# The Learnability of Quantum States Scott Aaronson University of Waterloo.

## Presentation on theme: "The Learnability of Quantum States Scott Aaronson University of Waterloo."— Presentation transcript:

The Learnability of Quantum States Scott Aaronson University of Waterloo

Outline A Quantum Occams Razor Theorem - Why you should want it to be true - Why it is true - Application to quantum communication - Application to quantum advice Sneak Preview: Quantum Software Copy-Protection - What it has to do with learning - Why it might be possible

Why do we believe the sun will rise tomorrow? David Hume (1711-1776) The Sun The hypothesis that it will rise every day until tomorrow is equally compatible with evidence… In my view, a branch of CS called computational learning theory has pretty much solved this Humean Problem of Induction, insofar as it has a solution…

Occams Razor Theorem (Valiant, Vapnik, Blumer et al…) If the possible hypotheses have sufficiently fewer bits than the data youve collected, and if one of those hypotheses succeeds in explaining your data, then that hypothesis will probably also explain most of the data you havent collected In particular: If you want to output a hypothesis from set H that explains at least a 1- fraction of future data with probability at least 1-, then data points suffice.

Trouble in QuantumLand To describe a quantum state of n qubits takes ~2 n classical bits Indeed, traditional quantum state tomography requires (2 2n ) measurements on copies of the state Does this mean that a generic 10,000-particle state can never be learned within the lifetime of the universe? If so, would call into question the operational status of many-body quantum states themselves… HILBERT SPACE Operationally meaningful subset Fear not, physicists! Why would he even be raising this dilemma if he wasnt gonna demolish it on the very next slide?

Let be an n-qubit mixed state. Let D be a distribution over two-outcome measurements. Suppose we draw m measurements E 1,…,E m independently from D, and then output a hypothesis state such that for all i. Then provided /10 and well have with probability at least 1- over E 1,…,E m The Quantum Occams Razor Theorem

Upshot for Experimentalists You can do pretty good tomography on an arbitrary entangled state of n spins, using a number of measurements that scales only linearly (!) with n Here pretty good means with respect to any fixed distribution over observables Q: But what if I cant estimate the Tr(E )s? What if for each measurement E, all I get is a bit thats 1 with probability Tr(E ) and 0 with probability 1-Tr(E )? A: In that case you need this many measurements:

Fat-Shattering Dimension Let C be a class of functions from S to [0,1]. We say a set {x 1,…,x k } S is -shattered by C if there exist reals a 1,…,a k such that, for all 2 k possible statements of the form f(x 1 ) a 1 - f(x 2 ) a 2 + … f(x k ) a k -, theres some f C that satisfies the statement. To prove the theorem, we need a notion introduced by Kearns and Schapire called Then fat C ( ), the -fat-shattering dimension of C, is the size of the largest set -shattered by C.

Let C be a class of functions from S to [0,1], and let f C. Suppose we draw m elements x 1,…,x m independently from some distribution D, and then output a hypothesis h C such that |h(x i )-f(x i )| for all i. Then provided /7 and well have with probability at least 1- over x 1,…,x m. Small Fat-Shattering Dimension Implies Small Sample Complexity Proof uses a 1996 result of Bartlett and Long

Let S be the set of two-outcome measurements on n qubits. Let C n be the set of functions f:S [0,1] defined by f(E)=Tr(E ) for some n-qubit mixed state. Then Quantum Occams Razor Theorem is then just plug & chug… Upper-Bounding the Fat-Shattering Dimension of Quantum States Proof uses Ashwin Nayaks lower bound for quantum random access codes, which in turn uses Holevos Theorem on quantum channel capacity No need to thank me!

f(x,y) Simple Application of Quantum Occams Razor Theorem to Communication Complexity f: Boolean function mapping Alices N-bit string x and Bobs M-bit string y to a binary output D 1 (f), R 1 (f), Q 1 (f): Deterministic, randomized, and quantum one-way communication cost of f How much can quantum communication save? Its known that D 1 (f)=O(M Q 1 (f)) for all total f In 2004 I showed that for all f, D 1 (f)=O(M Q 1 (f)logQ 1 (f)) xy GBUSTERS L Alice WalkerBob Dylan

Theorem: R 1 (f)=O(M Q 1 (f)) for all f, partial or total Proof: By Yaos minimax principle, Alice can consider a worst-case distribution D x over Bobs input y Alices classical message will consist of y 1,…,y T drawn from D x, together with f(x,y 1 ),…,f(x,y T ) Here T= (Q 1 (f)) Bob searches for a quantum message that yields the right answers on y 1,…,y T (certainly such a exists) By the Quantum Occams Razor Theorem, with high probability such a yields the right answers on most y drawn from D x

Indeed, if can always be prepared by a polynomial- time quantum algorithm, then no one-way function is secure against quantum attack. I showed that, if you find a state that explains O(n) measurements drawn from D, with high probability that will correctly explain most future measurements drawn from D. This says nothing about the computational problem of finding ! Computational Complexity of Learning Quantum States

To say more, we need to visit the bestiary… BQP YQPBQP/poly QMAYQP/poly QMA/poly BQP/qpoly PostBQP/poly YQP: Yaroslav Quantum Polynomial-Time Class of problems solvable efficiently on a quantum computer, with the help of polynomial-size untrusted quantum advice

Proof Idea: The classical advice will consist of training inputs x 1,…,x m, as well as whether x i L for all 1 i m Given a purported advice state |, first check that | yields the right answers on x 1,…,x m, and only then use it on the x you care about By Quantum Occams Razor Theorem, m=O(poly(n)) is enough to ensure | will work on most inputs w.h.p. The technical part is to do the verification without damaging | too badly Theorem: AvgBQP/qpoly = AvgYQP/poly Or in English: We can use trusted classical advice to verify that untrusted quantum advice will work on most inputs.

Quantum Copy-Protection We say a program P is copy-protected if theres no efficient algorithm that, given Ps source code, outputs two programs with the same input/output behavior as P Classically, copy-protection is trivially impossible (tell that to Sony/BMG…) Quantumly: well, its called the No-Cloning Theorem for a reason… Connection to learning: If P can be learned from input/output behavior, then it cant be copy-protected

A Weird Example Let G be a finite group, such that we can efficiently prepare |G (a uniform superposition over g G) Let H G be a subgroup with |H| |G|/polylog|G| Let f(g)=1 if g H and f(g)=0 otherwise Given |H (a uniform superposition over H), Watrous showed that we can efficiently compute f Test whether |H and |gH are equal or orthogonal Conversely, given a black box that computes f, we can efficiently prepare |H First prepare |G, then postselect on f(g)=1 So any program for f can be piratedbut (apparently) only in an indirect, quantum way

In the quantum world, can any program that cant be learned be copy-protected? Main Result: There exists a quantum oracle relative to which the answer is yes Upshot: Even if the answer is no, we cant prove it without using quantumly nonrelativizing techniques The Pirates Nightmare

For each circuit C, choose a meaningless quantum label | C according to the Haar measure The quantum oracle will map | C |x |0 to | C |x |C(x), as well as |C |0 to |C | C Intuitively, then, being given | C is no better than being given a black box for C To prove this, we need to simulate an algorithm that prepares | C given another copy of | C, by an algorithm that prepares | C given only black-box access to C Strategy: Mimic the copying algorithm, by mocking up a random pure state | that plays the same role as | C Handwaving Proof Idea Problem: Mocking up a random pure state takes exponential time

Solution: Pseudorandom States Clearly the | p s can be prepared in polynomial time Lemma: If p is chosen uniformly at random, then | p looks like it was chosen under the Haar measure - Even if we get polynomially many copies of | p - Even if we query the quantum oracle, which depends on | p So the simulator can use | p s in place of | C s where p is a degree-d univariate polynomial over GF(2 n ) for some d=poly(n), and p 0 (x) is the leading bit of p(x)

Open Problems Can we tighten the Quantum Occams Razor Theorem? The best lower bounds I can prove go like (n/ 2 ), or (n/ 4 ) in the case where each measurement is applied only once Does BQP/qpoly = YQP/poly? I.e., can we use classical advice to verify quantum advice in the worst- case setting? Is D 1 (f) = O(M Q 1 (f))? Or even O(M+Q 1 (f))? Even more ambitiously, could learning theory techniques help us show that R 1 (f)=O(Q 1 (f)) for all total f? In the real world, are there nontrivial programs that can be quantumly copy-protected? What about point functions (f(x)=1 if x equals a secret password s; otherwise f(x)=0)? DUNCE DUNCE

Download ppt "The Learnability of Quantum States Scott Aaronson University of Waterloo."

Similar presentations