Quantum Algorithms:
a survey
Umesh V. Vazirani
U. C. Berkeley
Exponential Superposition
+
-
+
+
-
-
+
-
 Superposition of all 2n classical states:
  a x x
x
2
|
a
|
 x 1
x
 Measurement:
See |xi with probability |ax|2
Quantum Algorithms: tension between these two phenomena
Why limit computers to electronics
implemented on silicon?
• Extended Church-Turing thesis
- Any “reasonable” model of computation can be
efficiently simulated by a probabilistic Turing
Machine.
- Circuits, Random access machines, cellular automata.
- “Reasonable” = physically realizable in principle
• Quantum computers only model that violate this thesis
Quantum Algorithms – Exponential Speedups
• Shor’s quantum factoring algorithm.
Breaks modern cryptography.
• Simulating quantum mechanics.
• Symmetry
- Discrete logarithm
- Pell’s equation
- Shifted Legendre Symbol
- Gauss sums
- Elliptic curve cryptography
Young’s Double slit experiment
P1(x) = |F1(x)|2
P2(x) = |F2(x)|2
F1,2 = F1(x) + F2(x)
P1,2(x) = |F1,2(x)|2
n-slits
• Etch n slits in a pattern based on the input.
• Send photon through and measure.
• Location at which photon detected gives provides
information about solution to input.
photon
Input-based
slit pattern
screen
Quantum Circuits
UF
F
- Each Wire Carries a qubit of information
- Controlled Not:
..\
a
a
b
a©b
- Single Bit Gates (Rotations)
|1i
|0’i
q
|0i
|0i ! cosq |0i + sinq |1i
|1i ! sinq |0i - cosq |1i
|1’i
Quantum Fourier Transform
1
1
 b 0  1

 
2
b
1


 1  
 .   .
.
.

 
.
.
 .  .
b  
m 1
2 ( m 1)
1


 m 1  
.
1
 a 0 


m 1
.

 a1 
 . 
.
.


.
.
 . 


.  ( m 1)( m 1) a m 1 
Classical: FFT O(m logm)
Quantum:
Input: |Fi = j=0m aj |ji
O(logm) qubits
Fourier transform: F|Fi = j=0m-1 bj |ji O(log2m) gates
Limited Access:
Measure: see |ji with probability |bj|2
Quantum Fourier Transform
|1i
One Qubit or Z2
|0’i
H
1
2
|0i
1
2
|0i !
|0i +
|1i
|1i !
1
|0i
2 -
1
|1i
2
|1’i
Two Qubits or Z22
H
H
|00i !
|01i !
|10i !
|11i !
1
(|0i
+ |1i)
2
1
(|0i
+ |1i)
2
1
(|0i
- |1i)
2
1
(|0i
- |1i)
2
1
(|0i 2+ |1i) = 1/2(|00i + |01i + |10i + |11i)
1
(|0i 2- |1i) = 1/2(|00i - |01i + |10i - |11i)
1
(|0i 2+ |1i) = 1/2(|00i + |01i - |10i - |11i)
1
(|0i 2- |1i) = 1/2(|00i - |01i - |10i + |11i)
n Qubits or Z2n
|ui
H
H
H
x1
H
xn
ux
(1)
| u  
| x
n/2
x{0 ,1}n 2
Outline of Shor’s Factoring
Algorithm
• N ! exponential superposition x ax |xi
• Factors of N encoded in global property of superposition
– its period.
• quantum fourier transform and measure to extract period.
• Reconstruct factors of N from the period.
0
q
0
q
Outline of Shor’s Factoring
Algorithm (Example)
• N = 15 = p¢ q
• Randomly choose a = 7 (mod 15)
• Consider sequence ax (mod 15) for x =0,1,2,…
1, 7, 4, 13, 1, 7, 4, 13, 1, 7, 4, 13, …
• Period r = 4.
• N | (ar-1)=(ar/2+1)(ar/2 -1) = (72 +1)(72 -1) = 50¢ 48
• p = gcd(15, 50), q = gcd(15, 48).
• Create superposition x |xi |axi
0
q
0
q
Outline of Shor’s Factoring
Algorithm (Example)
• N = 15 = p¢ q
• Randomly choose a = 7 (mod 15)
• Consider sequence ax (mod 15) for x =0,1,2,…
1, 7, 4, 13, 1, 7, 4, 13, 1, 7, 4, 13, …
• Period r = 4. N | (r+1)(r-1) = (4+1)(4-1) = 5¢ 3
• p = gcd(15, 5), q = gcd(15, 3).
• Create superposition x |xi |axi
0
q
0
q
The Hidden Subgroup Problem
Given f : G ! S, constant and distinct on cosets of subgroup H.
Find H.
G:
Examples
• Factoring N: G =
• Discrete log: G =
1. State Preparation
Given f : G ! S, constant and distinct on cosets of subgroup H.
Find H.
1. Create Random Coset state
h2 H |g + hi:
FG
f
G:
Measure
2. Fourier Sampling
G:
G:
F.T.
Measure a random element of H?.
3) (Classically) reconstruct H from polynomialy many samples.
Example: Factoring
To factorize N = P¢Q, sufficient to compute order
of randomly chosen x mod N.
i.e. smallest positive r: xr = 1 mod N.
Let f: a ! xa mod N.
Underlying group = ZM, where M = F(N) = (P-1)¢(Q1)
Hidden subgroup = H = h r i = {0,r, 2r, …, M/r}
H? = h M/ri = {0,M/r, 2M/r, …, M}
Fourier sampling gives kM/r for random k: 0 · k · r-1
gcd(M, kM/r) = M/r if k,r relatively prime.
Pell’s Equation
• Given a positive non-square integer d,
find integer solutions x,y of x2 – d¢ y2 = 1.
• One of the oldest studied problem in algorithmic number theory.
• Appears harder than factoring
• [1989] Buchman-Williams cryptosystem
• [Hallgren 2002]: 1) Quantum algorithm for Pell’s Equation
2) Breaks Buchman-Williams cyptosystem
Abelian Hidden subgroup problem – but the group is not
finitely generated
Two Challenges
Short vector in Lattice:
• Basis v1, …, vn vectors in Rn.
• The lattice is a1 v1 + … + an vn
for all integers a1, … an.
• Find shortest vector in
lattice.
Two Challenges
1. Short vector in Lattice:
Finding short vector not easy!
Regev:
DN Dihedral group
2. Graph Isomorphism
SN Symmetric group
Ajtai-Dwork Cryptosystem.
[GSVV] For random choice of basis, for sufficiently
non-abelian groups (e.g. S_n), exponentially many
samples necessary to distinguish |H|=2 from |H| =1.
Dihedral HSP
• Dihedral Group DN : Group of
symmetries of a regular N-gon.
• Generated by x, y: xN = 1, y2=1, xyxy = 1.
• Assume N = 2n.
• DN has 4 1-d irreps and (N-1)/2 2-d irreps.
 jl


0

l

 j ( x y)   jl


0


jl


0 
l

 j ( x )  
 jl 
0



[Kuperberg ’03]
2O(
n)
algorithm for dihedral HSP.
Dihedral HSP algorithm
• Assume wlog H = {1, xhy}
• Set up random coset state, fourier transform
and sample irrep to get
random j,   jh
  j ( h k ) 
 j ( h k )

 jh 




• Can sample column superposition and do phase
jh
2
estimation to get coin flip of bias cos
N
• O(log N) samples sufficient to determine h,
but reconstruction problem hard.
• Would like to sample particular irreps j.
Dihedral HSP algorithm
Claim: i j = i+j © i-j
Algorithm:
• Start with 22 n registers in random coset states, FT,
sample irreps.
• Sort irrep names, pair up successive registers
• Apply above transformation, and retain iff
i,j ! i-j
• Number of bits reduced by 2 n per iteration.
n iterations

2
• Number of irreps reduced by 4 per iteration.
Non-abelian Hidden Subgroup Problem
• Abelian quantum algorithm doesn’t generalize
- Prepare random coset state
- Measure in Fourier basis
• Ettinger, Hoyer, Knill ’98:
- Prepare several registers with random coset states
- Perform appropriate joint measurement
• Ip ’03:
- Fourier transform &
Measure irrep (character) for each register
- Perform appropriate joint measurement on residual state.
Adiabatic Quantum State Generation
Aharonov, Ta-Shma ‘02
AharonovvanDamKempeLandauLloydRegev’03
Adiabatic Computation ≈ Quantum Computation
Classical Simulation of Quantum Systems
Vidal ’03 Polynomial time simulation of one dimensional
spin chains with O(log n) entanglement length.
AC = A C
A
1
ABC = AB1 B2C
B
2
C
Summary
• Quantum computation only model that violates
extended Church-Turing thesis.
• Exponential superposition vs limited access.
• Exponential speedups appear to require symmetry.
• Fast quantum algorithm for abelian hidden
subgroup problem
• Non-abelian case open.