Quantum Lower Bound for the Collision Problem Scott Aaronson 1/10/2002 quant-ph/0111102 I was born at the Big Bang. Cool! We have the same birthday.

Slides:



Advertisements
Similar presentations
Closed Timelike Curves Make Quantum and Classical Computing Equivalent
Advertisements

Quantum Computing: Whats It Good For? Scott Aaronson Computer Science Department, UC Berkeley January 10,
Computation, Quantum Theory, and You Scott Aaronson, UC Berkeley Qualifying Exam May 13, 2002.
The Polynomial Method In Quantum and Classical Computing Scott Aaronson (MIT) OPEN PROBLEM.
Quantum Lower Bounds You probably Havent Seen Before (which doesnt imply that you dont know OF them) Scott Aaronson, UC Berkeley 9/24/2002.
The Complexity of Sampling Histories Scott Aaronson, UC Berkeley August 5, 2003.
Quantum Lower Bounds The Polynomial and Adversary Methods Scott Aaronson September 14, 2001 Prelim Exam Talk.
Quantum t-designs: t-wise independence in the quantum world Andris Ambainis, Joseph Emerson IQC, University of Waterloo.
Quantum Versus Classical Proofs and Advice Scott Aaronson Waterloo MIT Greg Kuperberg UC Davis | x {0,1} n ?
Quantum Software Copy-Protection Scott Aaronson (MIT) |
The Future (and Past) of Quantum Lower Bounds by Polynomials Scott Aaronson UC Berkeley.
SPEED LIMIT n Quantum Lower Bounds Scott Aaronson (UC Berkeley) August 29, 2002.
Lower Bounds for Local Search by Quantum Arguments Scott Aaronson.
Quantum Computing and Dynamical Quantum Models ( quant-ph/ ) Scott Aaronson, UC Berkeley QC Seminar May 14, 2002.
Limitations of Quantum Advice and One-Way Communication Scott Aaronson UC Berkeley IAS Useful?
Quantum Search of Spatial Regions Scott Aaronson (UC Berkeley) Joint work with Andris Ambainis (U. Latvia)
Quantum Double Feature Scott Aaronson (MIT) The Learnability of Quantum States Quantum Software Copy-Protection.
Lower Bounds for Local Search by Quantum Arguments Scott Aaronson (UC Berkeley) August 14, 2003.
An Invitation to Quantum Complexity Theory The Study of What We Cant Do With Computers We Dont Have Scott Aaronson (MIT) QIP08, New Delhi BQP NP- complete.
BQP/qpoly EXP/poly Scott Aaronson UC Berkeley. BQP/qpoly Class of languages recognized by a bounded-error polytime quantum algorithm, with a polysize.
Pretty-Good Tomography Scott Aaronson MIT. Theres a problem… To do tomography on an entangled state of n qubits, we need exp(n) measurements Does this.
How to Solve Longstanding Open Problems In Quantum Computing Using Only Fourier Analysis Scott Aaronson (MIT) For those who hate quantum: The open problems.
The Equivalence of Sampling and Searching Scott Aaronson MIT.
The Collision Lower Bound After 12 Years Scott Aaronson (MIT) Lower bound for a collision problem.
Quantum Computing with Noninteracting Bosons
Scott Aaronson (MIT) Based on joint work with John Watrous (U. Waterloo) BQP PSPACE Quantum Computing With Closed Timelike Curves.
Tight Lower Bounds for the Distinct Elements Problem David Woodruff MIT Joint work with Piotr Indyk.
Why Simple Hash Functions Work : Exploiting the Entropy in a Data Stream Michael Mitzenmacher Salil Vadhan And improvements with Kai-Min Chung.
Quantum Money from Hidden Subspaces Scott Aaronson and Paul Christiano.
Randomized Algorithms for Selection and Sorting Prepared by John Reif, Ph.D. Analysis of Algorithms.
Approximate List- Decoding and Hardness Amplification Valentine Kabanets (SFU) joint work with Russell Impagliazzo and Ragesh Jaiswal (UCSD)
C&O 355 Lecture 23 N. Harvey TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A A A A A A A.
Analysis of Algorithms CS 477/677 Linear Sorting Instructor: George Bebis ( Chapter 8 )
When Exactly Do Quantum Computers Provide A Speedup?
Scott Aaronson (MIT) Forrelation A problem admitting enormous quantum speedup, which I and others have studied under various names over the years, which.
Fast FAST By Noga Alon, Daniel Lokshtanov And Saket Saurabh Presentation by Gil Einziger.
New Lattice Based Cryptographic Constructions
1 Algorithms for Large Data Sets Ziv Bar-Yossef Lecture 12 June 18, 2006
Department of Computer Science & Engineering University of Washington
Deciding Primality is in P M. Agrawal, N. Kayal, N. Saxena Slides by Adi Akavia.
1 Quantum Computing: What’s It Good For? Scott Aaronson Computer Science Department, UC Berkeley January 10,  John.
Tirgul 8 Universal Hashing Remarks on Programming Exercise 1 Solution to question 2 in theoretical homework 2.
Tirgul 7. Find an efficient implementation of a dynamic collection of elements with unique keys Supported Operations: Insert, Search and Delete. The keys.
Quantum Algorithms II Andrew C. Yao Tsinghua University & Chinese U. of Hong Kong.
Hashing General idea: Get a large array
Scott Aaronson (MIT) Andris Ambainis (U. of Latvia) Forrelation: A Problem that Optimally Separates Quantum from Classical Computing H H H H H H f |0 
Correlation testing for affine invariant properties on Shachar Lovett Institute for Advanced Study Joint with Hamed Hatami (McGill)
October 1 & 3, Introduction to Quantum Computing Lecture 2 of 2 Richard Cleve David R. Cheriton School of Computer Science Institute for Quantum.
Approximating Minimum Bounded Degree Spanning Tree (MBDST) Mohit Singh and Lap Chi Lau “Approximating Minimum Bounded DegreeApproximating Minimum Bounded.
Quantum Computing MAS 725 Hartmut Klauck NTU TexPoint fonts used in EMF. Read the TexPoint manual before you delete this box.: A A A A.
Algorithms Artur Ekert. Our golden sequence H H Circuit complexity n QUBITS B A A B B B B A # of gates (n) = size of the circuit (n) # of parallel units.
CS151 Complexity Theory Lecture 13 May 11, Outline proof systems interactive proofs and their power Arthur-Merlin games.
Short course on quantum computing Andris Ambainis University of Latvia.
The Selection Problem. 2 Median and Order Statistics In this section, we will study algorithms for finding the i th smallest element in a set of n elements.
Quantum Computing MAS 725 Hartmut Klauck NTU
Interactive proof systems Section 10.4 Giorgi Japaridze Theory of Computability.
Quantum algorithms vs. polynomials and the maximum quantum-classical gap in the query model.
Unique Games Approximation Amit Weinstein Complexity Seminar, Fall 2006 Based on: “Near Optimal Algorithms for Unique Games" by M. Charikar, K. Makarychev,
Forrelation: A Problem that Optimally Separates Quantum from Classical Computing.
Verification of BosonSampling Devices Scott Aaronson (MIT) Talk at Simons Institute, February 28, 2014.
Quantum algorithms are at most polynomially faster for any symmetric function Andris Ambainis University of Latvia.
Quantum Computation Stephen Jordan. Church-Turing Thesis ● Weak Form: Anything we would regard as “computable” can be computed by a Turing machine. ●
1 Introduction to Quantum Information Processing QIC 710 / CS 667 / PH 767 / CO 681 / AM 871 Richard Cleve DC 2117 Lectures
Theory of Computational Complexity M1 Takao Inoshita Iwama & Ito Lab Graduate School of Informatics, Kyoto University.
Richard Cleve DC 2117 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 667 / Phys 767 C&O 481 / C&O 681 Lecture.
Quantum Computing: What’s It Good For?
The
The Curve Merger (Dvir & Widgerson, 2008)
Quantum Lower Bounds Via Laurent Polynomials
Presentation transcript:

Quantum Lower Bound for the Collision Problem Scott Aaronson 1/10/2002 quant-ph/ I was born at the Big Bang. Cool! We have the same birthday.

Collision Problem Given Promised: (1) X is one-to-one (permutation) or (2) X is two-to-one Problem: Decide which w.h.p., using few queries to the x i Randomized alg: ( n)

One-to-OneTwo-to-One

Result Any quantum algorithm for the collision problem uses (n 1/5 ) queries Previously no lower bound better than (1) Shi improved to (n 1/4 ) (n 1/3 ) when |range| >> n

Implications 1.No polytime blackbox algorithms for –graph isomorphism –nonabelian hidden subgroup –breaking cryptographic hash functions

Implications 2. Dynamical quantum theories cant be simulated in BQP, relative to oracle Define joint distribution over values of observable at times t 1, t 2, etc. (I.e. classical history) Given polytime quantum algorithm and set of sampling points, how hard to sample from this distribution?

How to Find a Collision in O(1) Queries If Your Memory Is Perfect 1.Prepare and observe 2 nd register If X is 2-1, obtain (|i +|j )/ 2 with x i =x j 2.Sample 3. Hadamard every bit, and sample again 4. Hadamard every bit again (returning to (|i +|j )/ 2), and sample again Which basis state (|i or |j ) were you in after Step 2? After Step 4?

Implications 3. |x |f(x) oracles (Kashefi et al. 2001) more powerful than |x |x |f(x) Requires (n 1/7 ) lower bound for set comparison problem: given sequences x 1 …x n and y 1 …y n, decide whether {x 1,…,x n }={y 1,…,y n } or |{x 1,…,x n,y 1,…,y n }|>1.1n Can improve to (n 1/6 ) using ideas of Shi

Quantum Query Model State after t queries: : workbits i: index to query z: output Query: |,i,z | x i,i,z Arbitrary unitaries that dont depend on X By end:

Brassard-Høyer-Tapp (1998) (n 1/3 ) quantum alg for collision problem n 1/3 x i s, queried classically, sorted for fast lookup Grovers algorithm over n 2/3 x i s Do I collide with any of the pink x i s?

Lower Bound: Main Ideas P(X) [0,1], even for g-1 inputs X with g>2. Surprisingly strong constraint. Take uniform dist. over g-1 inputs P becomes poly in g of deg 2T. Algebraic magic! Use approximation theory to show T large

Lemma (follows Beals et al. 1998): Let (x i,h)=1 if x i =h, 0 otherwise. Then P(X) is poly of deg 2T over the (x i,h). Proof: Let t,X,,i,z = amplitude of |,i,z after t queries. t,X,,i,z is poly of deg t, by induction. Base case (t=0) trivial. Unitaries cant increase degree. Query replaces t,X,,i,z by

Input Distribution D(g): Uniform distribution over g-1 inputs Technicality: g might not divide n But assume for simplicity that it does Let

Monomials of P(X) I(X) = product of r variables (x i,h) Let Then for some I, Claim: If T=O( n) then P(g) is a polynomial of degree 2T in g for integers 1 g n.

Calculating (I,g): #1 Range of I: Y.w=|Y|. (I,g) = 0 unless Y S (range of X) So since

Calculating (I,g): #2 Given an S containing Y, # of g-1 inputs of size n: n!/(g!) n/g Let {y 1,…,y w } be distinct values in Y –r i = # of times y i appears in Y –r 1 + … + r w = r # of g-1 inputs X with range S s.t. I(X)=1:

Becomes ~polynomial(g) Polynomial in g of degree w + (r-w) = r 2T

Markovs Inequality Let P(x) be a poly with b 1 P(x) b 2 for all a 1 x a 2 and |dP(x*)/dx| c for some a 1 x* a 2. Then Long Short Large derivative

Lower Bound 0 P(g) 1 for all 0 g n P(1) 1/10 and P(2) 9/10 So dP/dg 4/5 somewhere (n 1/4 ) lower bound would follow if g always divided n

How to Handle n mod g 0: Sketch Choose N slightly larger than n such that g divides N Choose g-1 function on {1,…,N} u.a.r, then subfunction of size n Acceptance prob. close to bivariate polynomial in g,N for all g|N s.t.

(continued) Restrict gs range to [1,G]; then (g,N) points with g|N are plentiful, so P is bounded P has large derivative somewhere in either the g or N directions Lower bound obtained when G=n 2/5 :

Large derivative between 1-1 and 2-1 Lots of points at which g|N so P is bounded

Shis Improvement to (n 1/4 ) Choose N n s.t. g divides N, instead of N n If basis state | queries an undefined x i, | drops out of the universe Result: Final state vector has norm in [0,1] Still OK! P(g,N) is exactly polynomial in (g,N); so gs range need not be restricted to [1,n 2/5 ]

Shis Improvement to (n 1/3 ) For functions with range {1,…,3n/2} Uses Paturis inequality: if 0 p(x) 1 for 0 x n and p( )= (1)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.