Shor s Algorithm. Polynomial-time Prime Factorization with Quantum Computing. Sourabh Kulkarni October 13th, 2017

Similar documents
Shor s Prime Factorization Algorithm

Introduction to Quantum Computing

Logic gates. Quantum logic gates. α β 0 1 X = 1 0. Quantum NOT gate (X gate) Classical NOT gate NOT A. Matrix form representation

Number Theory. CSS322: Security and Cryptography. Sirindhorn International Institute of Technology Thammasat University CSS322. Number Theory.

Notes. Number Theory: Applications. Notes. Number Theory: Applications. Notes. Hash Functions I

Mathematics of Public Key Cryptography

Number Theory: Applications. Number Theory Applications. Hash Functions II. Hash Functions III. Pseudorandom Numbers

Quantum Computing 101. ( Everything you wanted to know about quantum computers but were afraid to ask. )

Lecture note 8: Quantum Algorithms

COMP239: Mathematics for Computer Science II. Prof. Chadi Assi EV7.635

Shor s Algorithm. Elisa Bäumer, Jan-Grimo Sobez, Stefan Tessarini May 15, 2015

ENEE 457: Computer Systems Security. Lecture 5 Public Key Crypto I: Number Theory Essentials

NUMBER THEORY AND CODES. Álvaro Pelayo WUSTL

Review. CS311H: Discrete Mathematics. Number Theory. Computing GCDs. Insight Behind Euclid s Algorithm. Using this Theorem. Euclidian Algorithm

Lecture 6: Introducing Complexity

Quantum Computers. Peter Shor MIT

Quantum Computation and Communication

Simon s algorithm (1994)

Quantum Computing. Thorsten Altenkirch

Discrete Mathematics GCD, LCM, RSA Algorithm

MATH 433 Applied Algebra Lecture 4: Modular arithmetic (continued). Linear congruences.

Public Key Encryption

Introduction to Quantum Computing

CPSC 467: Cryptography and Computer Security

Cryptography CS 555. Topic 18: RSA Implementation and Security. CS555 Topic 18 1

Basic elements of number theory

Basic elements of number theory

Ma/CS 6a Class 4: Primality Testing

Math 299 Supplement: Modular Arithmetic Nov 8, 2013

Slides by Christopher M. Bourke Instructor: Berthe Y. Choueiry. Spring 2006

Lecture 11 - Basic Number Theory.

Tutorial on Quantum Computing. Vwani P. Roychowdhury. Lecture 1: Introduction

A brief survey on quantum computing

Public Key Cryptography

Numbers. Çetin Kaya Koç Winter / 18

Quantum Computing. 6. Quantum Computer Architecture 7. Quantum Computers and Complexity

LECTURE 5: APPLICATIONS TO CRYPTOGRAPHY AND COMPUTATIONS

Congruence of Integers

Classical RSA algorithm

Cryptography. pieces from work by Gordon Royle

The RSA Cryptosystem: Factoring the public modulus. Debdeep Mukhopadhyay

YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE

CPSC 467b: Cryptography and Computer Security

Math 109 HW 9 Solutions

Lecture 3.1: Public Key Cryptography I

Cosc 412: Cryptography and complexity Lecture 7 (22/8/2018) Knapsacks and attacks

Quantum Computation 650 Spring 2009 Lectures The World of Quantum Information. Quantum Information: fundamental principles

Lecture 5: Arithmetic Modulo m, Primes and Greatest Common Divisors Lecturer: Lale Özkahya

CPE 776:DATA SECURITY & CRYPTOGRAPHY. Some Number Theory and Classical Crypto Systems

MATH 501 Discrete Mathematics. Lecture 6: Number theory. German University Cairo, Department of Media Engineering and Technology.

Ch 4.2 Divisibility Properties

Figure 1: Circuit for Simon s Algorithm. The above circuit corresponds to the following sequence of transformations.

8 Elliptic Curve Cryptography

basics of security/cryptography

)j > Riley Tipton Perry University of New South Wales, Australia. World Scientific CHENNAI

ECE 646 Lecture 5. Mathematical Background: Modular Arithmetic

Topics in Cryptography. Lecture 5: Basic Number Theory

ICS141: Discrete Mathematics for Computer Science I

Introduction to Cybersecurity Cryptography (Part 5)

C/CS/Phys 191 Shor s order (period) finding algorithm and factoring 11/01/05 Fall 2005 Lecture 19

This is a recursive algorithm. The procedure is guaranteed to terminate, since the second argument decreases each time.

Introduction to Cryptology. Lecture 19

Qubit Recycling. Ran Chu. May 4, 2016

Introduction to Quantum Information Processing QIC 710 / CS 768 / PH 767 / CO 681 / AM 871

Implementation Tutorial on RSA

CS483 Design and Analysis of Algorithms

1 Recommended Reading 1. 2 Public Key/Private Key Cryptography Overview RSA Algorithm... 2

Elementary Number Theory Review. Franz Luef

Factoring on a Quantum Computer

A Parallel Processing Algorithms for Solving Factorization and Knapsack Problems

Addition. Ch1 - Algorithms with numbers. Multiplication. al-khwārizmī. al-khwārizmī. Division 53+35=88. Cost? (n number of bits) 13x11=143. Cost?

Lecture 10: HMAC and Number Theory

12x + 18y = 50. 2x + v = 12. (x, v) = (6 + k, 2k), k Z.

Mind the gap Solving optimization problems with a quantum computer

CS 4770: Cryptography. CS 6750: Cryptography and Communication Security. Alina Oprea Associate Professor, CCIS Northeastern University

Theoretical Cryptography, Lecture 13

Shor s Quantum Factorization Algorithm

COMP4109 : Applied Cryptography

Great Ideas in Theoretical Computer Science. Lecture 28: A Gentle Introduction to Quantum Computation

CPSC 467: Cryptography and Computer Security

Quantum Computing. Part I. Thorsten Altenkirch

Integers and Division

Introduction to Quantum Computing

INTEGERS. In this section we aim to show the following: Goal. Every natural number can be written uniquely as a product of primes.

From the Shortest Vector Problem to the Dihedral Hidden Subgroup Problem

Lecture Notes. Advanced Discrete Structures COT S

Mathematical Foundations of Public-Key Cryptography

Introduction to Cryptography. Lecture 6

Public Key Algorithms

Verification of quantum computation

Encryption: The RSA Public Key Cipher

Number Theory. Modular Arithmetic

arxiv:quant-ph/ v2 22 Jan 2004

Quantum Algorithms. 1. Definition of the Subject and Its Importance. 4. Factoring, Discrete Logarithms, and the Abelian Hidden Subgroup Problem

Introduction to Quantum Algorithms Part I: Quantum Gates and Simon s Algorithm

Lecture 1: Introduction to Public key cryptography

Ma/CS 6a Class 4: Primality Testing

Quantum Computing and Shor s Algorithm

Wednesday, February 21. Today we will begin Course Notes Chapter 5 (Number Theory).

Transcription:

Shor s Algorithm Polynomial-time Prime Factorization with Quantum Computing Sourabh Kulkarni October 13th, 2017

Content Church Thesis Prime Numbers and Cryptography Overview of Shor s Algorithm Implementation with Quantum Computing 2

Church Thesis Any physical computing device can be simulated by a Turing machine in a number of steps polynomial in the resources used by the computing device. Means that any physical computer does essentially what a Turing machine does This statement initially thought to encompass the computation power of all computers 3

Church Thesis and Quantum Computers While natural computing power of classical mechanics corresponds to that of Turing machines, the natural computing power of quantum mechanics might be greater Feynman - quantum mechanics computationally more powerful than Turing machines; cannot be simulated by Turing machine in polynomial time Example - Shor s Algorithm takes polynomial time in QC vs. super-polynomial time in classical computers 4

Prime Numbers and Cryptography Cryptography requires one-way functions Easy to encode; hard to decode(without key) Products of large primes satisfy this requirement Finding two large primes and multiplying them easy Finding prime factors of a very large number hard How is this used in cryptography? Product of primes (N) public key; prime factors (p, q) private key Public key to encode information; private keys to decode Used in RSA 5

Finding Prime Factors Finding a prime factor of N = breaking the RSA; But how? Naïve approach Trail & error (check all primes less than N) Highly Inefficient; exp (log N) Advanced approach Modulo arithmetic 6

Modulo Arithmetic Basics: a x (mod N) means x is remainder of a/n e.g., 10 x mod 4, so x=? Modulo arithmetic and exponentiation Periodicity - f a,n (x) = a x (mod N) is periodic if a, N are relatively prime e.g. 3 and 10, 3 k Mod 10 for k = 1,2, has a repeating pattern 7

Modulo Arithmetic 3 k 3 k (mod 10) 3 3 9 9 27 7 81 1 243 3 729 9 2187 7 6561 1 Period r = 4 8

Modulo Arithmetic Modulo arithmetic and exponentiation If two numbers are relatively prime, e.g. 3 and 10, 3 k (mod 10) for k = 1,2, has a repeating pattern This pattern has a period, denoted as r r has the property that 3 r mod 10 = 1; or 3 r -1 mod 10 = 0 In other words, 3 r -1 is divisible by 10 This property is used in Shor s algorithm 9

Prime factors with modulo arithmetic N = p.q ; where p, q are primes we need to find let a be integer smaller than N Let r be the period of a x (mod N) Now, a r -1 = k.n = k.p.q, where k is some integer (a r/2-1). (a r/2 +1) = k.p.q (a r/2-1)/p. (a r/2 +1)/q = k p = gcd(a r/2-1, N); q = gcd(a r/2 +1, N) 10

Shor s Algorithm Problem: Given an odd composite number N, find an integer a, that divides N. Shor s algorithm has 2 parts: Convert a factoring problem into a period finding problem (classical, using properties of modulo arithmetic) Use Quantum Fourier Transform to find the period (this achieves the speedup vs. classical) 11

Shor s Algorithm Has 5 steps: Step 1 : Choose a < N such that a, N are co-prime (gcd (a, N)=1) Step 2 : Use Quantum Fourier Transform to find the period r of the function f a,n (x) = a x (mod N) Step 3 : If, r = odd: go to Step 1 r = even: go to Step 4 12

Shor s Algorithm Step 4 : (a r/2-1). (a r/2 +1) = k.p.q If a r/2 +1 = 0 mod N ;means trivial solution (will give answers 1, N) go to Step 1; If a r/2 +1 0 mod N ; go to Step 5. Step 5: Compute p = gcd (a r/2-1, N) 13

Shor s Algorithm Quantum Portion 1. Choose q=2 L such that N 2 q 2N 2 ; (ensure sufficient cycles) 2. Choose x such that x<n, gcd(x,n)=1 3. Create two quantum registers of size q, and entangle them. 14

Shor s Algorithm Quantum Portion 3. Set the initial state Reg1 Reg2 as Reg1 has equal superposition of all numbers from 0 to q-1 Reg2 has the quantum modulo exponentiation of 0 to q-1 w.r.t N 678 Reg1 Reg2 = 1 q + a x. (mod N).9: 15

Shor s Algorithm Quantum Portion 4. Apply Quantum Fourier Transform on Reg1 678 D9: Reg1 = 8 6 e This makes the new entangled state as: =>?@A B c 678 678 Reg1 Reg2 = 1 EFG.D q + + e 6 c x. (mod N).9: D9: 16

Shor s Algorithm Quantum Portion 5. Observe the entangled state, which collapses it in one of r possible states; The probability P of observing values of c between 0 and 255, given q = 256 and r = 10 we now calculate the probability P that the observed state is, say, c x H (mod N)I where 0<k<r 17

Shor s Algorithm Quantum Portion 5. The expression for probability is as follows: 8 J.:L @ L N e =>?@A B This is essentially the sum over every r th term k, k+r, k+2r, We need to extract r from this probability expression. E 18

Shor s Algorithm Quantum Portion 6. Solving this expression obtained in previous stage: 8 J.:L @ L N e =>?@A B E We end up with this expression: c q d r 1 2q 19

Shor s Algorithm Quantum Portion 7. With c, q known, we solve the equation c q d r 1 2q for S such that the denominator is less than N. This is done by T continued fraction process (polynomial time classical algorithms exist). Once we obtain such fraction S, which takes O(log log r) repetitions, the T denominator is the period of the function, which is what we need. 20

Shor s Algorithm Discussions Algorithm is polynomial time in high probability Best classical factorisation is exp (c (log n) 1/3 (log log n) 2/3 ) Shor s algorithm is O((log n) 2 (log log n)(log log log n)) Period is found with high probability with the algorithm repeated O(log log r) times First number factorized with this algorithm in a QC was 15 in 2001 using 8 qubits New algorithm called the minimization algorithm is currently used; it has factored the number 56,153 in 2012 using just 4 qubits 21

22

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback