An Introduction to Quantum Computing GOSN203 (AI); GOSN204 (OS) Professor John FULCHER Christopher Newport University April 2004.

An Introduction to Quantum Computing GOSN203 (AI); GOSN204 (OS) Professor John FULCHER Christopher Newport University April 2004

References: References: * E. Riefel & W. Polak (2000) “An Introduction to Quantum Computing for Non-Physicists” ACM Computing Surveys 22(3) 300-335 * HANDOUT#1 * E. Riefel & W. Polak (2000) “An Introduction to Quantum Computing for Non-Physicists” ACM Computing Surveys 22(3) 300-335 * HANDOUT#1 * J. Mullins (2002) “Making Unbreakable Code” IEEE Spectrum May 40-45. * HANDOUT#2 * J. Mullins (2002) “Making Unbreakable Code” IEEE Spectrum May 40-45. * HANDOUT#2 http://www.pcs.cnu.edu/~mzhang/PCS450_550/Quan tumComp1(2).ppt (Lecture Notes: MS-PowerPoint) http://www.pcs.cnu.edu/~mzhang/PCS450_550/Quan tumComp1(2).ppt (Lecture Notes: MS-PowerPoint) C. Bennett, G. Brassad & A. Ekert (1992) “Quantum Cryptography” Scientific American 267(4) 26-33 C. Bennett, G. Brassad & A. Ekert (1992) “Quantum Cryptography” Scientific American 267(4) 26-33 C. Williams & S. Clearwater (1998) Explorations in Quantum Computing Springer (+ CDROM – Mathematica) C. Williams & S. Clearwater (1998) Explorations in Quantum Computing Springer (+ CDROM – Mathematica) …the story so far:

Key Quantum Phenomena Key Quantum Computing Phenomena: Key Quantum Computing Phenomena: 1. Superposition of all possible states simultaneously. Hence an n-Qubit memory register can exist in a superposition of all 2 n possible configurations: |f> = a|0> + b|1> 1. Superposition of all possible states simultaneously. Hence an n-Qubit memory register can exist in a superposition of all 2 n possible configurations: |f> = a|0> + b|1> i.e. a Quantum Computer = a massively parallel computer (however, it is impossible to observe these parallel computations individually). i.e. a Quantum Computer = a massively parallel computer (however, it is impossible to observe these parallel computations individually).

Key Quantum Phenomena Key Quantum Computing Phenomena: Key Quantum Computing Phenomena: 2. Interference – since a QC can work on several classical inputs at once, they can interfere with/influence one another (either constructively or destructively): 2. Interference – since a QC can work on several classical inputs at once, they can interfere with/influence one another (either constructively or destructively): |f> = |0 1> + |1 0> |f> = |0 1> + |1 0>  a net computational state that reveals a joint/collective property of all the computations i.e. quantum parallelism.  a net computational state that reveals a joint/collective property of all the computations i.e. quantum parallelism.

Key Quantum Phenomena Key Quantum Computing Phenomena: Key Quantum Computing Phenomena: 3. Entanglement – 2 or more Qubits emerge from an interaction in a definite joint quantum state that cannot be expected in terms of a product of definite individual quantum states: |f> = |0 1> + |1 0> 3. Entanglement – 2 or more Qubits emerge from an interaction in a definite joint quantum state that cannot be expected in terms of a product of definite individual quantum states: |f> = |0 1> + |1 0> Moreover, they retain a lingering, instantaneous influence on each other, irrespective of their distance of separation  quantum teleportation (for which there is no classical counterpart!); quantum factoring relies on entanglement to create a repeating sequence of numbers whose period reveals the factors of a large integer. Moreover, they retain a lingering, instantaneous influence on each other, irrespective of their distance of separation  quantum teleportation (for which there is no classical counterpart!); quantum factoring relies on entanglement to create a repeating sequence of numbers whose period reveals the factors of a large integer.

Key Quantum Phenomena Key Quantum Computing Phenomena: Key Quantum Computing Phenomena: 4. Non-determinism = inability to predict the quantum state into which a superposed state will collapse upon being measured 4. Non-determinism = inability to predict the quantum state into which a superposed state will collapse upon being measured  quantum key distribution, which relies on non- determinism to guarantee that any eavesdropping will be detected.  quantum key distribution, which relies on non- determinism to guarantee that any eavesdropping will be detected.

Key Quantum Phenomena Key Quantum Computing Phenomena: Key Quantum Computing Phenomena: 5. Non-clonability, since it is impossible to copy an unknown quantum state exactly (Heisenberg Uncertainty Principle). 5. Non-clonability, since it is impossible to copy an unknown quantum state exactly (Heisenberg Uncertainty Principle). It is impossible to measure pairs of quantities simultaneously (e.g. position & momentum)  quantum cryptography relies on non-clonability to guarantee security. It is impossible to measure pairs of quantities simultaneously (e.g. position & momentum)  quantum cryptography relies on non-clonability to guarantee security.

Key Quantum Phenomena Key Quantum Computing Phenomena: Key Quantum Computing Phenomena: 6. Non-locality: quantum teleportation relies on non-locality (as well as entanglement) to disassemble and re-assemble the quantum state to be teleported. 6. Non-locality: quantum teleportation relies on non-locality (as well as entanglement) to disassemble and re-assemble the quantum state to be teleported.

Key Quantum Phenomena Key Quantum Computing Phenomena: Key Quantum Computing Phenomena: 7. reversible: and thus no power dissipation: 7. reversible: and thus no power dissipation: H |in> = |out>; H -1 |out> = |in> H |in> = |out>; H -1 |out> = |in> An operation is logically reversible if it can be undone (run backwards) – i.e. if its inputs can always be deduced from the outputs. An operation is logically reversible if it can be undone (run backwards) – i.e. if its inputs can always be deduced from the outputs. cf. classical computations, which are irreversible & thus dissipative. cf. classical computations, which are irreversible & thus dissipative.

Quantum Spin States 2-state quantum system used to encode a Qubit: 2-state quantum system used to encode a Qubit: The (solid) angle between the vector & the vertical axis (= phase) is determined by the relative contributions of the |  0 > and |  1 > (eigen)states The (solid) angle between the vector & the vertical axis (= phase) is determined by the relative contributions of the |  0 > and |  1 > (eigen)states

Q: Where’s the power in QCs? A: Superposition Superposition = simultaneous existence in many states, not just |0>and |1> but: Superposition = simultaneous existence in many states, not just |0>and |1> but: Qubit:phase = (solid)  magnitude = c 0 |0> + c 1 |1> Qubit:phase = (solid)  magnitude = c 0 |0> + c 1 |1> where probabilities |c 0 | 2 + |c 1 | 2 = 1 (i.e. 100%) where probabilities |c 0 | 2 + |c 1 | 2 = 1 (i.e. 100%) & |c i | = sqrt (x i 2 + y i 2 ) (i.e. complex numbers) & |c i | = sqrt (x i 2 + y i 2 ) (i.e. complex numbers) 

Quantum Gates Any quantum computation can be reduced to a sequence of 1 and 2 qubit operations: H |in> = H 1 H 2 H 3.... H n |in> Conventional operations: NOT, AND Quantum operations: qNOT, CNOT

Quantum Gates e.g. a root(NOT) gate: e.g. a root(NOT) gate: rootNOT |input>|output> = NOT |input> superposition of bits (thus unlike any classical gate)

Walsh-Hadamard Gate e.g. if we apply the WH-gate to each of n qubits individually, we obtain the superposition of the 2 n numbers that can be represented in n bits. e.g. if we apply the WH-gate to each of n qubits individually, we obtain the superposition of the 2 n numbers that can be represented in n bits. Thus we can effectively load exponentially many (2 n ) numbers into a quantum computer using only polynomial many (n) basic gate operations. Thus we can effectively load exponentially many (2 n ) numbers into a quantum computer using only polynomial many (n) basic gate operations.

Controlled-NOT Gate A particular 2- gate is of paramount importance in quantum computing, & this is the controlled-NOT gate: A particular 2-qubit gate is of paramount importance in quantum computing, & this is the controlled-NOT gate: U CN |00> = |00> U CN |00> = |00> U CN |01> = |01> U CN |01> = |01> U CN |10> = |11> U CN |10> = |11> U CN |11> = |10> U CN |11> = |10> ie. apply NOT to (flip) second bit if first = 1. ie. apply NOT to (flip) second bit if first qubit = 1. |x> |y> |x xor y>

Controlled-NOT Gate NOTE that this operation involves no measurements whatsoever – i.e. we do not need to measure s in order to bring about “controlled” operations. NOTE that this operation involves no measurements whatsoever – i.e. we do not need to measure qubits in order to bring about “controlled” operations. |x> |y>|x xor y> xor: control 1 0 1 not 0 1 1

Universal Quantum Gates Universal Gates: the (infinite) set of all 1- rotations, together with the controlled-NOT gate, is enough to achieve any imaginable quantum computation. Universal Gates: the (infinite) set of all 1-qubit rotations, together with the controlled-NOT gate, is enough to achieve any imaginable quantum computation. i.e. we can perform any quantum computation by connecting just 1- rotation gates and controlled-NOT gates (cf. any classical computation can be realized using just AND and NOT gates) i.e. we can perform any quantum computation by connecting just 1-qubit rotation gates and controlled-NOT gates (cf. any classical computation can be realized using just AND and NOT gates) Barenco (1995) and DiVincenzo (1995) independently showed that a 2- gate is universal for quantum computation. Barenco (1995) and DiVincenzo (1995) independently showed that a 2-qubit gate is universal for quantum computation.

Reversible Computation Quantum realizations of sets of reversible gates which are universal for all Boolean circuits. Quantum realizations of sets of reversible gates which are universal for all Boolean circuits. Recall that a quantum circuit is composed of quantum wires & elementary quantum gates; each wire represents a path of a single qubit & is described by a state in the 2D Hilbert Space C 2. Recall that a quantum circuit is composed of quantum wires & elementary quantum gates; each wire represents a path of a single qubit & is described by a state in the 2D Hilbert Space C 2.

Quantum Calculus A Hilbert Space is a mathematical model for representing state space vectors. A Hilbert Space is a mathematical model for representing state space vectors. The state of a quantum system can be described by a column vector (|  > “ket”) in a Hilbert Space of wave functions. The state of a quantum system can be described by a column vector (|  > “ket”) in a Hilbert Space of wave functions. As the system evolves, its state vector rotates with its base anchored to the origin of the axes. As the system evolves, its state vector rotates with its base anchored to the origin of the axes.

Tensor Products Systems of more than one qubit need a Hilbert Space which captures the interaction (entanglement) of the qubits. Systems of more than one qubit need a Hilbert Space which captures the interaction (entanglement) of the qubits. A 2-qubit system can be represented by a unit vector in the tensor product of 2 copies of C 2 (i.e. the space C 2 C 2 ). A 2-qubit system can be represented by a unit vector in the tensor product of 2 copies of C 2 (i.e. the space C 2 C 2 ).

Quantum Calculus In general, a system containing exactly n >= 2 qubits is represented by n copies of C 2 tensored together. Thus the state space is 2 n -dimensional. In general, a system containing exactly n >= 2 qubits is represented by n copies of C 2 tensored together. Thus the state space is 2 n -dimensional. Now in contrast to a classical system, which can be completely defined by describing the state of each individual component, in a quantum system, the state cannot always be described by considering only the component pieces. Now in contrast to a classical system, which can be completely defined by describing the state of each individual component, in a quantum system, the state cannot always be described by considering only the component pieces.

Entangled States e.g. the state 1/root(2)(|00> + |11>) cannot be decomposed into separate states for each of the 2 qubits. e.g. the state 1/root(2)(|00> + |11>) cannot be decomposed into separate states for each of the 2 qubits. i.e. we cannot express this state as a tensor product of two single qubits. i.e. we cannot express this state as a tensor product of two single qubits. A state that can’t be expressed as a tensor product is called an entangled state. A state that can’t be expressed as a tensor product is called an entangled state.

Not covered in lectures… Quantum Memory Registers Quantum Memory Registers Quantum Error Correction Quantum Error Correction Symmetry, entanglement, “ancilla” qubits (Shor) Symmetry, entanglement, “ancilla” qubits (Shor) Fault tolerant (Quantum) Computers Fault tolerant (Quantum) Computers [ref. Handout#1, references] [ref. Handout#1, references]

This Lecture… Quantum Algorithms Quantum Algorithms Quantum Key Distribution Quantum Key Distribution (Teleportation)? (Teleportation)? Quantum Computer Hardware Quantum Computer Hardware QC Applications (OS; AI)? QC Applications (OS; AI)?

Quantum Parallelism The principal advantage of a quantum computer over a classical computer is that it can use a technique called quantum parallelism to compute certain joint properties of several superposed computations The principal advantage of a quantum computer over a classical computer is that it can use a technique called quantum parallelism to compute certain joint properties of several superposed computations (several answers to different classical computation) in the time it takes a classical computer to find just one of these answers… (several answers to different classical computation) in the time it takes a classical computer to find just one of these answers…

Quantum Parallelism …moreover, the quantum computer can do this without needing to reveal the answer to any one of those computations individually. …moreover, the quantum computer can do this without needing to reveal the answer to any one of those computations individually. This gives the quantum computer the potential to be vastly more efficient than a classical computer at certain computational tasks. This gives the quantum computer the potential to be vastly more efficient than a classical computer at certain computational tasks.

Quantum Algorithms 1. The Deutsch-Jozsa problem: Is a boolean function f:{0,1}  {0,1} even (i.e. always gives the same output) and/or balanced (gives one output on half of the inputs, & another output on the other half)? 1. The Deutsch-Jozsa problem: Is a boolean function f:{0,1}  {0,1} even (i.e. always gives the same output) and/or balanced (gives one output on half of the inputs, & another output on the other half)? Exploits superposition without need for measurement Exploits superposition without need for measurement 2. Simon (1994): a quantum memory register could be used to evolve into a superposition representing the Fourier Transform. 2. Simon (1994): a quantum memory register could be used to evolve into a superposition representing the Fourier Transform. Measurement  sample  period (of sines, cosines) Measurement  sample  period (of sines, cosines)

Quantum Algorithms 3. Shor (1994): factoring of large composite integers can be achieved by finding the period (= QC’s “killer app”lication) 3. Shor (1994): factoring of large composite integers can be achieved by finding the period (= QC’s “killer app”lication) exploits a technique similar to Simon’s Fourier Transform sampling. exploits a technique similar to Simon’s Fourier Transform sampling. 4. Grover (1996) showed that unstructured search can be solved with bounded probability in O(rootN) on a Quantum Computer. 4. Grover (1996) showed that unstructured search can be solved with bounded probability in O(rootN) on a Quantum Computer.

1. Deutsch-Joza Problem The Deutsch-Jozsa problem: Consider a boolean function f :{0,1} -> {0,1}. The Deutsch-Jozsa problem: Consider a boolean function f :{0,1} -> {0,1}. Is f(0) = f(1) or f(0) not= f(1)? Is f(0) = f(1) or f(0) not= f(1)? Classical test: 2 computations & 1 comparison. Classical test: 2 computations & 1 comparison. Can we do better on a QC? Yes! Can we do better on a QC? Yes! The key to a Quantum Computer solution is that we do not need to actually calculate f(x), simply determine whether they are the same. The key to a Quantum Computer solution is that we do not need to actually calculate f(x), simply determine whether they are the same.

1. Deutsch-Joza Problem Suppose we possess a quantum “black box” which computes ‘f’ (a big if!) Suppose we possess a quantum “black box” which computes ‘f’ (a big if!) Consider the transformation U f which applies to 2 qubits |x> and |y> and produces |x>|y mod2 f(x)). Consider the transformation U f which applies to 2 qubits |x> and |y> and produces |x>|y mod2 f(x)). This transformation flips the second bit if f acting on the first bit is 1, & does nothing if f acting on the first qubit is 0. This transformation flips the second bit if f acting on the first bit is 1, & does nothing if f acting on the first qubit is 0.

1. Deutsch-Joza Problem Now since the black box is “quantum”, we can choose the input state to be a superposition of |0> and |1>, say 1/root2(|0>+|1>) and 1/root2(|0>-|1>)… Now since the black box is “quantum”, we can choose the input state to be a superposition of |0> and |1>, say 1/root2(|0>+|1>) and 1/root2(|0>-|1>)… Perform a measurement that projects the first qubit onto the basis 1/root2(|0>+|1>), 1/root2(|0>-|1>) Perform a measurement that projects the first qubit onto the basis 1/root2(|0>+|1>), 1/root2(|0>-|1>) we will obtain 1/root2(|0>+|1>) if the function is balanced, 1/root2(|0>-|1>) if not. we will obtain 1/root2(|0>+|1>) if the function is balanced, 1/root2(|0>-|1>) if not.

1. Deutsch-Joza Problem We can achieve this because a quantum computer can be in a blend of states: we can compute f(0) and f(1), but more importantly, extract information about f which tells us whether f(0) is equal to f(1) or not. We can achieve this because a quantum computer can be in a blend of states: we can compute f(0) and f(1), but more importantly, extract information about f which tells us whether f(0) is equal to f(1) or not.

1. Deutsch-Joza Problem Solution of the Deutsch-Jozsa problem on a quantum computer: Solution of the Deutsch-Jozsa problem on a quantum computer: Step#1. Initialize the 2-qubit register in the state |0>|1>. Step#1. Initialize the 2-qubit register in the state |0>|1>. Step#2. Apply the Walsh-Hadamard operation W to each qubit: |0>|1>  1/root2(|0> + |1>) superimposed with 1/root2(|0> - |1>) Step#2. Apply the Walsh-Hadamard operation W to each qubit: |0>|1>  1/root2(|0> + |1>) superimposed with 1/root2(|0> - |1>)

1. Deutsch-Joza Problem Solution of the Deutsch-Jozsa problem on a quantum computer: Solution of the Deutsch-Jozsa problem on a quantum computer: Step#3. Apply the operation U (which requires f to be evaluated once only): 1/root2(|0> + |1>) superimposed with 1/root2(|0> - |1>)  1/root2((- 1) f(0) |0> + (-1) f(1) |1>) superimposed with 1/root2(|0> - |1>) Step#3. Apply the operation U (which requires f to be evaluated once only): 1/root2(|0> + |1>) superimposed with 1/root2(|0> - |1>)  1/root2((- 1) f(0) |0> + (-1) f(1) |1>) superimposed with 1/root2(|0> - |1>)

1. Deutsch-Joza Problem Solution of the Deutsch-Jozsa problem on a quantum computer: Solution of the Deutsch-Jozsa problem on a quantum computer: Step#4. Apply the operation V (which does not require f to be evaluated): 1/root2((-1) f(0) |0> + (- 1) f(1) |1>) superimposed with 1/root2(|0> - |1>)  1/root2((-1) f(0) +(-1) f(1) |0> + (- 1) f(0) -(-1) f(1) |1>) superimposed with 1/root2(|0> - |1>) Step#4. Apply the operation V (which does not require f to be evaluated): 1/root2((-1) f(0) |0> + (- 1) f(1) |1>) superimposed with 1/root2(|0> - |1>)  1/root2((-1) f(0) +(-1) f(1) |0> + (- 1) f(0) -(-1) f(1) |1>) superimposed with 1/root2(|0> - |1>)

1. Deutsch-Joza Problem Solution of the Deutsch-Jozsa problem on a quantum computer: Solution of the Deutsch-Jozsa problem on a quantum computer: Step#5. Measure the bit value in the first qubit: Step#5. Measure the bit value in the first qubit: If it is 0, f(0) = f(1); If it is 0, f(0) = f(1); If it is 1, f(0) not= f(1). If it is 1, f(0) not= f(1).

1. Deutsch-Joza Problem NOTE: in essence, this quantum algorithm exploits superposition and interference to extract a joint property of both function values – f(0) and f(1) – without having to calculate either function value explicitly. NOTE: in essence, this quantum algorithm exploits superposition and interference to extract a joint property of both function values – f(0) and f(1) – without having to calculate either function value explicitly.

2. Fourier Transform on QC Any mathematical function can be described as a weighted sum of certain basis (elementary) functions such as sines & cosines (or real & imaginary exponential functions): sin(x), sin(2x), …cos(x), cos(2x)…(the more terms, the better the approximation)  Fourier Series Any mathematical function can be described as a weighted sum of certain basis (elementary) functions such as sines & cosines (or real & imaginary exponential functions): sin(x), sin(2x), …cos(x), cos(2x)…(the more terms, the better the approximation)  Fourier Series recall e i  = cos  + i sin  (circle) recall e i  = cos  + i sin  (circle)

2. Fourier Transform on QC Fourier series = (integral) representation of continuous (linear) functions  Discrete Fourier Transform for sampled functions  Fast Fourier Transform (= a more efficient algorithm – 2 n terms) Fourier series = (integral) representation of continuous (linear) functions  Discrete Fourier Transform for sampled functions  Fast Fourier Transform (= a more efficient algorithm – 2 n terms) In Digital Signal Processing, the FFT transforms a signal from the time-domain to the frequency domain (& Inverse FFT from f- domain to t-domain) In Digital Signal Processing, the FFT transforms a signal from the time-domain to the frequency domain (& Inverse FFT from f- domain to t-domain)

2. Fourier Transform on QC Observation: if a time-varying signal is very spiky, this means it can be represented by just a few sines & cosines, with precisely defined periods. Observation: if a time-varying signal is very spiky, this means it can be represented by just a few sines & cosines, with precisely defined periods.

2. Fourier Transform on QC D. Simon (1994): a quantum computation could cause the state of a quantum memory register to evolve into a superposition representing the Fourier Transform. D. Simon (1994): a quantum computation could cause the state of a quantum memory register to evolve into a superposition representing the Fourier Transform. By reading this memory register, we would most likely obtain a result corresponding to where the probability amplitude was most highly concentrated – i.e. where the Fourier Transform is most strongly spiked. By reading this memory register, we would most likely obtain a result corresponding to where the probability amplitude was most highly concentrated – i.e. where the Fourier Transform is most strongly spiked.

2. Fourier Transform on QC Thus a quantum measurement returns a sample from the Fourier Transform, which provides us with some information about the periodic sine & cosine functions which make up our original function. Thus a quantum measurement returns a sample from the Fourier Transform, which provides us with some information about the periodic sine & cosine functions which make up our original function.

3. Shor’s Factoring Algorithm P. Shor (AT&T) was wanting to demonstrate that a quantum computer could be used to solve a real problem, as opposed to the contrived problems demonstrated up to that time (mid 1990s). P. Shor (AT&T) was wanting to demonstrate that a quantum computer could be used to solve a real problem, as opposed to the contrived problems demonstrated up to that time (mid 1990s). Shor: if you can relate the (real) problem of finding the factors of a large composite integer to that of finding the period, then you can exploit a technique similar to Simon’s sampling of a FT. Shor: if you can relate the (real) problem of finding the factors of a large composite integer to that of finding the period, then you can exploit a technique similar to Simon’s sampling of a FT.

3. Shor’s Factoring Algorithm Shor (1994) showed that a quantum computer could be used to factor a large integer super-efficiently. Shor (1994) showed that a quantum computer could be used to factor a large integer super-efficiently. This was big news, especially in security & banking circles (since all of a sudden RSA public cryptography is rendered eminently breakable)! This was big news, especially in security & banking circles (since all of a sudden RSA public cryptography is rendered eminently breakable)!

3. Shor’s Factoring Algorithm Multiplying large prime numbers together is computationally easy: e.g. 127 * 229 = ? Multiplying large prime numbers together is computationally easy: e.g. 127 * 229 = ? By contrast, no conventional (classical) polynomial algorithm exists for factoring large prime numbers (exhaustive search only) By contrast, no conventional (classical) polynomial algorithm exists for factoring large prime numbers (exhaustive search only) (in fact it is thought to be practically impossible)  hence used as the basis for (RSA) public key cryptography. e.g. ? * ? = 29,083 (in fact it is thought to be practically impossible)  hence used as the basis for (RSA) public key cryptography. e.g. ? * ? = 29,083 & this is only for five digits – imagine 400, say! & this is only for five digits – imagine 400, say!

3. Shor’s Factoring Algorithm Classical Factoring Algorithms: Classical Factoring Algorithms: The time required to find the factors is strongly believed (but has never been proved) to be superpolynomial in log(n); i.e. as n increases, the worst case time grows faster than any power of log(n). The time required to find the factors is strongly believed (but has never been proved) to be superpolynomial in log(n); i.e. as n increases, the worst case time grows faster than any power of log(n). Quadratic Sieve was the best known technique in 1997  (network of 1,000 workstations). Quadratic Sieve was the best known technique in 1997  (network of 1,000 workstations).

3. Shor’s Factoring Algorithm Shor’s exciting new result was that a quantum computer could factor in polynomial time – O[(ln n) 3 ]  factoring of a 400-digit number in under 3 years (cf. 10 10 years on a classical computer)! Shor’s exciting new result was that a quantum computer could factor in polynomial time – O[(ln n) 3 ]  factoring of a 400-digit number in under 3 years (cf. 10 10 years on a classical computer)!

3. Shor’s Factoring Algorithm Public Key Cryptography (RSA) P1  P2  C [easy] : t = P(N) C  P1  P2 [hard] : t = exp(N) Eg: Factorization of a 129-digit number (RSA-129) ~2000 computers processing for 8 months Shor’s Algorithm - Finds prime factors Peter Shor (AT&T Bell Labs, 1994) C  P1  P2 [easy] : t = P(N) With a QC could solve RSA-129 in seconds!

3. Shor’s Factoring Algorithm Shor’s quantum factoring algorithm relies on a result from number theory that relates the period of a particular periodic function to the factors of an integer: Shor’s quantum factoring algorithm relies on a result from number theory that relates the period of a particular periodic function to the factors of an integer: Given a number n, choose a related function f n (a) = x a mod n, such that the Greatest Common Divisor of x and n = 1. Given a number n, choose a related function f n (a) = x a mod n, such that the Greatest Common Divisor of x and n = 1. Both mod & GCD can be computed efficiently (even on a classical computer). Both mod & GCD can be computed efficiently (even on a classical computer).

3. Shor’s Factoring Algorithm Step-1: pick a number q such that 2n 2 =< q =< 3n 2. Step-1: pick a number q such that 2n 2 =< q =< 3n 2. Step-2: pick a random integer x whose Greatest Common Divisor with n is 1. Step-2: pick a random integer x whose Greatest Common Divisor with n is 1.

3. Shor’s Factoring Algorithm Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: (a) create a quantum memory register, & partition the qubits into two sets called register1 & register2, (a) create a quantum memory register, & partition the qubits into two sets called register1 & register2,

3. Shor’s Factoring Algorithm Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: (a) create a quantum memory register, & partition the qubits into two sets called register1 & register2, (a) create a quantum memory register, & partition the qubits into two sets called register1 & register2, (b) load register1 with all integers in the range 0 to q-1, & load register2 with all zeroes, (b) load register1 with all integers in the range 0 to q-1, & load register2 with all zeroes,

3. Shor’s Factoring Algorithm Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: (a) create a quantum memory register, & partition the qubits into two sets called register1 & register2, (a) create a quantum memory register, & partition the qubits into two sets called register1 & register2, (b) load register1 with all integers in the range 0 to q- 1, & load register2 with all zeroes, (b) load register1 with all integers in the range 0 to q- 1, & load register2 with all zeroes, (c) now compute, in quantum parallel, the function x a mod n of each number in register1, & place result in register2. (c) now compute, in quantum parallel, the function x a mod n of each number in register1, & place result in register2.

3. Shor’s Factoring Algorithm Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: (d) measure the state of register2, obtaining some result k. This has the effect of projecting out the state of register1 to be a superposition of just those values of a such that x a mod n = k, (d) measure the state of register2, obtaining some result k. This has the effect of projecting out the state of register1 to be a superposition of just those values of a such that x a mod n = k,

3. Shor’s Factoring Algorithm Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: (d) measure the state of register2, obtaining some result k. This has the effect of projecting out the state of register1 to be a superposition of just those values of a such that x a mod n = k, (d) measure the state of register2, obtaining some result k. This has the effect of projecting out the state of register1 to be a superposition of just those values of a such that x a mod n = k, (e) next compute the Fourier Transform of the projected state in register1, (e) next compute the Fourier Transform of the projected state in register1,

3. Shor’s Factoring Algorithm Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: (f) measure the state of register1. This effectively samples from the Fourier Transform and returns some number c’ that is some multiple of q/r, where r is the desired period; i.e. c’/q ~ l/r for some positive integer. (f) measure the state of register1. This effectively samples from the Fourier Transform and returns some number c’ that is some multiple of q/r, where r is the desired period; i.e. c’/q ~ l/r for some positive integer.

3. Shor’s Factoring Algorithm Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: Step-3: repeat the following steps (a) through (g) about log(q) times, using the same random number x each time: (f) measure the state of register1. This effectively samples from the Fourier Transform and returns some number c’ that is some multiple of q/r, where r is the desired period; i.e. c’/q ~ l/r for some positive integer. (f) measure the state of register1. This effectively samples from the Fourier Transform and returns some number c’ that is some multiple of q/r, where r is the desired period; i.e. c’/q ~ l/r for some positive integer. (g) to determine the period r, we need to estimate. This is accomplished using a continued fraction technique. (g) to determine the period r, we need to estimate. This is accomplished using a continued fraction technique.

3. Shor’s Factoring Algorithm Step-4: by repeating steps (a) through (g) we create a set of samples of the Discrete Fourier Transform in register1. This gives samples of multitudes of 1/r as 1 /r, 2 /r, 3 /r…for various integers i. Step-4: by repeating steps (a) through (g) we create a set of samples of the Discrete Fourier Transform in register1. This gives samples of multitudes of 1/r as 1 /r, 2 /r, 3 /r…for various integers i. After a few repetitions of the algorithm, we have enough samples of the contents of register1 to compute what i must be and hence to guess r. After a few repetitions of the algorithm, we have enough samples of the contents of register1 to compute what i must be and hence to guess r.

3. Shor’s Factoring Algorithm Step-5: when r is known the factors of n can be obtained from GCD(x r/2 – 1,n) and GCD(x r/2 + 1,n). Step-5: when r is known the factors of n can be obtained from GCD(x r/2 – 1,n) and GCD(x r/2 + 1,n). (Greatest Common Demoninator) (Greatest Common Demoninator)

4. Grover’s Search Algorithm Generally speaking, a solution search space has no special structure, which prevents the development of efficient algorithms. Generally speaking, a solution search space has no special structure, which prevents the development of efficient algorithms. e.g. (structured): you know someone’s name - find their telephone number in the city’s directory. e.g. (structured): you know someone’s name - find their telephone number in the city’s directory. e.g. (unstructured): you know someone’s telephone number – find their name! e.g. (unstructured): you know someone’s telephone number – find their name!

4. Grover’s Search Algorithm In order to search a simple unstructured file, a computer would have to run through, on average, half of the data to locate an x satisfying P(x). In order to search a simple unstructured file, a computer would have to run through, on average, half of the data to locate an x satisfying P(x). No shortcuts are possible, thus randomly testing the predicate P is the best strategy that can be adopted on a conventional computer  O(N) for a search space = N (omitting time to test P) No shortcuts are possible, thus randomly testing the predicate P is the best strategy that can be adopted on a conventional computer  O(N) for a search space = N (omitting time to test P)

4. Grover’s Search Algorithm Now while no shortcuts are possible on a conventional computer, we can do much better on a quantum computer. Now while no shortcuts are possible on a conventional computer, we can do much better on a quantum computer. Grover (1996) showed that unstructured search can be solved with bounded probability in O(rootN) on a Quantum Computer. Grover (1996) showed that unstructured search can be solved with bounded probability in O(rootN) on a Quantum Computer.

4. Grover’s Search Algorithm Now whilst the resulting speedup of our undirected search of a city’s telephone directory (i.e. O(N)  O(rootN)) is not particularly dramatic, it is in the case of data encryption. Now whilst the resulting speedup of our undirected search of a city’s telephone directory (i.e. O(N)  O(rootN)) is not particularly dramatic, it is in the case of data encryption. Consider the Data Encryption Standard: enciphering & deciphering are both accomplished using a 56-bit key, known only to the legitimate sender & receiver. Consider the Data Encryption Standard: enciphering & deciphering are both accomplished using a 56-bit key, known only to the legitimate sender & receiver.

4. Grover’s Search Algorithm The goal of an eavesdropper, having intercepted matching pairs of plain and cipher text, is to find the key that maps one onto the other. The goal of an eavesdropper, having intercepted matching pairs of plain and cipher text, is to find the key that maps one onto the other. This problem can be described as a “virtual phone directory”, in which each possible key is a “name”, and the enciphered text the corresponding “phone number”. This problem can be described as a “virtual phone directory”, in which each possible key is a “name”, and the enciphered text the corresponding “phone number”.

4. Grover’s Search Algorithm An exhaustive search would try 2 55 keys before hitting the correct one, which would take over a year even if 1 billion keys are checked every second (on a conventional computer)! An exhaustive search would try 2 55 keys before hitting the correct one, which would take over a year even if 1 billion keys are checked every second (on a conventional computer)! By comparison, Grover’s algorithm can solve the problem, after quantum-DES enciphering the known clear text in just 185 million times. By comparison, Grover’s algorithm can solve the problem, after quantum-DES enciphering the known clear text in just 185 million times. Thus in principle, Grover’s algorithm can be used to break classical cryptographic systems such as DES! Thus in principle, Grover’s algorithm can be used to break classical cryptographic systems such as DES!

4. Grover’s Search Algorithm Grover’s algorithm searches an unstructured list of size N to find one item satisfying a given condition. Grover’s algorithm searches an unstructured list of size N to find one item satisfying a given condition. Let n be such that 2 n >= N. Let n be such that 2 n >= N. Assume the predicate P is implemented by a quantum gate U P |x,0> -> |x,P(x)>, where “true” is encoded as 1. Assume the predicate P is implemented by a quantum gate U P |x,0> -> |x,P(x)>, where “true” is encoded as 1.

4. Grover’s Search Algorithm Step-1: start with an equally weighted superposition of all N = 2 n possible indices. Step-1: start with an equally weighted superposition of all N = 2 n possible indices. Any one of which could be the target entry in the quantum “telephone directory”. Any one of which could be the target entry in the quantum “telephone directory”.

4. Grover’s Search Algorithm Step-1: start with an equally weighted superposition of all N = 2 n possible indices. Step-1: start with an equally weighted superposition of all N = 2 n possible indices. Any one of which could be the target entry in the quantum “telephone directory”. Any one of which could be the target entry in the quantum “telephone directory”. Step-2: Pick an (almost) arbitrary unitary operator. The operator has to have some non- zero overlap between the starting state and the target. Step-2: Pick an (almost) arbitrary unitary operator. The operator has to have some non- zero overlap between the starting state and the target. The easiest way to ensure this is to pick an operator with no zero entries in its unitary matrix. The easiest way to ensure this is to pick an operator with no zero entries in its unitary matrix.

4. Grover’s Search Algorithm Step-3: construct a special amplitude- amplification operator Q from the quantum “telephone directory” oracle and the arbitrary unitary operator. Step-3: construct a special amplitude- amplification operator Q from the quantum “telephone directory” oracle and the arbitrary unitary operator.

4. Grover’s Search Algorithm Step-3: construct a special amplitude- amplification operator Q from the quantum “telephone directory” oracle and the arbitrary unitary operator. Step-3: construct a special amplitude- amplification operator Q from the quantum “telephone directory” oracle and the arbitrary unitary operator. Step-4: Iterate Q about (  /4)rootN times starting with the state U|s> and then measure. Step-4: Iterate Q about (  /4)rootN times starting with the state U|s> and then measure. The measurement outcome is the target index, with probability ~1 (i.e. near certainty). The measurement outcome is the target index, with probability ~1 (i.e. near certainty).

4. Grover’s Search Algorithm Grover’s algorithm is optimal up to a constant factor; no quantum algorithm can perform an unstructured search faster. Grover’s algorithm is optimal up to a constant factor; no quantum algorithm can perform an unstructured search faster.

4. Grover’s Search Algorithm If there is only a unique x o such that P(x o ) is true, then after (  /8)2 n/2 iterations of steps 2 through 4 the failure rate is ½. If there is only a unique x o such that P(x o ) is true, then after (  /8)2 n/2 iterations of steps 2 through 4 the failure rate is ½. After iterating (  /4)2 n/2 times the failure rate drops to 2 -n. After iterating (  /4)2 n/2 times the failure rate drops to 2 -n. However additional iterations will increase the failure rate! However additional iterations will increase the failure rate! e.g. after (  /2)2 n/2 iterations, the failure rate is close to 1. e.g. after (  /2)2 n/2 iterations, the failure rate is close to 1.

4. Grover’s Search Algorithm This is an important feature of many quantum algorithms, & has little counterpart in conventional computers. This is an important feature of many quantum algorithms, & has little counterpart in conventional computers. ie. repeating quantum procedures may improve results for a while, but after some repetitions the results will get worse again! ie. repeating quantum procedures may improve results for a while, but after some repetitions the results will get worse again!

4. Grover’s Search Algorithm Quantum procedures are unitary transformations, which are rotations of complex space; repeated applications of a quantum transform may rotate the state closer & closer to the desired state for a while, but eventually it will rotate past the desired state & get further & further away from it. Quantum procedures are unitary transformations, which are rotations of complex space; repeated applications of a quantum transform may rotate the state closer & closer to the desired state for a while, but eventually it will rotate past the desired state & get further & further away from it. Thus to obtain useful results from a repeated application of a quantum transformation, it is paramount to know when to stop! Thus to obtain useful results from a repeated application of a quantum transformation, it is paramount to know when to stop!

Quantum Key Distribution Relies on Quantum Mechanical effects: Relies on Quantum Mechanical effects: Heisenberg Uncertainty Principle precludes exact, simultaneous measurements. Heisenberg Uncertainty Principle precludes exact, simultaneous measurements. Polarization: according to Quantum Theory, a single photon passing through a polarizer will either emerge with its electric field oscillating in the desired plane, or not at all. Polarization: according to Quantum Theory, a single photon passing through a polarizer will either emerge with its electric field oscillating in the desired plane, or not at all. NOTE: here quantum states = light (photon) polarizations, rather than spin states. NOTE: here quantum states = light (photon) polarizations, rather than spin states.

Quantum Key Distribution Encoding a (0 0 1 …) bit stream within a stream of polarized photons: Encoding a (0 0 1 …) bit stream within a stream of polarized photons: Calcite (birefringent) Crystal Vertically polarized photons Horizontally polarized photons

Quantum Key Distribution But what happens when diagonally polarized light passes through vertically- oriented calcite, say? But what happens when diagonally polarized light passes through vertically- oriented calcite, say? The Heisenberg Uncertainty Principle says that some photons will have their polarizations shifted and some won’t, depending on the angle of their axis relative to the calcite crystal’s. The Heisenberg Uncertainty Principle says that some photons will have their polarizations shifted and some won’t, depending on the angle of their axis relative to the calcite crystal’s.

Quantum Key Distribution In order to read the encoded bit stream, we need to measure the polarization of each photon. In order to read the encoded bit stream, we need to measure the polarization of each photon. However if we choose the wrong orientation (axis) with our calcite crystal detector, then we only have a 50:50 chance of getting the correct answer. However if we choose the wrong orientation (axis) with our calcite crystal detector, then we only have a 50:50 chance of getting the correct answer.

Quantum Key Distribution But can we measure both the rectilinear (0 o /90 o ) and the diagonal (45 o /135 o ) polarizations (say) simultaneously? But can we measure both the rectilinear (0 o /90 o ) and the diagonal (45 o /135 o ) polarizations (say) simultaneously? NO! because any attempt to measure one polarization necessarily perturbs (in fact randomizes) the other polarization (Heisenberg) NO! because any attempt to measure one polarization necessarily perturbs (in fact randomizes) the other polarization (Heisenberg) i.e. attempted eavesdropping will disturb the encoded bit pattern & become immediately obvious to both sender & receiver. i.e. attempted eavesdropping will disturb the encoded bit pattern & become immediately obvious to both sender & receiver.

Quantum Key Distribution Alice & Bob want to establish a secret key Alice & Bob want to establish a secret key A chooses a random sequence of bits out of which she & B will construct a key. A chooses a random sequence of bits out of which she & B will construct a key. Initially neither A nor B has a particular key in mind; it will emerge out of the communication protocol they use. Initially neither A nor B has a particular key in mind; it will emerge out of the communication protocol they use. Thus the exact bit sequence is not important – all that matters is that they & only they come to learn the common (private) bit subset = key. Thus the exact bit sequence is not important – all that matters is that they & only they come to learn the common (private) bit subset = key.

Quantum Key Distribution Quantum Key Distribution in the absence of eavesdropping: Quantum Key Distribution in the absence of eavesdropping: Alice & Bob need to first agree on (a) the probability of detecting eavesdropping & (b) the number of key bits  #photons - e.g. 75% & 4-bits A: Alice & Bob need to first agree on (a) the probability of detecting eavesdropping & (b) the number of key bits  #photons - e.g. 75% & 4-bits A: 1 1 1 1 1 0 0 1 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0 1 1 1 1 1 1 1 0 0 1 0 1 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 1 0 1 1 x + x x x x x + x x + + + + x x + + x ++ x x + + x x + x x x + x x x x x + x x + + + + x x + + x ++ x x + + x x + x x \ - \ \ \ / / - / \ | | | | \ / | | / - | / / | | / \ | \ \ \ - \ \ \ / / - / \ | | | | \ / | | / - | / / | | / \ | \ \ row#2: + rectilinear x diagonal polarizationsrow#3: open communications channel

Quantum Key Distribution Quantum Key Distribution in the absence of eavesdropping: Quantum Key Distribution in the absence of eavesdropping: Upon receipt of the photons, Bob chooses an orientation for his calcite crystal (row#2) with which he measures their polarization B: Upon receipt of the photons, Bob chooses an orientation for his calcite crystal (row#2) with which he measures their polarization B: \ - \ \ \ / / - / \ | | | | \ / | | / - | / / | | / \ | \ \ \ - \ \ \ / / - / \ | | | | \ / | | / - | / / | | / \ | \ \ + + x + x x + x + x + + x x+ x x + x + x ++ + x + x + x + + + x + x x + x + x + + x x+ x x + x + x ++ + x + x + x + 0 1 1 1 1 0 0 0 1 1 0 0 0 1 0 0 0 0 0 1 1 1 1 0 1 1 1 0 1 0 0 1 1 1 1 0 0 0 1 1 0 0 0 1 0 0 0 0 0 1 1 1 1 0 1 1 1 0 1 0 row#3: reconstructed bit stream

Quantum Key Distribution Quantum Key Distribution in the absence of eavesdropping: Quantum Key Distribution in the absence of eavesdropping: Now Alice & Bob enter into a public (insecure) communication in which A divulges to B the polarizer orientation of a subset of bits; likewise B divulges to A the calcite orientations he used to decode the same set of bits Now Alice & Bob enter into a public (insecure) communication in which A divulges to B the polarizer orientation of a subset of bits; likewise B divulges to A the calcite orientations he used to decode the same set of bits

Quantum Key Distribution Quantum Key Distribution in the presence of eavesdropping: Quantum Key Distribution in the presence of eavesdropping: (i) Alice encodes her bits into a stream of polarized photons (as previously) (i) Alice encodes her bits into a stream of polarized photons (as previously) (ii) Eve(sdropper) intercepts/measures these photons, just as Bob did previously: (ii) Eve(sdropper) intercepts/measures these photons, just as Bob did previously: row#1 = (polarized) photons; row#1 = (polarized) photons; row#2 = calcite orientations; row#2 = calcite orientations; row#3 = (encoded) bits row#3 = (encoded) bits

Quantum Key Distribution Quantum Key Distribution in the presence of eavesdropping: Quantum Key Distribution in the presence of eavesdropping: (iii) Eve retransmits photons to Bob, using any polarizer orientations (iii) Eve retransmits photons to Bob, using any polarizer orientations (but most likely the same sequence she used during decoding) (but most likely the same sequence she used during decoding) (iv) B, unaware of E’s presence, decodes the polarized photon stream in the usual manner. (iv) B, unaware of E’s presence, decodes the polarized photon stream in the usual manner.

Quantum Key Distribution Quantum Key Distribution in the presence of eavesdropping: Quantum Key Distribution in the presence of eavesdropping: (iv) B, unaware of E’s presence, decodes the polarized photon stream in the usual manner. (iv) B, unaware of E’s presence, decodes the polarized photon stream in the usual manner. (v) A & B now compare orientations of their polarizer & calcite crystals with measured (decoded) bit values, on a subset of the photon/bit stream: (v) A & B now compare orientations of their polarizer & calcite crystals with measured (decoded) bit values, on a subset of the photon/bit stream: where they agree on polarizer orientation, they should also agree on the measured/decoded bit; where they don’t agree, then this reflects the presence of (an) E! where they agree on polarizer orientation, they should also agree on the measured/decoded bit; where they don’t agree, then this reflects the presence of (an) E!

Teleportation The fictional version of teleportation (= a 3-stage process): The fictional version of teleportation (= a 3-stage process): (i) dissociation (i) dissociation (ii) information transmission (ii) information transmission (iii) reconstitution (iii) reconstitution

Teleportation In contrast with a fax transmission, where the original object remains intact at the transmitter location & only a replica (facsimile) is constructed at the receiver location, In contrast with a fax transmission, where the original object remains intact at the transmitter location & only a replica (facsimile) is constructed at the receiver location, with teleportation, the original object is destroyed once the necessary information is extracted, with teleportation, the original object is destroyed once the necessary information is extracted, & moreover an exact replica is reconstructed at the receiver destination! & moreover an exact replica is reconstructed at the receiver destination!

Teleportation Quantum teleportation is the transmission of quantum information to a distant location. Quantum teleportation is the transmission of quantum information to a distant location. The objective is to transmit the quantum state of a particle using classical bits, then reconstruct the quantum state at the receiver. The objective is to transmit the quantum state of a particle using classical bits, then reconstruct the quantum state at the receiver. i.e. is it possible to send qubits without sending qubits?! i.e. is it possible to send qubits without sending qubits?!

Teleportation Let’s assume that Alice wishes to communicate (through classical channels) with Bob a single qubit of unknown state  = a|0> + b|1> Let’s assume that Alice wishes to communicate (through classical channels) with Bob a single qubit of unknown state  = a|0> + b|1> A can neither measure this quantum state nor clone it. A can neither measure this quantum state nor clone it. It would appear the only way to send B the qubit would be to either send him the physical qubit, or to swap the state into another quantum system, then send this system to B. It would appear the only way to send B the qubit would be to either send him the physical qubit, or to swap the state into another quantum system, then send this system to B.

Teleportation Alice & Bob use an entangled pair: Alice & Bob use an entangled pair:   = 1/root(2)(|00> + |11>);   = 1/root(2)(|00> + |11>); A controls the first half of the pair & B the second. A controls the first half of the pair & B the second.

Teleportation The input state is    = The input state is    = = (a|0> + b|1>) 1/root(2)(|00> + |11>) = (a|0> + b|1>) 1/root(2)(|00> + |11>) = 1/root(2)(a|0> |00> + a|0> |11> … = 1/root(2)(a|0> |00> + a|0> |11> … = 1/root(2)(a|000> + a|011> + b|100> + b|111>) = 1/root(2)(a|000> + a|011> + b|100> + b|111>)

Teleportation Alice now applies the transformation: (H I I)*(C NOT I) Alice now applies the transformation: (H I I)*(C NOT I) to this state (i.e.    ) to this state (i.e.    ) The third bit is left unchanged; only the first two bits belong to A – the rightmost bit belongs to B. The third bit is left unchanged; only the first two bits belong to A – the rightmost bit belongs to B.

Teleportation Applying (H I I) we have: Applying (H I I) we have: 1/root(2)H I I(a|000>+a|011>+b|110>+b|101>) 1/root(2)H I I(a|000>+a|011>+b|110>+b|101>) … ½(a(|000> + |110> + |011> + |111>) + b(|010> - |110> + |001> - |101>)) ½(a(|000> + |110> + |011> + |111>) + b(|010> - |110> + |001> - |101>)) & by regrouping terms & by regrouping terms ½(|0>(a(|0> + b|1>) + |01>(a|1> + b|0>) + |10>(a|0> - b|1>) + |11(a|1> - b|0>))) ½(|0>(a(|0> + b|1>) + |01>(a|1> + b|0>) + |10>(a|0> - b|1>) + |11(a|1> - b|0>)))

Teleportation Alice then measures her qubits, obtaining four possible results: |00>, |01>, |10> or |11>, with equal probability (¼). Alice then measures her qubits, obtaining four possible results: |00>, |01>, |10> or |11>, with equal probability (¼). Depending on the result of the measurement, the quantum state of Bob’s qubit is projected to a|0>+b|1>, a|1>+b|0>, a|0>-b|1>, a|1>-b|0>, respectively. Depending on the result of the measurement, the quantum state of Bob’s qubit is projected to a|0>+b|1>, a|1>+b|0>, a|0>-b|1>, a|1>-b|0>, respectively.

Teleportation Bob will know what has happened, & can apply the decoding transformation T e {I,X,Y,Z} to fix his qubit. Bob will know what has happened, & can apply the decoding transformation T e {I,X,Y,Z} to fix his qubit. The final output state is  = a|0> + b|1>, which is the unknown qubit that Alice wanted to send. The final output state is  = a|0> + b|1>, which is the unknown qubit that Alice wanted to send.

Teleportation e.g. e.g. received bitsstatetransformationresult received bitsstatetransformationresult 00a|0> + b|1>Ia|0> + b|1> 00a|0> + b|1>Ia|0> + b|1> 01 a|1> + b|0>Xa|0> + b|1> 01 a|1> + b|0>Xa|0> + b|1> 10a|0> - b|1>Za|0> + b|1> 10a|0> - b|1>Za|0> + b|1> 11a|1> - b|0>Ya|0> + b|1> 11a|1> - b|0>Ya|0> + b|1>

Hardware Quantum Computers? Dreaming up a quantum computer proposal is relatively easy; proposing a quantum computer that can be easily constructed is hard! 2 inherent difficulties: 1. is Quantum Mechanics correct? 2. what about decoherence & quantum noise? (Quantum Error Correction?)

Requirements for Quantum Computation (DiVincenzo criteria): (DiVincenzo criteria): 1. robustly represent quantum information 1. robustly represent quantum information a scalable physical system with well- characterized qubits a scalable physical system with well- characterized qubits 2. prepare an initial state 2. prepare an initial state 3. decoherence times >> logic gate times 3. decoherence times >> logic gate times 4. a universal set of logic operations 4. a universal set of logic operations 5. high probability readout 5. high probability readout strong (projective) measurements strong (projective) measurements

1. Ion Traps NIST OXFORD LOS ALAMOS Fluorescence from trapped Be Ions Hyperfine states and vibrational modes of an atom form qubits Manipulated by laser pulses Main drawback: weakness of phonon mediated spin-spin Coupling, susceptible to decoherence.

2. Nuclear Magnetic Resonance (NMR) MIT IBM LOS ALAMOS Qubits are Spin of nuclei rf pulse perform arbitary rotations Coupling between spins is dipolar and hyperfine Read-out: ensemble average induction. Main drawback: Not scalable. Why?

3. Optical QC CQCT (UNSW et.al.) LOS ALAMOS Qubits formed from location between two modes, or polarisation. Single photons are manipulated by beam splitters, mirrors, phase shifters and non-linear Kerr media. Read-out: Photomultipler. Main drawback: Coupling is difficult!

4. Superconductors NEC DELFT Chalmers Yale et.al. Charge Qubits Flux (SQUID) Qubits. Phase Qubits.

5. Solid State QCs 20 nanometres Metal Electrodes Insulator Silicon Substrate Benefits Clearly scalable Compatible with Si MOS - integrated control electronics Can borrow Si MOS technology - material quality - gate technology - interconnect architectures Challenges Single spin readout is difficult Completely new nanofabrication technologies must be developed - single donor positioning never done before CQCT = UNSW UQ UMelb Maryland Los Alamos

The State of the Art (2002)

A quantum computer can complete calculations, such as factorizing large numbers, much faster than even the most powerful existing supercomputer, while other potential applications include determining the properties of proteins and molecules, and solving biochemical, biological, environmental, and climatology problems. A quantum computer can complete calculations, such as factorizing large numbers, much faster than even the most powerful existing supercomputer, while other potential applications include determining the properties of proteins and molecules, and solving biochemical, biological, environmental, and climatology problems. Quantum computers could also decode practically any encrypted message, though quantum cryptography itself promises to be unbreakable. Quantum computers could also decode practically any encrypted message, though quantum cryptography itself promises to be unbreakable. Quantum Computing Applications

Shor’s prime factorization: encryption Grover’s Exhaustive Search has many potential applications, including genomics. Quantum Simulation: Quantum Chemistry, drug design, fundamental physics …etc. (%Serial + %Parallel)! i.e. not every problem will benefit from (or even be suited to) Quantum Parallelism! but recall Amdahl’s Law (%Serial + %Parallel)! i.e. not every problem will benefit from (or even be suited to) Quantum Parallelism!

Relevance to Operating Systems/Artificial Intelligence?? Relevance to Operating Systems/Artificial Intelligence?? OS – security… OS – security… AI – quantum parallel search; QNNs… AI – quantum parallel search; QNNs… Quantum Computing

2003/4 news items courtesy of ACM TechNews weekly postings 2003/4 news items courtesy of ACM TechNews weekly postings Quantum Computers

Shepelyansky et.al. (France) believe that a quantum computer could be capable of storing far more information than all modern supercomputers by employing 50 qubits. And it would only take 18 qubits to encode the voice of HAL 9000, the autonomous computer from the film "2001: A Space Odyssey," in a quantum computer's wave function, according to the researchers. Shepelyansky et.al. (France) believe that a quantum computer could be capable of storing far more information than all modern supercomputers by employing 50 qubits. And it would only take 18 qubits to encode the voice of HAL 9000, the autonomous computer from the film "2001: A Space Odyssey," in a quantum computer's wave function, according to the researchers. Real-time audio communications require the reduction or compression of sound signals, and one form of audio compression - MP3 - can quickly access the audio-signal spectrum using a Fast Fourier Transform. Audio signals could be transmitted even more rapidly through the Quantum Fourier Transform, the quantum equivalent of MP3. Real-time audio communications require the reduction or compression of sound signals, and one form of audio compression - MP3 - can quickly access the audio-signal spectrum using a Fast Fourier Transform. Audio signals could be transmitted even more rapidly through the Quantum Fourier Transform, the quantum equivalent of MP3. Quantum MP3 (10/09/03)

Japanese scientists at NEC and the Institute of Physical and Chemical Research have successfully built a fundamental element of a quantum computer--a "quantum gate" that could be a component of the quantum equivalent of a computer chip. NEC research fellow Tsai Jaw-Shen reports that the gate can only function in extremely low temperatures because it relies on superconductivity, though he hopes that the operating temperature can be raised to a level more comparable to that of conventional computers. Japanese scientists at NEC and the Institute of Physical and Chemical Research have successfully built a fundamental element of a quantum computer--a "quantum gate" that could be a component of the quantum equivalent of a computer chip. NEC research fellow Tsai Jaw-Shen reports that the gate can only function in extremely low temperatures because it relies on superconductivity, though he hopes that the operating temperature can be raised to a level more comparable to that of conventional computers. He wages that a considerable amount of time must pass before quantum computers become a reality, and estimates that only 10 percent of the job has been accomplished thus far. "The single Qubit [quantum bit] was completed in 1999 and the two Qubit operation has been completed this year," Nakamura notes. "But we have to integrate these two components." He wages that a considerable amount of time must pass before quantum computers become a reality, and estimates that only 10 percent of the job has been accomplished thus far. "The single Qubit [quantum bit] was completed in 1999 and the two Qubit operation has been completed this year," Nakamura notes. "But we have to integrate these two components." Quantum Gate (12/09/03)

Experts believe even the best existing digital security system will ultimately be defeated by hackers, and the only unbeatable solution is quantum cryptography, in which the keys used to encrypt and decrypt data are encoded within light particles so sensitive that even the slightest attempt to monitor their transmission will change their encoded state and alert users to the intrusion. Researchers are hopeful that the encoding of binary bits on photons, electrons, and other quantum particles will be a reality before 2020, thus enabling computers to carry out multiple calculations concurrently. Experts believe even the best existing digital security system will ultimately be defeated by hackers, and the only unbeatable solution is quantum cryptography, in which the keys used to encrypt and decrypt data are encoded within light particles so sensitive that even the slightest attempt to monitor their transmission will change their encoded state and alert users to the intrusion. Researchers are hopeful that the encoding of binary bits on photons, electrons, and other quantum particles will be a reality before 2020, thus enabling computers to carry out multiple calculations concurrently. Commercial quantum cryptography products were recently introduced by Geneva-based id Quantique and New York-based MagiQ Technologies, while NEC, Hewlett-Packard, Toshiba, and other large companies are planning to roll out products of their own. Such products' commercial appeal will be restricted until certain challenges are met: For one thing, quantum encrypted data sent over fiber-optic cable has a limited range, and requires computers directly connected to each other. Quantum repeaters are also required to expand transmission range and make quantum encryption workable in a networking environment, and both NEC and Hewlett-Packard are pursuing this goal. Wireless quantum key transmission is also being developed in Europe and the US. Commercial quantum cryptography products were recently introduced by Geneva-based id Quantique and New York-based MagiQ Technologies, while NEC, Hewlett-Packard, Toshiba, and other large companies are planning to roll out products of their own. Such products' commercial appeal will be restricted until certain challenges are met: For one thing, quantum encrypted data sent over fiber-optic cable has a limited range, and requires computers directly connected to each other. Quantum repeaters are also required to expand transmission range and make quantum encryption workable in a networking environment, and both NEC and Hewlett-Packard are pursuing this goal. Wireless quantum key transmission is also being developed in Europe and the US. Quantum Cryptography (1/28/03)

Quantum communication has long been publicized as completely hack-proof, but quantum hacking is an area of research that engineers are exploring in parallel with the development of true quantum networks--and they are uncovering possible exploits that quantum encryption designers never anticipated. "The models that tell us quantum cryptography is hot stuff are drastically simplified," explains Harvard University's John Myers. Quantum communication encryption's basic incarnation is the BB84 scheme devised by IBM's Charles Bennett and the University of Montreal's Gilles Brassard, in which a message sender (Alice) and receiver (Bob) use both a public link and a quantum communication link to set up a secret quantum key used to encrypt messages that an eavesdropper (Eve) cannot guess without being detected, since Eve's measurement of Alice's photons disturbs their quantum state. However, engineers have found several practical techniques that eavesdroppers could use to correctly guess the key: In a photon number-splitting attack designed by Nicolas Gisin of the University of Geneva, Alice's laser accidentally releases two or three photons instead of just one, and Eve diverts and measures these extra photons without Alice and Bob knowing. In another quantum hack, known as a frying attack, Eve sends an intense pulse of laser light into Bob's 1 photon detector, rendering it inoperative and making Bob capable of only receiving 0s; Alice and Bob's key will therefore be all 0s, which means that their data will be unencrypted without their realizing it. "In general, I do not think that a real quantum cryptography system will ever be 100 percent secure, because a real system will always implement an approximation of the theorist's system," states Gisin. Military and intelligence agencies as well as financial firms are employing commercial quantum communication products, but establishing secure quantum communication in a public Internet is a more complex proposition, especially since there is such a wide variety of quantum communication schemes. Quantum communication has long been publicized as completely hack-proof, but quantum hacking is an area of research that engineers are exploring in parallel with the development of true quantum networks--and they are uncovering possible exploits that quantum encryption designers never anticipated. "The models that tell us quantum cryptography is hot stuff are drastically simplified," explains Harvard University's John Myers. Quantum communication encryption's basic incarnation is the BB84 scheme devised by IBM's Charles Bennett and the University of Montreal's Gilles Brassard, in which a message sender (Alice) and receiver (Bob) use both a public link and a quantum communication link to set up a secret quantum key used to encrypt messages that an eavesdropper (Eve) cannot guess without being detected, since Eve's measurement of Alice's photons disturbs their quantum state. However, engineers have found several practical techniques that eavesdroppers could use to correctly guess the key: In a photon number-splitting attack designed by Nicolas Gisin of the University of Geneva, Alice's laser accidentally releases two or three photons instead of just one, and Eve diverts and measures these extra photons without Alice and Bob knowing. In another quantum hack, known as a frying attack, Eve sends an intense pulse of laser light into Bob's 1 photon detector, rendering it inoperative and making Bob capable of only receiving 0s; Alice and Bob's key will therefore be all 0s, which means that their data will be unencrypted without their realizing it. "In general, I do not think that a real quantum cryptography system will ever be 100 percent secure, because a real system will always implement an approximation of the theorist's system," states Gisin. Military and intelligence agencies as well as financial firms are employing commercial quantum communication products, but establishing secure quantum communication in a public Internet is a more complex proposition, especially since there is such a wide variety of quantum communication schemes. Quantum Hacking (11/29/03)

A quantum computer carries such promised capabilities as ultrafast database searches and a "virtual lab" where the behavior of materials can be predicted without actually fabricating them, but a practical quantum computer must be immune to decoherence, in which computations are undone because even the slightest disturbance results in data leakage. Microsoft Research's Alexei Kitaev and Michael Freedman, along with Zhenghan Wang and Michael Larson of Indiana University, may have solved the problem with their outline of a topological quantum computer that could be constructed out of existing technology. The operating principle of the device is the manipulation of quantum particles--non-Abelian anyons--into braids that exist in both time and space. These anyons' "world lines" can be weaved around each other into knots that encode information; this braiding could be accomplished with an instrument similar to a scanning tunneling microscope. "The state of the quantum computer is stored in the conserved charges that the anyons carry," notes Caltech's John Preskill. "Even if you hit an anyon with a hammer, you can't change that charge, so the state stored in the computer is quite robust." Bringing the anyons together in pairs allows topological charges to be read off: Those with equal and opposite charges annihilate each other, creating a "0" output, and those with unbalanced charges merge into a new anyon, resulting in a "1" output. The topological quantum computer is still speculative, since the existence of non-Abelian anyons has yet to be proved (sic!). A quantum computer carries such promised capabilities as ultrafast database searches and a "virtual lab" where the behavior of materials can be predicted without actually fabricating them, but a practical quantum computer must be immune to decoherence, in which computations are undone because even the slightest disturbance results in data leakage. Microsoft Research's Alexei Kitaev and Michael Freedman, along with Zhenghan Wang and Michael Larson of Indiana University, may have solved the problem with their outline of a topological quantum computer that could be constructed out of existing technology. The operating principle of the device is the manipulation of quantum particles--non-Abelian anyons--into braids that exist in both time and space. These anyons' "world lines" can be weaved around each other into knots that encode information; this braiding could be accomplished with an instrument similar to a scanning tunneling microscope. "The state of the quantum computer is stored in the conserved charges that the anyons carry," notes Caltech's John Preskill. "Even if you hit an anyon with a hammer, you can't change that charge, so the state stored in the computer is quite robust." Bringing the anyons together in pairs allows topological charges to be read off: Those with equal and opposite charges annihilate each other, creating a "0" output, and those with unbalanced charges merge into a new anyon, resulting in a "1" output. The topological quantum computer is still speculative, since the existence of non-Abelian anyons has yet to be proved (sic!). Topological QCs (1/24/04)

Start-ups MagiQ Technologies and ID Quantique announced quantum cryptography hardware late last year, but most enterprise networks will not be able to take advantage of the technology. However, the continued development of quantum cryptography over the next few years is expected to make the advancement more beneficial to enterprise networks. Quantum cryptography uses objects that are in different places at one time to create the same random numbers in two locations, enabling the two identical sets of random numbers to be used as symmetric encryption keys or one- time pads. The problem of creating and distributing encryption would be solved because the keys would never be used again. Nonetheless, dedicated fiber cable is needed for quantum key distribution through a network, and fully optical switches for multiplexing entangled photons with ordinary data remain a few years away. Moreover, repeaters can not be used, prompting MagiQ to experiment with using Free Space Optics lasers to send photons through a wireless link. Existing key distribution systems are unable to distribute a one-time pad, which makes them susceptible to outright mathematical attacks. A quantum computer could break encryption that reuses keys, but a working computer will not be here for decades!!! Start-ups MagiQ Technologies and ID Quantique announced quantum cryptography hardware late last year, but most enterprise networks will not be able to take advantage of the technology. However, the continued development of quantum cryptography over the next few years is expected to make the advancement more beneficial to enterprise networks. Quantum cryptography uses objects that are in different places at one time to create the same random numbers in two locations, enabling the two identical sets of random numbers to be used as symmetric encryption keys or one- time pads. The problem of creating and distributing encryption would be solved because the keys would never be used again. Nonetheless, dedicated fiber cable is needed for quantum key distribution through a network, and fully optical switches for multiplexing entangled photons with ordinary data remain a few years away. Moreover, repeaters can not be used, prompting MagiQ to experiment with using Free Space Optics lasers to send photons through a wireless link. Existing key distribution systems are unable to distribute a one-time pad, which makes them susceptible to outright mathematical attacks. A quantum computer could break encryption that reuses keys, but a working computer will not be here for decades!!! QC Hardware? (Feb’04)

An Introduction to Quantum Computing GOSN203 (AI); GOSN204 (OS) Professor John FULCHER Christopher Newport University April 2004.

Similar presentations

Presentation on theme: "An Introduction to Quantum Computing GOSN203 (AI); GOSN204 (OS) Professor John FULCHER Christopher Newport University April 2004."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

An Introduction to Quantum Computing GOSN203 (AI); GOSN204 (OS) Professor John FULCHER Christopher Newport University April 2004.

Similar presentations

Presentation on theme: "An Introduction to Quantum Computing GOSN203 (AI); GOSN204 (OS) Professor John FULCHER Christopher Newport University April 2004."— Presentation transcript:

Similar presentations

About project

Feedback