1 / 27

Quantum Computing MAS 725

Quantum Computing MAS 725. Hartmut Klauck NTU 26.3.2012. Order finding over Z N. We are given x, N, x<N Order r(x) of x in Z N : min. r  0: x r =1 mod N „Period“ of the powers x. Order finding over Z N. Is there a quantum algorithm to find r(x) ?

hashim
Download Presentation

Quantum Computing MAS 725

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Quantum ComputingMAS 725 Hartmut KlauckNTU 26.3.2012

  2. Order finding over ZN • We are given x, N, x<N • Order r(x) of x inZN:min. r0: xr =1 mod N • „Period“ of the powers x

  3. Order finding over ZN • Is there a quantum algorithm to find r(x)? • Shor‘s algorithm finds r(x) in time poly(log N) • trivial approach: compute xifor i=1,...,r(x) • this is inefficient, could be that r(x)=N-1

  4. Application • Factorization problem: Given a natural number N, find some nontrivial prime factor (or even all of them) • Factorization can be reduced to order finding! • Purely classical reduction

  5. Shor‘s algorithm • We follow the general outline of Simon‘s algorithm • Start with Hadamard transform, query the black box • But then we need another transformation, the quantum Fourier transform

  6. Fourier Transform • Fourier transform: • g is a functionZL ! C[or a vector with L entries] • Let w=e2 i/L . Then the Fourier transform is a linear map with matrix FTL(i,j)=wij; 0· i,j· L-1 • The trivial algorithm to compute the Fourier transform takes time O(L2) • Fast Fourier Transform [FFT] takes times O(L log L)

  7. Quantum Fourier Transform • Set L=2n. Consider the state |i=j=0,...,L-1j |ji . • The Fourier transform of |i is|i =j=0,...,L-1j |ji, with • This is just the Fourier transform on the superposition • Also called QFT • Can we implement the QFT efficiently? Efficient means here: polynomial in n=log L

  8. Quantum Fourier Transform • Let L=2n. Consider |i=j=0,...,L-1j |ji • Write j=j1 jn; j = j12n-1 ++jn20 • Set 0.jt jt+1 ... jn = jt/2++jn/2n-t+1 • QFT has the following product representation: • |j1...jni maps to1/2n/2 ¢­t=n,...,1 (|0i+ e2i 0. jt...jn |1i)=1/2n/2 ¢­t=1,...,n (|0i+ e2ij/2t|1i)

  9. Quantum Fourier Transform • |j1...jni is mapped to1/2n/2 ¢­t=n,...,1 (|0i+ e2i 0. jt... jn |1i) • Let Rkbe the following gate/unitary operator • Apply H to j1. Result: 1/21/2 ¢ (|0i+ e2i 0. j1 |1i) ­ |j2,...,jni • Now apply the Rt gate controlled by jt for t=2,...,n to the first qubit. Result: • 1/21/2 ¢ (|0i+ e2i 0. j1,...,jn|1i) ­ |j2,...,jni • First qubit is now correct (corresponds to last desired qubit)

  10. Quantum Fourier Transform This is the circuit for QFT (up tochangingthe order of qubits)Number of gates:n+(n-1)++1=O(n2)=O(log2 L)

  11. Quantum Fourier Transform • Caveat: The result of the QFT is a superposition, there is no exponential speedup of computing the Fourier transform in the classical sense (computing the whole vector)

  12. Properties of the QFT • Computes in time O(n2), ie. can als be approximated by standard gates quickly • QFT is unitary • Set w=e2i/L, then FT-1L(i,j)=w-ij;0· i,j· L-1 • Translation invariance: • Let QFT j=0,...,L-1j |ji = j=0,...,L-1j |ji • Tk: |ji  |j+k mod Li. QFT Tkj=0,...,L-1j |ji= QFT j=0,...,L-1j |j+k mod Li = j=0,...L-1 e2 ijk/Lj |ji

  13. Period finding • Function f: ZL!ZNgiven as black boxPromise: there is a r<N: • f(i)=f(i+r) for all i2ZL • i  j+kr ) f(i)f(j) • Find r • Try to solve this for arbitrary f • Black box: • Uf: |ji |yi |ji|f(j) yi; j2ZL; f(j)y 2 ZN • Note that Order finding is an instance of Period finding with f(i)=xi

  14. Shor‘s Algorithm • log L+log N work space • log L qubits in |0i ; 02ZL • log N qubits in |1i; 12ZN • Apply Hadamard on the first register • Apply Uf • Result: • Measure second register • Result:

  15. Shor‘s Algorithm • Result: • 0 · j0 · r-1; • L-r · j0+(A-1)r · L-1 • A-1 < L/r < A+1

  16. Shor‘s Algorithm • Result: • Now apply QFT • Result: • i.e. the probability of k is independent of j0 (translation invariance)

  17. Shor‘s Algorithm • Result: • Measurement now: Probability of k is • Assumption : r is a divisor of L, i.e. A=L/r, then

  18. Shor‘s Algorithm • Assumption : r is a divisor of L, i.e. A=L/r, then • If A is a divisor of k, then =1/r • If A is no divisor of k, then = 0 (because there are r values k that are multiples of A, each contributing probability 1/r) • I.e. we receive a multiple of A=L/r, say, cL/r with 0· c· r-1 • With high probability: c and L/r have no common divisor • Then gcd(cL/r,L)=L/r, L is known, hence we learn r.

  19. Shor‘s Algorithm • In general: the probability of k is • „favorizes“ values of k with kr/L close to an integer • Geometric sum • withk=2kr (mod L)/ L

  20. Shor‘s Algorithm • withk=2(kr (mod L))/ L • There are exactly r values k2ZL with -r/2· kr (mod L) · r/2 • For those also - r/L· k· r/Li.e. with 0· j· A-1<L/r the angles jkall lie in the same halfspace ) constructive interference! • Call such a k good

  21. Shor‘s Algorithm • Some bounds: • |1-eik|· |k|[direct distance „1“ to „eik“ is smaller than the length of the arc] • |1-eiAk|¸ 2A|k|/, if A|k|· Set dist(0,)=|1-ei|,then dist(0,)/||¸ dist(0,)/=2/ • A < (L/r)+1,hence Ak· A r/L < (1+r/L) • use that kr· r/2 for a good k

  22. Shor‘s Algorithm |1-eik|· |k| ; |1-eiAk|¸ 2A|k|/, if A|k|·  Ak· A r/L < (1+r/L)

  23. Shor‘s Algorithm • Each of the r good values of k has probability close to 1/r, hence with constant probability we get a k with-r/2· kr (mod L) · r/2 [Success] • |kr-cL|· r/2 for some c • Then:|k/L-c/r|· 1/(2L), i.e. k/L is approximation of c/r • We know k and L. Consider k/L as rational number (reduced). • c is uniformly random from 0,...,r-1 • c and r have no common divisor with probability at least 1/log r • Then: computing c/r (as a rational number in reduced form) gives us also r • Choose L large enough to get a good approximation

  24. Shor‘s Algorithm • With constant probability we get k with |k/L-c/r|· 1/(2L) • With probability 1/log r > 1/log L we have gcd(c,r)=1 • Let r<N, L=N2 • c/r is a rational number with denominator <N • Any two such numbers are not closer than 1/N2=1/L > 1/(2L) • The interval contains only one rational number c/r with denominator < N • Find the rational number with denominator < N that is close to k/L • Use the continued fractions algorithm to do that

  25. Continued fractions • The continued fractions algorithm computed for a real its representation as continued fraction • If |c/r-|· 1/(2r2), then one of the steps computes the pair c,r , after at mostO(t3) Operations for t-bit numbers

  26. Total running time/success probability • k is good with constant probability • With probability 1/log N also c is good (i.e. no common divisor with r) • Need to repeat only O(log N) times • For order finding in ZN choose L=N2, i.e. 2 log N +log N qubits are used • Fourier transform in O(log2 L) • Continued fractions finds r from k/L in time O(log3 L) • Can check r for correctness using the black box • Total time is O(log4 N), can be reduced to O(log3 N)

  27. Continued fractions • Given: real  • Approximate  by • Take integer part as a0, invert remaining number, iterate • Theorem: |p/q-|· 1/(2q2), then p/q appears after at most O(log (p+q)) steps

More Related