# The Limits of Quantum Computers (or: What We Can’t Do With Computers We Don’t Have) Scott Aaronson (MIT) NP-complete SZK BQP.

## Presentation on theme: "The Limits of Quantum Computers (or: What We Can’t Do With Computers We Don’t Have) Scott Aaronson (MIT) NP-complete SZK BQP."— Presentation transcript:

The Limits of Quantum Computers (or: What We Can’t Do With Computers We Don’t Have)
Scott Aaronson (MIT) NP-complete SZK BQP

So then why can’t we just ignore quantum computing, and get back to real work?

Because the universe isn’t classical
My picture of reality, as an eleven-year-old messing around with BASIC: + details (Also Stephen Wolfram’s current picture of reality) Fancier version: Extended Church-Turing Thesis

Shor’s factoring algorithm presents us with a choice
Either the Extended Church-Turing Thesis is false, textbook quantum mechanics is false, or there’s an efficient classical factoring algorithm. That’s why YOU should care about quantum computing All three seem like crackpot speculations. At least one of them is true!

One-Slide Summary Quantum computing is not a panacea—and that makes it more interesting rather than less! On our current understanding, quantum computers could “merely” break RSA, simulate quantum physics, etc.—not solve generic search problems exponentially faster 3. In this talk, I’ll tell you about some of the known limits of quantum computers 4. I’ll also discuss a more general question: can NP-complete problems be solved efficiently by any physical means?

What Quantum Mechanics Says
If an object can be in two distinguishable states |0 or |1, then it can also be in a superposition |0 + |1 Here  and  are complex amplitudes satisfying ||2+||2=1 If we observe, we see |0 with probability ||2 |1 with probability ||2 Also, the object collapses to whichever outcome we see

To modify a state we can multiply vector of amplitudes by a unitary matrix—one that preserves

We’re seeing interference of amplitudes—the source of all “quantum weirdness”

Quantum Computing A quantum state of n “qubits” takes 2n complex numbers to describe: The goal of quantum computing is to exploit this exponentiality in our description of the world Idea: Get paths leading to wrong answers to “interfere destructively” and cancel each other out

Shor’s Result Quantum computers can factor integers in polynomial time
(thereby break RSA, thereby swipe your credit card number…) To prove this, Shor had to exploit a special property of the factoring problem (namely its reducibility to period-finding) Ideas extend to computing discrete logarithms, solving Pell’s equation, breaking elliptic curve cryptography…

But these problems aren’t believed to be NP-complete
So the question remains: can quantum computers solve NP-complete problems in polynomial time? Bennett et al. 1997: “Quantum magic” won’t be enough Suppose we throw away the problem structure, and just consider an abstract space of 2n possible solutions Then even a quantum computer will need ~2n/2 steps to find a correct solution Note: This square-root speedup is achievable, via “Grover’s algorithm” The quantum adiabatic algorithm (Farhi et al. 2000) does exploit problem structure. But it suffers from provable limitations of its own…

Another example of a “quantum black-box problem”: given a two-to-one function f:[N][N], find any x,y pair such that f(x)=f(y) By the “birthday paradox”, a randomized algorithm has to examine N of the N numbers [Brassard-Høyer-Tapp 1997] Quantum algorithm based on Grover that uses only N1/3 queries Is that optimal? Proving a lower bound better than constant was open for 5 years

Motivation for the Collision Problem
Cryptographic Hash Functions Graph Isomorphism: find a collision in Statistical Zero Knowledge (SZK) protocols ?

What makes the problem so hard?
Basically, that a quantum computer can almost find a collision after one query to f! Measure 2nd register “If only we could now measure twice!” Or: if only we could see the whole trajectory of a “hidden variable” coursing through the quantum system! [A., Phys. Rev. A 2005] Previous techniques weren’t sensitive to the fact that quantum mechanics doesn’t allow these things

[A., STOC’02] N1/5 lower bound on number of queries needed by a quantum computer to find collisions [Shi, FOCS’02] [A.-Shi, J. ACM 2004] Improved to N1/3; also N2/3 lower bound for element distinctness [Kutin 2003] [Ambainis 2003] [Midrijanis 2003] Simplifications and generalizations

Cartoon Version of Proof
T-query quantum algorithm that finds collisions in 2-to-1 functions Suppose it exists by way of contradiction… T-query quantum algorithm that distinguishes 1-to-1 from 2-to-1 functions [Beals et al. 1998] p(f) is a multilinear polynomial, of degree at most 2T, in Boolean indicator variables (f(x),y) Let p(f) = probability algorithm says f is 2-to-1 Crucial facts: q(k)  [0,1] for all k=1,2,3,… q(1)  1/3 q(2)  2/3 Let q(k) = average of p(f) over all k-to-1 functions f

The magic step: q(k) itself is a univariate polynomial in k, of degree at most 2T
Why? That’s why

1 Bounded in [0,1] at integer points q(k) Large derivative 1 2 3 N2/5 k [A. A. Markov, 1889]: Hence the original quantum algorithm must have made (N1/5) queries

“OK, so I accept that quantum computers have these limitations
“OK, so I accept that quantum computers have these limitations. Is there any physical means to solve (say) NP-complete problems in polynomial time?”

Famous proposal for how to solve NP-complete problems: Dip two glass plates with pegs between them into soapy water. Let the soap bubbles form a “minimum Steiner tree” connecting the pegs Other proposals with obvious scaling problems: protein folding, DNA computing, optical computing… For the latest, please see Slashdot

“Relativity Computing”
Problem: Energy needed to accelerate to relativistic speed DONE Variant: Black hole computing

Abrams & Lloyd 1998: If the Schrödinger equation governing quantum mechanics were nonlinear, one could exploit that fact to solve NP-complete problems in polynomial time One way to interpret this result: as additional evidence that the Schrödinger equation is linear… 1 solution to NP-complete problem No solutions

“Zeno Computing” Do the first step of a computation in 1 second, the next in ½ second, the next in ¼ second, etc. Problem: “Quantum foaminess” Below the Planck scale (10-33 cm or sec), our usual picture of space and time breaks down in not-yet-understood ways…

Quantum Advice Could there be a fixed quantum state that’s been sitting around since the Big Bang—and that if found, would be a “magic key” to performing quantum computations that were otherwise infeasible? [A. 2004]: Even under such a strange assumption, we still couldn’t solve NP-complete problems in polynomial time without exploiting the problem structure

Similar presentations