1 / 25

When Exactly Do Quantum Computers Provide A Speedup?

When Exactly Do Quantum Computers Provide A Speedup?. Scott Aaronson MIT. “It’s been 20 years since Shor’s factoring algorithm. Where are all the amazing new quantum algorithms we were promised?”. Factoring. Grover search. Adiabatic alg / quantum walks. Quantum simulation.

honorato-joyner
Download Presentation

When Exactly Do Quantum Computers Provide A Speedup?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. When Exactly Do Quantum Computers Provide A Speedup? Scott Aaronson MIT

  2. “It’s been 20 years since Shor’s factoring algorithm. Where are all the amazing new quantum algorithms we were promised?” Factoring Grover search Adiabatic alg / quantum walks Quantum simulation + A few other things… …Is that all? What else is there? Who promised you more quantum algorithms? Not me!

  3. Fueling the belief that countless more quantum algorithms should exist (or that are not finding them is a failure), seems to be the idea that a quantum computer could just “try every possible answer in parallel” (modulo some technical details) The Parallelism Fallacy But we’ve understood since the early 90s that that’s not how quantum algorithms work! You need to choreograph an interference pattern, where the unwanted paths cancel The miracle, I’d say, is that this trick yields a speedup for any classical problems, not that it doesn’t work for more of them Underappreciated challenge of quantum algorithms research: beating 60 years of classical algorithms research

  4. If we set aside NP-complete problems, there just aren’t that many compelling candidates left for exponential quantum speedups!(And for many of those, we do have exponential speedups, and for many of the rest we have polynomial ones) An Inconvenient Truth NP-hard 3SAT NP-complete P≠BQP, NPBQP: Plausible conjectures, which we have no hope of proving given the current state of complexity theory Graph Iso NP Lattice Problems BQP(Quantum P) Factoring Quantum Sim P

  5. Survey of the main families of quantum algorithms that have been discovered (and their limitations) • Results in the black-box model, which aim toward a general theory of when quantum speedups are possible Rest of the Talk

  6. The “original” application of QCs! Quantum Simulation“What a QC does in its sleep” My personal view: still the most important one Major applications (high-Tc superconductivity, protein folding, nanofabrication, photovoltaics…) High confidence in possibility of a quantum speedup Can plausibly realize even before universal QCs are available

  7. Suppose we just want a quantum system for which there’s good complexity-theoretic evidence that it’s hard to simulate classically—we don’t care what it’s useful for BosonSampling A.-Arkhipov 2011, Bremner-Jozsa-Shepherd 2011: In that case, we can plausibly improve both the hardware requirements and the evidence for classical hardness, compared to Shor’s factoring algorithm We showed: if a fast, classical exact simulation of BosonSampling is possible, then the polynomial hierarchy collapses to the third level. Experimental demonstrations with 3-4 photons achieved (by groups in Oxford, Brisbane, Rome, Vienna) Our proposal: Identical single photons sent through network of interferometers, then measured at output modes We showed that a fast, exact classical simulation would collapse the polynomial hierarchy to the third level

  8. Interesting “The magic of the Fourier transform” Shor-like Algorithms In BQP: Pretty much anything you can think of that reduces to finding hidden structure in abelian groups Factoring, discrete log, elliptic curve problems, Pell’s equation, unit groups, class groups, Simon’s problem… Breaks almost all public-key cryptosystems used today But theoretical public-key systems exist that are unaffected Attempt to go further: Hidden Subgroup Framework Can Shor’s algorithm be generalized to nonabelian groups?

  9. Given: A finite group G, a function f:GZ such that f(x)=f(y) iff x,y belong to the same coset of a “hidden subgroup” H≤G Problem: Find generators for H Hidden Subgroup Problem Classically, this problem could require queries to f Ettinger-Høyer-Knill 1997: Quantumly, logO(1)(|G|) queries always suffice But if G is nonabelian, “interpreting the results” of those queries could still be extremely hard! Example Application: Graph Isomorphism ≤HSP over the symmetric group  Alas, nonabelian HSP has been the Afghanistan of quantum algorithms!

  10. Quadratic speedup for any problem involving searching an unordered list, provided the list elements can be queried in superposition Implies subquadratic speedups for many other basic problems Grover-like Algorithms Bennett et al. 1997: For black-box searching, the square-root speedup of Grover’s algorithm is the best possible

  11. Childs et al. 2003: Quantum walks can achieve provable exponential speedups over any classical algorithm (in query complexity), but for extremely “fine-tuned” graphs Quantum Walk Algorithms Also lots of polynomial speedups—e.g., Element Distinctness in O(N2/3) time (Ambainis 2003) THE GLUED TREES

  12. Quantum Adiabatic Algorithm(Farhi et al. 2000) Hi Hf Hamiltonian with easily-prepared ground state Ground state encodes solution to NP-complete problem Problem: “Eigenvalue gap” can be exponentially small

  13. Landscapeology Adiabatic algorithm can find global minimum exponentially faster than simulated annealing (though maybe other classical algorithms do better) Simulated annealing can find global minimum exponentially faster than adiabatic algorithm (!) Simulated annealing and adiabatic algorithm both need exponential time to find global minimum

  14. ‘Exponential quantum speedups’ for solving linear systems, support vector machines, Google PageRank, computing Betti numbers… Quantum Machine Learning Algorithms THE FINE PRINT: • Don’t get solution vector explicitly, but only as vector of amplitudes. Need to measure to learn anything! • Dependence on condition number could kill exponential speedup • Need a way of loading huge amounts of data into quantum state (which, again, could kill exponential speedup) • Not ruled out that there are fast randomized algorithms for the same problems (even just considering query complexity)

  15. “But you just listed a bunch of examples where you know a quantum speedup, and other examples where you don’t! What you guys need is a theory, which would tell you from first principles when quantum speedups are possible.”

  16. f The Quantum Black-Box ModelThe setting for much of what we know about the power of quantum algorithms x f(x) “Query complexity” of F: The minimum number of queries used by any algorithm that outputs F(f), with high probability, for every f of interest to us An algorithm can make query transformations, which map (x=“query register,” a=“answer register,” w=“workspace”) as well as arbitrary unitary transformations that don’t depend on f (we won’t worry about their computational cost). Its goal is to learn some property F(f) (for example: is f 1-to-1?)

  17. D(F): Deterministic query complexity of FR(F): Randomized query complexityQ(F): Quantum query complexity Total Boolean Functions Example: Theorem (Beals et al. 1998): For all Boolean functions F, How to reconcile with the exponential speedup of Shor’s algorithm? Totality. Longstanding Open Problem: Is there any Boolean function with a quantum quantum/classical gap better than quadratic?

  18. Conjecture (A.-Ambainis 2011): Let Q be any quantum algorithm that makes T queries to an input X{0,1}N. Then there’s a classical randomized that makes poly(T,1/,1/) queries to X, and that approximates Pr[Q accepts X] to within  on a ≥1- fraction of X’s Almost-Total Functions? Theorem (A.-Ambainis): This would follow from an extremely natural conjecture in discrete Fourier analysis (“every bounded low-degree polynomial p:{0,1}N[0,1] has a highly influential variable”)

  19. Interesting The Collision Problem Given a 2-to-1 function f:{1,…,N}{1,…,N}, find a collision (i.e., two inputs x,y such that f(x)=f(y)) 10 4 1 8 7 9 11 5 6 4 2 10 3 2 7 9 11 5 1 6 3 8 Variant: Promised that f is either 2-to-1 or 1-to-1, decide which Models the breaking of collision-resistant hash functions—a central problem in cryptanalysis “More structured than Grover search, but less structured than Shor’s period-finding problem”

  20. Birthday Paradox:Classically, ~N queries are necessary and sufficient to find a collision with high probability Brassard-Høyer-Tapp 1997: Quantumly, ~N1/3 queries suffice Grover on N2/3 f(x) values N1/3 f(x) values queried classically A. 2002: First quantum lower bound for the collision problem (~N1/5 queries are needed; no exponential speedup possible) Shi 2002:Improved lower bound of ~N1/3. Brassard-Høyer-Tapp’s algorithm is the best possible

  21. A.-Ambainis 2011: Massive generalization of collision lower bound. If F is any function whatsoever that’s symmetric under permuting the inputs and outputs, and has sufficiently many outputs (like collision, element distinctness, etc.), then Symmetric Problems New Results (Ben-David 2014): If F:SN{0,1} is any Boolean function of permutations, then D(F)=O(Q(F)12). If F is any function with a symmetric promise, and at most M possible results of each query, then R(F)=O(Q(F)12(M-1)). Upshot: Need a “structured” promise if you want an exponential quantum speedup

  22. Period-finding: O(1) quantum queries, ~N1/4 classical queries Simon’s problem, the glued-trees problem: O(log N) quantum queries, ~N classical queries What’s the largest possible quantum speedup? Can we do even better? Forrelation (A. 2009): Given two Boolean functions f,g:{0,1}n{-1,1}, estimate how correlated g is with the Fourier transform of f:

  23. Example g(0000)=+1g(0001)=+1g(0010)=-1g(0011)=-1g(0100)=+1g(0101)=+1g(0110)=-1g(0111)=-1g(1000)=+1g(1001)=-1g(1010)=-1g(1011)=-1g(1100)=+1g(1101)=-1g(1110)=-1g(1111)=+1 f(0000)=-1f(0001)=+1f(0010)=+1f(0011)=+1f(0100)=-1f(0101)=+1f(0110)=+1f(0111)=-1f(1000)=+1f(1001)=-1f(1010)=+1f(1011)=-1f(1100)=+1f(1101)=-1f(1110)=-1f(1111)=+1

  24. Trivial 2-query quantum algorithm for Forrelation! |0 H H H |0 H f H g H |0 H H H (Can even improve to 1 query using standard tricks) A.-Ambainis 2014: By contrast, any classical randomized algorithm to solve Forrelation needs at least N / logN queries Furthermore, this separation is optimal: any problem solvable with k quantum queries, is also solvable with ~N1-1/2k classical randomized queries Our Conjecture: The above is tight for all k. A generalization of Forrelation involving k Boolean functions achieves it.

  25. Exponential quantum speedups depend on structure For example, abelian group structure, glued-trees structure, forrelational structure… Summary Sometimes we can even find such structure in real, non-black-box problems of practical interest (e.g., factoring) After 20 years of quantum algorithms research, we know a lot about which kinds of structure suffice The black-box model lets us make formal statements about what kinds of structure don’t suffice for exponential speedups In both cases, of course, many open problems remain Single most important application of QC (in my opinion): Disproving the people who said QC was impossible!

More Related