Presentation is loading. Please wait.

Presentation is loading. Please wait.

Arthur, Merlin, and Black-Box Groups in Quantum Computing Scott Aaronson (MIT) Or, How Laci Did Quantum Stuff Without Knowing It.

Published byAnna O'Donnell Modified over 10 years ago

Similar presentations

Presentation on theme: "Arthur, Merlin, and Black-Box Groups in Quantum Computing Scott Aaronson (MIT) Or, How Laci Did Quantum Stuff Without Knowing It."— Presentation transcript:

1 Arthur, Merlin, and Black-Box Groups in Quantum Computing Scott Aaronson (MIT) Or, How Laci Did Quantum Stuff Without Knowing It

2 Ill tell the story of a few of Lacis brainchildren from the 80sMA, AM, black-box groupsand how they came to play a major role in quantum computing theory What should you conclude from this? (1)Laci works on the trendiest areas before they even exist (2)Quantum computing cant be that scary (3)Beautiful mathematical structures (like finite groups) do useful things in TCS (like giving natural examples where quantum computing seems to outperform classical) 2 / 17

3 Dramatis Personae: Merlin & Arthur Babais probabilistic generalizations of NP: MA (Merlin-Arthur): Class of languages L for which, if the answer is yes, theres a polynomial-size proof that Arthur can check in probabilistic polynomial-time AM (Arthur-Merlin): Same, except that now Arthur can also submit a random challenge to Merlin All-knowing proverPolynomial-time verifier Witness w {0,1} p(n) Input x {0,1} n Is x L? 3 / 17

4 [Klivans-van Melkebeek 99] Under plausible complexity assumptions, AM=MA=NP Example: Suppose Merlin wants to convince Arthur that But in the black-box setting, these classes can be extremely different! is one-to-one rather than two-to-one In NP or MA, he cant! But in AM, Arthur can pick a random input x {0,1} n, then compute f(x), send it to Merlin and ask what x was 4 / 17

5 Quantum Mechanics In One Slide State of n qubits is a unit vector in : You can multiply the vector of x s (amplitudes) by a 2 n 2 n unitary matrix U (matrix that maps unit vectors to unit vectors) If you measure the state |, you see outcome |x with probability | x | 2. Also, the state collapses to |x 2 n orthogonal basis vectors: |0…0, …, |1…1 Usual initial state: |0…0 (you get used to the asymmetric brackets with time) Central phenomenon that QC exploits: interference between positive and negative amplitudes 5 / 17

6 Quantum Analogues of NP QMA (Quantum Merlin-Arthur): Class of problems for which, if the answer is yes, theres a quantum proof | with poly(n) qubits, which can be checked by a polynomial-time quantum verifier FUNDAMENTAL QUESTION Does QMA = QCMA? Intuitively: Can a quantum proof be exponentially more compact than its shortest classical counterpart? QCMA (Quantum Classical Merlin-Arthur): Same as QMA, except now the proof needs to be classical 6 / 17

7 P BPP BQP NP MA AM QCMA QMA P #P QAM PH Bestiary 7 / 17

8 Black-Box Groups Quantum analogue: Input: Meaningless strings that label elements of G Output: Labels of g h or g -1 Were given: Generators g 1,…,g k of G; ability to recognize the identity element e Unknown finite group G, of order 2 poly(n) Important point: In the quantum case, every element of G must have a unique label! From now on, well abuse notation and identify an element g G with its label 8 / 17

9 The Group Membership Problem Membership in H can be proved in NP [Babai-Szemerédi84] But what about proving non-membership in H? Given: Black-box group G, subgroup H G (specified by generators), element x G Problem: Is x H? H G x Fact: For some groups G (even abelian groups), theres no small NP proof (or even MA proof) for non-membership (Non-membership can always be proved in AM, using protocols for approximate counting) 9 / 17

10 There is always a QMA witness of non-membership! [Watrous 2000] where |Hx is an equal superposition over the elements of the right coset Hx Merlins quantum proof for x H (in the honest case) : Given this proof, Arthur prepares (equal superposition over elements of H) Note: |H might be exponentially hard to prepare! Sampling a random element of H isnt enough Then he applies the Hadamard transform to the first qubit and measures that qubit 10 / 17

11 First suppose x H. Then |H =|Hx Ah, but how does Arthur check that Merlins witness | is really |H, and not some other state? Step 1: Use a random walk [Babai91] to generate nearly-random elements g G and h H Step 2: Check that | behaves like |H on all g G and h H that are tested Next suppose x H. Then |H and |Hx are orthogonal HADAMARD so |0 is observed with probability 1 so |0 and |1 are equally likely to be observed 11 / 17

12 So, can Group Non-Membership be used to prove an oracle separation between QMA and QCMA? Theorem [A.-Kuperberg 2007]: Group Non-Membership has polynomial-size classical proofs, which can be verified using poly(n) quantum queries to the group oracle (and possibly exponential post-computationthough even that can be removed under plausible group- theoretic conjectures) Alas, no. 12 / 17

13 Idea of proof: Pull the group out of the black box Explicit group Black-box group G Isomorphism f claimed by Merlin To check that f is (close to) a homomorphism, Arthur uses a classical homomorphism tester of [Blum-Luby-Rubinfeld] Assuming f is a homomorphism, f is 1-to-1 Ker f is trivial This yields an instance of the Hidden Subgroup Problem! [Ettinger-Høyer-Knill 97] show that for any group G, HSP is solvable with poly(n) quantum queries to the group oracle 13 / 17

14 Communication Complexity Challenge Group theorists in the audience: please pay attention Finite group G known to both players Subgroup H GElement x G Best deterministic protocol: Alice sends Bob log 2 |G| bits (the generators of H) Best quantum protocol: Alice sends Bob log|G| qubits, Then Bob runs the Watrous protocol to decide if x H 1-WAY message m H Is x H? 14 / 17

15 $50 Challenge: Does there exist a family of groups {G n }, for which any classical randomized protocol needs (log|G n |) bits? (Ideally (log 2 |G n |)?) [A., Le Gall, Russell, Tani 2009]: If G is abelianor if G has constant-dimensional irreps, or if is a normal subgroupthen theres a classical randomized protocol that uses only O(log|G|) communication 15 / 17 Would yield the first asymptotic gap between 1-way randomized and 1-way quantum communication complexities, for a total Boolean function

16 Conclusion: Why Do Quantum Computing and Finite Groups Mesh So Well? Finite groups are rigid objects Any two right-cosets of H G are either identical or disjoint Any two distinct subgroups differ on a constant fraction of elements And we want that rigidity in quantum algorithms and protocols, to create interesting interference patterns Also, the fact that elements have unique inverses means that we can apply group operations reversibly Still, understanding the interplay of quantum computing with (badly) nonabelian groups remains a challenge Most famous example of that, which I only touched on: the Nonabelian Hidden Subgroup Problem 16 / 17

17 More Open Problems Is there a QMA protocol to prove that a black-box function f:{0,1} n {0,1} n is one-to-one rather than two-to-one? In 2002, I showed this problem is not in BQP; indeed any quantum algorithm needs (2 n/3 ) time [A.-Shi 2002] Its still open to prove an oracle separation between QMA and QCMA! [A.-Kuperberg 2007] proved a quantum oracle separation Can we give an oracle relative to which BQP AM? [A. 2010]: The Generalized Linial-Nisan Conjecture would imply an oracle relative to which BQP PH Original Linial-Nisan Conjecture: Proved by [Braverman 2009] Laci actually thought of it before Linial-Nisan 17 / 17

Download ppt "Arthur, Merlin, and Black-Box Groups in Quantum Computing Scott Aaronson (MIT) Or, How Laci Did Quantum Stuff Without Knowing It."

Similar presentations

Computation, Quantum Theory, and You Scott Aaronson, UC Berkeley Qualifying Exam May 13, 2002.

Computation, Quantum Theory, and You Scott Aaronson, UC Berkeley Qualifying Exam May 13, 2002.
The Polynomial Method In Quantum and Classical Computing Scott Aaronson (MIT) OPEN PROBLEM.

The Polynomial Method In Quantum and Classical Computing Scott Aaronson (MIT) OPEN PROBLEM.
Quantum Lower Bound for the Collision Problem Scott Aaronson 1/10/2002 quant-ph/0111102 I was born at the Big Bang. Cool! We have the same birthday.

Quantum Lower Bound for the Collision Problem Scott Aaronson 1/10/2002 quant-ph/ I was born at the Big Bang. Cool! We have the same birthday.
The Power of Unentanglement

The Power of Unentanglement
How Much Information Is In Entangled Quantum States? Scott Aaronson MIT |

How Much Information Is In Entangled Quantum States? Scott Aaronson MIT |
The Learnability of Quantum States Scott Aaronson University of Waterloo.

The Learnability of Quantum States Scott Aaronson University of Waterloo.
Are Quantum States Exponentially Long Vectors? Scott Aaronson (who did and will have an affiliation) (did: IASwill: Waterloo) Distributions over n-bit.

Are Quantum States Exponentially Long Vectors? Scott Aaronson (who did and will have an affiliation) (did: IASwill: Waterloo) Distributions over n-bit.
Quantum Versus Classical Proofs and Advice Scott Aaronson Waterloo MIT Greg Kuperberg UC Davis | x {0,1} n ?

Quantum Versus Classical Proofs and Advice Scott Aaronson Waterloo MIT Greg Kuperberg UC Davis | x {0,1} n ?
Quantum Software Copy-Protection Scott Aaronson (MIT) |

Quantum Software Copy-Protection Scott Aaronson (MIT) |
Hawking Quantum Wares at the Classical Complexity Bazaar Scott Aaronson (MIT)

Hawking Quantum Wares at the Classical Complexity Bazaar Scott Aaronson (MIT)
The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley.

The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley.
The Learnability of Quantum States Scott Aaronson University of Waterloo.

The Learnability of Quantum States Scott Aaronson University of Waterloo.
The Power of Quantum Advice Scott Aaronson Andrew Drucker.

The Power of Quantum Advice Scott Aaronson Andrew Drucker.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 1 23 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 Lower Bounds for Local Search by Quantum Arguments Scott Aaronson.

Lower Bounds for Local Search by Quantum Arguments Scott Aaronson.
Limitations of Quantum Advice and One-Way Communication Scott Aaronson UC Berkeley IAS Useful?

Limitations of Quantum Advice and One-Way Communication Scott Aaronson UC Berkeley IAS Useful?
Quantum Search of Spatial Regions Scott Aaronson (UC Berkeley) Joint work with Andris Ambainis (U. Latvia)

Quantum Search of Spatial Regions Scott Aaronson (UC Berkeley) Joint work with Andris Ambainis (U. Latvia)
How Much Information Is In A Quantum State? Scott Aaronson MIT |

How Much Information Is In A Quantum State? Scott Aaronson MIT |
Quantum Double Feature Scott Aaronson (MIT) The Learnability of Quantum States Quantum Software Copy-Protection.

Quantum Double Feature Scott Aaronson (MIT) The Learnability of Quantum States Quantum Software Copy-Protection.
An Invitation to Quantum Complexity Theory The Study of What We Cant Do With Computers We Dont Have Scott Aaronson (MIT) QIP08, New Delhi BQP NP- complete.

An Invitation to Quantum Complexity Theory The Study of What We Cant Do With Computers We Dont Have Scott Aaronson (MIT) QIP08, New Delhi BQP NP- complete.
Impagliazzos Worlds in Arithmetic Complexity: A Progress Report Scott Aaronson and Andrew Drucker MIT 100% QUANTUM-FREE TALK (FROM COWS NOT TREATED WITH.

Impagliazzos Worlds in Arithmetic Complexity: A Progress Report Scott Aaronson and Andrew Drucker MIT 100% QUANTUM-FREE TALK (FROM COWS NOT TREATED WITH.

Similar presentations

Ads by Google