Download presentation

Presentation is loading. Please wait.

Published byBryan Schneider Modified over 2 years ago

1
The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley

2
1.The quantum query model 2.Quantum lower bounds for collision and set comparison problems 3.Open problems Outline

3
Quantum Query Model Count only number of queries, not number of computational steps Let X=x i …x n be input In quantum algorithm, each basis state has form |i,z, where i = index to query z = workspace Query transformation O maps each |i,z to |i,z x i (i.e. XORs x i into workspace)

4
Quantum Query Model (cont) Algorithm consists of interleaved queries and unitaries: U 0 O U 1 … U T-1 O U T U t : arbitrary unitary that doesnt depend on x i s (we dont care how hard it is to implement) At the end we measure to obtain a basis state |i,z, then output (say) first bit of z

5
Quantum Query Complexity Let f(X) be the function were trying to compute Algorithm computes f if it outputs f(X) with probability at least 2/3 for every X Q(f) = minimum # of queries made by quantum algorithm that computes f Immediate: Q(f) R(f) D(f) R(f) = randomized query complexity D(f) = deterministic query complexity

6
Because we can prove things Why Is This Model Interesting? Search for car keys here

7
Quantum lower bounds for collision and set comparison problems

8
Collision Problem Given Promised: (1) X is one-to-one (permutation) or (2) X is two-to-one Problem: Decide which w.h.p., using few queries to the x i Randomized alg: ( n)

9
Result Any quantum algorithm for the collision problem uses (n 1/5 ) queries (A, STOC2002) Previously no lower bound better than (1). Open since 1997 Shi improved to (n 1/4 ) (n 1/3 ) when |range| 3n/2

10
Implications Oracle A for which SZK A BQP A –SZK: Statistical Zero Knowledge No trivial polytime quantum algorithms for –graph isomorphism –nonabelian hidden subgroup –breaking cryptographic hash functions

11
Brassard-Høyer-Tapp (1997) (n 1/3 ) quantum alg for collision problem n 1/3 x i s, queried classically, sorted for fast lookup Grovers algorithm over n 2/3 x i s Do I collide with any of the pink x i s?

12
Previous Lower Bound Techniques Block sensitivity (Beals et al. 1998): Q(f) = ( bs(f)) Quantum adversary method (Ambainis 2000) Problem: Every 1-1 input differs in at least n/2 places from every 2-1 input

13
P(X) = acceptance probability on input X Proposition (follows Beals et al. 1998): P(X) is a polynomial of degree 2T over the (x i,h)

14
Proof: Initially, amplitude i,z of each |i,z is a degree-0 polynomial over the (x i,h). A query replaces each i,z by increasing its degree by 1. The U t s cant increase degree. At the end, squaring amplitudes doubles degree.

15
Input Distribution D(g): Uniform distribution over g-to-1 inputs Technicality: g might not divide n But assume for simplicity that it does Let Problem: Show that, if T=O( n), then P(g) is a univariate polynomial of degree 2T for integers 1 g n

16
Monomials of P(X) I(X) = product of r variables (x i,h) Let Then for some I,

17
Calculating (I,g): #1 Range of I: Y.w=|Y|. (I,g) = 0 unless Y S (range of X) So since

18
Calculating (I,g): #2 Given an S containing Y, # of g-to-1 inputs of size n: n!/(g!) n/g Let {y 1,…,y w } be distinct values in Y –r i = # of times y i appears in Y –r 1 + … + r w = r # of g-to-1 inputs X with range S s.t. I(X)=1:

19
Becomes ~polynomial(g) Polynomial in g of degree w + (r-w) = r 2T

20
Markovs Inequality Let p be a polynomial bounded in [0,b] in the interval [0,a], that has derivative at least c somewhere in that interval. Then a b c

21
Lower Bound 0 P(g) 1 for all 0 g n P(1) 1/10 and P(2) 9/10 So dP/dg 4/5 somewhere (n 1/4 ) lower bound would follow if g always divided n Can fix to obtain an (n 1/5 ) bound Shi found a better way to fix

22
Set Comparison What the SZK A BQP A result actually uses Input: f,g : {1,…,2n} {1,…,n} Promise: Either (1) Range(f) = Range(g)or (2) |Range(f) Range(g)| > 1.1n Problem: Decide which w.h.p. Result: (n 1/7 ) quantum lower bound

23
Idea Take the total range from which X and Y are drawn to have size 2n/g Draw X and Y individually from sub-ranges of size n/ (g), where so (1)= (2)=1, yet n/ (g) 2n/g for g > 2 Again acceptance prob. is a polynomial in g That grows quadratically weakens the bound from (n 1/5 ) to (n 1/7 )

24
Open Problems

25
Other Collisionoid Functions Set equality: Suppose either (1) Range(f) = Range(g)or (2) Range(f) Range(g) = The best quantum lower bound is still (1)! Element distinctness: Decide whether there exist i j such that x i =x j –Quantum upper bound: O(n 3/4 ) (Buhrman et al. 01) –Quantum lower bound: (n 2/3 ) (Shi 02) Conjecture (Watrous): R(f) and Q(f) are polynomially related for every symmetric function

26
Trees! OR AND 2-level game tree Ambainis adversary method yields ( n) But best known polynomial lower bound is ((n log n) 1/4 ) (Shi 01) E EEE Is Q(f) = O(deg(f)) for every f? Conjecture: No

27
In the collision problem, suppose f:{0,1} n {0,1} n is 1-to-1 rather than 2-to-1. Can you give me a polynomial- size quantum certificate, by which I can verify that fact in polynomial time? Is SZK QMA Relative to an Oracle?

28
Instead of a polynomial P(X), have a positive semidefinite matrix (X) Every entry of (X) is a polynomial in X of degree 2T For all X, all eigenvalues of (X) must lie in [0,1] Acceptance probability = maximum eigenvalue is 2 m 2 m, where m = size of certificate Can we show collision function is not represented by a low-degree matrix polynomial? Generalizing the Polynomial Method

29
Randomized Certificate Complexity RC(f) RC(f) = max X RC X (f) RC X (f) = min # of randomized queries needed to distinguish X from any Y s.t. f(Y) f(X) with ½ prob. Quantum Certificate Complexity QC(f) Example: For f=MAJ(x 1,…,x n ), letting X=00…0, RC X (MAJ) = 1 A 2002: QC X (f) = ( RC X (f)) (uses adversary method) Can this be shown using polynomial method? RC(f) and QC(f)

Similar presentations

© 2016 SlidePlayer.com Inc.

All rights reserved.

Ads by Google