Presentation is loading. Please wait. # The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley.

## Presentation on theme: "The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley."— Presentation transcript:

The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley

1.The quantum query model 2.Quantum lower bounds for collision and set comparison problems 3.Open problems Outline

Quantum Query Model Count only number of queries, not number of computational steps Let X=x i …x n be input In quantum algorithm, each basis state has form |i,z, where i = index to query z = workspace Query transformation O maps each |i,z to |i,z x i (i.e. XORs x i into workspace)

Quantum Query Model (cont) Algorithm consists of interleaved queries and unitaries: U 0 O U 1 … U T-1 O U T U t : arbitrary unitary that doesnt depend on x i s (we dont care how hard it is to implement) At the end we measure to obtain a basis state |i,z, then output (say) first bit of z

Quantum Query Complexity Let f(X) be the function were trying to compute Algorithm computes f if it outputs f(X) with probability at least 2/3 for every X Q(f) = minimum # of queries made by quantum algorithm that computes f Immediate: Q(f) R(f) D(f) R(f) = randomized query complexity D(f) = deterministic query complexity

Because we can prove things Why Is This Model Interesting? Search for car keys here

Quantum lower bounds for collision and set comparison problems

Collision Problem Given Promised: (1) X is one-to-one (permutation) or (2) X is two-to-one Problem: Decide which w.h.p., using few queries to the x i Randomized alg: ( n)

Result Any quantum algorithm for the collision problem uses (n 1/5 ) queries (A, STOC2002) Previously no lower bound better than (1). Open since 1997 Shi improved to (n 1/4 ) (n 1/3 ) when |range| 3n/2

Implications Oracle A for which SZK A BQP A –SZK: Statistical Zero Knowledge No trivial polytime quantum algorithms for –graph isomorphism –nonabelian hidden subgroup –breaking cryptographic hash functions

Brassard-Høyer-Tapp (1997) (n 1/3 ) quantum alg for collision problem n 1/3 x i s, queried classically, sorted for fast lookup Grovers algorithm over n 2/3 x i s Do I collide with any of the pink x i s?

Previous Lower Bound Techniques Block sensitivity (Beals et al. 1998): Q(f) = ( bs(f)) Quantum adversary method (Ambainis 2000) Problem: Every 1-1 input differs in at least n/2 places from every 2-1 input

P(X) = acceptance probability on input X Proposition (follows Beals et al. 1998): P(X) is a polynomial of degree 2T over the (x i,h)

Proof: Initially, amplitude i,z of each |i,z is a degree-0 polynomial over the (x i,h). A query replaces each i,z by increasing its degree by 1. The U t s cant increase degree. At the end, squaring amplitudes doubles degree.

Input Distribution D(g): Uniform distribution over g-to-1 inputs Technicality: g might not divide n But assume for simplicity that it does Let Problem: Show that, if T=O( n), then P(g) is a univariate polynomial of degree 2T for integers 1 g n

Monomials of P(X) I(X) = product of r variables (x i,h) Let Then for some I,

Calculating (I,g): #1 Range of I: Y.w=|Y|. (I,g) = 0 unless Y S (range of X) So since

Calculating (I,g): #2 Given an S containing Y, # of g-to-1 inputs of size n: n!/(g!) n/g Let {y 1,…,y w } be distinct values in Y –r i = # of times y i appears in Y –r 1 + … + r w = r # of g-to-1 inputs X with range S s.t. I(X)=1:

Becomes ~polynomial(g) Polynomial in g of degree w + (r-w) = r 2T

Markovs Inequality Let p be a polynomial bounded in [0,b] in the interval [0,a], that has derivative at least c somewhere in that interval. Then a b c

Lower Bound 0 P(g) 1 for all 0 g n P(1) 1/10 and P(2) 9/10 So dP/dg 4/5 somewhere (n 1/4 ) lower bound would follow if g always divided n Can fix to obtain an (n 1/5 ) bound Shi found a better way to fix

Set Comparison What the SZK A BQP A result actually uses Input: f,g : {1,…,2n} {1,…,n} Promise: Either (1) Range(f) = Range(g)or (2) |Range(f) Range(g)| > 1.1n Problem: Decide which w.h.p. Result: (n 1/7 ) quantum lower bound

Idea Take the total range from which X and Y are drawn to have size 2n/g Draw X and Y individually from sub-ranges of size n/ (g), where so (1)= (2)=1, yet n/ (g) 2n/g for g > 2 Again acceptance prob. is a polynomial in g That grows quadratically weakens the bound from (n 1/5 ) to (n 1/7 )

Open Problems

Other Collisionoid Functions Set equality: Suppose either (1) Range(f) = Range(g)or (2) Range(f) Range(g) = The best quantum lower bound is still (1)! Element distinctness: Decide whether there exist i j such that x i =x j –Quantum upper bound: O(n 3/4 ) (Buhrman et al. 01) –Quantum lower bound: (n 2/3 ) (Shi 02) Conjecture (Watrous): R(f) and Q(f) are polynomially related for every symmetric function

Trees! OR AND 2-level game tree Ambainis adversary method yields ( n) But best known polynomial lower bound is ((n log n) 1/4 ) (Shi 01) E EEE Is Q(f) = O(deg(f)) for every f? Conjecture: No

In the collision problem, suppose f:{0,1} n {0,1} n is 1-to-1 rather than 2-to-1. Can you give me a polynomial- size quantum certificate, by which I can verify that fact in polynomial time? Is SZK QMA Relative to an Oracle?

Instead of a polynomial P(X), have a positive semidefinite matrix (X) Every entry of (X) is a polynomial in X of degree 2T For all X, all eigenvalues of (X) must lie in [0,1] Acceptance probability = maximum eigenvalue is 2 m 2 m, where m = size of certificate Can we show collision function is not represented by a low-degree matrix polynomial? Generalizing the Polynomial Method

Randomized Certificate Complexity RC(f) RC(f) = max X RC X (f) RC X (f) = min # of randomized queries needed to distinguish X from any Y s.t. f(Y) f(X) with ½ prob. Quantum Certificate Complexity QC(f) Example: For f=MAJ(x 1,…,x n ), letting X=00…0, RC X (MAJ) = 1 A 2002: QC X (f) = ( RC X (f)) (uses adversary method) Can this be shown using polynomial method? RC(f) and QC(f)

Download ppt "The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley."

Similar presentations

Ads by Google