quantum computig-jakob bartolj
TRANSCRIPT
Quantum Computing Jakob Bartolj
Univerza na Primorskem Fakulteta za metematiko, naravoslovje in
Informacijske tehnologije Koper, Slovenija
ABSTRACT As we all know very well, conventional (electronic) computers have enormous power which, moreover, is constantly increasing.With their help gigantic quantities of data can be handled and evaluated. This is of crucial importance, for instance, in modern high energy physics experiments. On the other hand, computers can be used to model very complex systems with the aim of predicting, for example, future developments in our environment, notably climatic changes. Thanks to their incredible speed computers are, of course, destined to treat mathematical problems for which specific algorithms exist very efficiently. To mention a simple example, the digits of π are readily evaluated up to a very high order. Last, but not least, their potential to solve differential equations numerically, even when they are nonlinear, makes computers indispensable in modern research. So, one might ask, is there any reason to look for fundamentally new ways of computing as they are seemingly offered by quantum processes? What advantages can be expected when the laws of quantum mechanics, rather than those of classical physics, are exploited for computation? Two answers were given: first, the simulation of complex quantum systems on classical computers meets serious difficulties that might be overcome with the help of quantum computers. This idea was suggested in 1982 by R. Feynman, and in the 1990s it was indeed shown by several groups of researchers that quantum mechanical systems for which no efficient simulation on a classical computer is known can be efficiently simulated on a quantum computer. Second, and more surprising, it was shown for a few special cases that a quantum computer will be superior to a classical computer in solving selected mathematical problems, notably the problem of finding the prime factors of an integer. Also here the quantum computer excels in efficiency. The efficiency criterion is the time (more precisely speaking, the number of computational steps) needed for the calculation. When this time grows as a polynomial with the size of the input, we speak of an efficient algorithm. On the other hand, when this growth is superpolynomial (typically exponential), the algorithm is considered inefficient. In this sense, the classical algorithm for factorizing integers, for example, is inefficient. For very large integers the calculation is so extremely time consuming that the problem, in fact, becomes intractable. There are actually two different topics of research: new efficient algorithms have to be devised that will run (only) on quantum computers, and physical concepts of quantum computers have to be discussed that, hopefully, might lead to a realization. Admittedly, in view of the desired complexity there is no great hope that a quantum computer will be constructed some day that can actually beat a classical computer. Nevertheless, it is an exciting task to study quantum mechanics from a completely novel point of view. Instead of striving to find out the physical laws governing microscopic systems and utilize this knowledge to develop technical devices, we now want to use the quantum laws to do
calculations that are impossible to perform on conventional computers [6].
Categories and Subject Descriptors
Learning, Quantum information science, Computational models, Information theory
General Terms
Algorithms, Quantum computer
Keywords
Quantum computer, Algorithm, Decoherence, Quantum encryption, Qubit, Complexity theory, Quantum information, Quantum computing models
1. INTRODUCTION Every so often a new technology surfaces that enables the bounds of computer performance to be pushed further forwards. From the introduction of valve technology through to the continuing development of VLSI designs, the pace of technological advancement has remained relentless. Lately, the key to improving computer performance has been the reduction of size in the transistors used in modern processors. This continual reduction however, cannot continue for much longer. If the transistors become much smaller, the strange effects of quantum mechanics will begin to hinder their performance. It would therefore seem that these effects present a fundamental limit to our computer technology, or do they? In 1982, the Nobel prize-winning physicist Richard Feynman thought up the idea of a 'quantum computer', a computer that uses the effects of quantum mechanics to its advantage. For some time, the notion of a quantum computer was primarily of theoretical interest only, but recent developments have bought the idea to everybody's attention. One such development was the invention of an algorithm to factor large numbers on a quantum computer, by Peter Shor (Bell Laboratories). By using this algorithm, a quantum computer would be able to crack codes much more quickly than any ordinary (or classical) computer could. In fact a quantum computer capable of performing Shor's algorithm would be able to break current cryptography techniques in a matter of seconds. With the motivation provided by this algorithm, the topic of quantum computing has gathered momentum and researchers around the world are racing to be the first to create a practical quantum computer [2]. A quantum computer is a device for computation that makes direct use of quantum mechanical phenomena, such as superposition and entanglement, to perform operations on data. The basic principle behind quantum computation is that
quantum properties can be used to represent data and perform operations on these data. Although quantum computing is still in its infancy, experiments have been carried out in which quantum computational operations were executed on a very small number of qubits (quantum binary digits). Both practical and theoretical research continues with interest, and many national government and military funding agencies support quantum computing research to develop quantum computers for both civilian and national security purposes, such as cryptanalysis. If large-scale quantum computers can be built, they will be able to solve certain problems much faster than any of our current classical computers (for example Shor's algorithm). Quantum computers are different from other computers such as DNA (deoxyribonucleic acid) computers and traditional computers based on transistors. Some computing architectures such as optical computers may use classical superposition of electromagnetic waves. Without some specifically quantum mechanical resources such as entanglement, it is conjectured that an exponential advantage over classical computers is not possible. The Bloch sphere (figure 1) is a representation of a qubit, the fundamental building block of quantum computers [1].
Figure 1: Block sphere
1.1 UNDERSTANDING BASICS A classical computer has a memory made up of bits, where each bit holds either a one or a zero. A quantum computer maintains a sequence of qubits. A single qubit can hold a one, a zero, or, crucially, any quantum superposition of these; moreover, a pair of qubits can be in any quantum superposition of 4 states, and three qubits in any superposition of 8. In general a quantum computer with n qubits can be in an arbitrary superposition of up to 2n different states simultaneously (this compares to a normal computer that can only be in one of these 2n states at any one time). A quantum computer operates by manipulating those qubits with a fixed sequence of quantum logic gates. The sequence of gates to be applied is called a quantum algorithm. An example of an implementation of qubits for a quantum computer could start with the use of particles with two spin
states: "down" and "up" (typically written and , or
and ). But in fact any system possessing an observable quantity A which is conserved under time evolution and such that A has at least two discrete and sufficiently spaced
consecutive eigenvalues, is a suitable candidate for implementing a qubit. This is true because any such system can be mapped onto an effective spin-1/2 system. Consider first a classical computer that operates on a three-bit register. The state of the computer at any time is a probability distribution over the 23 = 8 different three-bit strings 000, 001, ..., 111. If it is a deterministic computer, then it is in exactly one of these states with probability 1. However, if it is a probabilistic computer, then it may have a chance in being in a number of different states. We can describe this probabilistic state by eight nonnegative numbers a,b,c,d,e,f,g,h (where a = probability computer is in state 000, b = probability computer is in state 001, etc.). There is a restriction that these probabilities sum to 1. The state of a three-qubit quantum computer is similarly described by an eight-dimensional vector (a,b,c,d,e,f,g,h), called a wavefunction. However, instead of adding to one, the sum of the squares of the coefficient magnitudes, | a | 2 + | b | 2 + ... + | h | 2, must equal one. Moreover, the coefficients are complex numbers. Since states are represented by complex wavefunctions, two states being added together will undergo interference. This is a key difference between quantum computing and probabilistic classical computing. If you measure the three qubits, then you will observe a three-bit string. The probability of measuring a string will equal the squared magnitude of that string's coefficients (using our example, probability that we read state as 000 = | a | 2, probability that we read state as 001 = | b | 2, etc..). Thus a measurement of the quantum state with coefficients (a,b,...,h) gives the classical probability distribution ( | a | 2, | b | 2,..., | h | 2). We say that the quantum state "collapses" to a classical state. Note that an eight-dimensional vector can be specified in many different ways, depending on what basis you choose for the space. The basis of three-bit strings 000, 001, ..., 111 is known as the computational basis, and is often convenient, but other bases of unit-length, orthogonal vectors can also be used. Ket notation is often used to make explicit the choice of basis. For example, the state (a,b,c,d,e,f,g,h) in the computational basis can be written as
0 0 0 0 0 1 0 1 0 0 1 1 1 0 0
1 0 1 1 1 0 1 1 1 ,
a b c d e
f g h
where, e.g., 010 0,0,1,0,0,0,0,0 . The
computational basis for a single qubit (two dimensions) is
0 1,0 , 1 0,1 , but another common basis is the
Hadamard basis of 11,1
2 and 1
1, 12
.
Note that although recording a classical state of n bits, a 2n-dimensional probability distribution, requires an exponential number of real numbers, practically we can always think of the system as being exactly one of the n-bit strings—we just don't know which one. Quantum mechanically, this is not the case, and all 2n complex coefficients need to be kept track of to see how the quantum system evolves. For example, a 300-qubit quantum computer has a state described by 2300 (approximately 1090) complex numbers, more than the number of atoms in the observable universe. Qubits (figure 2) are made up of controlled particles and the means of control (e.g. devices that trap particles and switch them from one state to another) [1].
Figure 2: Quantum computer
1.2 Theory of universal computation One thing that all computers have in common, from Charles Babbage's analytical engine (1936) to Pentium(tm) based PC's, is the theory of classical computation as described by the work of Alan Turing. In essence, Turing's work describes the idea of the universal turing machine, a very simple model of a computer that can be programmed to perform any operation that "would naturally be considered to be computable". All computers are essentially implementations of a universal turing machine. They are all functionally equivalent and although some may be quicker, larger or more expensive than others, they can all perform the same set of computational tasks [2].
1.2.1 Heating up over lost information A great deal of time has been spent on investigating whether quantum theory places any fundamental limits on computing machines. As a result, it is now believed that physics does not place any absolute limits on the speed, reliability or memory capacity of computing machines. One consideration that needs to be made however, concerns the information that may be 'lost' in a computation. In order for a computer to run arbitrarily fast, its operation must be reversible (i.e. it's inputs must be entirely deducible from its outputs). This is because irreversible computations involve a 'loss' of information which can be equated to a loss in heat, and thus the restricted ability of the system to dissipate heat will in turn limit the performance of the computer. An example of information being lost can be seen in an ordinary AND gate. An AND gate has two inputs and only one output, which means that in the process of moving from the input to the output of the gate, we loose one bit of information. In 1976, Charles Bennett proved that it is possible to build a universal computer entirely from reversible gates, and that expressing a program in terms of primitive reversible operations does not significantly slow it down. A suitable universal and reversible gate with which we could build a computer is the Toffoli gate (see Figure 3) [2].
Figure 3: The inputs of a Toffoli gate are entirely deducible from the outputs.
1.2.2 The universal quantum computer The Church-Turing principle - "There exists or can be built a universal computer that can be programmed to perform any computational task that can be performed by any physical object". A number of key advances have been made in the theory of quantum computation, the first being the discovery that a simple class of 'universal simulator' can mimic the behaviour of any finite physical object, by Richard Feynman in 1982. David Albert made the second discovery in 1984 when he described a 'self measuring quantum automaton' that could perform tasks that no classical computer can simulate. By instructing the automaton to measure itself, it can obtain 'subjective' information that is absolutely inaccessible by measurement from the outside. The final and perhaps most important discovery was made by David Deutsch in 1989, he proved that all the computational capabilities of any finite machine obeying the laws of quantum computation are contained in a single machine, a 'universal quantum computer'. Such a computer could be built from the quantum equivalent of the Toffoli gate and by adding a few extra operations that can bring about linear superpositions of 0 and 1 states, the universal quantum computer is complete. This discovery requires a slight alteration to the Church-Turing principle - "There exists or can be built a universal quantum computer that can be programmed to perform any computational task that can be performed by any physical object"[2].
1.2.3 Artificial intelligence The theories of quantum computation have some interesting implications in the world of artificial intelligence. The debate about whether a computer will ever be able to be truly artificially intelligent has been going on for years and has been largely based on philosophical arguments. Those against the notion suggest that the human mind does things that aren't, even in principle, possible to perform on a Turing machine. The theory of quantum computation allows us to look at the question of consciousness from a slightly different perspective. The first thing to note is that every physical object, from a rock to the universe as a whole, can be regarded as a quantum computer and that any detectable physical process can be considered a computation. Under these criteria, the brain can be regarded as a computer and consciousness as a computation. The next stage of the argument is based in the Church-Turing principle and states that since every computer is functionally equivalent and that any given computer can simulate any other, therefore, it must be possible to simulate conscious rational thought using a quantum computer. Some believe that quantum computing could well be the key to cracking the problem of artificial intelligence but others
disagree. Roger Penrose of Oxford University believes that consciousness may require an even more exotic (and as yet unknown) physics [2].
2. HOW MIGHT A QUANTUM COMPUTER WORK? A computer, whether classical or quantum mechanical, is a physical system, and computing is achieved through physical processes. The fundamental difference between a classical and a quantum computer is that the former, as a classical system, obeys the laws of classical physics, where as the latter makes extensive use of quantum laws. Quite generally, computation is a physical evolution process: the system starts from a certain initial state and ends up in a final state that represents the result of the computation. In the case of quantum computers, the evolution is known to be a unitary transformation. Hence, to make a computation on a quantum computer means to realize a specific unitary transformation. This is certainly no trivial task. Fortunately, we can benefit from the fact that any unitary transformation can be built up from rotations that bring single qubits into superposition states and elementary unitary transformations, so-called quantum gates (the analogues of gates in classical computers) that act on two qubits. Hence a quantum algorithm is specified by a sequence of rotations and gates, and the experimentalist’s task is to realize this sequence of operations. Among the quantum gates the so-called controlled-NOT gate (or C-NOT gate) is of special importance, since it was shown that any unitary transformation can be decomposed into rotations on a single qubit and controlled-NOT gates acting on two qubits, a control and a target qubit. A controlled-NOT gate has the following properties: it leaves the target qubit t unchanged, when the control qubit c is set to 0
0 0 0 0 , 0 1 0 1 ,c t c t c t c t
and it causes a flip of the target qubit, when the control qubit is set to 1
1 0 1 1 , 1 1 1 0 ,c t c t c t c t
To realize a controlled-NOT gate, one needs a physical mechanism that couples any target qubit to any control qubit. Cirac and Zoller (1995) found a suitable mechanism to be given by Coulomb repulsion, in their proposal of a quantum computer that is made up of cold ions stored in a linear Paul trap. This concept proved to be attractive for experimentalists. In fact, many of the techniques for preparing and manipulating quantum states of trapped ions have already been developed in the field of precision spectroscopy, and we mentioned that entanglement between two trapped ions was produced and quantum teleportation was realized in a three-ion system. Hence the trapped ion scheme is indeed prospective. So, to get a realistic idea of how a quantum computer might work, as a physical system, let us have a closer look at the Cirac–Zoller proposal.
Dealing with ions, the two states of a qubit, 0 and 1 , are
realized by two longlived energy levels.Working with alkaline
earth ions, one may choose the state 0 as a sublevel of the
1
2
S ground state, and the state 1 as a sublevel of the
excited 5
2
D state. Those two states are coupled through a
quadrupole transition. So the excited state is metastable. Nevertheless, with the help of lasers optical transitions between the two states can be induced. A second important point is that by utilizing the quantum jump technique level occupations can
be reliably read out. With a properly tuned strong laser, resonance fluorescence can be excited exclusively between the
ground state 0 and a suitable higher level, whereas no such
possibility exists for the excited state 1 . So the occurrence of
a fluorescence signal indicates that the qubit is in the state 0 ,
where as the absence of such a signal tells us that the state 1 is
occupied. In fact, this is the kind of measurement that enables us to read out the result of a computation. A prerequisite of computation is, of course, the ability to address the ions individually (with lasers). This is achieved by storing them in a linear Paul trap. With the help of the optical cooling technique the ions can be arranged in a ‘string-of-pearls’ configuration. Then each is localized in a region whose dimensions are much less than optical wavelengths. On the other hand, the spacing between adjacent ions can be made conveniently large. While the ions are tightly bound in the directions transverse to the trap axis, the trap potential along the axis will give them the freedom to oscillate about their equilibrium positions. Their coupling via Coulomb repulsion will, however, give rise to collective oscillations that are described by normal modes of the linear chain. In the simplest case, all the ions move in the same way (as if they were rigidly coupled). The eigenfrequency of this so-
called centre-of-mass (CM) mode, CM , is the smallest one. It
equals that of a single ion. Typically, it is of the order of 100kHz. The eigenfrequencies of the various modes are well
separated. In particular, the eigenfrequency next to CM is
greater by a factor of 3 , and the eigenfrequencies of the other modes are still larger. So one can discriminate between the modes, and it becomes possible to excite, or de-excite, just one of them, preferably the CM mode. All possible manipulations of the ions for computational purposes make use of lasers acting on individual ions. Depending on the tuning of the laser frequency, the following two basic processes can be realized. Rotation of a qubit. When the laser is at resonance with the
transition 0 1 , it will not affect the ion’s motion. The
action of the laser can be described by the following unitary operation, which is referred to as qubit rotation
, ;
0 cos 0 s 1 ,
1 sin 0 c 1
i
i
V
ie
ie
in2 2
os2 2
Here we have introduced the pulse area t (assuming the pulses to be rectangular) and disregarded the free evolution of the basis states, we have used the so-called interaction representation. Of special importance will be π/2, π and 2π pulses that correspond to θ = π/2, etc. Not only must the frequency of the laser be adjusted very precisely; its polarization must also be properly set. This is because the basis states are actually sublevels with given magnetic quantum numbers so that the laser transition is subjected to selection rules that ensure angular momentum
conservation. To drive only the 0 1 transition, the laser
beam must be chosen to be right-handed circularly polarized, for instance. Switching to left-handed circular polarization gives us
an opportunity to drive a transition from 0 to a second
excited level 2 , which we will refer to as an auxiliary level.
But what is the use of it? Certainly, we are not interested in
actually populating level 2 , since this would invalidate the
qubit concept. However, by applying a left-handed polarized 2π
pulse to the state 0 we will bring back the ion into this state,
but nevertheless produce a subtle effect, with 1 replaced
by 2 , the state 0 will change its sign. Importantly, the
state 1 remains unaffected. Such an operation is indeed
required. For instance, a simple NOT operation that interchanges
0 and 1 cannot be realized by a rotation: a π pulse with
phase ϕ = π/2 causes the transition 0 1 , 1 0 .
So the false sign of 0 still has to be inverted. Interaction with
vibrations. When a laser is properly detuned, it will act not only on the internal states of an ion, but also on its vibrational motion. The underlying mechanism is that a moving ion ‘feels’ the (given) electric field strength residing at the actual positions of the centre of mass. This makes the interaction Hamiltonian depend on the elongation of the ion, which implies a coupling between the electric field and the ion’s motion, in addition to the coupling to the internal degrees of freedom. When we are dealing with a linear chain of ions, the electric field will interact with the collective vibrations (normal modes), though the field is acting on just one ion. Let us specify the physical conditions in which this interaction can actually be observed. First, it has to be noticed that in the quantum mechanical description the vibrational modes have quantized energies. In perfect analogy to the electromagnetic field modes, the energy is a multiple of
vibh (h Planck’s constant), where vib is the eigenfrequency of
the respective vibrational mode. The role of photons is now played by phonons, and we speak of the presence of n phonons
(n = 0, 1, 2, . . .) when the energy is just vibnh . Of vital
importance for the Cirac–Zoller proposal are processes in which an ion becomes excited and one phonon is simultaneously annihilated. Energy conservation then requires that one laser photon is annihilated jointly with one phonon, their energies being converted altogether into the excitation energy of the ion,
1 0 ,L vibh h h where L is the laser frequency,
and 1 0,hh are the energies of the excited state 1 and the
ground state 0 . Equation gives us the frequency condition
1 0L vib , which indicates that the laser frequency
must be red-shifted. As was mentioned above, the eigenfrequencies for the vibrational modes differ distinctly. This makes it possible to act on just one selected mode, preferably the CM mode, by properly setting the laser frequency. But the inverse process must also be possible (which is, in fact, a general rule): a laser-induced transition from the higher level to the lower level that is accompanied by the creation of a phonon. (Formally, this follows from the Hermiticity of the interaction Hamiltonian.) So we are able to act, with properly tuned laser pulses, simultaneously on both the internal and the vibrational degrees of freedom of the ionic system. When directed on the μth ion, a laser pulse with pulse area θ and phase ϕ gives rise to
the following transformation that is referred to as ,U
operation
0 1 cos 0 1 sin2 2
1 0 sin 0 1 cos2 2
i
vib vib
i
vib vib
ie
ie
1 0 ,
1 0 .
vib
vib
Here, 0vib
and 1vib
are vibrational states with 0 or 1
phonons, it is readily seen that a π pulse (θ = π) allows us to realize the special operations we considered before. It should be noticed that the expression for the Rabi frequency, and hence also the pulse area, is different for the operations
,V
and ,U .
As in the case of qubit rotations,
the existence of an auxiliary level 2
can be utilized to
change the sign of the state 0
, without affecting the
state 1
.This is achieved with the help of a properly polarized
2π pulse. It should be observed, however, that this process takes place only when the vibrational mode is excited. Otherwise the (red-shifted) laser pulse will not interact with the ion. So we are
able to change the sign of 0
on condition that one phonon is
present. We will see below that this sign inversion can be used as an important ingredient of a controlled-NOT gate. The
, U
operation allows us to create a phonon in a selected
vibrational mode, by applying a π pulse on any excited ion μ. Since all ions are involved in this vibrational motion, the phonon will modify, in turn, the action of a suitably chosen pulse sequence directed on any ion . So the vibrational mode plays
the role of a data bus: the information that the μth ion is initially excited is encoded into a phonon, and it can be read out on any ion . This kind of information transfer is, in fact, crucial to
quantum computing, opening the way to implement two-qubit gates. I will illustrate this by the example of the controlled-NOT gate. The first step in implementing a controlled-NOT gate will be to
a apply a redshifted π pulse, ,2
cU
, to the control
qubit c. If it is in the excited state 1c
the pulse will ‘swap’ the
excitation for a phonon. What we now need is a sequence of pulses acting on the target qubit t that has the following effect: it inverts the population of the target qubit if a phonon is present. However, it leaves the target qubit unchanged in the absence of a phonon. Cirac and Zoller (1995) proposed to build up this sequence from three pulses:
(a) a resonant π/2 pulse with phase −π/2, ,2 2
tV
,
(b) a red-shifted 2π pulse, 2aux
tU
, with modified
polarization so that it interacts with an auxiliary level 2t
(see
above) and
(c) a resonant π/2 pulse with phase π/2, ,2 2
tV
. The two
pulses (a) and (c), applied one after the other, reproduce the state of the target qubit. However, in combination with the pulse (b)
(which changes exclusively the sign of the state 0t) they
produce the desired inversion of the target qubit. Note that the phonon is still present. So the control qubit can finally be set back, with the help of a red-shifted π pulse, to the initial
state 1c
, whereby the phonon is annihilated. Hence the
requirement is fulfilled. On the other hand, when the control
qubit is initially set to 0c
, the first pulse ,2
cU
does
not affect the control qubit. Since no phonon is produced, the pulse (c) has also no effect. So only the resonant pulses (a) and (c) actually interact with the target qubit, their combined action, however, leaving the state of the target qubit unchanged, as was mentioned above. Actually, experimentalists at Innsbruck succeeded in realizing a controlled-NOT gate along the lines just described (Schmidt-Kaler et al., 2003). Finally, let me say a few words on how the laser pulses are generated and manipulated. One starts with a cw laser that is coupled into a single-mode optical fibre. Making the laser light pass through a Pockels cell placed between crossed polarizers, the pulse duration – and hence also the pulse area – can be adjusted. A Pockels cell is also used for setting the polarization. Addressing a particular ion is achieved with the help of a focusing lens system. The possibility of switching between different ions is provided by electro-optical beam deflectors. The problem that is really open is the scalability of the experimental scheme. Will it be possible to manipulate many hundreds of ions such that the incredibly large number of computational steps prescribed by the algorithm are realized [ 6]?
3. QUANTUM ALGORITHMS An algorithm is a set of instructions used to perform some well-defined task on a computer. A large part of the desire to develop a quantum computer has come from the discovery that some algorithms work dramatically better on a quantum computer than they could ever work on a classical computer. This is because the nature of quantum systems—captured in superposition and interference of qubits—often allows a quantum system to compute in a parallel way that is not possible even, in principle, with a classical computer. It was discovered that given a function f (x), a quantum algorithm is capable of evaluating the function at multiple values of x simultaneously. As we will see below, a quantum algorithm highlights one of the central tugs-of-war that exist in quantum theory. A qubit can exist in a superposition of states, giving a quantum computer a hidden realm where exponential computations are possible. In other words, the fact that a quantum system can exist in a superposition or linear combination of states allows us to do simultaneous parallel computations that cannot be done even, in principle, on any classical computer. This feature allows a quantum computer to do parallel computations using a single circuit-providing a dramatic speedup in many cases. However, since measurement finds a qubit in one state or the other—frustratingly we find that if we give a quantum computer n inputs we only get n outputs. Nature allows us to get around this to a certain extent and extract useful information using quantum interference. This is another feature of qubits that cannot be seen with classical bits—and it plays an important role in the
development of useful algorithms. Because it’s also true that a quantum computer can execute any classical algorithm, the hope is that as more algorithms are discovered and quantum computers become a reality, extremely efficient computing machines can be built. At the present time only a small set of truly quantum algorithms have been discovered, and this remains a very active area of research. We begin by reviewing two quantum gates that are important in the development of quantum algorithms and explaining quantum interference. Then we explore our first truly quantum algorithm, called Deutsch’s algorithm after its creator, the imaginative physicist David Deutsch [5].
3.1 Hadamard Gates An important step in quantum algorithms is to use Hadamard gates to create superposition states. Recall that the Hadamard gate H acts on the computational basis states in the following way:
An interesting feature of the Hadamard gate is that two Hadamard gates in series act to reverse the operation and give back the original input. Let’s consider a Hadamard gates applied
to an arbitrary qubit 0 1 . We have
If we apply a Hadamard gate twice, we get the original state back:
Figure 4: Two Hadamard gates in series restore a qubit to its original state
Figure 5: Two Hadamard gates used in parallel
So the action of two Hadamard gates in series, shown in figure 4, restores a qubit to its original state. Now consider what happens when we apply two Hadamard gates in parallel. Let’s
say that we do this for the state 1 1 (see figure 5). The result
of this action is the product state given by
As we will see, the operation of two or more Hadamard gates in parallel plays an important role in quantum algorithms. When n Hadamard gates act in parallel on n qubits, this is called a Hadamard transform. A shorthand notation that is sometimes
used is to write So the operation shown in previous
equation can be denoted by . If we apply
nH
2H 2H to the
product state 0 0 , we obtain
In a similar way3 0 0 0H
gives us
We can write a sum over states
like 100 01 10 11
2 compactly in the
following way: We let x denote a general state
where that is, 20,1 ;x x is one of
00 1, 01 , 10 , 1 . If we write , then we
mean that
30,1 ;x
x is one of the three qubit
states 000 , 001 , 010 , 011 , 111100 , 101 , .
By summing over the variable x , we can write the states
compactly.
In general, the application ofnH
to a product state with n
copies of 0 is
Another useful operation is applying to the product
state
H H0 1 . This gives
If we think of x as running over the numbers 00, 01, 10, 11 (i.e, 0, 1, 2, 3), then we can write this compactly as
Meanwhile
where 0 1x x is the exclusive-OR of the two qubits, and we
are saying x is a two qubit state of the
form 0 1x x where 0 1,x x are either 0 or 1 [5].
3.2 The Phase Gate Another useful gate that can be applied in the development of quantum algorithms is a variation of the phase gate we met in the last chapter, called the discrete phase gate. We denote the
discrete phase gate by kR , where
3.3 Matrix Representation of Serial and Parallel Operations When looking at quantum circuit diagrams or thinking about quantum algorithms, it is sometimes helpful to break down the problem in terms of matrices. There are two basic rules that can be followed. The first is that if a set of operations is performed
in series, then this is represented by a matrix product. We represent a set of operations performed in series (i.e., in time) by starting with the first operation on the left followed by subsequent operations moving to the right. This is illustrated in figure 6, where we first perform a phase gate with angle θ, followed by a Hadamard gate, which is then followed by the application of a Z gate. The matrix representation of this sequence of operations is written down by multiplying the matrices in reverse order. Hence the operation shown in figure 6 is written as ZHP(θ)
Figure 6: Circuit diagram for the application of a phase gate, followed by an application of a Hadamard gate,
llowed by the application of a Z gate
Explicitly we have
fo
When quantum operations are performed in parallel (i.e., at the same time), we compute the tensor product, which we already know how to do. So the matrix representation of H ⊗H is
As we will see when we start developing some quantum algorithms, interference and parallelism play a fundamental role. Before actually describing an algorithm we first describe quantum interference [5].
m inte ence. Let’s recall wh s
when we calculate
3.4 Quantum Interference The application of a Hadamard gate to an arbitrary qubit is an example of quantu rfer at happen
H for 0 1 . We get
Notice that the probability to obtain 0 upon measurement has
been changed as
2
while the probability to find 1 has been changed as
2
Specifically, looking at the state, we write
0 1
2
The Hadamard gate transforms
0 . This is a
manifestation of quantum interference—mathematically this means the addition of probability amplitudes. There are two
types of interference, positive interference in which probability amplitudes add constructively to increase or negative interference in which probability amplitudes add destructively to decrease. In the case with the Hadamard transformation of the state we have the following:
• Positive interference with regard to the basis state 0 . The
two amplitudes add to increase the probability of finding 0 upon measurement. In fact in this case it goes to unity meaning we are certain to find 0.
• Negative interference where by the terms 1 and 1
cancel. We go from a state where there was a 50% chance of finding 1 upon measurement to one where there is no chance of
important role in the
of the basic quantum algorithm toolkit, quantum parallelism [5].
output. That is,
finding 1 upon measurement. Quantum interference plays an development of quantum algorithms: • Quantum interference allows us to gain information about a function f (x) that depends on evaluating the function at many values of x. That is, interference allows us to deduce certain global properties of the function. Now let’s look at the final part
3.5 Quantum Parallelism and Function Evaluation The first foray into the development of a quantum algorithm one can imagine is actually quite simple— but it demonstrates the overwhelming power of a quantum computer (i.e., should a practical one ever be constructed). The algorithm we are going to describe is called Deutsch’s algorithm. Earlier we mentioned that quantum parallelism can be described as the ability to evaluate the function f (x) at many values of x simultaneously. Let’s see how to do this by considering a very simple function, one that accepts a single bit as input and produces a single bit as
0,1x . There are only a small number of
functions that can act on the set 0,1x and give a single bit
as output. For example, we could have the identity function
Two more examples are the constant functions f (x) = 0, f(x) = 1 The final example is the bit flip function
The identity and bit flip functions are called balanced because the outputs are opposite for half the inputs. So a function on a single bit can be constant or balanced. Whether a function on a single bit is constant or balanced is a global property. What we’re going to see in the following development is that Deutsch’s algorithm will let us put together a state that has all of the output values of the function associated with each input value in a superposition state. Then we will use quantum interference to find out if the given function is constant or balanced. The first step in developing is algorithm is to
imagine a unitary operation denoted by
th
fU that acts on two
qubits. It leaves e first qubit alone and produces the exclusive th
or (denoted b ) of the second qubit with the function f evaluated with the first qubit as argument. That is,
y
, ,fU x y x y f x
e that x, y {0, 1}). Now, since(not x is a qubit, it can be in a
superposition state. Let’s specifically start with an initial state
0 and appl a Hadamard gate, as shown in figure 7.
Using algebra, we write the action of the circuit shown in figure 7 as
y
This circuit has produced a superposition state that has information about every possible value of f (x), in a single step. Suppose that f (x) is the identity function. Then the final state is
Figure 7: Circuit diagram
for , ,fU x y x y f x where we take the first
qubit to be in a superposition and the second qubit to be
0 .
Recall that , so
more generally the output of this circuit is
0 0 1 1 0,0 1 1,1 0 1
This looks pretty nifty—we have a superposi ll pairs of x, f (x) represented. But remember how quantum
measurement works. If we measure the state
tion state with a
x f x). After measurem
,
we get one and only one value of x and f (x ent
the system is in a state proportional to x f x for that
single and specific value of x. Moreover the value of x that we obtain is completely random. So what we have so far is the same as evaluating the function f (x) at some randomly chosen x. That doesn’t seem very useful. For a simple function on bits we can learn the value of f (0) or f (1), but not both simultaneously (even though they are simultaneously present in the premeasurement state). While it seems like we haven’t gotten anything any more useful than what we can do with a classical computer, it’s in fact worse: we can’t choose which value to reveal, f (0)or f (1), that occurs rando h’s algorithm takes what we have done so far to exploit th e system is in a superposition
state
mly. Deutsce fact that th
x f x to obtain information abou rty t a global prope
of the function—whether or not it is constant 0 1f f or
balanced 0 1f f . It does this by computing
In words Deutsch’s algorithm is implem ented by the followingsteps:
1. Apply Hadamard gates to the input state 0 1 produce a
product state of two superpositions.
2. Apply fU to that product state.
3. Apply to the first qubit leaving the second qubit alone. We alre esult of the first step is in previous
nd we restate here
a Hadamard gate
ady know what the requation. We calculated it a
By doing this, we provide a superposition state as input that will contain all possible values of the combination (x, f (x)) once
we fU . Because it’s a single state, we havapply e these listed
simultaneously. Now let’s apply fU to each term
of 0 1H H . For the first e term we hav
s This result take into account the
possibilities 0 0f 0 this works, note tha
and 1. To see how
t (0)=0, then
0 0f if f
0 0 00 0f and
On the other hand, if f (0)=1, then 0 0f 0 1 1 and
Similar logic applied to the other terms gives
Hence
To get the final output state of Deutsch’s algorithm, we
apply H I ´to .
The Hadamard gate is applied to the first qubit, and the second qubit is left alone. Let’s look a the first couple of terms explicitly:
Applying to all the terms and doing some algebra gives the final output state of Deutsch’s algorithm as
H I
Now suppose that the function is constant so that f (0)=f (1). Then we obtain the final output state, using previous equation, as
On the other hand, if f (0) f (1), then f (0)=0, f (1)=1, or f (0)=1, f (1)=0, and the final output state is
In this algorithm, single-qubit interference is applied to the first qubit allowing us to distinguish between the two cases of the output of the function [5].
3.6 Deutsch-Jozsa Algorithm The Deutsch-Jozsa algorithm is a generalization of Deutsch’s algorithm. Again, this algorithm allows us to determine whether a function f (x) is constant or balanced, but this time the function has multiple input values. If f (x) is constant, then the output is the same for all input values x. If the function is balanced, then f (x)=0 for half of the inputs and f (x)=1 for the other half of the inputs, and vice versa. We start with an initial state that includes
n qubits in the state 0 and a singlequbit in the state 1 .
Hadamard gates are applied to all qubits. The circuit is illustrated in figure 8. We start off by calculating
Next we apply , ,fU x y x y f x , to evaluate the
function. The first n qubits are the values of x and the last qubit plays the role of y as shown in the figure 8. The output state of
the fU gate is
Figure 8: The Deutsch-Jozsa algorithm generalizes Deutsch’s algorithm to handle a function with n input values and determine whether or not it is constant or balanced
Applying a Hadamard gate to an n qubit state x gives
So the final output state is
Now we measure the n inputs. It might not be immediately, but
there are two possible measurement results on y (which is the
state of n inputs at this stage) that are of interest. The possible results are as follows:
• Measurement of the first n input qubits in out returns all
0’s. In this case f (x) is constant.
• Otherwise, if at least one of the qubits in y is found to be a 1
on measurement, f (x) is balanced [5].
3.7 Quantum Fourier Transform A quantum computer can be used to compute a quantum analog of the Fourier transform. First let’s get some preliminaries down. Consider two states of d =n qubits
where each , 0,i ix y 1 . Then
The quantum Fourier transform maps the
state 1 2 0...n nx x x into the state
where we have introduced the notation
and so on, to represent a binary fraction. Notice that we have two things going on here—superposition states and the introduction of phases. The first fact tells us that we will need to build a circuit with Hadamard gates to introduce superposition states. As for the phases, let’s recall the discrete phase gate. The matrix representation of this gate in the computational basis is
So we see that
The quantum Fourier transform is implemented using Hadamard gates and controlled discrete phase gates. Let’s denote the
quantum Fourier transform operator by . It acts on an
arbitrary state
FU
x as
We use the
property andba b aee e 0 1 ... ny y y y 1
to write this as a tensor product state:
Each 0,1iy . If , then0iy 0 12 ... 0 1i jiy x x xe e
.
If , then the termsis left with1i y 0 12 ...i jiy x x xe
. The
discussion so far has been pretty abstract. Next we will show how to compute the discrete quantum Fourier transform for a
three-qubit state 2 1 0x x x x . The circuit used to do this is
shown in figure 9. The first step is to apply the Hadamard gate
to 2x . Note that 1 ie , so the state on the top line in
figure 9 becomes
We proceed to act on this state with the controlled 2R gate. The
control bit for this gate is the state 1x , which is 0 or 1 .
Since 0 21 ie e 0 , and 1x is either 0 or 1 , we can
write the action of the 2R gate on the basis state
1 as 1 1/2 2 ie /42 1 1 1i x xR e . So the state of the
entire system at this point is
Now we apply the controlled 3R gate to this state with the
control bit being 0x . This acts in the same manner
transforming the system into the state
Next 1x goes through the Hadamard gate and the
controlled 2R gate, transforming it as
Figure 9: Circuit for a quantum Fourier transform applied to a three—qubit state.
The state of the system becomes
The last step is to act on 0x with the final Hadamard gate. This
takes
The final state of the system is [5]:
3.8 Phase Estimation The quantum Fourier transform is closely related to a problem called phase estimation. Let U be a unitary operator on a
2nd Hilbert space, and let 1 2, ,... d be the
eigenvectors of U, which form an orthonormal basis for the space. The eigenvalues of unitary operators are phases. Hence
the eigenvalues of each n will be given by
2 nin nU e
Notice that if we act on a given eigenvector say j times, we have
The problem of quantum phase estimation is the following:
Given a unitary operator U and an input eigenvector of U,
estimate the angle θ in the associated eigenvalue that will have a form given by. We suppose that we want to know the phase angle θ to m bits of accuracy. To begin, the algorithm with the initial state given by
0m
in
Here we know the eigenvector of the given unitary
operator, to n bits, meaning it is an n qubit state
1 2 1 0, ,..., ,n n . Following a procedure you’re
familiar with already, the first step is to apply Hadamard gates to
the 0 inputs to generate superposition states. Acting with m
Hadamard gates gives
Now apply the unitary operator to the state in the following way:
Because2 i xe
is just a number, we can move it wherever we like. Notice that the state in previous equation is a product state,
with each term multiplied by . So we can pull it out of the
sum and write
We are after an estimate of θ, so we can throw out the last n
qubits (i.e., throw out ). This leaves the state
The algorithm we have described to this point is sometimes called a phase kickback circuit . This is illustrated in figure 10. To get an estimate of θ, we can use the quantum Fourier
transform . Specifically, we apply the inverse quantum
Fourier transform, which is given by
FU
, to the state in previous equation. The result is
The probability of finding the system in the state y is
Figure 10: An illustration of a circuit
We can evaluate this term by considering a geometric series. If |r| < 1, then
When the sum is finite, we have
The probability of finding the system in the state y is
We wish to estimate a lower bound on this probability. Doing so involves looking at the terms in the complex plane. If you haven’t had complex variables, you may wish to skip this section, which will seem obscure to many readers. Suppose that we have an m bit approximation of θ given by 0.
1 2...m m 0 12m
that differs from θ by some error ε such that 0
< |ε| ≤
. Then we can take2 ir e and estimate a lower
bound on obtaining an accurate m bit precision estimate of θ. To do this, we examine the complex plane and consider that
2 1mr is the chord length from 1 to . We drawing a unit
circle in the complex plane. As illustrated in figure 10, the arc
length from 1 to is given by 2π|ε|2m. In figure 11 the ratio of the arc length to the chord length cannot exceed π/2. Hence we obtain the bound
2mr
2mr
Figure 11: Estimating a bound on the probability by looking at the complex plane.
Now we need a bound on the denominator. A similar procedure for considering the chord length from 1 to r gives the bound
Hence
The bottom line of this calculation is that the probability is greater than 0.4. that a measurement of θ to m bits of precision is obtained with every single bit correct [5].
3.9 Shor´s algorithm Shor’s algorithm is an algorithm invented by Peter Shor in 1995 for finding prime factors of large integers. The statement of the problem of factoring integer is as follows: Given an integer N,
find prime numbers ip and integers such that ie1 2
1 2 ... kee ekN p p p . Let us make two simplifications
of the problem without loosing generality: Firstly, given N, it is enough to split it into
integers and such that1N 2N 1N N N2 . It is easy to see
that after a linear number (in size of the input, i.e. logN) of such steps, we are guaranteed to reach prime factors. Secondly, assume that N is a product of two primes, N = p×q, where
,p q . Classically, naive algorithm for the factoring
problem works in time NO . The fastest known algorithm
for this problem is Field Sieve algorithm that works in time
3 lo2
gO N. In fact, Shor showed that we can do better with
quantum computer. Theorem 1.1: There exists quantum algorithm that solves the factoring problem with bounded error probability in polynomial time [4].
3.9.1 Shor's algorithm - An example The purpose of this section is to illustrate the basic steps involved in Shor's Algorithm. In order to keep the example relatively easy to follow we will consider the problem of finding the prime factors of the number 15. Since the Algorithm consists
of three key steps, this explanation will be presented in 3 stages... Stage 1 The first stage of the algorithm is to place a memory register into a coherent superposition of all its possible states. The letter 'Q' will be used denote a qubit that is in the coherent state.
Figure 12: A three-qubit register can represent 8 classical
states simultaneously.
When a qubit is in the coherent state, it can be thought of as existing in two different universes. In one universe it exists as a '1' and in the other it exists as a '0' (see figure 12). Extending this idea to the 3 bit register we can imagine that the register exists in 8 different universes, one for each of the classical states it could represent (i.e. 000, 001, 010, 011, 100, 101, 110, 111). In order to hold the number 15, a four bit register is required (capable of representing the numbers 0 to 15 simultaneously in the coherent state). A calculation performed on the register can be thought of as a whole group of calculations performed in parallel, one in each universe. In effect, a calculation performed on the register is a calculation performed on every possible value that register can represent. Stage 2 The second stage of the algorithm performs a calculation using the register. The details of which are as follows:
The number N is the number we wish to factorise, N = 15.
A random number X is chosen, where 1 < X < N-1. X is raised to the power contained in the register
(register A) and then divided by N. The remainder from this operation is placed in a
second 4 bit register (register B).
Figure 13: Operation performed in stage 2.
After this operation has been performed, register B contains the superposition of each universes results. This is best illustrated with an example, if we choose X to be 2, then the contents of register B, for every possible value in register A are as follows.
Table 1: Contents of Register B, when N = 15 and X = 2. Register A Register B 0 1 1 2 2 4 3 8 4 1 5 2 6 4 7 8 8 1 9 2 10 4 11 8 12 1 13 2 14 4 15 8 Notice (see table 1) that the contents of register B follows a repeating sequence (1,2,4,8,1,2,4,8...), the frequency at which this repeats can be named f. In this case the repeating sequence (1, 2, 4, 8) has four values so f = 4. Stage 3 The final stage is perhaps the most difficult to follow. The frequency of repetition, f, can be found using a quantum computer. This is done by performing a complex operation on register B and then looking at its contents which causes the results from every universe to interfere with each other. The resulting value for f is then used in the following equation to calculate a (possible) factor.
The resulting number cannot be guaranteed to be a prime factor, but there is a good chance that it is one. The interference that produces the value for f tends to favour the correct answer as incorrect answers cancel each other out. In our example the value f = 4 does give a correct answer of 3. The fact that the answer cannot be guaranteed to be correct is of little consequence as it can be easily checked with multiplication. If the answer is incorrect, there is a very strong chance that repeating the calculation a few times with different values of X will produce the right answer [2].
3.10 Quantum searching and Grover’s algorithm Grover’s algorithm for searching over a space of size N works as follows: consider the two dimensional subspace that consists of
two states: the target state a and 0
1x
N .
Start with the state 0 , and repeat for O N steps:
reflect about a and then reflect about 0 . To implement
the reflection about 0 , we use the Diffusion operator D
(assume ), which works as follows. First, apply ,
which maps
2nN 2nH
0 00...0 . Then reflect around
00...0 . Finally, apply to return to the original basis.
(Note that this is simply a reflection around the zero vector in the Hadamard basis.) Let’s write out this diffusion operator explicitly to give another way of understanding Grover’s algorithm:
2nH
Claim: The Diffusion operator D has two properties: 1. It is unitary and can be efficiently realized. 2. It can be seen as an “inversion about the mean.” Proof:
1. For 2nN ,D can be decomposed and rewritten as:
Observe that D is expressed as the product of three unitary matrices (two Hadamard matrices separated by a conditional phase shift matrix). Therefore, D is also unitary. Regarding the implementation, both the Hadamard and the conditional phase shift transforms can be efficiently realized within O(n) gates.
2. Consider D operating on a vector to generate
another vector :
If we let be the mean amplitude, then the expression
2 i describes a reflection of i about the mean. Thus,
the amplitude of 2
2i j i ijN can
be considered an “inversion about the mean” with respect to
i . The quantum search algorithm iteratively improves the
probability of measuring a solution. Here’s how:
1. Start state is 0
1x
xN
2. Invert the phase of i using f
3. Then invert about the mean using D
4. Repeat steps 2 and 3 O N times, so in each iteration
a increases by 2
N.
This process is illustrated in figure 14 [3].
Figure 14: The first three steps of Grover’s algorithm. We start with a uniform superposition of all basis vectors in (a).
In (b), we have used the function f to invert the phase of k .
After running the diffusion operator D, we amplify k while
decreasing all other amplitudes.
4. POTENTIAL Integer factorization is believed to be computationally infeasible with an ordinary computer for large integers that are the product of only a few prime numbers (e.g., products of two 300-digit primes). By comparison, a quantum computer could efficiently solve this problem using Shor's algorithm to find its factors. This ability would allow a quantum computer to "break" many of the cryptographic systems in use today, in the sense that there would be a polynomial time (in the number of digits of the integer) algorithm for solving the problem. In particular, most of the popular public key ciphers are based on the difficulty of factoring integers (or the related discrete logarithm problem which can also be solved by Shor's algorithm), including forms of RSA. These are used to protect secure Web pages, encrypted email, and many other types of data. Breaking these would have significant ramifications for electronic privacy and security. The only way to increase the security of an algorithm like RSA would be to increase the key size and hope that an adversary does not have the resources to build and use a powerful enough quantum computer. A way out of this dilemma would be to use some kind of quantum cryptography. There are also some digital signature schemes that are believed to be secure against quantum computers. Besides factorization and discrete logarithms, quantum algorithms offering a more than polynomial speedup over the best known classical algorithm have been found for several problems, including the simulation of quantum physical processes from chemistry and solid state physics, the approximation of Jones polynomials, and solving Pell's equation. No mathematical proof has been found that shows that an equally fast classical algorithm cannot be discovered, although this is considered unlikely. For some problems, quantum computers offer a polynomial speedup. The most well-known example of this is quantum database search, which can be solved by Grover's algorithm using quadratically fewer queries to the database than are required by classical algorithms. In this case the advantage is provable. Several other examples of provable quantum speedups for query problems have subsequently been discovered, such as for finding collisions in two-to-one functions and evaluating NAND trees. Consider a problem that has these four properties:
The only way to solve it is to guess answers repeatedly and check them,
there are n possible answers to check. Every possible answer takes the same amount of time
to check, and there are no clues about which answers might be
better: generating possibilities randomly is just as good as checking them in some special order.
An example of this is a password cracker that attempts to guess the password for an encrypted file (assuming that the password has a maximum possible length). For problems with all four properties, the time for a quantum computer to solve this will be proportional to the square root of n. That can be a very large speedup, reducing some problems from years to seconds. It can be used to attack symmetric ciphers such as Triple DES and AES by attempting to guess the secret key. Regardless of whether any of these problems can be shown to have an advantage on a quantum computer, they nonetheless will always have the advantage of being an excellent tool for studying quantum mechanical interactions, which of itself is an enormous value to the scientific community.
Grover's algorithm can also be used to obtain a quadratic speed-up (over a brute-force search) for a class of problems known as NP (Nondeterministic Polynomial time)-complete. Since chemistry and nanotechnology rely on understanding quantum systems, and such systems are impossible to simulate in an efficient manner classically, many believe quantum simulation will be one of the most important applications of quantum computing. There are a number of practical difficulties in building a quantum computer, and thus far quantum computers have only solved trivial problems. David DiVincenzo, of IBM, listed the following requirements for a practical quantum computer [1]:
scalable physically to increase the number of qubits; qubits can be initialized to arbitrary values; quantum gates faster than decoherence time; universal gate set; qubits can be read easily.
5. QUANTUM DECOHERENCE One of the greatest challenges is controlling or removing decoherence. This usually means isolating the system from its environment as the slightest interaction with the external world would cause the system to decohere. This effect is irreversible, as it is non-unitary, and is usually something that should be avoided, if not highly controlled. Decoherence times for candidate systems, in particular the transverse relaxation time T2 (for NMR and MRI technology, also called the dephasing time), typically range between nanoseconds and seconds at low temperature. These issues are more difficult for optical approaches as the timescales are orders of magnitude lower and an often cited approach to overcoming them is optical pulse shaping. Error rates are typically proportional to the ratio of operating time to decoherence time, hence any operation must be completed much more quickly than the decoherence time. If the error rate is small enough, it is thought to be possible to use quantum error correction, which corrects errors due to decoherence, thereby allowing the total calculation time to be longer than the decoherence time. An often cited figure for required error rate in each gate is 10−4. This implies that each gate must be able to perform its task 10,000 times faster than the decoherence time of the system. Meeting this scalability condition is possible for a wide range of systems. However, the use of error correction brings with it the cost of a greatly increased number of required qubits. The number required to factor integers using Shor's algorithm is still polynomial, and thought to be between L and L2, where L is the number of bits in the number to be factored; error correction algorithms would inflate this figure by an additional factor of L. For a 1000-bit number, this implies a need for about 104 qubits without error correction. With error correction, the figure would rise to about 107 qubits. Note that computation time is about L2 or about 107 steps and on 1 MHz, about 10 seconds. A very different approach to the stability-decoherence problem is to create a topological quantum computer with anyons, quasi-particles used as threads and relying on braid theory to form stable logic gates [1].
6. QUANTUM COMMUNICATION The research carried out on quantum computing has created the spin-off field of quantum communication. This area of research aims to provide secure communication mechanisms by using the properties of quantum mechanical effects [2].
6.1 How quantum communication works? Quantum communications makes use of the fact that information can be encoded as the polarisation of photons (i.e. the orientation of a photon's oscillation). An oscillation in one direction can be thought of as 0 and in another as a 1. Two sets of polarisations are commonly used, rectilinear and diagonal (see figure 15)[].
Figure 15: The polarisation of photons can be used to encode data. In order to receive the data, the polarisation of the filter must match that of the photons.
The property that quantum communication exploits is that in order to receive the correct information, photons have to be measured using the correct filter polarisation e.g. the same polarisation that the information was transmitted with. If a receiver is in rectilinear polarisation, and a diagonally polarised photon is sent, then a completely random result will appear at the receiver. Using this, property information can be sent in such a way as to make it impossible for an eavesdropper to listen undetected. The mechanism by which this works is as follows:
1. The sender transmits information to the receiver using random polarisations.
2. The receiver detects this information (also at random polarisations) and records it.
3. The sender then informs the receiver of the polarisations that he used over a public channel.
4. The receiver and sender compare a random selection of the information that was received at the correct polarisation.
5. If an eavesdropper has intercepted and forwarded the information, the receiver and sender will be alerted as a higher percentage of errors will be present than expected.
6. If an eavesdropper has been detected, then the whole process has to be repeated.
For example, say there is a sender named Alice who wishes to transmit information to Bob without an eavesdropper Eve listening. They would follow the steps as described above. If Eve tries to eavesdrop, she will have to measure the bits coming from Alice and then forward them to Bob (she can't simply look at the information as doing so will alter it's content). She must use random polarisations to do this, as she does not know which ones Alice used. The chances are that Eve will correctly receive 50% of the information, the other 50% will consist of random values. The fact that approximately half of the random values will be correct means that Eve can at best forward 75% of the correct information to Bob.
Assuming that there is negligible noise on the communication line, Bob will be able to detect that Eve has eavesdropped, as the information he received at the correct polarisation will contain more than 25% errors. He checks for errors by comparing a random selection with Alice on a public channel. Another way that Eve could attempt to subvert communication between Bob and Alice is to intercept the information and send her own instead. Eve will be thwarted by the fact that Alice and Bob discuss a randomly selected group of values, giving away the fact that Eve changed the information. It does not matter how subtly Eve intercepts the signal, Alice and Bob will always be able to discover that she has been listening to the line. This system can only work if the noise on the communication line is negligible, if the line had 25% noise for example it would be impossible to distinguish an eavesdropper from the noise itself. British Telecom has managed to implement a line with only 9% error over a distance of 10km, giving quantum communications a promising future [2].
6.2 Quantum bit commitment A different method of quantum communication is quantum bit commitment. Using this method, people can compare or combine information while keeping each individual contribution secret. A possible use for this would be in contract bidding (making firms bid their best possible offer instead of simply higher than the highest opposition). The basic operation of this method is as follows:
1. Alice sends a string of photons to Bob, all of which are at the same polarisation.
2. Bob receives the photons, randomly changing his polarisation and recording the results.
3. Alice can prove to Bob that she sent the information by telling him the pattern of 1's and 0's he saw when his polarisation was the same as hers.
The weakness in this system is that Alice can cheat by creating pairs of photons and sending only one to Bob. These matched photons have the strange quantum property, which no matter how far apart, an observation of one will effect how the other appears at the receiver. Alice can now change Bob's photons by manipulating the copy she kept. Researchers knew of this problem for some time, and Mayor has recently proven that this is a general weakness of all quantum bit commitment systems [2].
7. CANDIDATES There are a number of quantum computing candidates, among those:
Superconductor-based quantum computers (including SQUID-based quantum computers)
Trapped ion quantum computer Optical lattices Topological quantum computer Quantum dot on surface (e.g. the Loss-DiVincenzo
quantum computer) Nuclear magnetic resonance on molecules in solution
(liquid NMR) Solid state NMR Kane quantum computers Electrons on helium quantum computers Cavity quantum electrodynamics (CQED) Molecular magnet Fullerene-based ESR quantum computer
Optic-based quantum computers (Quantum optics) Diamond-based quantum computer Bose–Einstein condensate-based quantum computer Transistor-based quantum computer - string quantum
computers with entrainment of positive holes using an electrostatic trap
Spin-based quantum computer Adiabatic quantum computation Rare-earth-metal-ion-doped inorganic crystal based
quantum computers
The large number of candidates shows explicitly that the topic, in spite of rapid progress, is still in its infancy. But at the same time there is also a vast amount of flexibility. In 2005, researchers at the University of Michigan built a semiconductor chip which functioned as an ion trap. Such devices, produced by standard lithography techniques, may point the way to scalable quantum computing tools. An improved version was made in 2006 [1].
8. QUANTUM COMPUTING IN COMPUTATIONAL COMPLEXITY THEORY This section surveys what is currently known mathematically about the power of quantum computers. It describes the known results from computational complexity theory and the theory of computation dealing with quantum computers. The class of problems that can be efficiently solved by quantum computers is called BQP, for "bounded error, quantum, polynomial time". Quantum computers only run probabilistic algorithms, so BQP on quantum computers is the counterpart of BPP (class of decision problems) on classical computers. It is defined as the set of problems solvable with a polynomial-time algorithm, whose probability of error is bounded away from one quarter. A quantum computer is said to "solve" a problem if, for every instance, its answer will be right with high probability. If that solution runs in polynomial time, then that problem is in BQP.
Figure 16: The suspected relationship of BQP to other problem spaces BQP is contained in the complexity class #P (or more precisely in the associated class of decision problems P#P), which is a subclass of PSPACE (polynomial amount of memory).
BQP is suspected to be disjoint from NP-complete and a strict superset of P, but that is not known. Both integer factorization and discrete log are in BQP. Both of these problems are NP problems suspected to be outside BPP, and hence outside P. Both are suspected to not be NP-complete. There is a common misconception that quantum computers can solve NP-complete problems in polynomial time. That is not known to be true, and is generally suspected to be false. Quantum gates may be viewed as linear transformations. Daniel S. Abrams and Seth Lloyd have shown that if nonlinear transformations are permitted, then NP-complete problems could be solved in polynomial time. It could even do so for #P-complete problems. They do not believe that such a machine is possible. Although quantum computers may be faster than classical computers, those described above can't solve any problems that classical computers can't solve, given enough time and memory (however, those amounts might be practically infeasable). A Turing machine can simulate these quantum computers, so such a quantum computer could never solve an undecidable problem like the halting problem. The existence of "standard" quantum computers does not disprove the Church–Turing thesis [1].
9. CURRENT PROGRESS & FUTURE PROSPECTS The recent work on the 'computing liquid' technique pioneered by Dr. Gershenfield and Dr. Chuang (Los Alamos National Laboratory, New Mexico) has given quantum computing a promising future. In fact, Dr. Gershenfield believes that a quantum co-processor could be a reality within 10 years if the current pace of advancement continues. Other techniques, such as quantum dots, may also yield similar results as our technology advances. The optimist will point out that the problems being experienced by researchers appear to be technical rather than fundamental. On the other side of the argument, is the topic of decoherence. This problem has not been resolved and many people, including Rolf Landauer of IBM's Thomas Watson Research Centre, believe that the quantum computer is unlikely to progress beyond the 10-qubit system, as decoherence makes them too fragile to be practical. Researchers in quantum communication have enjoyed a greater level of success. The partial quantum computers involved have enabled secure communication over distances as far as 10km. Depending on how costly these lines are to develop and the demand that exists for them, there could be a strong future for quantum communications [2].
10. CONCLUSION With classical computers gradually approaching their limit, the quantum computer promises to deliver a new level of computational power. With them comes a whole new theory of computation that incorporates the strange effects of quantum mechanics and considers every physical object to be some kind of quantum computer. A quantum computer thus has the theoretical capability of simulating any finite physical system and may even hold the key to creating an artificially intelligent computer. The quantum computers power to perform calculations across a multitude of parallel universes gives it the ability to quickly perform tasks that classical computers will never be able to practically achieve. This power can only be unleashed with the
correct type of algorithm, a type of algorithm that is extremely difficult to formulate. Some algorithms have already been invented; they are proving to have huge implications on the world of cryptography. This is because they enable the most commonly used cryptography techniques to be broken in a matter of seconds. Ironically, a spin off of quantum computing, quantum communication allows information to be sent without eavesdroppers listening undetected. For now at least, the world of cryptography is safe because the quantum computer is proving to be vary difficult to implement. The very thing that makes them powerful, their reliance on quantum mechanics, also makes them extremely fragile. The most successful experiments only being able to add one and one together. Nobody can tell if the problems being experienced by researchers can be overcome, some like Dr. Gershenfield are hopeful that they can whilst others believe that the quantum computer will always be to fragile to be practical.
11. GLOSSARY OF TERMS AES
Advanced Encryption Standard BPP
In complexity theory, BPP is the class of decision problems solvable by a probabilistic Turing machine in polynomial time, with an error probability of at most 1/3 for all instances. The abbreviation BPP refers to Bounded-error, Probabilistic, Polynomial time.
BQP In computational complexity theory BQP stands for Bounded error, Quantum, Polynomial time. It denotes the class of decision problems solvable by a quantum computer in polynomial time, with an error probability of at most 1/3 for all instances.
Coherent Term used to describe the stable superposition of states
Computing liquid A possible quantum computer whose molecules can be used as qubits
Decoherence When a quantum bit stabilises into only one of its states
DES Data Encryption Standard
Diagonal Polarisation at 45 and 135
Grover's Algorithm An algorithm to search databases, that can also be used to crack DES
Ket notation Bra-ket notation is a standard notation for describing quantum states in the theory of quantum mechanics composed of angle brackets and vertical bars.
NMR Nuclear Magnetic Resonance
MRI Magnetic Resonance Imaging
Polarisation The orientation of a photon's vibrations
PSPACE In complexity theory the class PSPACE is the set of decision problems that can be solved by a Turing machine using a polynomial amount of memory and unlimited time. PSPACE is a strict superset of the set of context-sensitive languages.
Public Key Encryption A method of encryption which uses the difficulty to factorise large numbers as its safeguard against cracking
Quantum bit commitment A flawed method of verifying the source of a message
Qubit A quantum bit, capable of being in both 0 and 1 states simultaneously
Quantum parallelism By performing operations on qubits, many values can be processed with one calculation
Quantum communication Using quantum effects to send information without eavesdroppers listening undetected
Quantum computer A computer that is capable of utilising the effects of quantum parallelism
Quantum dot A possible implementation of a qubit
Rectilinear The vertical and horizontal polarisations
Shor's Algorithm Algorithm to factorise large numbers
Toffoli Gate A universal reversible gate.
VLSI Very Large Scale Integration.
12. REFERENCES [1]. Wikipedia: Quantum computer, Link:
http://en.wikipedia.org/wiki/Quantum_computer. [2]. Bone S., Castro M.: A Brief History of Quantum
Computing, Link: http://www.doc.ic.ac.uk/~nd/surprise_97/journal/vol4/spb3/.
[3]. Vazirani U., Lecture notes, Grover’s algorithm, University of California at Berkeley, Berkeley, CA 94720, U.S.A. 2004, Link: http://www.eecs.berkeley.edu/~vazirani/f04quantum/notes/lec10/lec10.pdf.
[4]. Vazirani U., Lecture notes, Shor's Factoring Algorithm, University of California at Berkeley, Berkeley, CA 94720, U.S.A. 2004, Link: http://www.eecs.berkeley.edu/~vazirani/f04quantum/notes/lec9.pdf.
[5]. McMahon D., 2007 Quantum computing expained, ISBN 978-0-470-09699-4 (cloth), 1. Quantum computers. I. Title., QA76.889.M42 2007, 004.1–dc22.
[6]. Paul H., 2008 Introduction to Quantum theory, Humboldt-Universität zu Berlin, ISBN-13 978-0-511-40865-6, Cambridge University Press, The Edinburgh Building, Cambridge CB2 8RU, UK