QUANTUM ALGORITHMS IN ALGEBRAIC NUMBER THEORY

Similar documents
Stanford University CS259Q: Quantum Computing Handout 8 Luca Trevisan October 18, 2012

9.1 The multiplicative group of a finite field. Theorem 9.1. The multiplicative group F of a finite field is cyclic.

C/CS/Phys C191 Shor s order (period) finding algorithm and factoring 11/12/14 Fall 2014 Lecture 22

Method for Approximating Irrational Numbers

of the contestants play as Falco, and 1 6

Chapter 3: Theory of Modular Arithmetic 38

Quantum Fourier Transform

New problems in universal algebraic geometry illustrated by boolean equations

A Bijective Approach to the Permutational Power of a Priority Queue

Vanishing lines in generalized Adams spectral sequences are generic

arxiv: v1 [math.co] 1 Apr 2011

10/04/18. P [P(x)] 1 negl(n).

Enumerating permutation polynomials

When two numbers are written as the product of their prime factors, they are in factored form.

Berkeley Math Circle AIME Preparation March 5, 2013

3.1 Random variables

AQI: Advanced Quantum Information Lecture 2 (Module 4): Order finding and factoring algorithms February 20, 2013

Math 301: The Erdős-Stone-Simonovitz Theorem and Extremal Numbers for Bipartite Graphs

arxiv: v1 [math.co] 4 May 2017

Chapter 5 Linear Equations: Basic Theory and Practice

SOME GENERAL NUMERICAL RADIUS INEQUALITIES FOR THE OFF-DIAGONAL PARTS OF 2 2 OPERATOR MATRICES

Galois points on quartic surfaces

Available online through ISSN

Construction and Analysis of Boolean Functions of 2t + 1 Variables with Maximum Algebraic Immunity

ON INDEPENDENT SETS IN PURELY ATOMIC PROBABILITY SPACES WITH GEOMETRIC DISTRIBUTION. 1. Introduction. 1 r r. r k for every set E A, E \ {0},

A Relativistic Electron in a Coulomb Potential

( ) [ ] [ ] [ ] δf φ = F φ+δφ F. xdx.

Introduction Common Divisors. Discrete Mathematics Andrei Bulatov

PROBLEM SET #1 SOLUTIONS by Robert A. DiStasio Jr.

ONE-POINT CODES USING PLACES OF HIGHER DEGREE

Functions Defined on Fuzzy Real Numbers According to Zadeh s Extension

F-IF Logistic Growth Model, Abstract Version

Identification of the degradation of railway ballast under a concrete sleeper

arxiv: v2 [math.ag] 4 Jul 2012

EM Boundary Value Problems

Exceptional regular singular points of second-order ODEs. 1. Solving second-order ODEs

A pathway to matrix-variate gamma and normal densities

On the Quasi-inverse of a Non-square Matrix: An Infinite Solution

Solution to HW 3, Ma 1a Fall 2016

Chromatic number and spectral radius

Research Article On Alzer and Qiu s Conjecture for Complete Elliptic Integral and Inverse Hyperbolic Tangent Function

ASTR415: Problem Set #6

New Finding on Factoring Prime Power RSA Modulus N = p r q

Secret Exponent Attacks on RSA-type Schemes with Moduli N = p r q

A Crash Course in (2 2) Matrices

DonnishJournals

On a quantity that is analogous to potential and a theorem that relates to it

Fixed Argument Pairing Inversion on Elliptic Curves

Do Managers Do Good With Other People s Money? Online Appendix

Hydroelastic Analysis of a 1900 TEU Container Ship Using Finite Element and Boundary Element Methods

PHYS 301 HOMEWORK #10 (Optional HW)

Numerical approximation to ζ(2n+1)

On the ratio of maximum and minimum degree in maximal intersecting families

MATH 220: SECOND ORDER CONSTANT COEFFICIENT PDE. We consider second order constant coefficient scalar linear PDEs on R n. These have the form

Complex Eigenvalues. Prepared by Vince Zaccone For Campus Learning Assistance Services at UCSB

HOW TO TEACH THE FUNDAMENTALS OF INFORMATION SCIENCE, CODING, DECODING AND NUMBER SYSTEMS?

2 S. Gao and M. A. Shokollahi opeations in Fq, and usually we will use the \Soft O" notation to ignoe logaithmic factos: g = O(n) ~ means that g = O(n

4/18/2005. Statistical Learning Theory

An Exact Solution of Navier Stokes Equation

Using Laplace Transform to Evaluate Improper Integrals Chii-Huei Yu

A NOTE ON ROTATIONS AND INTERVAL EXCHANGE TRANSFORMATIONS ON 3-INTERVALS KARMA DAJANI

Pearson s Chi-Square Test Modifications for Comparison of Unweighted and Weighted Histograms and Two Weighted Histograms

Physics 2A Chapter 10 - Moment of Inertia Fall 2018

ON THE TWO-BODY PROBLEM IN QUANTUM MECHANICS

The Congestion of n-cube Layout on a Rectangular Grid S.L. Bezrukov J.D. Chavez y L.H. Harper z M. Rottger U.-P. Schroeder Abstract We consider the pr

KOEBE DOMAINS FOR THE CLASSES OF FUNCTIONS WITH RANGES INCLUDED IN GIVEN SETS

working pages for Paul Richards class notes; do not copy or circulate without permission from PGR 2004/11/3 10:50

On decompositions of complete multipartite graphs into the union of two even cycles

Analytical Solutions for Confined Aquifers with non constant Pumping using Computer Algebra

Quasi-Randomness and the Distribution of Copies of a Fixed Graph

A STUDY OF HAMMING CODES AS ERROR CORRECTING CODES

Geometry of the homogeneous and isotropic spaces

SMT 2013 Team Test Solutions February 2, 2013

Unobserved Correlation in Ascending Auctions: Example And Extensions

SPECTRAL SEQUENCES. im(er

Bifurcation Analysis for the Delay Logistic Equation with Two Delays

Multiple Criteria Secretary Problem: A New Approach

SOME SOLVABILITY THEOREMS FOR NONLINEAR EQUATIONS

THE CONE THEOREM JOEL A. TROPP. Abstract. We prove a fixed point theorem for functions which are positive with respect to a cone in a Banach space.

A NEW VARIABLE STIFFNESS SPRING USING A PRESTRESSED MECHANISM

Review: Electrostatics and Magnetostatics

arxiv: v1 [math.co] 6 Mar 2008

Divisibility. c = bf = (ae)f = a(ef) EXAMPLE: Since 7 56 and , the Theorem above tells us that

CHAPTER 25 ELECTRIC POTENTIAL

The Poisson bracket and magnetic monopoles

Bounds for Codimensions of Fitting Ideals

Hua Xu 3 and Hiroaki Mukaidani 33. The University of Tsukuba, Otsuka. Hiroshima City University, 3-4-1, Ozuka-Higashi

Pascal s Triangle (mod 8)

On a generalization of Eulerian numbers

arxiv: v1 [math.nt] 12 May 2017

The Substring Search Problem

Numerical Integration

ON SPARSELY SCHEMMEL TOTIENT NUMBERS. Colin Defant 1 Department of Mathematics, University of Florida, Gainesville, Florida

ON LACUNARY INVARIANT SEQUENCE SPACES DEFINED BY A SEQUENCE OF MODULUS FUNCTIONS

Absorption Rate into a Small Sphere for a Diffusing Particle Confined in a Large Sphere

arxiv: v1 [math.nt] 28 Oct 2017

Application of Parseval s Theorem on Evaluating Some Definite Integrals

Surveillance Points in High Dimensional Spaces

ANA BERRIZBEITIA, LUIS A. MEDINA, ALEXANDER C. MOLL, VICTOR H. MOLL, AND LAINE NOBLE

f h = u, h g = v, we have u + v = f g. So, we wish

Transcription:

QUANTU ALGORITHS IN ALGEBRAIC NUBER THEORY SION RUBINSTEIN-SALZEDO Abstact. In this aticle, we discuss some quantum algoithms fo detemining the goup of units and the ideal class goup of a numbe field. Assuming the genealized Riemann hypothesis, we will show futhemoe that these algoithms equie only quantum polynomial time.. Intoduction Two vey impotant poblems in computational algebaic numbe theoy ae the computations of the unit goup and the ideal class goup of an algebaic numbe field. These goups ae vey impotant objects both in algebaic numbe theoy and in othe aeas of mathematics. Ideal class goups of numbe fields wee fist studied by Gauß in 798. They also played a majo ole in seveal ealy attempts at poving Femat s Last Theoem stating with the wok of Kumme. In paticula, if p is an odd pime and p does not divide the class numbe of Q(ζ p ), whee ζ p is a pimitive p th oot of unity, then it can be shown (see [5]) without too much difficulty that x p + y p = z p has no intege solutions in which p xyz. (The case of p xyz is also teated in [5], but it is moe difficult.) In this pape, we discuss algoithms that compute the unit goup and the ideal class goup of a numbe field in quantum polynomial time. The algoithms we study hee ae due to Hallgen [2]. In the classical case, these two poblems ae typically solved simultaneously. In the quantum case, howeve, we fist need to compute the unit goup, and then we use the esult of that computation to compute the ideal class goup. 2. Numbe Theoetic Peliminaies Of key impotance in algebaic numbe theoy is the Galois goup of a field extension; if L/K is a field extension, then Gal(L/K) is the goup of field automophisms of L that fix evey element of K. We fequently wite elements of the Galois goup multiplicatively, i.e. we wite x σ athe than σ(x). Definition. An (algebaic) numbe field K is a finite field extension of the field of ational numbes Q contained in the field of complex numbes C. The ing of integes o = o K of K is the set of oots of monic polynomials f(x) Z[x] lying in K. The degee of K is the dimension of K consideed as a vecto space ove Q; we wite [K : Q] fo this numbe. If [K : Q] = d, and o = Zα + + Zα d, then the disciminant of K is defined to be = det(t(α i α j )) i,j, d, whee T : F Q is given by x σ Gal(K/Q) xσ.

2 SION RUBINSTEIN-SALZEDO It tuns out (see e.g. Chapte 4 of []) that the stuctue of the goup of units o of o can be descibed quite explicitly. Theoem 2. (Diichlet s Unit Theoem.) Suppose K is a numbe field. If K has distinct embeddings into R and 2 complex conjugate pais of embeddings into C, and µ K is the goup of oots of unity of K, then o = µk Z + 2. Theefoe to compute the unit goup of a numbe field, it suffices to list geneatos of the tosion-fee pat of o. In the case of a eal quadatic field Q( d), d > 0 a squaefee intege, finding a geneato of the tosion-fee pat of o is equivalent to finding the smallest nontivial solution to Pell s equation x 2 dy 2 =. Anothe impotant goup in algebaic numbe theoy is the ideal class goup. To define the ideal class goup, we fist need the notion of a (factional) ideal. Definition 3. A factional ideal of o is a finitely geneated o-submodule of K. It is well-known that in a Dedekind domain (such as the ing of integes of a numbe field), evey factional ideal is invetible. (That is, fo evey factional ideal a, thee is anothe factional ideal b so that ab = o.) Theefoe the factional ideals of o fom an abelian goup unde multiplication with identity o; this goup is denoted by I K. The pincipal factional ideals (i.e. those of the fom ao fo some a K ) fom a subgoup P K of I K. Definition 4. The ideal class goup Cl(K) of K is the quotient goup I K /P K. The majo esult about ideal class goups is the following theoem: Theoem 5. If K is a numbe field, then Cl(K) is a finite goup. We call its ode the class numbe of K. 3. The Algoithm fo Computing the Unit Goup In what follows, we will assume that we ae fixing a positive intege d 2, and that the numbe fields consideed ae of degee d. We will ente the numbe field by inputting the disciminant of K. Ou algoithms will un in polynomial time in log and d. The output fomat is slightly moe poblematical: in geneal, a geneating set fo the unit goup will not be polynomial in log. Howeve, the logaithms of the elements of the geneating set is polynomial in log ; theefoe if α is in the geneating set, we will output the vecto Log(α) = (log α,..., log α ), whee i uns ove some = + 2 of the + 2 absolute values detemined by embeddings of K into C. (Complex conjugate pais of embeddings into C detemine the same absolute value.) These vectos will not be pecisely units since the logaithms will be iational; howeve, we can specify them to the necessay degee of pecision. Unde this logaithm map, the units of o (modulo the oots of unity, which can easily be computed) become a lattice in R. Theefoe it will be necessay to study lattices on R. The logaithm map allows us to talk about educed ideals. We call a factional ideal I educed if I and fo any α 0 in I, at least one coodinate of Log(α) is nonnegative. In

QUANTU ALGORITHS IN ALGEBRAIC NUBER THEORY 3 the following, we geneally implicitly assume that ou ideals ae educed without mentioning it evey time. oe geneally, we say that µ I is a minimal element of I if fo any α 0 in I, some coodinate of Log(α) Log(µ) is nonnegative. Hence a factional ideal is educed if is a minimal element. We fist state the algoithm. Late, we will explain how the difficult step can be implemented on a quantum compute. Theoem 6. Thee exists an algoithm which computes geneatos fo the unit goup of a numbe field K in quantum polynomial time. oe pecisely, if we ente a numbe field whose logaithmic unit goup is L, the algoithm will povide a set of vectos which appoximate a basis fo L. () Find a basis fo the dual basis L = {u R u v Z fo all v L} as follows: (a) Take a Fouie sampling of an appopiate lattice-hiding function f N a constant numbe of times. (b) Use a spanning set of vectos to compute a basis B. (2) Compute (B ) t, and use this matix to find a basis fo L. (3) Check that the esulting vectos coespond to units of K. If they do not, ty the algoithm again. By fa the most difficult pat of this algoithm (and also the only pat that involves quantum computes!) is step (). We will descibe how to do step () in the next section. It will be done by an application of the hidden subgoup poblem on R that we will be able to solve. In ode to apply the hidden subgoup algoithm in the next section, we fist need a function hiding the logaithmic unit goup L. We define f : R I K R by x (I x, δ x ), whee I x = o is an ideal with minimal element µ so that Log µ x is minimized, and µ evey coodinate of Log µ x is nonnegative. We then set δ x = x Log µ. In quantum algoithms, we must typically wok with discete functions, so we define f N : Z I K Z by f N (i) = (I i/n, k i/n ), whee the j th coodinate of k i/n is N(δ i/n ) j. 4. Hidden Subgoups on R In this section, we discuss how to etieve a hidden lattice L fom a function f N which hides it. This pocess can then be applied to the function f N and the lattice L fom the pevious section. Ou method fo computing a basis of L will be to stat by finding a basis matix B of L. Once we have done that, (B ) t will be a basis fo L. The fist step in ou quantum algoithm fo finding the unit goup of a numbe field involves solving a special case of the hidden subgoup poblem ove R. Let L R be an -dimensional lattice, S a set, and f : R S a function with the popety that f(x) = f(y) if and only if x y L. Now let N be a positive intege. A function f N : R S is said to hide L if an abitay point i Z q satisfies the following with invese polynomial (in q) pobability: fo all j Z q, f N (i) = f N (j) if and only if thee exists a v L such that i j v N i j. (This means that thee is an element of the coset + L of N N R whose absolute value is at most.) N

4 SION RUBINSTEIN-SALZEDO We now show how, given a function f N hiding a lattice L, to constuct a basis of the dual lattice L. We will also need to assume that thee exists some R such that if B is any basis matix fo L (i.e. the columns of B fom a basis fo L), then B B, whee A is the absolute value of the lagest enty of A. Let L q = L [0, q), and let : R Z be the function that sends x to the neaest intege to x; we extend componentwise to R. Let us stat with a quantum state q k, f N (k). k Z q We now measue the second component of ou quantum state so that it collapses to N(k 0 + v) Lq v L k 0 +v [0,q) k 0 fixed fo some k 0. Since Nk 0 Z, we have Nk 0 + Nv = Nk 0 + Nv. We will pefom a Fouie sampling, so we may ignoe Nk 0. Thus we need only concen ouselves with states of the fom Lq v L q k 0 +v [0,q) k 0 fixed Nv. Now let be the length of the longest basis vecto of L with espect to some fixed basis. If we choose q to be sufficiently lage, then the set of points within of the bounday of the paallelepiped deceases exponentially with q, so the state above is exponentially nea to Lq v L q Nv. We now apply a Fouie tansfom ove Z qnk to obtain L q (qnk) i Z qnk ζ i Nv qnk v L q whee ζ qnk = e 2πi/(qNk). Now let w L and i = kqw. We now let n = log. We will discad any points fo which i j > qnk fo some j (whee i n j is the j th enty of i). We then have w j N + fo points that we keep; hence choosing N lage will give us moe n samples. We can bound the inne poduct i Nv in the exponent: i Nv = (qkw + δ w ) (Nv + ε v ) = qnk + qk(w ε v ) + δ w (Nv + ε v ), whee (δ 2 w) j, (ε v ) j. The fist tem on the ight is conguent to zeo modulo qnk 2 since w L. Fo the second tem, we have qk(w ε v ) qnk n. i,

QUANTU ALGORITHS IN ALGEBRAIC NUBER THEORY 5 Fo the last tem, if we take k to be sufficiently lage, we have δ w (Nv + ε v ) qnk 8. Hence the pobability of finding an intege vecto i Z afte measuement is at least Since L q q (see [3]) and 2 det(l) L N/n (N/n) 2 det(l ) When this happens, we have L q 2(qNk). 8(nk) L N/n i qk w = kqw + δ w qk L q. 2(qNk) fo sufficiently lage q and N, we have w = δ w qk, so i is within of a point in qk q L, so the pobability of sampling a point within q in L is at least. 8(nk) In paticula, we have shown the following: of a point Lemma 7. Let N and q be sufficiently lage. Let f N be a function hiding a lattice in R. If we Fouie sample ove Z qnk qnk and discad points with any coodinate geate than until n we find one that is not discaded, then fo the esulting point i Z qnk, i is within of a kq q point in L. 5. The Pincipal Ideal Algoithm Befoe we discuss a quantum algoithm fo computing the ideal class goup, we must tackle anothe poblem: Given an ideal I of o, detemine whethe I is a pincipal ideal, and if it is, find an α I such that I = αo. In fact, we will always find some α in this algoithm; we can then check if I = αo to detemine whethe I is indeed a pincipal ideal. Let x = Log α. If I is a pincipal ideal, then I = αo = I x. We define g : Z R I R by (a, y) f(ax y), and the discete vesion of g is g N : Z Z I K Z given by (a, b) f ( ) ax b N. Hence we need to compute Iax b/n and δ ax b/n. These can be computed in quantum polynomial time. The function g N hides the lattice Λ = {(a, y) Z R ax y L}, whee L is the logaithmic unit goup lattice. A basis of Λ is {(, x), (0, v ),..., (0, v )}, whee v,..., v fom a basis fo L. By the algoithm descibed above, we can compute a basis fo Λ in quantum polynomial time. (Howeve, the basis given by the algoithm will not necessaily be the above basis.) Once we have some basis fo Λ, we need to find x. Pick two basis vectos of Λ whose fist coodinates ae elatively pime and find a linea combination (, y) of these two basis vectos. Then x y L, so y = Log(εα) fo some ε o, and I = αo = εαo. Now educe y modulo the basis of L. This gives us the coodinates of x and hence α. We can cay out this algoithm egadless of whethe I is a pincipal ideal. We then end up with some α I. We can then check if I = αo and detemine whethe I is a pincipal ideal. Hence we have the following esult:

6 SION RUBINSTEIN-SALZEDO Theoem 8. Given an ideal I o, we can detemine in quantum polynomial time whethe thee is some α I such that I = αo. Futhemoe, if such an α exists, we can find one in quantum polynomial time. 6. The Ideal Class Goup Finally, we ae able to compute the ideal class goup of a numbe field K. By this, we mean that we wish to detemine the stuctue of the goup. Since class goups ae finite abelian goups, we can wite Cl(K) = Z a Z a2 Z al. It is shown in [4] that, assuming the genealized Riemann hypothesis, we can find geneatos g,..., g m of Cl(K) in polynomial time. Having done this, we educe the poblem of detemining the stuctue of Cl(K) to the hidden subgoup poblem on Z m as follows: Define f : Z m G by (e,..., e m ) g e g em ke(f) = {(e,..., e m ) g e gm em = }. m. Then the hidden subgoup is In fact, we can educe this to peiod finding on {, 2, 3,..., } fo some that is not too big as follows: By the inkowski bound (see Theoem 35 of []) fo the noms of ideals in ideal classes, we need only look at those integal ideals above Z-ideals up to ( 4 π ) 2 d! d d ( 4 eπ ) d 2πd. Thee can only be d ideals above a given Z-ideal, so we can let be O(d 3/2 ). We can now use the odinay peiod-finding algoithm on Z d, which will compute the peiods in polynomial time. We now apply the following algoithm on each coodinate axis to find the coodinate peiods p: () Set up a supeposition x, 0. (2) Apply f to the above supeposition, leaving us with x, f(x) p /p tp + y f(y). x=0 x=0 y=0 (3) easue the ight egiste above. If we end up with F (c) fo 0 c < p, then ou supeposition collapses to /p p tp + c. (4) Apply a Fouie tansfom ove Z to get /p p ζ jc ζ jtp j p ζ ck/p p k/p. j=0 t=0 t=0 t=0 k=0

QUANTU ALGORITHS IN ALGEBRAIC NUBER THEORY 7 (5) Take a measuement of the above supeposition. With high pobability, we will end up with a multiple of /p. (6) Apply the above steps seveal times. (7) Take the geatest common diviso of the above numbes to detemine /p; this then tells us p. At this point, we have only to solve the hidden subgoup poblem on Z p Z pm, and this can be done in polynomial time. Howeve, thee is a slight poblem in that it is not clea how to un the hidden subgoup algoithm without fist finding epesentatives of the ideal classes. Hence, to un this algoithm, we need to ceate a supeposition of educed ideals in a given ideal class. To constuct a supeposition of educed ideals with ideal class g e gm em, we fist compute the o and get a basis B fo the logaithmic unit goup. The basis vectos fo Log o fom a paallelepiped. We now apply f N fom 3 and compute the supeposition N i Z N i, f N (B i) = N i, I B i/n, k B i/n. Then apply the pincipal ideal algoithm to the second egiste of the supeposition on the ight above with basis B. This pocess allows us to delete the fist egiste, leaving only the supeposition I B i/n, k B i/n. N i Z N We ae now in a position to apply the hidden subgoup algoithm fo Z p Z pm in quantum polynomial time, so we have the following esult: Theoem 9. Assuming the genealized Riemann hypothesis, we can compute the stuctue of Cl(K) in quantum polynomial time. i Z N Refeences [] A. Föhlich and. J. Taylo. Algebaic numbe theoy. Cambidge Studies in Advanced athematics 27, Cambidge Univesity Pess, Cambidge, England, 99. [2] S. Hallgen. Fast quantum algoithms fo computing the unit goup and class goup of a numbe field. Annual AC Symposium on Theoy of Computing, Poceedings of the thity-seventh annual AC symposium on theoy of computing, AC Pess, Baltimoe, ayland, USA, 2005. [3] D. icciancio and S. Goldwasse. Complexity of lattice poblems: a cyptogaphic pespective. The Kluwe Intenational Seies in Engineeing and Compute Science 67, Kluwe Academic Publishes, Boston, assachusetts, USA, 2002. [4] C. Thiel. On the complexity of some poblems in algoithmic algebaic numbe theoy. PhD thesis, Univesität des Saalandes, Saabücken, Gemany, 995. [5] L. C. Washington. Intoduction to cyclotomic fields, Second Edition. Gaduate Texts in athematics 83, Spinge-Velag, New Yok, New Yok, USA, 997. Depatment of athematics, Univesity of Califonia, Santa Babaa, CA 9306 E-mail addess: complexzeta@gmail.com

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback