output: is gcd(A,B) = 1? • Input: A, N. Output: does A divide N? • Input: A, N. Output: is A a Miller-Rabin witness to N being composite? • Decryption (if DK is polynomial-time) • Input: ciphertext C, key K. • Output: is there ASCII text M, so EK(M) = C? • Algorithm: let M = DK(C), see if it’s ASCII • (i.e., see if each byte in M is printable ASCII)

  8. Graph 2-colorability • A graph has n vertices; edges go between • Adjacent vertices must get different colors • Input: graph. Output: Is it 2-colorable? Yes No

  9. Exponential time • Some problems take more than polynomial time (we think) • Input: N. Output: Is N composite? • Input: N, K. Output: Does N have a factor less than K? • Input: Ciphertext C. Output: Is there a key K and an ASCII message M so EK(M) = C? • EXP is the class of decision problems which take exponential time to solve • But: we can be more precise

  10. NP • Informally, NP means “search problems” • Two formal characterizations • #1: Non-deterministic polynomial time • Machine starts by making all possible guesses • Works on each simultaneously (polynomial time) • If any “computation path” (guess) produces a “yes” answer, output “yes” • Otherwise, output “no”

  11. Example: Is N composite? • Our initial “guess” is a possible factor F • We check to see if each F divides N; this takes polynomial time • If any F divides N, then “N is composite” • Also solves: Does N have a factor less than K? • Could be lots of guesses, very few leading to “Yes”; that’s fine 589 2 3 5 7 9 11 13 15 17 19 21 23 N N N N N N N N N Y N N

  12. More NP examples • Could do Miller-Rabin for “Is N composite?” • Guess is a number A < N • Computation: is A a Miller-Rabin witness? • If there’s a witness, answer “Yes”. If not, “No”. • Another example: Decryption problem • Input: Ciphertext C. Output: Is there a key K and an ASCII message M so EK(M) = C? • Guess is a possible key K • Computation: is DK(C) an ASCII message?

  13. Another characterization • A problem in P looks like: f(x) = 1? • f(x) is polynomial-time in the length of x • A problem in NP is: (y)(f(x,y) = 1) ? • In words: does there exist a number y such that f(x,y) is 1? (We’re “searching” for y.) • y is the proof, or witness; polynomial-size in x • y corresponds to the non-deterministic “guess” • Again, f(x,y) is polynomial-time • Polynomial-time verifiable proof

  14. P = NP ? • Intuitively: P is the class of “easy” problems, NP the class of “hard” problems • Conjecture (Edmonds, 1965)? P ≠ NP • Nobody knows NP COMP P FACT

  15. NP-completeness • (Cook, 1971) A problem is NP-complete if: • It’s in NP, and it’s as hard as anything in NP • Cook-Levin Theorem: uses “reduction” idea • Example (Karp, 1972): graph 3-colorability No Yes ?

  16. Quantum Computation • Quantum mechanics: • If you send a photon through a polarizer, it’s half in one orientation, half in another • Combine n photons: you’re simultaneously in 2n states (this is called a superposition) • The system collapses when you measure it • Weird idea (Feynman, 1982): • This is kind of like non-determinism • Maybe we could build a “quantum computer”

  17. Quantum Cats • Two cats in a box • Based on a photon, one is released • Quantum cat is a superposition of cats • See a tail – superposition of tails • Look at face; collapse into one classical cat Elwood and Jake

  18. What’s a qubit? • Unit of computation: quantum bit, or qubit • Enter superposition • Do computation “in alternate universes” • If we just measure, this is probabilistic; chance of success may be small • If we can use quantum interference, we can increase chance of observing the right answer 589 2 3 5 7 9 11 13 15 17 19 21 23 N N N N N N N N N Y N N

  19. Quantum Computers: Theory • QP = class of problems solvable in polynomial time by a quantum computer • Could we actually build a quantum computer? • Are any interesting problems in QP, but not P? • Grover (1996): n-bit search in 2n/2 • Nice, but still exponential time • Shor (1994): factoring, discrete log in QP • A quantum computer could break RSA • We still have a long way to go to build one

  20. Complexity (we think) NP-complete • Usual assumption: P smaller than QP, which is smaller than NP • Many people believe “Is N composite?” is in P; most believe factoring is not in P NP COMP P FACT QP

  21. The Future of Cryptography • Can we design a cryptosystem based on an NP-complete problem? • As secure as it can be; quantum won’t work • Problem: 3-colorability is hard in the worst-case • We need average-case hardness; we want to generate graphs so 3-colorings are hard to find • This is an active area of research • Quantum Key Exchange (1984) • Eve can’t listen without being detected, by Heisenberg’s Uncertainty Principle

More Related