KEMBAR78
Mathematical_Introduction_to_Quantum_Computation | PDF
BF
Uploaded byBrian Flynn
214 views

Mathematical_Introduction_to_Quantum_Computation

This document is Brian Flynn's final year thesis at Trinity College Dublin titled "Mathematical Introduction to Quantum Computation". It provides an introduction to the fundamental concepts of quantum computing through a mathematical lens. The thesis aims to explain quantum computing in a clear and accessible way. It begins by reviewing some linear algebra concepts needed to describe quantum mechanics. It then discusses the postulates of quantum mechanics and introduces the idea of quantum superpositions. The document outlines how these quantum principles can be used to define quantum bits and develop the basic building blocks of quantum gates and circuits. It explores some computational techniques and algorithms uniquely possible with quantum computers, like Shor's factoring algorithm. The overall goal of the thesis is to convey the key mathematical

Download to read offline
Trinity College Dublin School of Maths Final Year Thesis Mathematical Introduction to Quantum Computation Author: Brian Flynn Supervisor: Professor Richard Timoney March 2015
A B S T R A C T The subject of Quantum Computing is one of great interest across industry and academia at present. It is believed that by exploiting quantum properties of extremely small sys- tems, we may be able to build machines which utilise these unique properties in such a way as to offer significant increase in computational power over even the strongest of classical super-computers currently. The aim of this thesis is to consider and simplify the fundamental principles of the field of quantum computing. In doing so, it is hoped to present the subject in accessible and plain language so that the reader may understand some elements not explored in great depth in standard literature. We first define the language with which we can explore the topic by recalling some linear algebra to describe quantum mechanics. We then combine quantum physics with computer science to generate the fundamental unit of quantum communication, the qubit. We build from the definition of the qubit to the declaration of quantum gates, which act as logic gates, transforming the state of a qubit to a new state. By combining these gates, then, we see how quantum circuits can be developed to perform useful schemes, which can themselves be put together to form quantum algorithms in order to achieve computations which may not be possible through exploitation of solely classical technol- ogy. We will conclude with a discussion of why quantum computing has been of such interest in recent decades. In particular, we will describe the process of the single most famous result of the field of study to date, Shor’s factoring algorithm. We will hereby see how quantum methodology can solve a real problem, namely factorising large integers, which has been a difficult problem for classical computers historically. As such we will have demonstrated clear motivation for the school of thought, as well as clarifying some fundamental mathematical concepts involved in its inception. i
A C K N O W L E D G E M E N T S I would like to thank Prof. Timoney for his help and patience through- out this project. His guidance has been crucial to my progress at all times, and I am extremely grateful for his input. D E C L A R AT I O N I, Brian Flynn, hereby declare that this thesis, “A Mathematical Introduc- tion to Quantum Computation”, is of my own authorsip and comprises entirely my own work, except where fully and properly referenced. In cases where the work resembles or derives from that of other authors, full citation is provided. Signature : Date:
C O N T E N T S 1 introduction 2 1.1 Motivation 3 What 4 2 linear algebra 5 2.1 Recap of basics 5 2.2 Definitions 6 3 quantum mechanics 8 3.1 Postulates of Quantum Mechanics 8 3.2 Superpositions 9 4 quantum bits 10 4.1 Physical Realisation 10 4.2 Standard Notation 10 4.3 Multiple Qubits 11 5 acting on qubits 13 5.1 Entanglement 13 5.2 Unitary Transformations 14 5.3 Dirac Notation 14 How 19 6 gates and circuits 20 6.1 Gates 20 6.2 Circuits 25 6.3 Quantum Teleportation 27 7 computational techniques 31 7.1 Techniques 31 8 algorithms 35 8.1 Quantum Subroutines 35 8.2 Quantum Parallelism 38 Why 44 9 shor’s algorithm 45 9.1 Cryptography 45 9.2 Fourier Transformation 46 9.3 Factorisation by Period Finding 48 9.4 Steps of Shor’s Algorithm 50 9.5 Efficiency Improvement 56 10 conclusion 59 iii
1 I N T R O D U C T I O N This thesis sets out to explain in clear detail the fundamentals of Quantum Computing. The aim herein is to bring a reader with little or no knowledge of the subject to a point of understanding of the basic concepts and processes involved in quantum computation. We will present the topic as a simple story: • What are the processes and mathematical techniques that we are considering? • How can they be used to construct quantum computers? • Why do we think this to be worthwhile? In doing so, we will explain the fundamental quantum mechanics at the heart of these machines. We will then discuss how these processes can be used to realise more powerful computations than would be possible using classical techniques. And we will conclude by considering what potential applications the technology offers, and why it is of such interest to so many people to build a truly functional quantum computer. This thesis will aim to follow a mathematical route rather than answer the more obvi- ous questions of how these devices could be engineered. A brief discussion will mention some of the methods of realising quantum bits, but overall, our aim is to demonstrate proof of concept mathematically. By and large we will assume the physics to be possible, and focus rather on what we need it to do: we prove their functionality and superiority over classical machines by calculating efficiency and writing algorithms which can’t be implemented classically. The scope of this thesis, then, is to give some insight into how this can be achieved. We will discuss how it is possible to act on quantum bits analogously to classical bits, and how there exist considerably more powerful combinations of gates and circuits to achieve the same results as classical devices, but in significantly less steps. We will discuss the limits that today’s computers are subject to and we will show that quantum algorithms can far exceed these limits, and we will provide strong motivation to do so by examining some of the uses this will allow for, such as high-level cryptography. 2
1.1. MOTIVATION CHAPTER 1. introduction 1.1 motivation Since the notion of a quantum computer was first suggested by Yuri Manin in 1980 [1], and seperately by Richard Feynman [2], many prominent mathematicians and physicists have studied the topic in great depth. In 1982, the first potential framework of a quantum computer was proposed by Paul Benioff [3]. In the following years, it was proven that there were processes for which quantum computing could be shown to out-perform its classical counterpart, in particular by the work of David Deutsch, [4]. In 1992, Deutsch, together with Richard Josza released a paper entitled Rapid solution of problems by quan- tum computation, in which they showed how quantum machines could be used to achieve exponential speed-up in solving computational problems [5]. The problems that their al- gorithm was able to solve, however, were of little practical use, so there was no known reason to actually invest in the construction of such potentially useless devices. In 1994, Peter Shor published a paper that became a turning point in the history of quantum computing: his now-famous algorithm used techniques only available to quantum com- puters to solve factorisation problems. He showed that a quantum computer would be able to factorise large numbers with significantly less computational expense than clas- sical machines will ever be capable of [6]. Following this milestone, it became clear that quantum methods have the capacity to transcend classical machines, and so the field has been growing steadily as a research topic since. In the late 1990’s, the first quantum computer was built utilising 2 qubits. There have been significant strides every year since then towards a fully functional model. Thus our motivation is clear: the entire quantum computing industry is built on the belief that, quite soon, we will be able to build computers which operate at exponen- tially faster and more efficient rates than we will ever be able to achieve using classical implementations. We endeavour to understand the building blocks which are at the centre of this po- tentially massive transition to a new kind of computation. 3
W H AT In order to describe quantum devices, we must first think about what we’re talking about. We must recall the basic maths involved in describing quantum mechanics, as well as remembering the cornerstones of quantum physics, before ex- tending these concepts to allow for the notion of exploiting their properties. In other words, we will consider What we’re going to discuss henceforth. 4
2 L I N E A R A L G E B R A Before getting too involved in mechanical view points and quantum physics, it is im- portant to review the language with which these topics will be discussed: here we will recap some basics of linear algebra and summarise the basic mathematical techniques required to describe physics at a quantum scale. 2.1 recap of basics Some algebraic knowledge is assumed of the reader. For further discussion and deriva- tion of some points, consult §2.1 of the standard text on the subject on quantum comput- ing and information processing, Nielsen and Chuang. [7]. We will briefly recall some definitions for reference. • Notation Definition of Representation Vector (or ket) |ψ Dual Vector (or bra) ψ| Tensor Product |ψ ⊗ |φ Complex conjugate |ψ∗ Transpose |ψ T Adjoint |ψ † = (|ψ ∗ )T Algebraic Definitions The dual vector of a vector (ket) |ψ is given by ψ| = |ψ † . The adjoint of a matrix replaces each matrix element with its own complex conjugate, and then switches its columns with rows. M† = M0,0 M0,1 M1,0 M1,1 † = M∗ 0,0 M∗ 0,1 M∗ 1,0 M∗ 1,1 T = M∗ 0,0 M∗ 1,0 M∗ 0,1 M∗ 1,1 (2.1) 5
2.2. DEFINITIONS CHAPTER 2. linear algebra The inner product of two vectors, |ψ =   ψ1 ψ2 ... ψn   and |φ =   φ1 φ2 ... φn   is given by φ|ψ = (|φ † )|ψ = (φ∗ 1 φ∗ 2 . . . φ∗ n)   ψ1 ψ2 ... ψn   = φ∗ 1 ψ1 + φ∗ 2 ψ2 + · · · + φ∗ nψn (2.2) |ψ i, |φ i are complex numbers, and therefore the above is simply a sum of products of complex numbers. The inner product is often called the scalar product, which is in general complex. 2.2 definitions For future reference, here is a list of definitions to be used throughout this thesis. • Vector Space: A vector space is the region spanned by a set of basis vectors. As- signing a scalar multiple (which can be positive, negative, zero or complex) to each basis vector, it is possible to reach any point in the associated vector space. • Hilbert Space: A Hilbert space is a generalised vector space which has an inner product. That is, it is possible to compute the inner product of any two vectors in a Hilbert space. It can be seen as a generalised Euclidean vector space, or a vector space of dimension n. It is the vector space associated with quantum mechanics. • Operator: An operator, here denoted O, sometimes referred to as a transformation is something which acts on an object, leaving the object in a new state. Operators are represented by matrices, which act on vectors, say v, by sending them to a different vector, w, within the same vector space, V. O(v) = w v, w ∈ V (2.3) • Hermitian Operator: A Hermitian operator is one whose adjoint is equal to itself: O† = O (2.4) • Unitary Operator: A unitary operator is one whose inverse is equal to itself: O−1 = O (2.5) • Eigenfunctions and Eigenvalues: An eigenfunction is function which, when acted on by a linear operator, returns the same function as prior to operation, with some constant factor, called its eigenvalue. If A is an operator, then an eigenfunction f returns an eigenvalue λ through the relation A f = λ f (2.6) 6
2.2. DEFINITIONS CHAPTER 2. linear algebra • Tensor product: The tensor product of two vectors belonging to two vector spaces, is a new vector space. If we tensor product a vector v in some vector space V with another vector w in a vector space W, the resultant v ⊗ w is in the newly generated tensor space V ⊗W. In general, the tensor product of two vectors generates another vector with dimension equal to their individual dimensions multiplied together. Example 2.1. |a = a1 a2 a3 ∈ A, |b = b1 b2 ∈ B ⇒ |a ⊗ |b =     a1b1 a1b2 a2b1 a2b2 a3b1 a3b2     We can also tensor product operators to form an operator which could act in the tensor space formed by the tensor product of two vectors. Suppose we tensor product an operator A, which sends vectors in a space V to other vectors in V, with another, B, which acts in the space W. In doing so, we are generating an operator which takes vectors in the space V ⊗ W to other vectors in the same space. A : V → V , B : W → W A ⊗ B : V ⊗ W → V ⊗ W Example 2.2. A = a0,0 a0,1 a1,0 a1,1 B = b0,0 b0,1 b1,0 b1,1 ⇒ A ⊗ B = a0,0B a0,1B a1,0B a1,1B =     a0,0b0,0 a0,0b0,1 a0,1b0,0 a0,1b0,1 a0,0b1,0 a0,0b1,1 a0,1b1,0 a0,1b1,1 a1,0b0,0 a1,0b0,1 a1,1b0,0 a1,1b0,1 a1,0b1,0 a1,0b1,1 a1,1b1,0 a1,1b1,1     7
3 Q U A N T U M M E C H A N I C S In order to describe the universe at extremely small scales, we introduce a mathematical framework called quantum mechanics. To build such a framework, there are several universally accepted postulates that govern the language. It is expected that the reader has a fair knowledge of basic quantum mechanics, so only the postulates are restated here for brevity. 3.1 postulates of quantum mechanics There are many versions of statements of the postulates of quantum mechanics. Each version of the statements aims to achieve the same foundation, so we endeavour to explain them in the simplest terms. 1. Every moving particle in a conservative force field has an associated wave-function, |ψ . From this wave-function, it is possible to determine all physical information about the system. 2. All particles have physical properties called observables (denoted q). In order to determine a value, q, for a particular observable, there is an associated operator Q, which, when acting on the particles wavefunction, yields the value times the wavefunction. The observable q is then the eigenvalue of the operator Q. Q|ψ = q|ψ (3.1) 3. Any such operator Q is Hermitian Q† = Q (3.2) 4. The set of eigenfunctions for any operator Q forms a complete set of linearly inde- pendent functions. 5. For a system with wavefunction |ψ , the expectation value of an observable q with respect to an operator Q is denoted by q and is given by q = ψ|Q|ψ (3.3) 8
3.2. SUPERPOSITIONS CHAPTER 3. quantum mechanics 6. The time evolution of |ψ is given by the time dependent Schrodinger Equation i¯h ∂ψ ∂t = ˆHψ (3.4) Using these building blocks, we can begin to construct a language to describe quan- tum systems. 3.2 superpositions One of the most surprising and interesting results of quantum mechanics is that of superposition. By this we mean the existence of a particle or body which is simultaneously in a number of states. A quantum state can be thought of as a value with respect to a defining property. A simple classical example of a state is on/off: we can say with certainty whether a switch - say a light switch - is on or off. To build on this concept then, imagine instead a situation where the switch is both on and off simultaneously. Mathematically, say that |↑ represents the situation where a switch is “up” (or “on”). Then, |↓ will similarly represent the situation where the switch is “down”. Classically, we expect any switch, S - given by a state |S - to take the value |S = |↑ or |S = |↓ Then, in quantum mechanics, there exists a superposition state wherein it is both up and down: |S = a|↑ + b|↓ where a, b are the amplitudes of the states up and down respectively. The amplitudes are what define to what extent the body can be seen to exist in the associated state. Upon measurement, the system will assume only one of its constituent quantum states: the square of the amplitudes indicate the probability that the system will be measured in that state. i.e P(|S = |↑ ) = |a|2 ; P(|S = |↓ ) = |b|2 and it is obvious then that for the probabilities to sum to 1, |a|2 + |b|2 = 1 In general, if |x is a possible state of a system, with complex amplitude ax, then the system can be said to be in the superposition ∑ x ax|x ; ∑ x |ax|2 = 1, ax ∈ C (3.5) This is known as the State Vector for a quantum state. The state space of a physical system (classical or quantum) is then the set of all possible states the system can exist in, i.e the set of all possible values for x such that 3.5 are satisfied. 9
4 Q U A N T U M B I T S We now look to what these operations actually act on. In classical circuitry, bits (binary digits) are fundamental units of information which can occupy either the state 0 or 1. These bits are acted on by gates to achieve particular combinations to find an output of some programme. In quantum computation, quantum bits, or qubits, are used in combination as input, and acted on by some quantum gates and circuits implementing some quantum algorithm, to ultimately achieve an output that may not be possible to achieve using classical machines, or else is far more efficient through use of quantum computation. 4.1 physical realisation As qubits are, by definition, systems subject to quantum mechanics, we must construct them from two-state mechanical systems at this scale. Examples of feasible systems include the energy levels of hydrogen atoms, electron spin and photon polarisation along perpendicular directions. For our purposes, one qubit representation is equivalent to any other. It is simplest to think of electron spin as the quantum property that we will manipulate because it can take the values up/down, analogous to the classical on/off switch. For the simplicity of being able to transfer to an orthogonal basis intuitively, however, we will focus on photon polarisation for the next section. The remainder of this text does not refer to what physical realisation is being implemented. 4.2 standard notation Take a 2-dimensional, x-y plane as our surface: photons can then be polarised along the x- or y- axis. A general state will be represented by a vector ( x y ). These polarisations can then be thought of as standard basis vectors in linear algebra. Denote them as |0 and |1 |→ = |0 = 1 0 A unit vector along x-axis (4.1) |↑ = |1 = 0 1 A unit vector along y-axis (4.2) 10
4.3. MULTIPLE QUBITS CHAPTER 4. quantum bits Now, in relation to the concept of superposition, we can consider a photon, ψ which travels along a diagonal, evenly splitting the two basis vectors. As such, we would require that, upon measurement, it is equally likely that the photon will ”collapse” into the polarised state along x as it is to collapse along y. That is, we want P(↑) = P(→) so assign equal modulus amplitudes to the two possibilities: |ψ = a| ↑ + b|→ , with P(↑) = P(→) ⇒ |a|2 = |b|2 We consider here a particular case, due to the significance of the resultant basis, where up-polarisation and down-polarisation have real amplitudes a, b ∈ R. ⇒ a = ±b but also |a|2 + |b|2 = 1 ⇒ a = 1 √ 2 ; b = ± 1 √ 2 ⇒ ψ = 1 √ 2 | → ± 1 √ 2 | ↑ ⇒ ψ = 1 √ 2 |0 ± 1 √ 2 |1 These particular superpositions are of significance. We denote them |+ = 1 √ 2 |0 + 1 √ 2 |1 (4.3) |− = 1 √ 2 |0 − 1 √ 2 |1 (4.4) This is called the Hadamard basis and will be important for the remainder of this discussion. It is an equally valid vector space as the standard basis which is spanned by 1 0 , 0 1 . In the standard basis, the Hadamrad basis can be seen as being spanned by 1√ 2 1√ 2 , 1√ 2 − 1√ 2 4.3 multiple qubits In reality, we will be dealing with systems of numerous qubits. Mathematically, we consider the state vector of a system containing n qubits as being the tensor product of the n qubits’ individual state vectors. That is, for a 2-qubit system, |ψ to be in some combination of two qubits |A and |B : |ψ = |A, B = |AB = |A ⊗ |B 11
4.3. MULTIPLE QUBITS CHAPTER 4. quantum bits Consider first a simple system of 2 qubits. Measuring in the standard basis, these qubits will have to collapse in to one of the basis states |0, 0 , |0, 1 , |1, 0 , |1, 1 . Thus, for such a 2-qubit system, we have the general superposition |ψ = α0,0|0, 0 + α0,1|0, 1 + α1,0|1, 0 + α1,1|1, 1 where αi,j is the amplitude for measuring the system as the state |i, j . This is perfectly analogous to a classical 2-bit system necessarily occupying one of the four possibilities (0, 0), (0, 1), (1, 0), (1, 1). Hence, for example, if we wanted to concoct a two-qubit system composed of one qubit in the state |+ and one in |− |ψ = |+ ⊗ |− |ψ = ( 1 √ 2 |0 + 1 √ 2 |1 ) ⊗ ( 1 √ 2 |0 − 1 √ 2 |1 ) = 1 2 [|00 − |01 + |10 − |11 ] = 1 2 1 0 ⊗ 1 0 − 1 0 ⊗ 0 1 + 0 1 ⊗ 1 0 − 0 1 ⊗ 0 1 = 1 2 1 0 0 0 − 0 1 0 0 + 0 0 1 0 − 0 0 0 1 |ψ = 1 2 1 −1 −1 1 That is, the system is given by a linear combination of the four basis vectors 1 0 0 0 , 0 1 0 0 , 0 0 1 0 , 0 0 0 1 We can notice that a single qubit system can be described by a linear combination of two basis vectors, and that a two qubit system requires four basis vectors to describe it. In general we can say that an n-qubit system is represented by a linear combination of 2n basis vectors. 4.3.1 Registers A register is the name given to a system of multiple qubits. We may use the idea to consider a system of n qubits as two sub systems. For instance, a register of ten qubits can be denoted |x[10] , and we can think of the system as a register of six qubits together with a register of three and another register of one qubit. |x[10] = |x1[6] ⊗ |x2[3] ⊗ |x3[1] 12
5 A C T I N G O N Q U B I T S 5.1 entanglement Another unique property of quantum systems is that of entanglement: ie when two or more particles interact in such a way that their individual quantum states can not be described independent of the other particles. A quantum state then exists for the system as a whole instead. Mathematically, we consider such entangled states as those whose state can not be expressed as a tensor product of the states of the individual qubits it’s composed of: they are dependent upon the other. Example 5.1. Consider the state |Φ+ = 1 √ 2 [|00 + |11 ] If we measure this state, we expect that it will be observed either as |00 or |11 , with equal probability due to their equal magnitudes. The bases for this state are simply the standard bases, |0 and |1 . Thus, according to our previous definition of systems of multiple qubits, we would say this state can be given as a combination of two states |Φ+ = |ψ1 ⊗ |ψ2 = [a1|0 + b1|1 ] ⊗ [a2|0 + b2|1 ] = a1a2|00 + a1b2|01 + b1a2|10 + b1b2|11 However we require |Φ+ = 1√ 2 [|00 + |11 ], which would imply a1b2 = 0 and b1a2 = 0. These imply that either a1 = 0 or b2 = 0, and also that b1 = 0 or a2=0, which are obviously invalid since we require that a1a2 = b1b2 = 1√ 2 . Thus, we cannot express |Φ+ = |ψ1 ⊗ |ψ2 and this is what we term an entangled state. 13
5.2. UNITARY TRANSFORMATIONS CHAPTER 5. acting on qubits 5.2 unitary transformations A fundamental concept in quantum mechanics is that of performing transformations on states. Quantum transformations, otherwise known as quantum operators are those which map a quantum state into a new state within the same state space. There are certain restrictions on a physically possible quantum transformation: in order that U is a valid transformation acting on some superposition |ψ = a1|ψ1 + a2|ψ2 + . . . ak|ψk , U must be linear U(a1|ψ1 + a2|ψ2 + . . . ak|ψk ) = a1(U|ψ1 ) + a2(U|ψ2 ) + · · · + ak(U|ψk ) It is also necessary that the order of measurement and transformation do not affect the system: to obtain |ψ0 with probability P0, it should be equally valid to first apply U to |ψ and then measuring, as it is to first measure and then transform the result. To fulfil these properties, we require that U preserve the inner product: ψ0|U† U|ψ = ψ0|ψ That is, we require that any such transformation be unitary: UU† = I ⇒ U† = U−1 (5.1) Unitarity is a sufficient condition to describe any valid quantum operation: any quan- tum transformation can be described by a unitary quantum transformation, and any unitary transformation corresponds to a physically possible quantum transformation. Then, if U1 is a unitary transformation that acts on the space S1 and U2 acts on S2, the product of the two unitary transformations is also unitary. The tensor product U1 ⊗ U2 acts on the space S1 ⊗ S2. So, then, supposing a system of 2 qubits, |ψ1 and |ψ2 where we wish to act on |ψ1 with operator U1 and on |ψ2 with U2, we perform it as (U1 ⊗ U2) (|ψ1 ⊗ |ψ2 ) = (U1|ψ1 ) ⊗ (U2|ψ2 ) This idea will be built upon when we discuss quantum gates and circuits. 5.2.1 Reversibility Quantum mechanics is by nature reversible in time: probability is conserved as a state evolves in time. This can be seen from the Schrodinger equation, which approximates the time evolution of a quantum state. Then, to build a quantum computer, we must involve only states that evolve in accordance with Schrodinger’s equation, and so we can only build one using reversible circuits. 5.3 dirac notation In keeping with standard practice, we will employ Dirac notation throughout this thesis. This will simplify calculations as they become progressively more difficult and standard 14
5.3. DIRAC NOTATION CHAPTER 5. acting on qubits matrix and vector calculation would become increasingly difficult too. Vectors will be denoted by kets of the form |a . For example, the standard basis will be represented by, |x = |0 = 1 0 |y = |1 = 0 1 We saw in §2 that, for every such ket |ψ , there exists a dual vector: its complex conjugate transpose, called the bra of such a vector, denoted ψ|. That is ψ|† = |ψ ; |ψ † = ψ| |ψ =   ψ1 ψ2 ... ψn   ⇒ ψ| = ( ψ∗ 1 ψ∗ 2 ... ψ∗ n ) Then if we have two vectors |ψ and |φ , their inner product is given as ψ|φ = φ|ψ . Definition 5.2. Inner Product |ψ =     ψ1 ψ2 ψ3 ... ψn     ; |φ =     φ1 φ2 φ3 ... φn     ⇒ φ| = ( φ∗ 1 φ∗ 2 φ∗ 3 ... φ∗ n ) ⇒ φ|ψ = ( φ∗ 1 φ∗ 2 φ∗ 3 ... φ∗ n )     ψ1 ψ2 ψ3 ... ψn     ⇒ φ|ψ = φ∗ 1 ψ1 + φ∗ 2 ψ2 + φ∗ 3 ψ3 + · · · + φ∗ nψn Example 5.3. |ψ = 1 2 3 ; |φ = 4 5 6 ⇒ φ|ψ = ( 4 5 6 ) 1 2 3 = (4)(1) + (5)(2) + (6)(3) = 32 Similarly, their outer product is given as |φ ψ|. Multiplying a column vector by a row vector thus gives a matrix. Matrices generated by a outer products then define operators: Example 5.4. 1 2 ( 3 4 ) = 3 4 6 8 15
5.3. DIRAC NOTATION CHAPTER 5. acting on qubits Then we can say, for |0 = 1 0 and |1 = 0 1 |0 0| = 1 0 0 0 (5.2a) |0 1| = 0 1 0 0 (5.2b) |1 0| = 0 0 1 0 (5.2c) |1 1| = 0 0 0 1 (5.2d) And so any 2-dimensional linear transformation in the standard basis |0 , |1 can be given as a sum a b c d = a|0 0| + b|0 1| + c|1 0| + d|1 1| (5.3) This method of representing operators as outer products of vectors will be useful through- out this text. A transformation that exchanges two particles, say |0 ↔ |1 is given by the operation Q : |0 → |1 |1 → |0 Which is equivalent to the outer product representation Q = |0 1| + |1 0| For clarity, here we will prove this operation Example 5.5. Q = |0 1| + |1 0| = 1 0 0 1 + 0 1 1 0 = 0 1 0 0 + 0 0 1 0 = 0 1 1 0 So then, acting on |0 and |1 gives Q|0 = 0 1 1 0 1 0 = 0 1 = |1 Q|1 = 0 1 1 0 0 1 = 1 0 = |0 16
5.3. DIRAC NOTATION CHAPTER 5. acting on qubits To demonstrate how Dirac notation simplifies this: Q|0 = (|0 1| + |1 0|)|0 = |0 1||0 + |1 0||0 = |0 1|0 + |1 0|0 Then, since |0 and |1 are orthogonal basis, their inner product is 0 and the inner product of a vector with itself is 1, ( 1|1 = 0|0 = 1, 0|1 = 1|0 = 0). So, Q|0 = |0 (0) + |1 (1) ⇒ Q|0 = |1 And similarly for Q|1 . This simple example then shows why Dirac notation can signif- icantly simplify calculations across quantum mechanics, compared to standard matrix and vector notation. To see this more clearly, we will examine a simple 2-qubit state under such operations. The method generalises to operating on two or more qubits generically: we can define any operator which acts on two qubits as a sum of outer prod- ucts of the basis vectors |00 , |01 , |10 and |11 . We can similarly define any operator which acts on an n qubit state as a linear combination of the 2n basis states generated by the n qubits. Example 5.6. To define a transformation that will exchange basis vectors |00 and |11 , while leaving |01 and |10 unchanged (ie exchanging |01 ↔ |01 , |10 ↔ |10 ) we define an operator Q = |00 11| + |11 00| + |10 10| + |01 01| Then, using matrix calculations this would require separately calculating the four outer products in the above sum and adding them to find a 4 × 4 matrix to represent Q, which then acts on a state |ψ . Instead, consider first that |ψ = |00 , ie one of the basis vectors our transformation is to change: Q|00 = (|00 11| + |11 00| + |10 10| + |01 01|) |00 And as before, only the inner products of a vector with itself remains: = |00 11|00 + |11 00|00 + |10 10|00 + |01 01|00 = |00 (0) + |11 (1) + |10 (0) + |01 (0) ⇒ Q|00 = |11 i.e the transformation has performed Q : |00 → |11 as expected. Then, if we apply the same transformation to a state which does not depend on one of the target states, eg, |ψ = a|10 + b|01 17
5.3. DIRAC NOTATION CHAPTER 5. acting on qubits Q|ψ = |00 11| + |11 00| + |10 10| + |01 01| a|10 + b|01 = a |00 11||10 + |11 00||10 + |10 10||10 + |01 01||10 +b |00 11||01 + |11 00||01 + |10 10||01 + |01 01||01 And since the inner product is a scalar, we can factor terms such as 11|10 to the beginning of expressions, eg |00 11||10 = 11|10 |00 , and we also know 11|10 = 00|10 = 01|10 = 11|01 = 00|01 = 10|01 = 0 and 10|10 = 01|01 = 1 We can express the above as Q|ψ = a (0)|00 + (0)|11 + (1)|10 + (0)|01 +b (0)|00 + (0)|11 + (0)|10 + (1)|01 = a|10 | + b|01 = |ψ Then it is clear that, when |ψ is a superposition of states unaffected by transformation Q, then Q|ψ = |ψ . This method generalises to systems with greater numbers of particles (qubits). If we briefly consider a 3 qubit system - and initialise all qubits in the standard basis state |0 - then the system is represented by |000 = |0 ⊗ |0 ⊗ |0 = 0 1 ⊗ 0 1 ⊗ 0 1 . This quantity is an 8-row vector. To calculate the outer product 000|000 , we would be multi- plying an 8-column bra 000| by an 8-row ket |000 . Clearly then we will be working with 8 × 8 matrices, which will become quite difficult to maintain effectively and efficiently quite fast. As we move to systems of larger size, standard matrix multiplication will become unfeasible. Then it is obvious that Dirac’s bra/ket notation can be considered best practice for the scope of this subject and quantum mechanics in general. 18
H O W We may now try to answer the question of How actions on such qubits can represent computation, and outline proofs that such computations operate at improved efficiency com- pared with classical computers. 19
6 G AT E S A N D C I R C U I T S In analogy with classical computers, in order to operate on qubits, we need to devise gates to achieve desired effects when qubits “pass” through them. These simple gates may then be combined into circuits of varying complexity, and it is by arranging such circuits in particular orders that we may input a number of qubits and produce an output corresponding to a function we want to be evaluated. 6.1 gates Classically, a gate takes an input of a number of bits and produces a defined output based on the value(s) of the input bits. For example, a simple NOT gate, N, has the effect: N : 1 → 0 0 → 1 There are a number of such simple gates, such as AND, OR and XOR, which can be used to build arbitrarily complex circuits, and thus achieve any computation. To have a quantum gate, we require a process which takes an input state, and alters it in a defined way to produce an output state. That is, a quantum gate is simply a transformation or operation acting on input qubits. 6.1.1 Single Qubit Gates The simplest such gate is one which would act only on one qubit and change its value. For instance, suppose we wanted to define an operator which would change a |0 to |1 and vice versa. This can be seen mathematically as transforming one basis vector to another. Let us call this operation a quantum NOT-gate. As above, to generate an operator that exchanges basis vectors, we include the outer product of the vectors to be transformed: QNOT = |1 0| + |0 1| Then if we apply this operation to |0 for example QNOT|0 = |1 0| + |0 1| |0 = |1 0|0 + |0 1|0 20
6.1. GATES CHAPTER 6. gates and circuits = |1 (1) + |0 (0) ⇒ QNOT|0 = |1 Single qubit gates may be applied simultaneously, which we call multiple qubit gates, which we discuss shortly. 6.1.1.1 Diagrammatic Representation of Gates Before proceeding we will define how we will present gates pictorally from here on. A qubit will be represented by a wire - a straight line - and an operator will be shown by a box. Example 6.1. A qubit, |ψ operated on by Q, finishing in the state |ψ |ψ Q |ψ 6.1.1.2 Pauli Matrices There are some basic quantum operations that are extremely useful and form the basis of a great number of gates, called the Pauli matrices, which we define here I = 1 0 0 1 = |0 0| + |1 1| (6.1a) X = 0 1 1 0 = |1 0| + |0 1| (6.1b) Y = i 0 1 −1 0 = i(−|1 0| + |0 1|) (6.1c) Z = 1 0 0 −1 = |1 1| − |0 0| (6.1d) We can see that the Pauli-X gate is the same as the quantum not gate above. We represent this operation on a diagram (acting on |0 ) thus: |0 X |1 21
6.1. GATES CHAPTER 6. gates and circuits 6.1.1.3 Hadamard Gate If we now wish to take advantage of the quantum properties of qubits, we need to generate and act on superpositions. The Hadamard gate, H, takes a single basis state |0 or |1 , and turns it into an even superposition of basis states: H : |a → 1 √ 2 |0 + (−1)a |1 That is H|0 = 1 √ 2 |0 + 1|1 = |+ H|1 = 1 √ 2 |0 − 1|1 = |− These are the two orthogonal basis vectors which span the Hadamard basis of 4.2. For reference, the Hadamard gate can be represented as the matrix operator H = 1 √ 2 1 1 1 −1 = 1 √ 2 |0 0| + |1 0| + |0 1| − |1 1| (6.2) Upon measurement then it is equally likely that a state generated by a Hadamard gate will be observed in the basis |0 or |1 . 6.1.1.4 Linearity of quantum gates We should note that quantum gates act linearly. That is, when acting on a superposition, the gate will take action separately on each basis state as it would individually. Example 6.2. QNOT a0|0 + a1|1 = a0(QNOT|0 ) + a1(QNOT|1 ) = a0|1 + a1|0 So to see how this might apply to more complicated systems, consider a Hadamard gate acting on the superposition state |ψ = a0|0 + a1|1 , Example 6.3. H|ψ = H a0|0 + H a1|1 a0 H|0 + a1 H|1 a0 1 √ 2 |0 + |1 + a1 1 √ 2 |0 − |1 = 1 √ 2 a0 + a1 |0 + a0 − a1 |1 22
6.1. GATES CHAPTER 6. gates and circuits 6.1.2 Multiple Qubit Gates Single qubit gates may be applied simultaneously, which we call multiple qubit gates. Consider first a gate to act on 2 qubits, |ψ1 and |ψ2 . Suppose we want to perform separate operations, say Q1 and Q2, on the two qubits at the same time, as part of some larger scheme. The system is represented by |ψ1 ⊗ |ψ2 , so we represent the operator to perform both Q1 and Q2 as Q1 ⊗ Q2. So Q1 ⊗ Q2 |ψ1 ⊗ |ψ2 = Q1|ψ1 ⊗ Q2|ψ2 If we wish to perform an operator Q on the ith qubit of an n-qubit system, we must simultaneously act on the other (n − 1) qubits by the Identity operator, given by the Pauli matrix 6.1a, which has no effect on a state. So we have I ⊗ · · · ⊗ I ⊗ Q ⊗ I · · · ⊗ I |ψ1 ⊗ · · · ⊗ |ψi−1 ⊗ |ψi ⊗ |ψi+1 ⊗ · · · ⊗ |ψn = (I|ψ1 ) ⊗ . . . (Q|ψi ) ⊗ . . . (I|ψn ) (6.3) And this behaviour extends generically to applying specific operations Qi on partic- ular qubits |ψi . Q1 ⊗ · · · ⊗ Qn |ψ1 ⊗ · · · ⊗ |ψn = (Q1|ψ1 ⊗ · · · ⊗ (Qn|ψn ) (6.4) 6.1.2.1 Controlled Operations An important multiple qubit gate is the Controlled-NOT gate, CNOT. This gate performs a NOT-operation on a target qubit, if and only if a control qubit is in the standard basis state |1 , and leaves the control bit unchanged. Definition 6.4. CNOT|A ⊗ B = |A ⊗ (B ⊕ A) Where A is the control-qubit, B is the target-qubit, and ⊕ denotes modulus-2 addition: 0 ⊕ 0 = 0 ; 1 ⊕ 1 = 2mod2 = 0 ; 0 ⊕ 1 = 1 ⊕ 0 = 1 (6.5) such that CNOT|00 = |00 (6.6a) CNOT|01 = |01 (6.6b) CNOT|10 = |11 (6.6c) 23
6.1. GATES CHAPTER 6. gates and circuits CNOT|11 = |10 (6.6d) This concept of control then generalises simply: we can define multiply-controlled single qubit transformations which change a solitary target qubit if every control-qubit satisfies the control condition, which is usually simply to be in the state |1 . We can also define a controlled operation other than a NOT gate, to allow us to perform an operation upon one or multiple qubits when some criteria are met by other qubits. A simple extension of the controlled-NOT gate is the controlled-controlled-NOT gate, or the Toffoli gate, T, which flips a third qubit if both other input qubits are in the state |1 . T|A ⊗ B ⊗ C = |A ⊗ B ⊗ C ⊕ AB Example 6.5. T|111 = |110 ; T|101 = |101 ; T|001 = |001 6.1.2.2 Diagram Representation Intuitively, diagrams expand generically: one wire per qubit and boxes for each opera- tion. Acting on multiple qubits then requires diagrams for multiple-qubit gates. Control bits are represented by black dots, and target bits are given by open circle. When a gate acts on a qubit conditional on another, as in the CNOT and Toffoli gates, they are connected by a vertical wire, so the CNOT and Toffoli gates are given by |A • |A |B |B ⊕ A |A • |A |B • |B |C |C ⊕ A × B 6.1.3 Black Box problems We will define a black box which will calculate a function f. We are unconcerned with what goes on inside this box - we assume the same computation as such a black box would perform classically. We assume that we cannot improve on the internal efficiency of the calculation of f, so we aim to minimise how many times we must call on this black box. Consider a gate which takes an input |x, y and outputs the result of the function in the second qubit, as seen here. |x U |x |y |y ⊕ f (x) So then, if we set the second qubit to be 0, upon input |x, 0 we retrieve the output |x, f (x) , so we have both the input and the output of the function contained within the 24
6.2. CIRCUITS CHAPTER 6. gates and circuits 2-qubit register after a call to the black box. As such, we are dealing with a reversible circuit in that we can determine the input, |x by observation of the output, |x |f (x) . This is important in quantum information processing as we saw in 5.2.1 that we can only build a quantum computer if its processes are reversible in time. 6.2 circuits Quantum circuits then, are simply the combination of a number of gates acting on the same set of qubits sequentially. This is in obvious analogy with classical circuitry, whereby an output is found for a particular set of input bits by acting on the bits in a particular order to achieve calculations. Circuits build on the effects of single gates: by performing one gate, and inputting the result obtained into another gate, we may begin to construct more complicated devices, which are arranged to the specific requirements of the process to be computed. 6.2.1 Single Qubit Circuits The simplest possible circuit is to act on a qubit by one gate, and then to act on the resultant qubit by another gate. For example, first performing a quantum NOT-gate on a qubit in state |0 , and then performing a Hadamard gate upon the result. We expect to first obtain QNOT|0 = |1 , and thereafter compute H(|1 ). For mathematical consistency then, we will write the first-in-time operation as the operator left-most closest to the state being acted upon: H QNOT|0 = H |1 = |− |0 X H |− Now consider twice applying a Hadamard gate to any qubit H(H|a ) = H 1 √ 2 |0 + (−1)a |1 = 1 √ 2 H|0 + (−1)a H|1 = 1 √ 2 1 √ 2 |0 + 1|1 + (−1)a 1 √ 2 |0 − 1|1 = 1 √ 2 1 √ 2 1 + (−1)a |0 + 1 − (−1)a |1 So if a = 0, (1 + (−1)a) = 2, (1 − (−1)a) = 0, and if a = 1, (1 + (−1)a) = 0, (1 − (−1)a) = 2 H(H|0 ) = 1 2 (2)|0 + (0)|1 = |0 25
6.2. CIRCUITS CHAPTER 6. gates and circuits H(H|0 ) = 1 2 (0)|0 + (2)|1 = |1 Otherwise, if |a had been a superposition state, due to linearity, § 6.1.1.4, this princi- ple would remain and the superposition would be preserved under a double Hadamard gate. It is clear then that HH = I. This property does not hold for all quantum gates but the Hadamard gate is of such importance that it is worth noting this relation. 6.2.2 Multiple Qubit Circuits Of more practical interest is the concept of defining a circuit to process multiple qubits. The goal here is to design circuits that will be used to construct relatively simple quantum algorithms, chapter 8 . These algorithms will form the basis of quantum subroutines § 8.1 , which will in turn become the basis for involved routines which implement calculations at a user’s level. Example 6.6. Alternative CNOT Gate To gain an initial understanding of how such circuits can be formed, let us consider the process of altering the criteria of a controlled-NOT gate, described in § 6.1.2.1. We want to make it that the gate performs the NOT operation when the control-qubit registers the state |0 as opposed to |1 . We will consider a 2-qubit state, |A ⊗ B . The circuit is described by the following series of operations 1. QNOT on |A , I on |B 2. CNOT on |AB 3. QNOT on |A , I on |B Then the effects of this circuit are: 1. QNOT ⊗ I |A ⊗ |B = QNOT|A ⊗ I|B = |A ⊕ 1 ⊗ |B = |(A ⊕ 1), B 2. CNOT|(A ⊕ 1), B = |(A ⊕ 1) ⊗ |(B ⊕ (A ⊕ 1)) = |A ⊕ 1 ⊗ |B ⊕ A ⊕ 1 3. QNOT ⊗ I |A ⊕ 1 ⊗ |B ⊕ A ⊕ 1 = QNOT|A ⊕ 1 ⊗ (I|B ⊕ A ⊕ 1 ) = |A ⊕ 1 ⊕ 1 ⊗ |B ⊕ A ⊕ 1 Note : 1 ⊕ 1 = 0 = |A, B ⊕ A ⊕ 1 That is, if |A is initially |0 , then after step 1 it becomes |1 . The controlled-NOT gate now uses this transformed A to determine whether it will perform a QNOT on qubit |B . 26
6.3. QUANTUM TELEPORTATION CHAPTER 6. gates and circuits So if A had been |0 and is now |1 , B gets flipped. If A had been |1 and is therefore now |0 , B does not get flipped. Finally, step 3 returns A to its original value by performing another NOT operation only on the first qubit. This is equivalent to a controlled-NOT gate whose criteria is the control-bit being in state |0 initially. So we can show this on a diagram as below. In diagrams such as this, a wire (qubit) without any operation acting directly on it indicates the identity operator being imposed on that qubit at that juncture. That is, it is equivalent to have an identity gate, I, as below the first X-gate, as it is to have no gate there at all, as below the second X-gate here: A X • X A B I B ⊕ A ⊕ 1 6.2.3 Universal Gate Set While this example is trivial, the principle is the same as it would be for any quantum circuit. We can build circuits of arbitrary complexity using the ideas described so far. It remains to define a set of gates which may be used to construct any circuit. We may do so by recalling from § 5.2 that any quantum operation can be achieved by some unitary transformation. Then, any unitary transformation may be achieved by a sequence of simple quantum gates and quantum controlled-NOT gates. We will therefore take as a universally approximating gate set, the generic set below, with U any unitary operation. UG = {CNOT , U | U = U† } We will therefore proceed by constructing any operation we require provided they are achievable by some combination of operations Oi, O1O2 . . . On ; Oi ∈ UG In most cases, circuits will be composed of the simple single qubit gates described al- ready, put together to become multiple-qubit circuits, then used within quantum sub- routines and algorithms. 6.3 quantum teleportation We will now pause for a brief aside, in order to explore a more general concept of inter- est in Quantum Information Theory, to appreciate the power of quantum mechanics. It can be proven using only knowledge described so far, that it is possible to regenerate a quan- tum state by transferring only classical information about the state [8]. An important principle in quantum mechanics is that an unknown quantum state cannot be copied or cloned [9]. Thus if we have an unkown superposition state |ψ = a0|0 + b0|1 , and an auxiliary qubit |0 , onto which we hope to create a qubit, measurement upon which will 27
6.3. QUANTUM TELEPORTATION CHAPTER 6. gates and circuits yield |0 or |1 with the same probability as it would from measuring |ψ , we see that it is impossible. That is, it is impossible to begin with the system |ψ, 0 and finish with the state |ψ, ψ . It is however possible to destroy the initial state, and regenerate it at an arbitrarily far away point. Consider some observer Alice, who possesses some qubit |ψ = a|0 + b|1 . Suppose there is another observer, Bob, arbitrarily1 far away, and Alice wishes to “send” her qubit to Bob. We initialise a Bell state, Φ+ = 1 √ 2 |00 + |11 (6.7) It is possible for this entangled state to exist with one constituent qubit at a large distance away from the other. Suppose then, that the first state is in Alice’s possession, while Bob holds the second. Denote this possession with a subscript; our system is now described as |ψ A = a|0 A + b|1 A (6.8a) Φ+ AB = 1 √ 2 |0 A|0 B + |1 A|1 B (6.8b) ⇒ |ψ A ⊗ Φ+ AB = 1 √ 2 a|0 A + b|1 A ⊗ |0 A|0 B + |1 B|1 B (6.8c) So we view our total initial state, denoted now by |S as |S AB = 1 √ 2 a|0 A|0 A|0 B + a|0 A|1 A|1 B + b|1 A|0 A|0 B + b|1 A|1 A|1 B (6.9) Now, Alice has control over the first two qubits and can act on them. Her operations can not act directly on Bob’s state. If she performs a CNOT with the first state as the control and the second as the target, followed by Hadamard gate on the first state and no action on the others, we may represent this as HA ⊗ IA ⊗ IB (CNOT)AA ⊗ IB)|S AAB (6.10) This will act linearly: the same circuit will act on each of the basis states |000 , |011 , |001 , |111 Consider the second such basis state, |0 A|1 A|1 B to show on a diagram as below. 1 Arbitrary distance between sender and receiver may seem to imply that the two could be sufficiently apart that this would constitute the quantum information travelling faster than the speed of light. However, the teleportation relies on the exchange of classical information, which is strictly slower than the speed of light, so the entire process is not as instantaneous as it would need to be to violate relativity in this way. 28
6.3. QUANTUM TELEPORTATION CHAPTER 6. gates and circuits |0 A • |0 A H |+ A |1 A |1 A |1 A |1 B |1 B |1 B For clarity, the circuit acts in the following steps 1. CNOT ⊗ I ( 1√ 2 ) a|0 A|0 A|0 B + a|0 A|1 A|1 B + b|1 A|0 A|0 B + b|1 A|1 A|1 B = 1 √ 2 a|0A0A0B + a|0A1A1B + b|1A1A0B + b|1A0A1B 2. H ⊗ I ⊗ I 1√ 2 a|0A0A0B + a|0A1A1B + b|1A1A0B + b|1A0A1B = 1 √ 2 a 1 √ 2 (|0 + |1 )A|0A0B + a 1 √ 2 (|0 + |1 )A|1A1B +b 1 √ 2 (|0 − |1 )A|1A0B + b 1 √ 2 (|0 − |1 )A|0A1B = 1 2 a |0A0A0B + |1A0A0B + |0A1A1B + |1A1A1B +b |0A1A0B − |1A1A0B + |0A0A1B − |1A0A1B = 1 2 |0A0A a|0 B + b|1 B + |0A1A a|1 B + b|0 B +|1A0A a|0 B − b|1 B + |1A1A a|1 B − b|0 B So now, after Alice has performed her circuit on the two states she possesses, her system is left in a superposition of basis states |00 , |01 , |10 and|11 , and she can observe them to collapse into one of these. Bob’s qubit is now in some state |ψ . Each possible state of Alice’s qubit after the procedure corresponds to a particular state which Bob’s qubit is now in: if Alice classically communicates to him that her system, for instance, was observed in |00 , then Bob now knows that his qubit is in the state ψ = a|0 + b|1 This is the initial state of Alice’s qubit! Hence Alice has transported an unkown quantum state an arbitrary distance by only acting on the qubits in her possession. 29
6.3. QUANTUM TELEPORTATION CHAPTER 6. gates and circuits There remains the cases where Alice observes her system in the other basis states, however. Bob is still able to obtain the unkown state |ψ regardless of what measurement Alice sees, by means of decoding his qubit. For example, had Alice measured |01 , then Bob would know his qubit to be in the state a|1 + b|0 . To restore the initial amplitudes, he must simply “swap” the states |0 ↔ |1 , which we know to be possible by the quantum not gate, 6.1b. Likewise, he can restore |ψ by performing the Pauli-Y gate, 6.1c if Alice’s qubits had been in |11 , and by a Pauli-Z gate, 6.1d, if Alice’s is in |10 . Example 6.7 (Decoding). If Alice had observed |10 , Bob then knows he has the state |ψ = a|0 − b|1 . Bob would find the original qubit |ψ by implementing a Pauli-Z gate: Z ψ = |0 0| − |1 1| a|0 − b|1 = a|0 ( 0|0 ) − a|0 ( 0|1 ) − b|1 ( 1|0 ) + b|1 ( 1|1 ) = a|0 (1) − a|0 (0) − b|1 (0) + b|1 (1) = a|0 + b|1 = |ψ This is a simple of example of encrypting and decrypting messages. Quantum Infor- mation theory builds on these ideas to consider how communication can be achieved through quantum methods. Improvements offered over classical communication chan- nels are of the same magnitude as the improvements quantum computation offers over classical. This is explored in depth in a huge amount of literature on the subject, includ- ing [7] and [10]. 30
7 C O M P U TAT I O N A L T E C H N I Q U E S We have seen the equivalence of quantum gates and unitary operations, and we have seen that any unitary operation is reversible in § 5.2. Thus any reversible gate is unitary. We have also seen that it is possible to construct any unitary transformation using only simple quantum gates, § 5.2.1. However, in general, such constructions are inefficient. Quantum versions of classical computations are where efficiency may be improved upon between the two cases: if we can define an efficient classical circuit, then build the quantum version of this circuit by replacing all classical logic gates with simple quantum gates, then we may begin to see where the power of quantum computation comes from. Since we know we can build any unitary transformation using quantum gates, we can replace any classical gate with a quantum analogue. However, classical circuits are not in general reversible, so our problem is reduced to constructing reversible classical circuits, but we also require that such gates be efficient, or else the procedure is redundant. An in depth discussion of how this can be achieved is given in §6 of [11]. It will suffice for our purposes to infer that if a reversible, classical gate can be achieved efficiently, then a quantum analogue can be achieved trivially by replacing logic gates with their quantum counterparts, which we have seen to exist already. We will instead explore algorithms which make use of strictly quantum processes in order to achieve greater efficiency, and compare such constructions with classical circuits that aim to do the same thing, so that we can see the improvement offered. 7.1 techniques With an understanding of how quantum circuits are constructed, we may now turn to how their implementation can offer computational power. We will demonstrate a simple proof of principle to see how quantum methods can achieve definitively superior computational power, and we will outline some simple quantum subroutines which form the basis of more complicated algorithms examined in the next chapter. In doing so we will see the fundamental difference between classical and quantum computation: it is by finding a global property of a function that we may solve it in exponentially less steps. Quantum computers are uniquely capable of finding these properties by working on superpositions to uncover information about a function, rather than simply evaluating the function. This concept will become clearer in later quantum computations, especially the algorithms for Simon’s problem, § 8.2.2, which finds the 31
7.1. TECHNIQUES CHAPTER 7. computational techniques hidden variable of a function. It exploits the periodicity of a function, which Shor then shows can be used to factor large integers, § 9. In doing so, these methods take a property of the function, here the period, and use it to determine evaluations which would be more difficult to achieve without knowing these properties. We now consider the inapplicable problem designed by Deutsch to demonstrate how properties of functions are achievable through quantum devices, in order to show, through a simple example, the power of this idea. 7.1.1 Deutsch’s Problem This proof by David Deutsch was the first concrete evidence that quantum methodology can yield a result that would take a classical computer more steps [4]. The problem addressed is of little practicality, though it is the conceptual proof we are interested in here. Recalling the black box (often referred to as an oracle) of § 6.1.3, we suppose that we are interested in a function f : {0, 1} → {0, 1}. So our oracle now, Uf : |x, y → |x, y ⊕ f (x) We want to know if f (0) = f (1) or not. That is, whether the function returns a constant answer for x ∈ {0, 1} or not. Define an system |+ |− by performing a Hadamard gate on both qubits of the system |0 |1 , and use this as input to our oracle. Uf |+ |− = Uf 1 2 (|0 + |1 )(|0 − |1 ) = 1 2 Uf |00 − |01 + |10 − |11 = 1 2 |0 |0 ⊕ f (0) − |0 |1 ⊕ f (0) + |1 |0 ⊕ f (1) − |1 |1 ⊕ f (1) = 1 2 |0 |f (0) − |1 ⊕ f (1) + |1 |f (1) − |1 ⊕ f (1) (7.1) = 1 2 1 ∑ x=0 |x |0 ⊕ f (x) − |1 ⊕ f (x) So now consider the quantity |0 ⊕ f (x) − |1 ⊕ f (x) . |0 ⊕ f (x) − |1 ⊕ f (x) = |0 ⊕ 0 − |1 ⊕ 0 = |0 − |1 = √ 2|− f (x) = 0 |0 ⊕ 1 − |1 ⊕ 1 = |1 − |0 = − √ 2|− f (x) = 1 = (−1)f (x) √ 2|− 32
7.1. TECHNIQUES CHAPTER 7. computational techniques and the sum becomes 1 √ 2 1 ∑ x=0 (−1)f (x) |x |− = 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− (7.2) Recall our objective is to determine whether f (x) is constant or not. In the case that f is constant, then either f (0) = f (1) = 0 or f (0) = f (1) = 1 Then 1 ∑ x=0 (−1)f (x) |x = (−1)f (0) |0 + (−1)f (1) |1 = 1|0 + 1|1 = √ 2|+ f (0) = f (1) = 0 (−1)|0 + (−1)|1 = − √ 2|+ f (0) = f (1) = 1 ⇒ 1 √ 2 1 ∑ x=0 (−1)f (x) |x − = ± 1 √ 2 √ 2|+ = ±|+ A constant (−1) can be interpreted as a phase factor which is physically meaningless; we can safely ignore it. The total system then is in the state |+ |− = 1√ 2 |0 |− + |1 |− . Next apply a Hadamard gate to the first qubit ⇒ H ⊗ I) 1 √ 2 |0 |− + |1 |− = 1 √ 2 1 √ 2 (|0 + |1 ) 1 √ 2 (|0 − |1 ) + 1 √ 2 (|0 − |1 ) 1 √ 2 (|0 − |1 ) = 1 2 √ 2 |00 − |01 + |10 − |11 + |00 − |01 − |10 + |11 = 1 2 √ 2 2|00 − 2|01 = |0 1 √ 2 |0 − 1 √ 2 |1 = |0 |− Or simply H ⊗ I) |+ |− = |0 |− Then, if the first qubit is measured in the case where f (0) = f (1), then it will be observed as |0 . This is not a probabilistic result: there is no amplitude attached to the state |1 that would enable us to measure our qubit after the transformation, using the standard basis, and find anything other than |0 . This serves also to demonstrate that definite results can be obtained using quantum mechanics, which may seem to oppose common perception. A similar argument holds for when f is not constant. In this case, we return to equation 7.2: 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− 33
7.1. TECHNIQUES CHAPTER 7. computational techniques We have either f (0) = 0 ; f (1) = 1 f (0) = 1 ; f (1) = 0 ⇒ 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− =    1√ 2 (−1)0)|0 + (−1)1 |1 |− = +1|− |− 1√ 2 (−1)1 |0 + (−1)0 |1 |− = −1|− |− Again, the phase factor of (−1) is physically meaningless: what matters is that the first qubit is now in the state |− . A Hadamard gate on only the first qubit will then return |1 with probability 1. We may also note that f (0) ⊕ f (1) = 0 f (0) = f (1), f constant f (0) ⊕ f (1) = 1 f (0) = f (1), f not constant We have found generally that the output state after this algorithm is |f (0) ⊕ f (1) |− (7.3) We know the value f (0) ⊕ f (1) from the measurement of this first qubit after the algo- rithm, which also determines that f was constant if it measures |0 and that f was not constant if it measures |1 . Thus, with only a single call to the oracle, we have found a global property of the function f, ie the value f (0) ⊕ f (1). This is an important principle that will be utilised in subsequent quantum routines. Consider now a classical routine to find out the same information about f. It would take at least two calls to the function in order to know f (0) and f (1), whereas the Deutsch Algorithm, rather than finding both, finds a property f (0) ⊕ f (1) in a single call to the oracle, which provides sufficient information to answer our query. This is a primitive example meant only to illustrate how a quantum regime can achieve the same goal as a classical regime, but in less steps. 34
8 A L G O R I T H M S 8.1 quantum subroutines The idea of subroutines within quantum algorithms is important: by defining simple manipulations, we may construct larger algorithms from a stronger starting point than if we had to define all operations of an algorithm. This can be seen as similar to declaring the function of gates, and then using those gates to build circuits: here we will compose a series of circuits to define subroutines, and combine numerous subroutines and other operations to achieve what we wish our quantum procedure to do. 8.1.1 Walsh-Hadamard Transformation An important but simple subroutine in the generalisation of the Hadamard gate to more than one qubit. We wish to take a sequence of qubits |ψ1 . . . ψn , and place the system in an even superposition of all the possible basis vectors. For instance, a three qubit system has basis vectors given by |000 , |001 , |010 , |011 , |100 , |101 , |110 , |111 . Here we have n = 3 qubits, and therefore 2n = 8 basis vectors. The vectors given above can be seen to correspond to binary notation 0 → 000 1 → 001 2 → 010 3 → 011 4 → 100 5 → 101 6 → 110 7 → 111 Binary Representation And so, any 3-qubit state can be given by the superposition 7 ∑ x=0 ax|x (8.1) 35
8.1. QUANTUM SUBROUTINES CHAPTER 8. algorithms where ax is the amplitude of |x . In general, for an n-qubit system, there are N = 2n basis states, and the system may be represented 1 √ N N−1 ∑ x=0 |x (8.2) Now, if we had a system with, say, 3 qubits, all initialised in the state |0 , i.e. |000 , and we wised to place the system into an equal superposition of all possible basis states, we would do so by applying Hadamard gates to each qubit individually, as seen below. Recall the operation of a Hadamard gate: H : |0 → 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 In other words, upon input |0 ⊗ |0 ⊗ |0 this combination gives the output 1 √ 2 |0 + |1 ⊗ 1 √ 2 |0 + |1 ⊗ 1 √ 2 |0 + |1 = 1 √ 23 |000 + |001 + |010 + |011 + |100 + |101 + |110 + |111 = 1 √ 8 7 ∑ x=0 |x The amplitude for each of these basis vectors is 1√ 8 , meaning they each have equal prob- ability of being observed, 1 8, i.e there is a one in eight chance or observing each of the eight basis states, so we have achieved our goal of an even distribution across basis states. Now, consider the same method applied to an n-qubit system. |0 H 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 ...... |0 H 1√ 2 |0 + |1 The output state here is 1 √ 2 |0 + |1 ⊗ 1 √ 2 |0 + |1 ⊗ · · · ⊗ 1 √ 2 |0 + |1 = 1 √ N |00 . . . 00 + |00 . . . 01 + |00 . . . 10 + |00 . . . 11 + . . . 36
8.1. QUANTUM SUBROUTINES CHAPTER 8. algorithms +|01 . . . 00 + |01 . . . 10 + |01 . . . 01 + |01 . . . 11 + . . . +|10 . . . 00 + |10 . . . 01 + |10 . . . 10 + |10 . . . 11 + . . . +|11 . . . 00 + |11 . . . 01 + |11 . . . 10 + · · · + |11 . . . 11 Again, let the above basis states be considered binary for the numbers ( 0 → N − 1), and this can be described by 1 √ N N−1 ∑ y=0 |y We call this general operation the Walsh-Hadamard transformation [12]. When it acts on on a system of n unentangled qubits, all initialised to |0 and therefore denoted |0 ⊗n , W(|0 ⊗n ) = 1 √ 2n 2n−1 ∑ y=0 |y (8.3) More generally, consider the case where not all qubits in a system are initially |0 . Suppose we have |z = |z0, z1, z2, ..., zn , then there exists |y = |y0, y1, ..., yn . Then z · y is the number of common bits in z and y. For example, if |z = |0011 and |y = |1110 , then only the third entry is the same in both, so z · y = 1. Now, |z is a representation of |z = |z0 ⊗ |z1 ⊗ ... ⊗ |zn So let zi ∈ {0, 1} and compute W|z = (H ⊗ H ⊗ H ⊗ · · · ⊗ H)(|z0 ⊗ |z1 ⊗ ... ⊗ |zn ) = (H|z0 ) ⊗ (H|z1 ) ⊗ · · · ⊗ (H|zn ) = 1 √ 2n (|0 + (−1)z0 |1 ) ⊗ (|0 + (−1)z1 |1 ⊗ · · · ⊗ (|0 + (−1)zn |1 ) Again we will prove a simplified case and assume the generalisation as trivial. Consider n = 3. = 1 √ 8 |0 + (−1)z0 |1 ⊗ |0 + (−1)z1 |1 ⊗ |0 + (−1)z2 |1 = |000 + (−1)z2 |001 + (−1)z1 |010 +(−1)z0 |100 + (−1)(z0+z2) |101 + (−1)(z0+z1) |110 + (−1)(z0+z1+z3) |111 (8.4) And as this is an evenly distributed three-qubit state, we can represent it as a sum over basis states, given by 1 √ 8 8 ∑ y=0 |y = 1 √ 8 |000 ± |001 ± |010 ± |011 ± |100 ± |101 ± |110 ± |111 (8.5) 37
8.2. QUANTUM PARALLELISM CHAPTER 8. algorithms It will help clarify this point if we take an explicit value for the initial |z , say |z = |011 Then, for instance (−1)(z0+z2)|101 = (−1)(0+1)|101 = −|101 , so we know the sign in 8.5 is negative for y = |101 . Consider, then, the value z · y = |011 · |101 = 1 as they share only the third qubit value. We can then express the |101 term as being generated by (−1)z·y, and so the entire sum given by 8.5 become 1 8 8 ∑ y=0 (−1)z·y |y And so in general, we have the Walsh Hadamard Transformation, or simply the Walsh transformation, described by W(|z ) = 1 √ 2n 2n−1 ∑ y=0 (−1)(z·y) |y (8.6) This transformation is often applied at the outset of quantum algorithms, or within a larger scheme, so that the generated superposition may be exploited throughout, as we will see. 8.2 quantum parallelism The concept of generating a state which spans many or all solutions of a function is referred to as quantum parallelism. That is, rather than finding a specific f (x0), generating the superposition 1 √ N N−1 ∑ x=0 |x |f (x) which contains the value of f for the n x’s under consideration. Here, N = 2n. This requires the use of auxiliary qubits: these are additional qubits initially in the state |0 . These auxiliary qubits are passed through some black box, Uf , and then hold f (x). This can be visualised by the circuit diagram |x1 U |x0 |x2 |x1 ... ... |x2n−1 |x2n−1 |0 |f (x0) |0 |f (x1) ... ... |0 |f (x2n−1) 38
8.2. QUANTUM PARALLELISM CHAPTER 8. algorithms It is incorrect to think that, because a quantum process generates and works on the superposition 1√ N ∑N x=0 |x, f (x) , that a quantum computer can simply calculate and out- put all possible results in one step. While it works on the superposition across the state space of solutions of f (x), we must note that measurement of an n-qubit system will only give one result. This is the same level of efficiency as a classical algorithm which simply calculates f (x) for one x at a time. It is through methods as outlined above, § 7.1.1, that we may exploit quantum mechanics: rather than compute all solutions in very few steps and then measure them, we must find a property common to all values of f (x), and use it to work our way backwards to find a solution. This idea is utilised in many quantum subroutines, including Simon’s Problem, which finds the period of a function, and in more applicable complete algorithms, most famously Shor’s Algorithm, which uses the period of a generated function to obtain prime factors of a number. We will explore this algorithm fully in § 9. 8.2.1 Deutsch-Jozsa Problem As another demonstration of generalising specific problems addressed, we will compose a multiple qubit generalisation of Deutsch’s Problem, § 7.1.1. This is an improved version of the above process, given 7 years later by [5]. We again consider a function f : Z2n → Z2 i.e that x ∈ X = {0, ..., 2n − 1} and f (x) ∈ {0, 1}.The function is known to be one of two types: it will either be constant, always returns 0 or 1, or balanced, returns 0 exactly half the time and 1 the other half. Our aim is to determine which of these types of function f is. Again we have a quantum oracle Uf : |x |y → |x |y ⊕ f (x) . Through parallelisation, we are working with the superposition |ψ = 1 √ N N ∑ x=0 |x (8.7) We must note that it is possible to change the phase of a basis state depending on some criteria of our choosing (see §7.4.2 of [11]). For our purpose, suppose there is a subset X0 ∈ X, such that {f (xi) = 1|xi ∈ X0}. We change the phase for such vectors by a global phase, a physically meaningless constant. In this case, the phase change we choose is (−1). In other words, we have sent |xi → −|xi = (−1)f (xi) |xi And applying this phase change throughout, 8.7 becomes |ψ = 1 √ N N ∑ x=0 (−1)f (x) |x (8.8) So for this problem then, we start with n qubits in the state |0 , and one in the state |1 . |ψ = |0 ⊗n |1 39
8.2. QUANTUM PARALLELISM CHAPTER 8. algorithms We perform a Walsh transformation on this state. Say W = H ⊗ H · · · ⊗ H = H⊗n ⊗ H ⇒ W(|ψ ) = H⊗n |0 ⊗n H|1 = 1 √ 2n 2n−1 ∑ x=0 |x ⊗ 1 √ 2 |0 − |1 W|ψ = 1 √ 2n+1 2n−1 ∑ x=0 |x ⊗ |0 − |1 (8.9) Then perform the subroutine outlined above to send |x → (−1)f (x)|x ⇒ 1 √ 2n+1 2n−1 ∑ x=0 (−1)f (x) |x |0 − |1 (8.10) Now we can show that for f (x) constant, reperforming a Walsh transform on the first n qubits will allow us to measure, with certainty, |0 if f (0) = f (1), and |1 for f (0) = f (1). We will show this explicitly for the simplest case of a single qubit, and the result extends generically to higher n. n = 1 ⇒ 2n − 1 = 1 ⇒ 2n−1 ∑ x=0 → 1 ∑ x=0 ⇒ 1 √ 22−1 1 ∑ x=0 (−1)f (x) |x, 0 − |x, 1 = 1 2 (−1)f (0) |0, 0 − (−1)f (0) |0, 1 + (−1)f (1) |1, 0 − (−1)f (1) |1, 1 (8.11) Now we consider two cases: firstly, that f (x) is constant, and we can therefore factor out the (−1)f (x) terms as (−1)f (0) (−1)f (0) 2 |0, 0 − |0, 1 + |1, 0 − |1, 1 = (−1)f (0) √ 2 |0 ( |0 − |1 √ 2 ) + |1 ( |0 − |1 √ 2 ) = (−1)f (0) |0 + |1 √ 2 |0 − |1 √ 2 = (−1)f (0) |+ |− At this point, we perform another Walsh transformation on this system, which will return |0 in the first qubit (recall n = 1 and that all n qubits would be found in |0 in the general case). The (−1)f (0) is a global phase, which carries no physical meaning. W(|+ |− ) = |0 |1 (8.12) 40
8.2. QUANTUM PARALLELISM CHAPTER 8. algorithms So with probability 1, if f (x) is constant, |0 will be measured in the first n qubits following this procedure. Otherwise, in the case f (0) = f (1), the logic would change at 8.11: 1 2 (−1)f (0) (|0, 0 − |0, 1 ) + (−1)f (1) (|1, 0 − |1, 1 ) = 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− However, we know that either (f (0) = 0; f (1) = 1) or (f (0) = 1; f (1) = 0), and substituting these would differ only by a constant, −1, so we can use the substitution f (0) = 0; f (1) = 1, giving (−1)f (0) = (−1)0 = +1, (−1)f (1) = (−1)1 = −1 ⇒ 1 √ 2 |0 |− + (−1)|1 |− = |0 − |1 √ 2 |− = |− |− (8.13) And again we apply the Walsh tranform W(|− |− ) = |1 |1 And so we can see clearly that, if f (0) = f (1), that, with probability 1, following the Deutsch-Josza algorithm the first n qubits will be observed in the state |1 . This algorithm has solved a problem with effectively no application, but it has proven that there is a solution to this problem which requires only a single call to the oracle. Comparatively, for a classical machine to find this result deterministically, it would require at least 2n−1 + 1 calls to find the same result with certainty. 8.2.2 Simon’s Problem Simon’s Problem addresses a function f with f (x) = f (x ⊕ a), (here ⊕ denotes modulus- a addition), and aims to determine what value of a satisfies this [13]. In other words, Simon’s Algorithm find the period of a function f. We focus on this particular subroutine rather than the many others because it was this routine which suggested to Shor that factorisation of large integers could be achieved by quantum computers in reasonable time limits. An initial state is generated by quantum parallelisation 2n−1 ∑ x=0 |x |f (x) = ∑|ψ |φ Where we have denoted the register of qubits holding initial values x as |ψ and the register holding the values after evaluation in f as |φ . We know that f (x) = f (x ⊕ a) 41
8.2. QUANTUM PARALLELISM CHAPTER 8. algorithms where a is the period. Then, if the register |φ is measured, it will return some f (x0), and we can deduce that the input required to return this value must have been either x0 or x0 ⊕ a, and that there is an equal probability that it was either of these cases. From this we infer that |ψ is in an even superposition of the states |x0 and |x0 ⊕ a after the second register is measured. ψ = 1 √ 2 |x0 + |x0 ⊕ a Then consider applying the Walsh transformation to this state. Recall 8.6 W|z = (−1)z·y |y ⇒ W( ψ ) = W 1 √ 2 |x0 + |x0 ⊕ a = 1 √ 2 W(|x0 ) + W(|x0 ⊕ a ) = 1 √ 2 1 √ 2n 2n−1 ∑ y=0 (−1)(x0·y) |y + 1 √ 2 2n−1 ∑ y=0 (−1)(x0⊕a)·y |y = 1 √ 2n+1 2n−1 ∑ y=0 (−1)x0·y 1 + (−1)a·y |y In the case where a · y is an odd number, 1 + (−1)a·y = 1 + (−1) = 0, and the sum disappears. Thus we may only consider the case where a · y is even from now on, 1 + (−1)a·y = 2. This is equivalent to the requirement a · y = 0 mod 2, so the system is now in the state 2 √ 2n+1 ∑ a·y=0 mod 2 (−1)x0·y |y (8.14) Adding even numbers always returns an even number, but if we use modulo-2 addition, then adding even numbers always gives 0. For instance 2 + 6 + 10 = 18 ⇒ 18 mod 2 = 0 ⇒ a0 · y0 ⊕ a1 · y1 ⊕ · · · ⊕ an · yn = 0 (8.15) Measuring when the system is in 8.14 will result in a value for y for which we know that y · a = 0 mod 2. Then each iteration, i of this procedure produces a linear equation yi · ai = 0. y0 · a0 = 0 y1 · a1 = 0 ... yn · an = 0 (8.16) 42
8.2. QUANTUM PARALLELISM CHAPTER 8. algorithms To solve for a, we need n linearly independent equations of this form. The equation produced upon iteration is not necessarily linearly independent: there is a probability (< 0.5) that the new equation is not independent from the previous ones. Computing the value of (yi · ai) a total of 2n times will therefore produce a set of n linearly independent equations with a probability of 50%. It may take more computations to obtain the set of equations, but there is an extremely high probability that the set can be found in O(n) calls to Uf . Such a system can then be used to solve for a in O(n2) steps. So, overall the period a of a 2-to-1 function f can be found in O(n) + O(n2) steps. Classically, it would require O(2n/2) calls to the function to achieve this result. 43
W H Y Now that we have seen what properties quantum computers exploit, and how they can be used to achieve circuits and al- gorithms, we may finally address the real question of Why we should be interested to do so in the first place. Concep- tual mathematical physics aside, this topic has the potential to propel the already fast expanding field of computer science. We will provide instances where quantum computers can of- fer substantial computational advances, and examine in detail the most famous result of the field to date, Shor’s Factoring Algorithm, so that we can understand a true application of the subject. 44
9 S H O R ’ S A L G O R I T H M Providing concrete examples of what only quantum machines can achieve is pivotal to justifying funding research into their construction. We will outline the major driving factor to date in quantum computation, factorisation of large numbers, described by Shor’s Algorithm, to see one such example. The aim of the algorithm is to factor large numbers, which is known to be extremely difficult to achieve classically, [14]. To do so, we describe first the reasons that this can be seen as a worthwhile driving force for research into quantum computation by outlining how cryptography currently works. To describe mathematically how quantum methods can uniquely be used in this area, we briefly discuss Fourier transforms and how they can be translated into Quantum Fourier Transforms. To realise the potential application of quantum mechanics, we will reduce the problem of factoring a large number to that of finding the period of a function we can generate based on the number we wish to factorise, and then show how we may find such a period only through manipulation of quantum states. True quantum mechanics will play only a minor role insofar as it will be used in very few steps of the algorithm, but by doing so we will see how and why classical computation could never achieve the same efficiency as we will find for quantum computation. 9.1 cryptography Current encryption relies on the principle that it is very easy to multiply two large primes together to form a semi-prime number, while it is extremely difficult to factor a semi prime into its two factors. Multiplying two prime numbers of the order 10100 will result in a number of order 10200, which is extremely hard to factor classically. Encryption therefore generates a public key, the product of the primes, and a private key, the numbers used to generate it, known only to those who need to know how to decrypt the message. For this reason, Shor’s factoring algorithm poses a threat to standard cryptography at present, as it would drastically simplify the process of decoding the secret key, and would thus render currently secure communications as potentially insecure, [15]. This is a detractor for the field of study, though it is seen as a turning point in quantum computing insofar as it sparked huge interest in the subject immediately following the publication of the original paper, [6]. It is a fundamental concept to the subject, so 45
9.2. FOURIER TRANSFORMATION CHAPTER 9. shor’s algorithm we examine the entire process to understand how quantum computers can solve a real problem, factorisation, significantly faster than classical machines. 9.2 fourier transformation 9.2.1 Classical Fourier Transform Recall the classical Discrete Fourier Transformation, a classical transformation which takes a discrete complex valued function, f (x), to another discrete complex valued function, F(x), given by F(x) = 1 √ N N−1 ∑ k=0 f (k) exp(2πi kx N ) (9.1) The values F(0), F(1), ..., F(N − 1) are called the Fourier coefficients of the function f. 9.2.1.1 Fast Fourier Transform There exists a particularly efficient implementation for the Fourier Transform for the special case when the number of values f acts on is a power of two. That is, N = 2n. The Fast Fourier Transform, FFT, exploits the periodicity of such functions by decomposing the transformation recursively. 9.2.2 Quantum Fourier Transform A variation of the discrete Fourier Transform is the Quantum Fourier Transform, QFT. As with the FFT, the QFT considers the case N = 2n. If we consider the quantum state N−1 ∑ x fx|x where fx = f (x) is the amplitude for the basis state |x , then the Fourier coefficients F(x) represent the amplitude of the basis states of the quantum Fourier transformed state N−1 ∑ x F(x)|x Then if we consider the Fourier coefficients F(x) which now represent the probability amplitude of measuring a state |x after performing the transformation, we can observe that only certain values for x result in non-zero values for F(x). Recall that we have defined N = 2n. We also impose that the period of f (x) is a power of two: f (x) = f (x + r) , r = 2R We also have F(x) = 1 √ N N−1 ∑ k=0 f (k) exp(2πi kx N ) 46
9.2. FOURIER TRANSFORMATION CHAPTER 9. shor’s algorithm As previously, we will consider a specific case in order to understand the general concepts involved. Here, take N = 23 = 8 and r = 21 = 2, so N r = 4 . ⇒ F(x) = 1 √ 8 7 ∑ k=0 f (k) exp(2πi kx 8 ) = 1 √ 8 7 ∑ k=0 f (k) (eiπ ) kx 4 = 1 √ 8 7 ∑ k=0 f (k) (−1) kx 4 = 1 √ 8 f (0)(−1)(0) + f (1)(−1) x 4 + f (2)(−1) 2x 4 + f (3)(−1) 3x 4 +f (4)(−1) 4x 4 + f (5)(−1) 5x 4 + f (6)(−1) 6x 4 + f (7)(−1) 7x 4 And now recall that due to the periodicity of f (x) = f (x + 2) f (0) = f (2) = f (4) = f (6) , f (1) = f (3) = f (5) = f (7) ⇒ 1 √ 8 f (0) (1 + (−1) x 2 + (−1)x + (−1) 3x 2 + f (1) (−1) x 4 + (−1) 3x 4 + (−1) 5x 4 + (−1) 7x 4 = 1 √ 8 f (0) (1 + (−1) x 2 + (−1)x + (−1) 3x 2 + (−1) x 4 f (1) (1 + (−1) x 2 + (−1)x + (−1) 3x 2 F(x) = 1 √ 8 f (0) + (−1) x 4 f (1) 1 + (−1) x 2 + (−1)x + (−1) 3x 2 (9.2) We focus on the term 1 + (−1) x 2 + (−1)x + (−1) 3x 2 (9.3) Now consider that x ∈ {0, ..., N − 1} = {0, 1, 2, 3, 4, 5, 6, 7}. Also recall that N r = 8 2 = 4. In cases where x is an integer multiple of N r , in this case x = 0, 4, 9.3 becomes x = 0 ⇒ 1 + (−1)0 + (−1)0 + (−1)0 = 4 x = 4 ⇒ 1 + (−1)2 + (−1)4 + (−1)6 = 4 So clearly, when x is a multiple of N r , the Fourier coefficient is nonzero. Otherwise, however, say for instance x = 3: Eqn.( 9.3) = 1 + (−1) 3 2 + (−1)3 + (−1) 9 2 47
9.3. FACTORISATION BY PERIOD FINDING CHAPTER 9. shor’s algorithm = 1 + (−1)(−1) 1 2 + (−1) + (−1)4 (−1) 1 2 = 1 − i − 1 + i = 0 Any other value of x that isn’t an integer multiple of N r will demonstrate this behaviour and sum to zero. This behaviour extends to larger values of n and R such that we can say that the only Fourier coefficients which are non zero are F(x = k N r ), k ∈ N. In this case, the state after QFT is a superposition of |0 and |4 : F(0)|0 + F(1)|4 = F(0) 0( N r ) + F(1) 1( N r ) Now that we know that the only nonzero Fourier coefficients correspond to x being a multiple of N r we can say that the state after Fourier transformation F(x)|x can only be measured to exist for such values of x. So then, if measured, the observed value would be some k N r . The state after performing the QFT is given by QFT(f (x)) = r−1 ∑ k=0 F(k) k( N r ) (9.4) Producing this state is the most important quantum subroutine used in quantum computation, and we will see its use in Shor’s Algorithm. The realisation of the QFT is explained in §7.8 of [11], which builds on the earlier idea of defining relatively simple gates and combining them recursively. 9.3 factorisation by period finding Recall our overall aim here: we wish to factor an integer, M, into its prime factors, mi. For example, M = 21 = m1 × m2 = 7 × 3. Using modular addition, we define any integer as a mod M, e.g to define 30, we say 30mod21 ≡ 9mod21. We define the order of such an integer as the first r which satisfies ar − 1 ≡ 0mod M (9.5) Example 9.1. If we consider M = 7 and we wish to find the order of a = 2, we are considering integers a mod M ≡ 2mod 7, 9mod 7, 16 mod 7, ... . We have p mod 7 ≡ 0 for p = 7, 14, 21, 28, ... So we are looking for the lowest value of r for each a to give ar − 1 = 7k where k ∈ N. 48
9.3. FACTORISATION BY PERIOD FINDING CHAPTER 9. shor’s algorithm a r ar − 1 2 1 1 ≡ 0 mod 7 2 2 3 ≡ 0 mod 7 2 3 7 ≡ 0 mod 7 So for a mod M ≡ 2mod7, the order r = 3. So now if we can find the order of a mod M, we have ar − 1 ≡ 0 modM ⇒ (a r 2 + 1)(a r 2 − 1) ≡ 0 mod M In general, both (a r 2 + 1) and (a r 2 − 1) will share common factors with M. Then, if r is even, we have found two numbers which share non-trivial factors with M. We can factor by simply using a Euclidean algorithm to find the greatest common divisor of (M, a r 2 ± 1). By repeating, the prime factors of M can be found. So, if we are trying to find factors of M, we must choose some random a, and use it to determine the order of (a mod M), and call it r. Example 9.2. Take a simple example M = 15. We now must choose a random a, and find the order of amod15. Suppose we considered a = 7, to find r: a r ar − 1 7 1 6 ≡ 0mod 15 7 2 48 ≡ 0mod 15 7 3 342 ≡ 0mod 15 7 4 2400 (60 ×15) ≡ 0 mod 15 So we have that the order (period) of our function is r = 4. Then compute (a r 2 + 1) = (72 + 1) = 50 (a r 2 − 1) = (72 − 1) = 48 So to find the prime factors of M = 15, we use a Euclidean algorithm to determine m1 = gcd(50, 15) : 5 m2 = gcd(48, 15) = 3 And we can easily confirm that this simple case is correct. In other words, we started with wanting to factor M into prime factors. To do so, it is necessary to find the period of a function given by (f (x) = f (x + r) = ax mod M). We have reduced the problem to period-finding. In general, it may be more difficult to determine the period than simply finding the order as outlined here, but we can proceed with the knowledge that, if we can find the period, the rest of the problem becomes achievable classically, as we did not employ any quantum techniques in this argument. 49
9.4. STEPS OF SHOR’S ALGORITHM CHAPTER 9. shor’s algorithm 9.4 steps of shor’s algorithm We are now in a position to describe the steps taken in Shor’s Algorithm to factor an integer M into its prime factors. A preliminary to the algorithms is deciding how many qubits to compose the system of. It can be shown (§8.3, [11]) that the number of qubits, n, should be chosen to satisfy M2 ≤ 2n ≤ 2M2 (9.6) We will do so a number of times. First, we will go through each step in explicit detail and explain the concepts involved. Then, we will succinctly summarise the steps. Finally, we will walk through the programme precisely for a specific value to be factorised. 9.4.1 Detailed Description of Steps 1. Randomly choose a value for a that is relatively prime to M. (If they are not relatively prime then a is a factor and the rest of the algorithm is redundant, so it is necessary to check this condition early by a simple Euclidean algorithm). 2. Since we are interested in the function f (x) = ax mod M, we generate it within the superposition of an n-qubit state obtained through quantum parallelisation (recall § 8.2), by passing a register of qubits |x together with a register of |0 ’s through a parallelisation scheme, giving the output 1 √ 2n 2n−1 ∑ x=0 |x |f (x) = 1 √ 2n 2n−1 ∑ x=0 |x |ax modM (9.7) Since our function is periodic in r, f (x) = f (x + r), we saw in 8.2.2 that measuring only the second register would place the first register into a superposition over some x0 and x0 + l.r, l ∈ Z, where the second register was observed in |f (x0) . We introduce a function, g(x), to determine whether each x is separated from x0 by the period or not: g(x) = 1 f (x) = f (x0) , (x = x0 + l.r) 0 f (x) = f (x0) , (x = x0 + l.r) After measurement of the second qubit, our system is in the state C ∑ x g(x) |x |f (x0) (9.8) Where C is a scaling factor. 3. Since the two registers are not entangled, we can safely ignore the register that holds f (x), and focus solely on the state C ∑ x g(x) |x (9.9) 50
9.4. STEPS OF SHOR’S ALGORITHM CHAPTER 9. shor’s algorithm Applying the Quantum Fourier Transform, 9.4: QFT C ∑ x g(x)|x = C2 r−1 ∑ k=0 G(k) k( N r ) (9.10) Where C2 is another scaling constant. g(x) has the same period, r, as f (x) and G(x) is the Fourier coefficient for g(x), given by 9.1. 4. The above assumes that N = 2n and r = 2R. In the case that r = 2R, the transform approximates the exact case: most of the amplitude is associated with integers equal to or near a multiple of the ratio N r . In this way, following this procedure, were we to measure the system, with high probability we can say that the observed value for x is a multiple of N r , or else a value very near to it. Assign the measure- ment found in this step the label β. 5. Having obtained a β, use the purely classical procedure of continued fractions to deduce the period r. We have obtained a measurement from step 4 which we are confident generates an integer near to a multiple of N r , (given by β = jN r + ε, where ε is small compared with N). We are interested in finding r. We know N = 2n, so if we consider the fraction β N = j N r 1 N + ε N = j r + ε N In the simplest case, r = 2R, so ε = 0, and this means that simply reducing the fraction β N yields a fraction which we can see as being j r , and we can read the denominator as the period r we’re interested in. In general, this is not the case, so we must consider ε = 0. In this case we apply the method of continuously expanding fractions. This is a purely classical mathematical argument, examined well by much of the literature on this topic, for instance in [16]. β N = j r + ε N By fraction expansion, we may continuously change the fraction β N to reflect a significant fraction, j r with some small correction, ε N . We aim to calculate the signif- icant fraction and use it to read the denominator as the period r. We require that r < M, so we terminate the procedure when the denominator of our ”significant” fraction exceeds M. A general fraction expansion is given by A B = a0 + 1 a1 + 1 a2+ 1 ...+ 1 ap (9.11) 51
9.4. STEPS OF SHOR’S ALGORITHM CHAPTER 9. shor’s algorithm This is represented by A B = [a0; a1, a2, ..., ap]. The the qth convergent is an approxima- tion for A B given by [a0, a1, ..., aq] for any 0 ≤ q ≤ p. For instance, 85 70 = [1; 4, 1, 2] = 1 + 1 4 + 1 1+ 1 1+ 1 2 = 1.214286 And if we take q1 corresponding to approximation using only one fraction, q1 = [1; 4], we would find 83 70 ≈ q1 = [1; 4] = 1 + 1 4 = 5 4 = q1,num q1,den Which is a fair approximation. ⇒ 85 70 = 1.214286 = 5 4 − 0.035714 If we consider q2 = [1; 4, 1] q2 = 1 + 1 4 + 1 1 = 1 + 1 5 = 6 5 = 1.2 ⇒ 1.214286 = 6 5 + 0.014286 So we can see that every time we boil the fraction down to the next value of q, the dominant fraction gets closer to the actual value and the correction becomes very small. We are trying to generate a guess for our period r, but r < M, so we are only interested in denominators of qi which are less than M. If we say qi = qi,num qi,den , we look for the first such qi,den to satisfy (qi,den < M < qi+1,den), and we try to complete the algorithm using r = qi,den. Now, if we apply this to our situation: we have measured a β which we know to be near a multiple of N r . Take an explicit example, say N = 512 = 210, and that we are trying to factor M = 21. Suppose the output of the quantum implementation is β = 89. β N = 89 512 = 0.173823 = [0; 5, 1, 3, 22] = 0 + 1 5 + 1 1+ 1 3+ 1 22 We calculate the values for qi q0 = [0] = 0 52
9.4. STEPS OF SHOR’S ALGORITHM CHAPTER 9. shor’s algorithm q1 = [0; 5] = 0 + 1 5 = 0.2 q2 = [0; 5, 1] = 0 + 1 5 + 1 1 = 1 6 = 0.16667 q3 = [0; 5, 1, 3] = 0 + 1 5 + 1 1+1 3 = 1 5 + 4 3 = 1 23 4 = 4 23 = 0.173913 q4 = [0; 5, 1, 3, 22] = 0 + 1 5 + 1 1+ 1 3+ 1 22 = 89 512 = 0.173823 Clearly, the highest qi,den < M is (q2,den = 6) < (M = 21) < (23 = q3,den) Thus we take r = 6 as our period and try to complete the algorithm using this. One way to think of this is as β = j r + ε N = α j r In our particular example, r = 6 and β = 89 = 1( 512 6 ) + 3.67 so j = 1. β N = 89 512 = 0.173828 = α0 1 6 ⇒ α0 = 1.042969 After the first expanded fraction we said that q1 = [0; 5] ⇒ 89 512 = 0 + 1 5 = 0.2 = α1 j r = α1 1 6 ⇒ α1 = 1.2 Taking q2 = [0; 5, 1] 89 512 = 0 + 1 5 + 1 1 = 1 6 = α2 1 6 ⇒ α2 = 1 Note this is the case we’re looking for; we’ve boiled β N down to j r . We now need to know when we’ve gotten to this point in general. q3 = [0; 5, 1, 3] = 0 + 1 5 + 1 1+1 3 = 4 23 = α3 1 6 ⇒ α3 = 24 23 At the point where the denominator of qi exceeds M, we must have passed the case where the denominator was the period r, since r < M, so we can read r from the denominator of qi. 6. When r is odd, return to the start of the procedure using a different value for a. 7. When r is even, use a Euclidean algorithm to determine whether either of (a r 2 + 1) or (a r 2 − 1) share a non-trivial factor with M. If so, we have found a factor of M. 53
9.4. STEPS OF SHOR’S ALGORITHM CHAPTER 9. shor’s algorithm 9.4.2 Summary of Shor’s Algorithm In order to factorise an integer M, using n qubits where M2 ≤ 2n < 2 < M2: 1. Choose some random a, where 0 < a < M. 2. Generate a superposition 1 √ 2 N−1 ∑ x=0 |x |f (x) Where f (x) = axmod M. f (x) is periodic in r: f (x) = f (x + r). 3. Perform the quantum Fourier Transformation on the superposition. 4. Measure the system to obtain β = jN r + ε, where we know that ε is either zero or small compared to N. This concludes the quantum core of this algorithm, and from here onwards everything done is classical. 5. Use the continued fraction expansion on the value β N to determine a possible value for the period r of f (x). 6. If r is odd, restart the algorithm with a new initial a. 7. If r is even, use the Euclidean algorithm to find common factors between (a r 2 ± 1) and M. If no nontrivial factor is found, return to the start of the algorithm. 9.4.3 Complete Example of Shor’s Algorithm Let us demonstrate a complete run of Shor’s Algorithm for M = 35. To determine n: M2 = 1225 < 2n < 2(1225) is satisfied only for n = 11 : 1225 < 2048 < 2450. Then we have N = 2n = 2048. 1. Choose a = 6, and check that this is relatively prime to M: gcd(35, 6) = 1 So we can continue with this choice. 2. f (x) = axmodM = 6xmod35. We now try to determine the period of f (x). Gener- ate the superposition 1 √ 2048 2047 ∑ x=0 |x |f (x) Measurement on only the second register only forces the x values in the first regis- ter to become x + l.r, l ∈ N: C 2047 ∑ x=0 g(x)|x |f (x) 54
9.4. STEPS OF SHOR’S ALGORITHM CHAPTER 9. shor’s algorithm with g(x) = 1 x = x0 + l.r 0 x = x0 + l.r We can now ignore the second register and focus only on the superposition C 2047 ∑ x=0 g(x)|x 3. Perform the quantum Fourier Transformation, yielding QFT(C 2047 ∑ x=0 g(x)|x ) = C2 r−1 ∑ k=0 G(k)|k 4. Measure the system after this transformation. This will result in some β. Suppose we measure β = 206. 5. Compute β N = 206 2048 = 103 1024 By continued fraction expansion this can be represented by 103 1024 = 0 + 1 9 + 1 1+ 1 16+ 1 6 We calculate the values of q for this fraction q0 = [0] = 0 q1 = [0; 9] = 1 9 q2 = [0; 9, 1] = 1 10 q3 = [0; 9, 1, 16] = 17 169 q4 = [0; 9, 1, 16, 6] = 103 1024 Considering the denominators of these shows that q2,den < M < q3,den holds: 10 < 35 < 169 So we proceed using r = q2,den = 10. 6. r is not odd, so we move to the next step. 55
9.5. EFFICIENCY IMPROVEMENT CHAPTER 9. shor’s algorithm 7. r is even, so we compute (a r 2 ± 1) (6 10 2 + 1) = (65 + 1) = 7777 (6 10 2 − 1) = (65 − 1) = 7775 Then use the Euclidean algorithm to show that m1 = gcd(7777, 35) = 7 m2 = gcd(7775, 35) = 5 Thus we have found 35 = m1.m2 = 7 × 5, and we can verify that, for this simple case, the algorithm works. It is worth noting here that the period of (f (x) = 6x mod 35) is in fact 2: 62 mod 35 ≡ 1 64 mod 35 ≡ 1 ... 610 mod 35 ≡ 1 Yet the algorithm still worked and found the correct factorisation for 35. 9.5 efficiency improvement In order that we can understand the improvement offered by Shor’s factoring algo- rithm, we must consider how many steps it requires for its implementation, and compare this with the number of steps a classical algorithm would take 9.5.1 Classical Factorisation The general approach, [14], to finding a factor of M is to sequentially compute M 1 , M 2 , M 3 , ... , M √ M In some cases, a suitable factor will appear very early in this procedure, but in some cases it could take all √ M attempts. On average, it is fair to say that it will take √ M 2 trials to identify a factor. Each iteration will have some time expense, we will say as small as 10−12 seconds, so let us consider how many trials a realistic problem would require and find how long it would take a classical computer to solve this. 56
9.5. EFFICIENCY IMPROVEMENT CHAPTER 9. shor’s algorithm Example 9.3. If the number we wish to factorise, M, has, for instance, 77 digits, we can sat that is of the order 2256 since 2256 = 1.15 × 1077. Then √ M ∼ (2256 ) 1 2 = 2128 ⇒ √ M 2 ∼ (2128 )−1 = 2127 Trials In time, this will take 2127 Trials × 10−12 seconds per Trial ∼ 1026 seconds The universe is approximately 4 × 1017 seconds old, so obviously trying to factor such a number is not achievable classically. The best known factoring algorithm, the number field sieve, [17] offers an improvement over this time scale, but not by nearly the same amount as the improvement offered by quantum computing, [18]. 9.5.2 Quantum Factoring Algorithm The most demanding part of the algorithm is the modular exponentiation required to generate the calculation of f (x) = ax mod M inside the state. §6.4 of [11] discusses this generation in detail, and Shor shows that it can be most efficiently achieved in O(n2 log2 n log2 log2 n) time steps, where n is the number of qubits involved in the system [19]. (Recall N = 2n) Rieffel and Polak also discuss the number of steps required of each section of the algorithm as outlined here, §8.4 of [11]. Clearly the most computationally expensive calculation is that of modular exponentiation, which we have seen to cost of the order (n2 log2 n log2 log2 n) in time. Again aiming to factorise a number of the order 2256, we must first find what size of a system (number of qubits) would be required. This is determined by M2 ≤ 2n ≤ 2M2 ⇒ 2512 ≤ 2n ≤ 2513 In general M will not be a power of two, and there will be only one such n to satisfy this condition. It suffices here to choose n = 512. The majority of the computation is due to the modular exponentiation, so we must calculate O(n2 log2 nlog2log2 n) to get an idea of how many steps are needed. n = 512 ⇒ log2n = log2(29 ) ⇒ log2 n = 9 57
9.5. EFFICIENCY IMPROVEMENT CHAPTER 9. shor’s algorithm ⇒ log2 log2 n = log2(9) ≈ 3 ⇒ n2 log2 n log2 log2 n = (512)2 × 9 × 3 = 7, 077, 888 Trials ⇒ Time = (7, 077, 888 Trials) × (10−12 seconds per Trial) = 7 × 10−6 seconds This is clear evidence that Shor’s Algorithm is definitively faster than any classical algorithm can ever achieve. Thus, we have given a concrete example of a case where quantum computing can be implemented to solve a real problem which cannot be efficiently dealt with by a classical computer. There are, however, many other promising applications, such as the needle-in-the-haystack problem addressed by Grover’s Algorithm, [20]. There is potential to model quantum chemistry far more accurately than is done at present by modelling chemical bonds at quantum levels through use of quantum computation, [21]. Such modelling currently occupies a huge amount of computa- tional resources worldwide in trying to achieve accurate models at quantum scales. It is thought that quantum computers may be able to save resources and help in the modelling of specific chemical bonds at quantum levels, [22], and therefore help in the development of more effective medicines. These are only some of the vast possible applications of the technology, and so it is clear that there is suffi- cient motivation for the field to develop and to potentially shape the technological landscape over the coming years and decades. 58
10 C O N C L U S I O N The aim of this thesis was to bring the reader from little or no knowledge of quantum computation to a point of understanding of the fundamental mathematics and quantum mechanics involved in describing the subject. To achieve this, we examined What the subject considers: the use of linear algebra to describe physics at the smallest possible scales through the formulation of quantum mechanics. The combination of this quantum mechanics with a basic concept in com- puter science, the unit of communication, the bit, lead us to a new building block for computation, the qubit. We considered How qubits could be manipulated uniquely to achieve computational results not available to classical bits. This involved equating quantum operations with quantum analogues to logic gates, which were then combined to form quantum circuits. We then discussed the uniquely quantum property of parallelism to examine how we may take advantage of the superposition of states inherent to quantum mechanics, and how we can build useful subroutines to simplify larger algorithms. Finally we thought about Why this is such an area of interest at present by considering what real-world application can be achieved by a quantum computer that would not be as easily or efficiently achievable using only classical technology. Shor’s Algorithm provided a clear mathematical problem, of factorising large numbers, which has been puzzling mathematicians for decades, and which can be handled by a quantum machine in significantly less time than it can be on a standard computer. Overall then, we have provided motivation and means for why quantum computa- tion is well placed to be a driving force in research in the coming decades. Our focus here has been on conceptual mathematical proofs rather than physical challenges to the construction of such machines, or of approaching the topic from a computer science per- spective and rigorously calculating efficiency in the number of space and time required to carry out computations. This has lead us to an understanding of why, mathematically at least, quantum computation holds huge promise for the future. 59
B I B L I O G R A P H Y [1] Yu I Manin. Vychislimoe i nevychislimoe (computable and noncomputable), moscow: Sov, 1980. [2] Richard P Feynman. Simulating physics with computers. International journal of theoretical physics, 21(6):467–488, 1982. [3] Paul Benioff. Quantum mechanical hamiltonian models of turing machines. Journal of Statistical Physics, 29(3):515–546, 1982. [4] David Deutsch. Quantum theory, the church-turing principle and the universal quantum computer. In Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences, volume 400, pages 97–117. The Royal Society, 1985. [5] David Deutsch and Richard Jozsa. Rapid solution of problems by quantum compu- tation. Proceedings of the Royal Society of London. Series A: Mathematical and Physical Sciences, 439(1907):553–558, 1992. [6] Peter W Shor. Algorithms for quantum computation: Discrete logarithms and fac- toring. In Foundations of Computer Science, 1994 Proceedings., 35th Annual Symposium on, pages 124–134. IEEE, 1994. [7] Michael A Nielsen and Isaac L Chuang. Quantum computation and quantum informa- tion. Cambridge university press, 2010. [8] Charles H Bennett, Gilles Brassard, Claude Cr´epeau, Richard Jozsa, Asher Peres, and William K Wootters. Teleporting an unknown quantum state via dual classical and einstein-podolsky-rosen channels. Physical review letters, 70(13):1895, 1993. [9] WK Wooters and WK Zurek. Quantum no-cloning theorem. Nature, 299:802, 1982. [10] Mark M Wilde. Quantum information theory. Cambridge University Press, 2013. [11] Eleanor G Rieffel and Wolfgang H Polak. Quantum computing: A gentle introduction. MIT Press, 2011. [12] Bernard J. Fino and V. Ralph Algazi. Unified matrix treatment of the fast walsh- hadamard transform. IEEE Transactions on Computers, 25(11):1142–1146, 1976. [13] Daniel R Simon. On the power of quantum computation. SIAM journal on computing, 26(5):1474–1483, 1997. [14] John M Pollard. A monte carlo method for factorization. BIT Numerical Mathematics, 15(3):331–334, 1975. [15] Isaac Chuang, Raymond Laflamme, P Shor, and W Zurek. Quantum computers, factoring, and decoherence. arXiv preprint quant-ph/9503007, 1995. [16] C Lavor, LRU Manssur, and R Portugal. Shor’s algorithm for factoring large integers. arXiv preprint quant-ph/0303175, 2003. 60
BIBLIOGRAPHY BIBLIOGRAPHY [17] Arjen K Lenstra, Hendrik W Lenstra Jr, Mark S Manasse, and John M Pollard. The number field sieve. Springer, 1993. [18] Shah Muhammad Hamdi, Syed Tauhid Zuhori, Firoz Mahmud, and Biprodip Pal. A compare between shor’s quantum factoring algorithm and general number field sieve. In Electrical Engineering and Information & Communication Technology (ICEEICT), 2014 International Conference on, pages 1–6. IEEE, 2014. [19] Peter W Shor. Polynomial-time algorithms for prime factorization and discrete log- arithms on a quantum computer. SIAM journal on computing, 26(5):1484–1509, 1997. [20] Lov K Grover. A fast quantum mechanical algorithm for database search. In Pro- ceedings of the twenty-eighth annual ACM symposium on Theory of computing, pages 212–219. ACM, 1996. [21] Benjamin P Lanyon, James D Whitfield, GG Gillett, Michael E Goggin, Marcelo P Almeida, Ivan Kassal, Jacob D Biamonte, Masoud Mohseni, Ben J Powell, Marco Bar- bieri, et al. Towards quantum chemistry on a quantum computer. Nature Chemistry, 2(2):106–111, 2010. [22] Christof Zalka. Simulating quantum systems on a quantum computer. Proceedings of the Royal Society of London. Series A: Mathematical, Physical and Engineering Sciences, 454(1969):313–322, 1998. 61

More Related Content

PDF
Quantum computation a review
byEditor Jacotech
 
PDF
Exploring Quantum Supremacy in Access Structures of Secret Sharing by Coding ...
byRyutaroh Matsumoto
 
PDF
Quantum inspired evolutionary algorithm for solving multiple travelling sales...
byeSAT Publishing House
 
PDF
The Traveling Salesman Problem: A Neural Network Perspective
bymustafa sarac
 
PPTX
PhD_presentation
byOshri Naparstek
 
DOC
4 report format
byAshikapokiya12345
 
PDF
Shor's discrete logarithm quantum algorithm for elliptic curves
byXequeMateShannon
 
PDF
Algebra(02)_160229_01
byArt Traynor
 
Quantum computation a review
byEditor Jacotech
 
Exploring Quantum Supremacy in Access Structures of Secret Sharing by Coding ...
byRyutaroh Matsumoto
 
Quantum inspired evolutionary algorithm for solving multiple travelling sales...
byeSAT Publishing House
 
The Traveling Salesman Problem: A Neural Network Perspective
bymustafa sarac
 
PhD_presentation
byOshri Naparstek
 
4 report format
byAshikapokiya12345
 
Shor's discrete logarithm quantum algorithm for elliptic curves
byXequeMateShannon
 
Algebra(02)_160229_01
byArt Traynor
 

Viewers also liked

PDF
Probability and random_processes_for_electrical_and_computer_engineers
byNebiyu Musie
 
PDF
Graphene for Emerging Technologies - Workshop booklet (October 2011)
byPhantoms Foundation
 
PDF
Carbon Nano tubes and its Applications in the Field of Electronics and Comput...
byijsrd.com
 
PPT
Computing and Information Processing
byYatish Bathla
 
PDF
Thermal and statistical physics h. gould, j. tobochnik-1
byPetrus Bahy
 
PPT
120519 ITS: Copenhagen interpretation in quantum mechanics
byHyunjung Kim
 
PDF
Introduction to Quantum Computation. Part - 2
byArunabha Saha
 
PDF
2015 Jusang Park
byJusang Park
 
PDF
The britannica guide to relativity and quantum mechanics (physics explained)
byأحمد عبد القادر
 
PPTX
Graphene, graphene oxide chemistry aplications
byHarsha Reddy
 
PDF
Graphene -Applications in Electronics
byZaahir Salam
 
PDF
Introduction to Quantum Computation. Part - 1
byArunabha Saha
 
Probability and random_processes_for_electrical_and_computer_engineers
byNebiyu Musie
 
Graphene for Emerging Technologies - Workshop booklet (October 2011)
byPhantoms Foundation
 
Carbon Nano tubes and its Applications in the Field of Electronics and Comput...
byijsrd.com
 
Computing and Information Processing
byYatish Bathla
 
Thermal and statistical physics h. gould, j. tobochnik-1
byPetrus Bahy
 
120519 ITS: Copenhagen interpretation in quantum mechanics
byHyunjung Kim
 
Introduction to Quantum Computation. Part - 2
byArunabha Saha
 
2015 Jusang Park
byJusang Park
 
The britannica guide to relativity and quantum mechanics (physics explained)
byأحمد عبد القادر
 
Graphene, graphene oxide chemistry aplications
byHarsha Reddy
 
Graphene -Applications in Electronics
byZaahir Salam
 
Introduction to Quantum Computation. Part - 1
byArunabha Saha
 

Similar to Mathematical_Introduction_to_Quantum_Computation

PDF
Quantum Information Science 1st Edition R. Manenti && M. Motta
byserwaestika
 
PDF
Quantum Information Science 1st Edition R. Manenti && M. Motta
byhbcdmeaiux8227
 
PPT
Fundamentals of Quantum Computing
byachakracu
 
PPTX
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
bySaikiran Panjala
 
PPTX
Quantum Computing_Quantum_mechanics.pptx
bykoreap
 
PPTX
Quantum computing
byKrishna Patel
 
PDF
Technological Survey on Quantum Computing
byIRJET Journal
 
PPT
quantum computing (department of computer science WMU).ppt
byeugenecom
 
PPT
osama-quantum-computingoftge quantum.ppt
byChiragSuresh
 
PPT
osama-quantum-computing and its uses and applications
byRachitdas2
 
PPT
osama-quantum-computing.ppt
bySainadhDuppalapudi
 
PPTX
Quantum computing
byIBNC India - India's Biggest Networking Championship
 
PPTX
Quantum computing
byRitwik MG
 
PPTX
Quantum computers
bykavya1219
 
PPTX
Quantum computing - A Compilation of Concepts
byGokul Alex
 
PDF
177
byvivatechijri
 
PDF
Quantum Computing 101, Part 1 - Hello Quantum World
byAaronTurner9
 
PPT
A brief introduction of Quantum-computing
byeugenecom
 
PDF
DEF CON 27 - ANDREAS BAUMHOF - are quantum computers really a threat to crypt...
byFelipe Prado
 
PPTX
Quantum Computation simplified.pptx
bySundarappanKathiresa
 
Quantum Information Science 1st Edition R. Manenti && M. Motta
byserwaestika
 
Quantum Information Science 1st Edition R. Manenti && M. Motta
byhbcdmeaiux8227
 
Fundamentals of Quantum Computing
byachakracu
 
A Technical Seminar on Quantum Computers By SAIKIRAN PANJALA
bySaikiran Panjala
 
Quantum Computing_Quantum_mechanics.pptx
bykoreap
 
Quantum computing
byKrishna Patel
 
Technological Survey on Quantum Computing
byIRJET Journal
 
quantum computing (department of computer science WMU).ppt
byeugenecom
 
osama-quantum-computingoftge quantum.ppt
byChiragSuresh
 
osama-quantum-computing and its uses and applications
byRachitdas2
 
osama-quantum-computing.ppt
bySainadhDuppalapudi
 
Quantum computing
byIBNC India - India's Biggest Networking Championship
 
Quantum computing
byRitwik MG
 
Quantum computers
bykavya1219
 
Quantum computing - A Compilation of Concepts
byGokul Alex
 
177
byvivatechijri
 
Quantum Computing 101, Part 1 - Hello Quantum World
byAaronTurner9
 
A brief introduction of Quantum-computing
byeugenecom
 
DEF CON 27 - ANDREAS BAUMHOF - are quantum computers really a threat to crypt...
byFelipe Prado
 
Quantum Computation simplified.pptx
bySundarappanKathiresa
 

Mathematical_Introduction_to_Quantum_Computation

  • 1.
    Trinity College Dublin Schoolof Maths Final Year Thesis Mathematical Introduction to Quantum Computation Author: Brian Flynn Supervisor: Professor Richard Timoney March 2015
  • 3.
    A B ST R A C T The subject of Quantum Computing is one of great interest across industry and academia at present. It is believed that by exploiting quantum properties of extremely small sys- tems, we may be able to build machines which utilise these unique properties in such a way as to offer significant increase in computational power over even the strongest of classical super-computers currently. The aim of this thesis is to consider and simplify the fundamental principles of the field of quantum computing. In doing so, it is hoped to present the subject in accessible and plain language so that the reader may understand some elements not explored in great depth in standard literature. We first define the language with which we can explore the topic by recalling some linear algebra to describe quantum mechanics. We then combine quantum physics with computer science to generate the fundamental unit of quantum communication, the qubit. We build from the definition of the qubit to the declaration of quantum gates, which act as logic gates, transforming the state of a qubit to a new state. By combining these gates, then, we see how quantum circuits can be developed to perform useful schemes, which can themselves be put together to form quantum algorithms in order to achieve computations which may not be possible through exploitation of solely classical technol- ogy. We will conclude with a discussion of why quantum computing has been of such interest in recent decades. In particular, we will describe the process of the single most famous result of the field of study to date, Shor’s factoring algorithm. We will hereby see how quantum methodology can solve a real problem, namely factorising large integers, which has been a difficult problem for classical computers historically. As such we will have demonstrated clear motivation for the school of thought, as well as clarifying some fundamental mathematical concepts involved in its inception. i
  • 4.
    A C KN O W L E D G E M E N T S I would like to thank Prof. Timoney for his help and patience through- out this project. His guidance has been crucial to my progress at all times, and I am extremely grateful for his input. D E C L A R AT I O N I, Brian Flynn, hereby declare that this thesis, “A Mathematical Introduc- tion to Quantum Computation”, is of my own authorsip and comprises entirely my own work, except where fully and properly referenced. In cases where the work resembles or derives from that of other authors, full citation is provided. Signature : Date:
  • 5.
    C O NT E N T S 1 introduction 2 1.1 Motivation 3 What 4 2 linear algebra 5 2.1 Recap of basics 5 2.2 Definitions 6 3 quantum mechanics 8 3.1 Postulates of Quantum Mechanics 8 3.2 Superpositions 9 4 quantum bits 10 4.1 Physical Realisation 10 4.2 Standard Notation 10 4.3 Multiple Qubits 11 5 acting on qubits 13 5.1 Entanglement 13 5.2 Unitary Transformations 14 5.3 Dirac Notation 14 How 19 6 gates and circuits 20 6.1 Gates 20 6.2 Circuits 25 6.3 Quantum Teleportation 27 7 computational techniques 31 7.1 Techniques 31 8 algorithms 35 8.1 Quantum Subroutines 35 8.2 Quantum Parallelism 38 Why 44 9 shor’s algorithm 45 9.1 Cryptography 45 9.2 Fourier Transformation 46 9.3 Factorisation by Period Finding 48 9.4 Steps of Shor’s Algorithm 50 9.5 Efficiency Improvement 56 10 conclusion 59 iii
  • 7.
    1 I N TR O D U C T I O N This thesis sets out to explain in clear detail the fundamentals of Quantum Computing. The aim herein is to bring a reader with little or no knowledge of the subject to a point of understanding of the basic concepts and processes involved in quantum computation. We will present the topic as a simple story: • What are the processes and mathematical techniques that we are considering? • How can they be used to construct quantum computers? • Why do we think this to be worthwhile? In doing so, we will explain the fundamental quantum mechanics at the heart of these machines. We will then discuss how these processes can be used to realise more powerful computations than would be possible using classical techniques. And we will conclude by considering what potential applications the technology offers, and why it is of such interest to so many people to build a truly functional quantum computer. This thesis will aim to follow a mathematical route rather than answer the more obvi- ous questions of how these devices could be engineered. A brief discussion will mention some of the methods of realising quantum bits, but overall, our aim is to demonstrate proof of concept mathematically. By and large we will assume the physics to be possible, and focus rather on what we need it to do: we prove their functionality and superiority over classical machines by calculating efficiency and writing algorithms which can’t be implemented classically. The scope of this thesis, then, is to give some insight into how this can be achieved. We will discuss how it is possible to act on quantum bits analogously to classical bits, and how there exist considerably more powerful combinations of gates and circuits to achieve the same results as classical devices, but in significantly less steps. We will discuss the limits that today’s computers are subject to and we will show that quantum algorithms can far exceed these limits, and we will provide strong motivation to do so by examining some of the uses this will allow for, such as high-level cryptography. 2
  • 8.
    1.1. MOTIVATION CHAPTER1. introduction 1.1 motivation Since the notion of a quantum computer was first suggested by Yuri Manin in 1980 [1], and seperately by Richard Feynman [2], many prominent mathematicians and physicists have studied the topic in great depth. In 1982, the first potential framework of a quantum computer was proposed by Paul Benioff [3]. In the following years, it was proven that there were processes for which quantum computing could be shown to out-perform its classical counterpart, in particular by the work of David Deutsch, [4]. In 1992, Deutsch, together with Richard Josza released a paper entitled Rapid solution of problems by quan- tum computation, in which they showed how quantum machines could be used to achieve exponential speed-up in solving computational problems [5]. The problems that their al- gorithm was able to solve, however, were of little practical use, so there was no known reason to actually invest in the construction of such potentially useless devices. In 1994, Peter Shor published a paper that became a turning point in the history of quantum computing: his now-famous algorithm used techniques only available to quantum com- puters to solve factorisation problems. He showed that a quantum computer would be able to factorise large numbers with significantly less computational expense than clas- sical machines will ever be capable of [6]. Following this milestone, it became clear that quantum methods have the capacity to transcend classical machines, and so the field has been growing steadily as a research topic since. In the late 1990’s, the first quantum computer was built utilising 2 qubits. There have been significant strides every year since then towards a fully functional model. Thus our motivation is clear: the entire quantum computing industry is built on the belief that, quite soon, we will be able to build computers which operate at exponen- tially faster and more efficient rates than we will ever be able to achieve using classical implementations. We endeavour to understand the building blocks which are at the centre of this po- tentially massive transition to a new kind of computation. 3
  • 9.
    W H AT Inorder to describe quantum devices, we must first think about what we’re talking about. We must recall the basic maths involved in describing quantum mechanics, as well as remembering the cornerstones of quantum physics, before ex- tending these concepts to allow for the notion of exploiting their properties. In other words, we will consider What we’re going to discuss henceforth. 4
  • 10.
    2 L I NE A R A L G E B R A Before getting too involved in mechanical view points and quantum physics, it is im- portant to review the language with which these topics will be discussed: here we will recap some basics of linear algebra and summarise the basic mathematical techniques required to describe physics at a quantum scale. 2.1 recap of basics Some algebraic knowledge is assumed of the reader. For further discussion and deriva- tion of some points, consult §2.1 of the standard text on the subject on quantum comput- ing and information processing, Nielsen and Chuang. [7]. We will briefly recall some definitions for reference. • Notation Definition of Representation Vector (or ket) |ψ Dual Vector (or bra) ψ| Tensor Product |ψ ⊗ |φ Complex conjugate |ψ∗ Transpose |ψ T Adjoint |ψ † = (|ψ ∗ )T Algebraic Definitions The dual vector of a vector (ket) |ψ is given by ψ| = |ψ † . The adjoint of a matrix replaces each matrix element with its own complex conjugate, and then switches its columns with rows. M† = M0,0 M0,1 M1,0 M1,1 † = M∗ 0,0 M∗ 0,1 M∗ 1,0 M∗ 1,1 T = M∗ 0,0 M∗ 1,0 M∗ 0,1 M∗ 1,1 (2.1) 5
  • 11.
    2.2. DEFINITIONS CHAPTER2. linear algebra The inner product of two vectors, |ψ =   ψ1 ψ2 ... ψn   and |φ =   φ1 φ2 ... φn   is given by φ|ψ = (|φ † )|ψ = (φ∗ 1 φ∗ 2 . . . φ∗ n)   ψ1 ψ2 ... ψn   = φ∗ 1 ψ1 + φ∗ 2 ψ2 + · · · + φ∗ nψn (2.2) |ψ i, |φ i are complex numbers, and therefore the above is simply a sum of products of complex numbers. The inner product is often called the scalar product, which is in general complex. 2.2 definitions For future reference, here is a list of definitions to be used throughout this thesis. • Vector Space: A vector space is the region spanned by a set of basis vectors. As- signing a scalar multiple (which can be positive, negative, zero or complex) to each basis vector, it is possible to reach any point in the associated vector space. • Hilbert Space: A Hilbert space is a generalised vector space which has an inner product. That is, it is possible to compute the inner product of any two vectors in a Hilbert space. It can be seen as a generalised Euclidean vector space, or a vector space of dimension n. It is the vector space associated with quantum mechanics. • Operator: An operator, here denoted O, sometimes referred to as a transformation is something which acts on an object, leaving the object in a new state. Operators are represented by matrices, which act on vectors, say v, by sending them to a different vector, w, within the same vector space, V. O(v) = w v, w ∈ V (2.3) • Hermitian Operator: A Hermitian operator is one whose adjoint is equal to itself: O† = O (2.4) • Unitary Operator: A unitary operator is one whose inverse is equal to itself: O−1 = O (2.5) • Eigenfunctions and Eigenvalues: An eigenfunction is function which, when acted on by a linear operator, returns the same function as prior to operation, with some constant factor, called its eigenvalue. If A is an operator, then an eigenfunction f returns an eigenvalue λ through the relation A f = λ f (2.6) 6
  • 12.
    2.2. DEFINITIONS CHAPTER2. linear algebra • Tensor product: The tensor product of two vectors belonging to two vector spaces, is a new vector space. If we tensor product a vector v in some vector space V with another vector w in a vector space W, the resultant v ⊗ w is in the newly generated tensor space V ⊗W. In general, the tensor product of two vectors generates another vector with dimension equal to their individual dimensions multiplied together. Example 2.1. |a = a1 a2 a3 ∈ A, |b = b1 b2 ∈ B ⇒ |a ⊗ |b =     a1b1 a1b2 a2b1 a2b2 a3b1 a3b2     We can also tensor product operators to form an operator which could act in the tensor space formed by the tensor product of two vectors. Suppose we tensor product an operator A, which sends vectors in a space V to other vectors in V, with another, B, which acts in the space W. In doing so, we are generating an operator which takes vectors in the space V ⊗ W to other vectors in the same space. A : V → V , B : W → W A ⊗ B : V ⊗ W → V ⊗ W Example 2.2. A = a0,0 a0,1 a1,0 a1,1 B = b0,0 b0,1 b1,0 b1,1 ⇒ A ⊗ B = a0,0B a0,1B a1,0B a1,1B =     a0,0b0,0 a0,0b0,1 a0,1b0,0 a0,1b0,1 a0,0b1,0 a0,0b1,1 a0,1b1,0 a0,1b1,1 a1,0b0,0 a1,0b0,1 a1,1b0,0 a1,1b0,1 a1,0b1,0 a1,0b1,1 a1,1b1,0 a1,1b1,1     7
  • 13.
    3 Q U AN T U M M E C H A N I C S In order to describe the universe at extremely small scales, we introduce a mathematical framework called quantum mechanics. To build such a framework, there are several universally accepted postulates that govern the language. It is expected that the reader has a fair knowledge of basic quantum mechanics, so only the postulates are restated here for brevity. 3.1 postulates of quantum mechanics There are many versions of statements of the postulates of quantum mechanics. Each version of the statements aims to achieve the same foundation, so we endeavour to explain them in the simplest terms. 1. Every moving particle in a conservative force field has an associated wave-function, |ψ . From this wave-function, it is possible to determine all physical information about the system. 2. All particles have physical properties called observables (denoted q). In order to determine a value, q, for a particular observable, there is an associated operator Q, which, when acting on the particles wavefunction, yields the value times the wavefunction. The observable q is then the eigenvalue of the operator Q. Q|ψ = q|ψ (3.1) 3. Any such operator Q is Hermitian Q† = Q (3.2) 4. The set of eigenfunctions for any operator Q forms a complete set of linearly inde- pendent functions. 5. For a system with wavefunction |ψ , the expectation value of an observable q with respect to an operator Q is denoted by q and is given by q = ψ|Q|ψ (3.3) 8
  • 14.
    3.2. SUPERPOSITIONS CHAPTER3. quantum mechanics 6. The time evolution of |ψ is given by the time dependent Schrodinger Equation i¯h ∂ψ ∂t = ˆHψ (3.4) Using these building blocks, we can begin to construct a language to describe quan- tum systems. 3.2 superpositions One of the most surprising and interesting results of quantum mechanics is that of superposition. By this we mean the existence of a particle or body which is simultaneously in a number of states. A quantum state can be thought of as a value with respect to a defining property. A simple classical example of a state is on/off: we can say with certainty whether a switch - say a light switch - is on or off. To build on this concept then, imagine instead a situation where the switch is both on and off simultaneously. Mathematically, say that |↑ represents the situation where a switch is “up” (or “on”). Then, |↓ will similarly represent the situation where the switch is “down”. Classically, we expect any switch, S - given by a state |S - to take the value |S = |↑ or |S = |↓ Then, in quantum mechanics, there exists a superposition state wherein it is both up and down: |S = a|↑ + b|↓ where a, b are the amplitudes of the states up and down respectively. The amplitudes are what define to what extent the body can be seen to exist in the associated state. Upon measurement, the system will assume only one of its constituent quantum states: the square of the amplitudes indicate the probability that the system will be measured in that state. i.e P(|S = |↑ ) = |a|2 ; P(|S = |↓ ) = |b|2 and it is obvious then that for the probabilities to sum to 1, |a|2 + |b|2 = 1 In general, if |x is a possible state of a system, with complex amplitude ax, then the system can be said to be in the superposition ∑ x ax|x ; ∑ x |ax|2 = 1, ax ∈ C (3.5) This is known as the State Vector for a quantum state. The state space of a physical system (classical or quantum) is then the set of all possible states the system can exist in, i.e the set of all possible values for x such that 3.5 are satisfied. 9
  • 15.
    4 Q U AN T U M B I T S We now look to what these operations actually act on. In classical circuitry, bits (binary digits) are fundamental units of information which can occupy either the state 0 or 1. These bits are acted on by gates to achieve particular combinations to find an output of some programme. In quantum computation, quantum bits, or qubits, are used in combination as input, and acted on by some quantum gates and circuits implementing some quantum algorithm, to ultimately achieve an output that may not be possible to achieve using classical machines, or else is far more efficient through use of quantum computation. 4.1 physical realisation As qubits are, by definition, systems subject to quantum mechanics, we must construct them from two-state mechanical systems at this scale. Examples of feasible systems include the energy levels of hydrogen atoms, electron spin and photon polarisation along perpendicular directions. For our purposes, one qubit representation is equivalent to any other. It is simplest to think of electron spin as the quantum property that we will manipulate because it can take the values up/down, analogous to the classical on/off switch. For the simplicity of being able to transfer to an orthogonal basis intuitively, however, we will focus on photon polarisation for the next section. The remainder of this text does not refer to what physical realisation is being implemented. 4.2 standard notation Take a 2-dimensional, x-y plane as our surface: photons can then be polarised along the x- or y- axis. A general state will be represented by a vector ( x y ). These polarisations can then be thought of as standard basis vectors in linear algebra. Denote them as |0 and |1 |→ = |0 = 1 0 A unit vector along x-axis (4.1) |↑ = |1 = 0 1 A unit vector along y-axis (4.2) 10
  • 16.
    4.3. MULTIPLE QUBITSCHAPTER 4. quantum bits Now, in relation to the concept of superposition, we can consider a photon, ψ which travels along a diagonal, evenly splitting the two basis vectors. As such, we would require that, upon measurement, it is equally likely that the photon will ”collapse” into the polarised state along x as it is to collapse along y. That is, we want P(↑) = P(→) so assign equal modulus amplitudes to the two possibilities: |ψ = a| ↑ + b|→ , with P(↑) = P(→) ⇒ |a|2 = |b|2 We consider here a particular case, due to the significance of the resultant basis, where up-polarisation and down-polarisation have real amplitudes a, b ∈ R. ⇒ a = ±b but also |a|2 + |b|2 = 1 ⇒ a = 1 √ 2 ; b = ± 1 √ 2 ⇒ ψ = 1 √ 2 | → ± 1 √ 2 | ↑ ⇒ ψ = 1 √ 2 |0 ± 1 √ 2 |1 These particular superpositions are of significance. We denote them |+ = 1 √ 2 |0 + 1 √ 2 |1 (4.3) |− = 1 √ 2 |0 − 1 √ 2 |1 (4.4) This is called the Hadamard basis and will be important for the remainder of this discussion. It is an equally valid vector space as the standard basis which is spanned by 1 0 , 0 1 . In the standard basis, the Hadamrad basis can be seen as being spanned by 1√ 2 1√ 2 , 1√ 2 − 1√ 2 4.3 multiple qubits In reality, we will be dealing with systems of numerous qubits. Mathematically, we consider the state vector of a system containing n qubits as being the tensor product of the n qubits’ individual state vectors. That is, for a 2-qubit system, |ψ to be in some combination of two qubits |A and |B : |ψ = |A, B = |AB = |A ⊗ |B 11
  • 17.
    4.3. MULTIPLE QUBITSCHAPTER 4. quantum bits Consider first a simple system of 2 qubits. Measuring in the standard basis, these qubits will have to collapse in to one of the basis states |0, 0 , |0, 1 , |1, 0 , |1, 1 . Thus, for such a 2-qubit system, we have the general superposition |ψ = α0,0|0, 0 + α0,1|0, 1 + α1,0|1, 0 + α1,1|1, 1 where αi,j is the amplitude for measuring the system as the state |i, j . This is perfectly analogous to a classical 2-bit system necessarily occupying one of the four possibilities (0, 0), (0, 1), (1, 0), (1, 1). Hence, for example, if we wanted to concoct a two-qubit system composed of one qubit in the state |+ and one in |− |ψ = |+ ⊗ |− |ψ = ( 1 √ 2 |0 + 1 √ 2 |1 ) ⊗ ( 1 √ 2 |0 − 1 √ 2 |1 ) = 1 2 [|00 − |01 + |10 − |11 ] = 1 2 1 0 ⊗ 1 0 − 1 0 ⊗ 0 1 + 0 1 ⊗ 1 0 − 0 1 ⊗ 0 1 = 1 2 1 0 0 0 − 0 1 0 0 + 0 0 1 0 − 0 0 0 1 |ψ = 1 2 1 −1 −1 1 That is, the system is given by a linear combination of the four basis vectors 1 0 0 0 , 0 1 0 0 , 0 0 1 0 , 0 0 0 1 We can notice that a single qubit system can be described by a linear combination of two basis vectors, and that a two qubit system requires four basis vectors to describe it. In general we can say that an n-qubit system is represented by a linear combination of 2n basis vectors. 4.3.1 Registers A register is the name given to a system of multiple qubits. We may use the idea to consider a system of n qubits as two sub systems. For instance, a register of ten qubits can be denoted |x[10] , and we can think of the system as a register of six qubits together with a register of three and another register of one qubit. |x[10] = |x1[6] ⊗ |x2[3] ⊗ |x3[1] 12
  • 18.
    5 A C TI N G O N Q U B I T S 5.1 entanglement Another unique property of quantum systems is that of entanglement: ie when two or more particles interact in such a way that their individual quantum states can not be described independent of the other particles. A quantum state then exists for the system as a whole instead. Mathematically, we consider such entangled states as those whose state can not be expressed as a tensor product of the states of the individual qubits it’s composed of: they are dependent upon the other. Example 5.1. Consider the state |Φ+ = 1 √ 2 [|00 + |11 ] If we measure this state, we expect that it will be observed either as |00 or |11 , with equal probability due to their equal magnitudes. The bases for this state are simply the standard bases, |0 and |1 . Thus, according to our previous definition of systems of multiple qubits, we would say this state can be given as a combination of two states |Φ+ = |ψ1 ⊗ |ψ2 = [a1|0 + b1|1 ] ⊗ [a2|0 + b2|1 ] = a1a2|00 + a1b2|01 + b1a2|10 + b1b2|11 However we require |Φ+ = 1√ 2 [|00 + |11 ], which would imply a1b2 = 0 and b1a2 = 0. These imply that either a1 = 0 or b2 = 0, and also that b1 = 0 or a2=0, which are obviously invalid since we require that a1a2 = b1b2 = 1√ 2 . Thus, we cannot express |Φ+ = |ψ1 ⊗ |ψ2 and this is what we term an entangled state. 13
  • 19.
    5.2. UNITARY TRANSFORMATIONSCHAPTER 5. acting on qubits 5.2 unitary transformations A fundamental concept in quantum mechanics is that of performing transformations on states. Quantum transformations, otherwise known as quantum operators are those which map a quantum state into a new state within the same state space. There are certain restrictions on a physically possible quantum transformation: in order that U is a valid transformation acting on some superposition |ψ = a1|ψ1 + a2|ψ2 + . . . ak|ψk , U must be linear U(a1|ψ1 + a2|ψ2 + . . . ak|ψk ) = a1(U|ψ1 ) + a2(U|ψ2 ) + · · · + ak(U|ψk ) It is also necessary that the order of measurement and transformation do not affect the system: to obtain |ψ0 with probability P0, it should be equally valid to first apply U to |ψ and then measuring, as it is to first measure and then transform the result. To fulfil these properties, we require that U preserve the inner product: ψ0|U† U|ψ = ψ0|ψ That is, we require that any such transformation be unitary: UU† = I ⇒ U† = U−1 (5.1) Unitarity is a sufficient condition to describe any valid quantum operation: any quan- tum transformation can be described by a unitary quantum transformation, and any unitary transformation corresponds to a physically possible quantum transformation. Then, if U1 is a unitary transformation that acts on the space S1 and U2 acts on S2, the product of the two unitary transformations is also unitary. The tensor product U1 ⊗ U2 acts on the space S1 ⊗ S2. So, then, supposing a system of 2 qubits, |ψ1 and |ψ2 where we wish to act on |ψ1 with operator U1 and on |ψ2 with U2, we perform it as (U1 ⊗ U2) (|ψ1 ⊗ |ψ2 ) = (U1|ψ1 ) ⊗ (U2|ψ2 ) This idea will be built upon when we discuss quantum gates and circuits. 5.2.1 Reversibility Quantum mechanics is by nature reversible in time: probability is conserved as a state evolves in time. This can be seen from the Schrodinger equation, which approximates the time evolution of a quantum state. Then, to build a quantum computer, we must involve only states that evolve in accordance with Schrodinger’s equation, and so we can only build one using reversible circuits. 5.3 dirac notation In keeping with standard practice, we will employ Dirac notation throughout this thesis. This will simplify calculations as they become progressively more difficult and standard 14
  • 20.
    5.3. DIRAC NOTATIONCHAPTER 5. acting on qubits matrix and vector calculation would become increasingly difficult too. Vectors will be denoted by kets of the form |a . For example, the standard basis will be represented by, |x = |0 = 1 0 |y = |1 = 0 1 We saw in §2 that, for every such ket |ψ , there exists a dual vector: its complex conjugate transpose, called the bra of such a vector, denoted ψ|. That is ψ|† = |ψ ; |ψ † = ψ| |ψ =   ψ1 ψ2 ... ψn   ⇒ ψ| = ( ψ∗ 1 ψ∗ 2 ... ψ∗ n ) Then if we have two vectors |ψ and |φ , their inner product is given as ψ|φ = φ|ψ . Definition 5.2. Inner Product |ψ =     ψ1 ψ2 ψ3 ... ψn     ; |φ =     φ1 φ2 φ3 ... φn     ⇒ φ| = ( φ∗ 1 φ∗ 2 φ∗ 3 ... φ∗ n ) ⇒ φ|ψ = ( φ∗ 1 φ∗ 2 φ∗ 3 ... φ∗ n )     ψ1 ψ2 ψ3 ... ψn     ⇒ φ|ψ = φ∗ 1 ψ1 + φ∗ 2 ψ2 + φ∗ 3 ψ3 + · · · + φ∗ nψn Example 5.3. |ψ = 1 2 3 ; |φ = 4 5 6 ⇒ φ|ψ = ( 4 5 6 ) 1 2 3 = (4)(1) + (5)(2) + (6)(3) = 32 Similarly, their outer product is given as |φ ψ|. Multiplying a column vector by a row vector thus gives a matrix. Matrices generated by a outer products then define operators: Example 5.4. 1 2 ( 3 4 ) = 3 4 6 8 15
  • 21.
    5.3. DIRAC NOTATIONCHAPTER 5. acting on qubits Then we can say, for |0 = 1 0 and |1 = 0 1 |0 0| = 1 0 0 0 (5.2a) |0 1| = 0 1 0 0 (5.2b) |1 0| = 0 0 1 0 (5.2c) |1 1| = 0 0 0 1 (5.2d) And so any 2-dimensional linear transformation in the standard basis |0 , |1 can be given as a sum a b c d = a|0 0| + b|0 1| + c|1 0| + d|1 1| (5.3) This method of representing operators as outer products of vectors will be useful through- out this text. A transformation that exchanges two particles, say |0 ↔ |1 is given by the operation Q : |0 → |1 |1 → |0 Which is equivalent to the outer product representation Q = |0 1| + |1 0| For clarity, here we will prove this operation Example 5.5. Q = |0 1| + |1 0| = 1 0 0 1 + 0 1 1 0 = 0 1 0 0 + 0 0 1 0 = 0 1 1 0 So then, acting on |0 and |1 gives Q|0 = 0 1 1 0 1 0 = 0 1 = |1 Q|1 = 0 1 1 0 0 1 = 1 0 = |0 16
  • 22.
    5.3. DIRAC NOTATIONCHAPTER 5. acting on qubits To demonstrate how Dirac notation simplifies this: Q|0 = (|0 1| + |1 0|)|0 = |0 1||0 + |1 0||0 = |0 1|0 + |1 0|0 Then, since |0 and |1 are orthogonal basis, their inner product is 0 and the inner product of a vector with itself is 1, ( 1|1 = 0|0 = 1, 0|1 = 1|0 = 0). So, Q|0 = |0 (0) + |1 (1) ⇒ Q|0 = |1 And similarly for Q|1 . This simple example then shows why Dirac notation can signif- icantly simplify calculations across quantum mechanics, compared to standard matrix and vector notation. To see this more clearly, we will examine a simple 2-qubit state under such operations. The method generalises to operating on two or more qubits generically: we can define any operator which acts on two qubits as a sum of outer prod- ucts of the basis vectors |00 , |01 , |10 and |11 . We can similarly define any operator which acts on an n qubit state as a linear combination of the 2n basis states generated by the n qubits. Example 5.6. To define a transformation that will exchange basis vectors |00 and |11 , while leaving |01 and |10 unchanged (ie exchanging |01 ↔ |01 , |10 ↔ |10 ) we define an operator Q = |00 11| + |11 00| + |10 10| + |01 01| Then, using matrix calculations this would require separately calculating the four outer products in the above sum and adding them to find a 4 × 4 matrix to represent Q, which then acts on a state |ψ . Instead, consider first that |ψ = |00 , ie one of the basis vectors our transformation is to change: Q|00 = (|00 11| + |11 00| + |10 10| + |01 01|) |00 And as before, only the inner products of a vector with itself remains: = |00 11|00 + |11 00|00 + |10 10|00 + |01 01|00 = |00 (0) + |11 (1) + |10 (0) + |01 (0) ⇒ Q|00 = |11 i.e the transformation has performed Q : |00 → |11 as expected. Then, if we apply the same transformation to a state which does not depend on one of the target states, eg, |ψ = a|10 + b|01 17
  • 23.
    5.3. DIRAC NOTATIONCHAPTER 5. acting on qubits Q|ψ = |00 11| + |11 00| + |10 10| + |01 01| a|10 + b|01 = a |00 11||10 + |11 00||10 + |10 10||10 + |01 01||10 +b |00 11||01 + |11 00||01 + |10 10||01 + |01 01||01 And since the inner product is a scalar, we can factor terms such as 11|10 to the beginning of expressions, eg |00 11||10 = 11|10 |00 , and we also know 11|10 = 00|10 = 01|10 = 11|01 = 00|01 = 10|01 = 0 and 10|10 = 01|01 = 1 We can express the above as Q|ψ = a (0)|00 + (0)|11 + (1)|10 + (0)|01 +b (0)|00 + (0)|11 + (0)|10 + (1)|01 = a|10 | + b|01 = |ψ Then it is clear that, when |ψ is a superposition of states unaffected by transformation Q, then Q|ψ = |ψ . This method generalises to systems with greater numbers of particles (qubits). If we briefly consider a 3 qubit system - and initialise all qubits in the standard basis state |0 - then the system is represented by |000 = |0 ⊗ |0 ⊗ |0 = 0 1 ⊗ 0 1 ⊗ 0 1 . This quantity is an 8-row vector. To calculate the outer product 000|000 , we would be multi- plying an 8-column bra 000| by an 8-row ket |000 . Clearly then we will be working with 8 × 8 matrices, which will become quite difficult to maintain effectively and efficiently quite fast. As we move to systems of larger size, standard matrix multiplication will become unfeasible. Then it is obvious that Dirac’s bra/ket notation can be considered best practice for the scope of this subject and quantum mechanics in general. 18
  • 24.
    H O W Wemay now try to answer the question of How actions on such qubits can represent computation, and outline proofs that such computations operate at improved efficiency com- pared with classical computers. 19
  • 25.
    6 G AT ES A N D C I R C U I T S In analogy with classical computers, in order to operate on qubits, we need to devise gates to achieve desired effects when qubits “pass” through them. These simple gates may then be combined into circuits of varying complexity, and it is by arranging such circuits in particular orders that we may input a number of qubits and produce an output corresponding to a function we want to be evaluated. 6.1 gates Classically, a gate takes an input of a number of bits and produces a defined output based on the value(s) of the input bits. For example, a simple NOT gate, N, has the effect: N : 1 → 0 0 → 1 There are a number of such simple gates, such as AND, OR and XOR, which can be used to build arbitrarily complex circuits, and thus achieve any computation. To have a quantum gate, we require a process which takes an input state, and alters it in a defined way to produce an output state. That is, a quantum gate is simply a transformation or operation acting on input qubits. 6.1.1 Single Qubit Gates The simplest such gate is one which would act only on one qubit and change its value. For instance, suppose we wanted to define an operator which would change a |0 to |1 and vice versa. This can be seen mathematically as transforming one basis vector to another. Let us call this operation a quantum NOT-gate. As above, to generate an operator that exchanges basis vectors, we include the outer product of the vectors to be transformed: QNOT = |1 0| + |0 1| Then if we apply this operation to |0 for example QNOT|0 = |1 0| + |0 1| |0 = |1 0|0 + |0 1|0 20
  • 26.
    6.1. GATES CHAPTER6. gates and circuits = |1 (1) + |0 (0) ⇒ QNOT|0 = |1 Single qubit gates may be applied simultaneously, which we call multiple qubit gates, which we discuss shortly. 6.1.1.1 Diagrammatic Representation of Gates Before proceeding we will define how we will present gates pictorally from here on. A qubit will be represented by a wire - a straight line - and an operator will be shown by a box. Example 6.1. A qubit, |ψ operated on by Q, finishing in the state |ψ |ψ Q |ψ 6.1.1.2 Pauli Matrices There are some basic quantum operations that are extremely useful and form the basis of a great number of gates, called the Pauli matrices, which we define here I = 1 0 0 1 = |0 0| + |1 1| (6.1a) X = 0 1 1 0 = |1 0| + |0 1| (6.1b) Y = i 0 1 −1 0 = i(−|1 0| + |0 1|) (6.1c) Z = 1 0 0 −1 = |1 1| − |0 0| (6.1d) We can see that the Pauli-X gate is the same as the quantum not gate above. We represent this operation on a diagram (acting on |0 ) thus: |0 X |1 21
  • 27.
    6.1. GATES CHAPTER6. gates and circuits 6.1.1.3 Hadamard Gate If we now wish to take advantage of the quantum properties of qubits, we need to generate and act on superpositions. The Hadamard gate, H, takes a single basis state |0 or |1 , and turns it into an even superposition of basis states: H : |a → 1 √ 2 |0 + (−1)a |1 That is H|0 = 1 √ 2 |0 + 1|1 = |+ H|1 = 1 √ 2 |0 − 1|1 = |− These are the two orthogonal basis vectors which span the Hadamard basis of 4.2. For reference, the Hadamard gate can be represented as the matrix operator H = 1 √ 2 1 1 1 −1 = 1 √ 2 |0 0| + |1 0| + |0 1| − |1 1| (6.2) Upon measurement then it is equally likely that a state generated by a Hadamard gate will be observed in the basis |0 or |1 . 6.1.1.4 Linearity of quantum gates We should note that quantum gates act linearly. That is, when acting on a superposition, the gate will take action separately on each basis state as it would individually. Example 6.2. QNOT a0|0 + a1|1 = a0(QNOT|0 ) + a1(QNOT|1 ) = a0|1 + a1|0 So to see how this might apply to more complicated systems, consider a Hadamard gate acting on the superposition state |ψ = a0|0 + a1|1 , Example 6.3. H|ψ = H a0|0 + H a1|1 a0 H|0 + a1 H|1 a0 1 √ 2 |0 + |1 + a1 1 √ 2 |0 − |1 = 1 √ 2 a0 + a1 |0 + a0 − a1 |1 22
  • 28.
    6.1. GATES CHAPTER6. gates and circuits 6.1.2 Multiple Qubit Gates Single qubit gates may be applied simultaneously, which we call multiple qubit gates. Consider first a gate to act on 2 qubits, |ψ1 and |ψ2 . Suppose we want to perform separate operations, say Q1 and Q2, on the two qubits at the same time, as part of some larger scheme. The system is represented by |ψ1 ⊗ |ψ2 , so we represent the operator to perform both Q1 and Q2 as Q1 ⊗ Q2. So Q1 ⊗ Q2 |ψ1 ⊗ |ψ2 = Q1|ψ1 ⊗ Q2|ψ2 If we wish to perform an operator Q on the ith qubit of an n-qubit system, we must simultaneously act on the other (n − 1) qubits by the Identity operator, given by the Pauli matrix 6.1a, which has no effect on a state. So we have I ⊗ · · · ⊗ I ⊗ Q ⊗ I · · · ⊗ I |ψ1 ⊗ · · · ⊗ |ψi−1 ⊗ |ψi ⊗ |ψi+1 ⊗ · · · ⊗ |ψn = (I|ψ1 ) ⊗ . . . (Q|ψi ) ⊗ . . . (I|ψn ) (6.3) And this behaviour extends generically to applying specific operations Qi on partic- ular qubits |ψi . Q1 ⊗ · · · ⊗ Qn |ψ1 ⊗ · · · ⊗ |ψn = (Q1|ψ1 ⊗ · · · ⊗ (Qn|ψn ) (6.4) 6.1.2.1 Controlled Operations An important multiple qubit gate is the Controlled-NOT gate, CNOT. This gate performs a NOT-operation on a target qubit, if and only if a control qubit is in the standard basis state |1 , and leaves the control bit unchanged. Definition 6.4. CNOT|A ⊗ B = |A ⊗ (B ⊕ A) Where A is the control-qubit, B is the target-qubit, and ⊕ denotes modulus-2 addition: 0 ⊕ 0 = 0 ; 1 ⊕ 1 = 2mod2 = 0 ; 0 ⊕ 1 = 1 ⊕ 0 = 1 (6.5) such that CNOT|00 = |00 (6.6a) CNOT|01 = |01 (6.6b) CNOT|10 = |11 (6.6c) 23
  • 29.
    6.1. GATES CHAPTER6. gates and circuits CNOT|11 = |10 (6.6d) This concept of control then generalises simply: we can define multiply-controlled single qubit transformations which change a solitary target qubit if every control-qubit satisfies the control condition, which is usually simply to be in the state |1 . We can also define a controlled operation other than a NOT gate, to allow us to perform an operation upon one or multiple qubits when some criteria are met by other qubits. A simple extension of the controlled-NOT gate is the controlled-controlled-NOT gate, or the Toffoli gate, T, which flips a third qubit if both other input qubits are in the state |1 . T|A ⊗ B ⊗ C = |A ⊗ B ⊗ C ⊕ AB Example 6.5. T|111 = |110 ; T|101 = |101 ; T|001 = |001 6.1.2.2 Diagram Representation Intuitively, diagrams expand generically: one wire per qubit and boxes for each opera- tion. Acting on multiple qubits then requires diagrams for multiple-qubit gates. Control bits are represented by black dots, and target bits are given by open circle. When a gate acts on a qubit conditional on another, as in the CNOT and Toffoli gates, they are connected by a vertical wire, so the CNOT and Toffoli gates are given by |A • |A |B |B ⊕ A |A • |A |B • |B |C |C ⊕ A × B 6.1.3 Black Box problems We will define a black box which will calculate a function f. We are unconcerned with what goes on inside this box - we assume the same computation as such a black box would perform classically. We assume that we cannot improve on the internal efficiency of the calculation of f, so we aim to minimise how many times we must call on this black box. Consider a gate which takes an input |x, y and outputs the result of the function in the second qubit, as seen here. |x U |x |y |y ⊕ f (x) So then, if we set the second qubit to be 0, upon input |x, 0 we retrieve the output |x, f (x) , so we have both the input and the output of the function contained within the 24
  • 30.
    6.2. CIRCUITS CHAPTER6. gates and circuits 2-qubit register after a call to the black box. As such, we are dealing with a reversible circuit in that we can determine the input, |x by observation of the output, |x |f (x) . This is important in quantum information processing as we saw in 5.2.1 that we can only build a quantum computer if its processes are reversible in time. 6.2 circuits Quantum circuits then, are simply the combination of a number of gates acting on the same set of qubits sequentially. This is in obvious analogy with classical circuitry, whereby an output is found for a particular set of input bits by acting on the bits in a particular order to achieve calculations. Circuits build on the effects of single gates: by performing one gate, and inputting the result obtained into another gate, we may begin to construct more complicated devices, which are arranged to the specific requirements of the process to be computed. 6.2.1 Single Qubit Circuits The simplest possible circuit is to act on a qubit by one gate, and then to act on the resultant qubit by another gate. For example, first performing a quantum NOT-gate on a qubit in state |0 , and then performing a Hadamard gate upon the result. We expect to first obtain QNOT|0 = |1 , and thereafter compute H(|1 ). For mathematical consistency then, we will write the first-in-time operation as the operator left-most closest to the state being acted upon: H QNOT|0 = H |1 = |− |0 X H |− Now consider twice applying a Hadamard gate to any qubit H(H|a ) = H 1 √ 2 |0 + (−1)a |1 = 1 √ 2 H|0 + (−1)a H|1 = 1 √ 2 1 √ 2 |0 + 1|1 + (−1)a 1 √ 2 |0 − 1|1 = 1 √ 2 1 √ 2 1 + (−1)a |0 + 1 − (−1)a |1 So if a = 0, (1 + (−1)a) = 2, (1 − (−1)a) = 0, and if a = 1, (1 + (−1)a) = 0, (1 − (−1)a) = 2 H(H|0 ) = 1 2 (2)|0 + (0)|1 = |0 25
  • 31.
    6.2. CIRCUITS CHAPTER6. gates and circuits H(H|0 ) = 1 2 (0)|0 + (2)|1 = |1 Otherwise, if |a had been a superposition state, due to linearity, § 6.1.1.4, this princi- ple would remain and the superposition would be preserved under a double Hadamard gate. It is clear then that HH = I. This property does not hold for all quantum gates but the Hadamard gate is of such importance that it is worth noting this relation. 6.2.2 Multiple Qubit Circuits Of more practical interest is the concept of defining a circuit to process multiple qubits. The goal here is to design circuits that will be used to construct relatively simple quantum algorithms, chapter 8 . These algorithms will form the basis of quantum subroutines § 8.1 , which will in turn become the basis for involved routines which implement calculations at a user’s level. Example 6.6. Alternative CNOT Gate To gain an initial understanding of how such circuits can be formed, let us consider the process of altering the criteria of a controlled-NOT gate, described in § 6.1.2.1. We want to make it that the gate performs the NOT operation when the control-qubit registers the state |0 as opposed to |1 . We will consider a 2-qubit state, |A ⊗ B . The circuit is described by the following series of operations 1. QNOT on |A , I on |B 2. CNOT on |AB 3. QNOT on |A , I on |B Then the effects of this circuit are: 1. QNOT ⊗ I |A ⊗ |B = QNOT|A ⊗ I|B = |A ⊕ 1 ⊗ |B = |(A ⊕ 1), B 2. CNOT|(A ⊕ 1), B = |(A ⊕ 1) ⊗ |(B ⊕ (A ⊕ 1)) = |A ⊕ 1 ⊗ |B ⊕ A ⊕ 1 3. QNOT ⊗ I |A ⊕ 1 ⊗ |B ⊕ A ⊕ 1 = QNOT|A ⊕ 1 ⊗ (I|B ⊕ A ⊕ 1 ) = |A ⊕ 1 ⊕ 1 ⊗ |B ⊕ A ⊕ 1 Note : 1 ⊕ 1 = 0 = |A, B ⊕ A ⊕ 1 That is, if |A is initially |0 , then after step 1 it becomes |1 . The controlled-NOT gate now uses this transformed A to determine whether it will perform a QNOT on qubit |B . 26
  • 32.
    6.3. QUANTUM TELEPORTATIONCHAPTER 6. gates and circuits So if A had been |0 and is now |1 , B gets flipped. If A had been |1 and is therefore now |0 , B does not get flipped. Finally, step 3 returns A to its original value by performing another NOT operation only on the first qubit. This is equivalent to a controlled-NOT gate whose criteria is the control-bit being in state |0 initially. So we can show this on a diagram as below. In diagrams such as this, a wire (qubit) without any operation acting directly on it indicates the identity operator being imposed on that qubit at that juncture. That is, it is equivalent to have an identity gate, I, as below the first X-gate, as it is to have no gate there at all, as below the second X-gate here: A X • X A B I B ⊕ A ⊕ 1 6.2.3 Universal Gate Set While this example is trivial, the principle is the same as it would be for any quantum circuit. We can build circuits of arbitrary complexity using the ideas described so far. It remains to define a set of gates which may be used to construct any circuit. We may do so by recalling from § 5.2 that any quantum operation can be achieved by some unitary transformation. Then, any unitary transformation may be achieved by a sequence of simple quantum gates and quantum controlled-NOT gates. We will therefore take as a universally approximating gate set, the generic set below, with U any unitary operation. UG = {CNOT , U | U = U† } We will therefore proceed by constructing any operation we require provided they are achievable by some combination of operations Oi, O1O2 . . . On ; Oi ∈ UG In most cases, circuits will be composed of the simple single qubit gates described al- ready, put together to become multiple-qubit circuits, then used within quantum sub- routines and algorithms. 6.3 quantum teleportation We will now pause for a brief aside, in order to explore a more general concept of inter- est in Quantum Information Theory, to appreciate the power of quantum mechanics. It can be proven using only knowledge described so far, that it is possible to regenerate a quan- tum state by transferring only classical information about the state [8]. An important principle in quantum mechanics is that an unknown quantum state cannot be copied or cloned [9]. Thus if we have an unkown superposition state |ψ = a0|0 + b0|1 , and an auxiliary qubit |0 , onto which we hope to create a qubit, measurement upon which will 27
  • 33.
    6.3. QUANTUM TELEPORTATIONCHAPTER 6. gates and circuits yield |0 or |1 with the same probability as it would from measuring |ψ , we see that it is impossible. That is, it is impossible to begin with the system |ψ, 0 and finish with the state |ψ, ψ . It is however possible to destroy the initial state, and regenerate it at an arbitrarily far away point. Consider some observer Alice, who possesses some qubit |ψ = a|0 + b|1 . Suppose there is another observer, Bob, arbitrarily1 far away, and Alice wishes to “send” her qubit to Bob. We initialise a Bell state, Φ+ = 1 √ 2 |00 + |11 (6.7) It is possible for this entangled state to exist with one constituent qubit at a large distance away from the other. Suppose then, that the first state is in Alice’s possession, while Bob holds the second. Denote this possession with a subscript; our system is now described as |ψ A = a|0 A + b|1 A (6.8a) Φ+ AB = 1 √ 2 |0 A|0 B + |1 A|1 B (6.8b) ⇒ |ψ A ⊗ Φ+ AB = 1 √ 2 a|0 A + b|1 A ⊗ |0 A|0 B + |1 B|1 B (6.8c) So we view our total initial state, denoted now by |S as |S AB = 1 √ 2 a|0 A|0 A|0 B + a|0 A|1 A|1 B + b|1 A|0 A|0 B + b|1 A|1 A|1 B (6.9) Now, Alice has control over the first two qubits and can act on them. Her operations can not act directly on Bob’s state. If she performs a CNOT with the first state as the control and the second as the target, followed by Hadamard gate on the first state and no action on the others, we may represent this as HA ⊗ IA ⊗ IB (CNOT)AA ⊗ IB)|S AAB (6.10) This will act linearly: the same circuit will act on each of the basis states |000 , |011 , |001 , |111 Consider the second such basis state, |0 A|1 A|1 B to show on a diagram as below. 1 Arbitrary distance between sender and receiver may seem to imply that the two could be sufficiently apart that this would constitute the quantum information travelling faster than the speed of light. However, the teleportation relies on the exchange of classical information, which is strictly slower than the speed of light, so the entire process is not as instantaneous as it would need to be to violate relativity in this way. 28
  • 34.
    6.3. QUANTUM TELEPORTATIONCHAPTER 6. gates and circuits |0 A • |0 A H |+ A |1 A |1 A |1 A |1 B |1 B |1 B For clarity, the circuit acts in the following steps 1. CNOT ⊗ I ( 1√ 2 ) a|0 A|0 A|0 B + a|0 A|1 A|1 B + b|1 A|0 A|0 B + b|1 A|1 A|1 B = 1 √ 2 a|0A0A0B + a|0A1A1B + b|1A1A0B + b|1A0A1B 2. H ⊗ I ⊗ I 1√ 2 a|0A0A0B + a|0A1A1B + b|1A1A0B + b|1A0A1B = 1 √ 2 a 1 √ 2 (|0 + |1 )A|0A0B + a 1 √ 2 (|0 + |1 )A|1A1B +b 1 √ 2 (|0 − |1 )A|1A0B + b 1 √ 2 (|0 − |1 )A|0A1B = 1 2 a |0A0A0B + |1A0A0B + |0A1A1B + |1A1A1B +b |0A1A0B − |1A1A0B + |0A0A1B − |1A0A1B = 1 2 |0A0A a|0 B + b|1 B + |0A1A a|1 B + b|0 B +|1A0A a|0 B − b|1 B + |1A1A a|1 B − b|0 B So now, after Alice has performed her circuit on the two states she possesses, her system is left in a superposition of basis states |00 , |01 , |10 and|11 , and she can observe them to collapse into one of these. Bob’s qubit is now in some state |ψ . Each possible state of Alice’s qubit after the procedure corresponds to a particular state which Bob’s qubit is now in: if Alice classically communicates to him that her system, for instance, was observed in |00 , then Bob now knows that his qubit is in the state ψ = a|0 + b|1 This is the initial state of Alice’s qubit! Hence Alice has transported an unkown quantum state an arbitrary distance by only acting on the qubits in her possession. 29
  • 35.
    6.3. QUANTUM TELEPORTATIONCHAPTER 6. gates and circuits There remains the cases where Alice observes her system in the other basis states, however. Bob is still able to obtain the unkown state |ψ regardless of what measurement Alice sees, by means of decoding his qubit. For example, had Alice measured |01 , then Bob would know his qubit to be in the state a|1 + b|0 . To restore the initial amplitudes, he must simply “swap” the states |0 ↔ |1 , which we know to be possible by the quantum not gate, 6.1b. Likewise, he can restore |ψ by performing the Pauli-Y gate, 6.1c if Alice’s qubits had been in |11 , and by a Pauli-Z gate, 6.1d, if Alice’s is in |10 . Example 6.7 (Decoding). If Alice had observed |10 , Bob then knows he has the state |ψ = a|0 − b|1 . Bob would find the original qubit |ψ by implementing a Pauli-Z gate: Z ψ = |0 0| − |1 1| a|0 − b|1 = a|0 ( 0|0 ) − a|0 ( 0|1 ) − b|1 ( 1|0 ) + b|1 ( 1|1 ) = a|0 (1) − a|0 (0) − b|1 (0) + b|1 (1) = a|0 + b|1 = |ψ This is a simple of example of encrypting and decrypting messages. Quantum Infor- mation theory builds on these ideas to consider how communication can be achieved through quantum methods. Improvements offered over classical communication chan- nels are of the same magnitude as the improvements quantum computation offers over classical. This is explored in depth in a huge amount of literature on the subject, includ- ing [7] and [10]. 30
  • 36.
    7 C O MP U TAT I O N A L T E C H N I Q U E S We have seen the equivalence of quantum gates and unitary operations, and we have seen that any unitary operation is reversible in § 5.2. Thus any reversible gate is unitary. We have also seen that it is possible to construct any unitary transformation using only simple quantum gates, § 5.2.1. However, in general, such constructions are inefficient. Quantum versions of classical computations are where efficiency may be improved upon between the two cases: if we can define an efficient classical circuit, then build the quantum version of this circuit by replacing all classical logic gates with simple quantum gates, then we may begin to see where the power of quantum computation comes from. Since we know we can build any unitary transformation using quantum gates, we can replace any classical gate with a quantum analogue. However, classical circuits are not in general reversible, so our problem is reduced to constructing reversible classical circuits, but we also require that such gates be efficient, or else the procedure is redundant. An in depth discussion of how this can be achieved is given in §6 of [11]. It will suffice for our purposes to infer that if a reversible, classical gate can be achieved efficiently, then a quantum analogue can be achieved trivially by replacing logic gates with their quantum counterparts, which we have seen to exist already. We will instead explore algorithms which make use of strictly quantum processes in order to achieve greater efficiency, and compare such constructions with classical circuits that aim to do the same thing, so that we can see the improvement offered. 7.1 techniques With an understanding of how quantum circuits are constructed, we may now turn to how their implementation can offer computational power. We will demonstrate a simple proof of principle to see how quantum methods can achieve definitively superior computational power, and we will outline some simple quantum subroutines which form the basis of more complicated algorithms examined in the next chapter. In doing so we will see the fundamental difference between classical and quantum computation: it is by finding a global property of a function that we may solve it in exponentially less steps. Quantum computers are uniquely capable of finding these properties by working on superpositions to uncover information about a function, rather than simply evaluating the function. This concept will become clearer in later quantum computations, especially the algorithms for Simon’s problem, § 8.2.2, which finds the 31
  • 37.
    7.1. TECHNIQUES CHAPTER7. computational techniques hidden variable of a function. It exploits the periodicity of a function, which Shor then shows can be used to factor large integers, § 9. In doing so, these methods take a property of the function, here the period, and use it to determine evaluations which would be more difficult to achieve without knowing these properties. We now consider the inapplicable problem designed by Deutsch to demonstrate how properties of functions are achievable through quantum devices, in order to show, through a simple example, the power of this idea. 7.1.1 Deutsch’s Problem This proof by David Deutsch was the first concrete evidence that quantum methodology can yield a result that would take a classical computer more steps [4]. The problem addressed is of little practicality, though it is the conceptual proof we are interested in here. Recalling the black box (often referred to as an oracle) of § 6.1.3, we suppose that we are interested in a function f : {0, 1} → {0, 1}. So our oracle now, Uf : |x, y → |x, y ⊕ f (x) We want to know if f (0) = f (1) or not. That is, whether the function returns a constant answer for x ∈ {0, 1} or not. Define an system |+ |− by performing a Hadamard gate on both qubits of the system |0 |1 , and use this as input to our oracle. Uf |+ |− = Uf 1 2 (|0 + |1 )(|0 − |1 ) = 1 2 Uf |00 − |01 + |10 − |11 = 1 2 |0 |0 ⊕ f (0) − |0 |1 ⊕ f (0) + |1 |0 ⊕ f (1) − |1 |1 ⊕ f (1) = 1 2 |0 |f (0) − |1 ⊕ f (1) + |1 |f (1) − |1 ⊕ f (1) (7.1) = 1 2 1 ∑ x=0 |x |0 ⊕ f (x) − |1 ⊕ f (x) So now consider the quantity |0 ⊕ f (x) − |1 ⊕ f (x) . |0 ⊕ f (x) − |1 ⊕ f (x) = |0 ⊕ 0 − |1 ⊕ 0 = |0 − |1 = √ 2|− f (x) = 0 |0 ⊕ 1 − |1 ⊕ 1 = |1 − |0 = − √ 2|− f (x) = 1 = (−1)f (x) √ 2|− 32
  • 38.
    7.1. TECHNIQUES CHAPTER7. computational techniques and the sum becomes 1 √ 2 1 ∑ x=0 (−1)f (x) |x |− = 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− (7.2) Recall our objective is to determine whether f (x) is constant or not. In the case that f is constant, then either f (0) = f (1) = 0 or f (0) = f (1) = 1 Then 1 ∑ x=0 (−1)f (x) |x = (−1)f (0) |0 + (−1)f (1) |1 = 1|0 + 1|1 = √ 2|+ f (0) = f (1) = 0 (−1)|0 + (−1)|1 = − √ 2|+ f (0) = f (1) = 1 ⇒ 1 √ 2 1 ∑ x=0 (−1)f (x) |x − = ± 1 √ 2 √ 2|+ = ±|+ A constant (−1) can be interpreted as a phase factor which is physically meaningless; we can safely ignore it. The total system then is in the state |+ |− = 1√ 2 |0 |− + |1 |− . Next apply a Hadamard gate to the first qubit ⇒ H ⊗ I) 1 √ 2 |0 |− + |1 |− = 1 √ 2 1 √ 2 (|0 + |1 ) 1 √ 2 (|0 − |1 ) + 1 √ 2 (|0 − |1 ) 1 √ 2 (|0 − |1 ) = 1 2 √ 2 |00 − |01 + |10 − |11 + |00 − |01 − |10 + |11 = 1 2 √ 2 2|00 − 2|01 = |0 1 √ 2 |0 − 1 √ 2 |1 = |0 |− Or simply H ⊗ I) |+ |− = |0 |− Then, if the first qubit is measured in the case where f (0) = f (1), then it will be observed as |0 . This is not a probabilistic result: there is no amplitude attached to the state |1 that would enable us to measure our qubit after the transformation, using the standard basis, and find anything other than |0 . This serves also to demonstrate that definite results can be obtained using quantum mechanics, which may seem to oppose common perception. A similar argument holds for when f is not constant. In this case, we return to equation 7.2: 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− 33
  • 39.
    7.1. TECHNIQUES CHAPTER7. computational techniques We have either f (0) = 0 ; f (1) = 1 f (0) = 1 ; f (1) = 0 ⇒ 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− =    1√ 2 (−1)0)|0 + (−1)1 |1 |− = +1|− |− 1√ 2 (−1)1 |0 + (−1)0 |1 |− = −1|− |− Again, the phase factor of (−1) is physically meaningless: what matters is that the first qubit is now in the state |− . A Hadamard gate on only the first qubit will then return |1 with probability 1. We may also note that f (0) ⊕ f (1) = 0 f (0) = f (1), f constant f (0) ⊕ f (1) = 1 f (0) = f (1), f not constant We have found generally that the output state after this algorithm is |f (0) ⊕ f (1) |− (7.3) We know the value f (0) ⊕ f (1) from the measurement of this first qubit after the algo- rithm, which also determines that f was constant if it measures |0 and that f was not constant if it measures |1 . Thus, with only a single call to the oracle, we have found a global property of the function f, ie the value f (0) ⊕ f (1). This is an important principle that will be utilised in subsequent quantum routines. Consider now a classical routine to find out the same information about f. It would take at least two calls to the function in order to know f (0) and f (1), whereas the Deutsch Algorithm, rather than finding both, finds a property f (0) ⊕ f (1) in a single call to the oracle, which provides sufficient information to answer our query. This is a primitive example meant only to illustrate how a quantum regime can achieve the same goal as a classical regime, but in less steps. 34
  • 40.
    8 A L GO R I T H M S 8.1 quantum subroutines The idea of subroutines within quantum algorithms is important: by defining simple manipulations, we may construct larger algorithms from a stronger starting point than if we had to define all operations of an algorithm. This can be seen as similar to declaring the function of gates, and then using those gates to build circuits: here we will compose a series of circuits to define subroutines, and combine numerous subroutines and other operations to achieve what we wish our quantum procedure to do. 8.1.1 Walsh-Hadamard Transformation An important but simple subroutine in the generalisation of the Hadamard gate to more than one qubit. We wish to take a sequence of qubits |ψ1 . . . ψn , and place the system in an even superposition of all the possible basis vectors. For instance, a three qubit system has basis vectors given by |000 , |001 , |010 , |011 , |100 , |101 , |110 , |111 . Here we have n = 3 qubits, and therefore 2n = 8 basis vectors. The vectors given above can be seen to correspond to binary notation 0 → 000 1 → 001 2 → 010 3 → 011 4 → 100 5 → 101 6 → 110 7 → 111 Binary Representation And so, any 3-qubit state can be given by the superposition 7 ∑ x=0 ax|x (8.1) 35
  • 41.
    8.1. QUANTUM SUBROUTINESCHAPTER 8. algorithms where ax is the amplitude of |x . In general, for an n-qubit system, there are N = 2n basis states, and the system may be represented 1 √ N N−1 ∑ x=0 |x (8.2) Now, if we had a system with, say, 3 qubits, all initialised in the state |0 , i.e. |000 , and we wised to place the system into an equal superposition of all possible basis states, we would do so by applying Hadamard gates to each qubit individually, as seen below. Recall the operation of a Hadamard gate: H : |0 → 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 In other words, upon input |0 ⊗ |0 ⊗ |0 this combination gives the output 1 √ 2 |0 + |1 ⊗ 1 √ 2 |0 + |1 ⊗ 1 √ 2 |0 + |1 = 1 √ 23 |000 + |001 + |010 + |011 + |100 + |101 + |110 + |111 = 1 √ 8 7 ∑ x=0 |x The amplitude for each of these basis vectors is 1√ 8 , meaning they each have equal prob- ability of being observed, 1 8, i.e there is a one in eight chance or observing each of the eight basis states, so we have achieved our goal of an even distribution across basis states. Now, consider the same method applied to an n-qubit system. |0 H 1√ 2 |0 + |1 |0 H 1√ 2 |0 + |1 ...... |0 H 1√ 2 |0 + |1 The output state here is 1 √ 2 |0 + |1 ⊗ 1 √ 2 |0 + |1 ⊗ · · · ⊗ 1 √ 2 |0 + |1 = 1 √ N |00 . . . 00 + |00 . . . 01 + |00 . . . 10 + |00 . . . 11 + . . . 36
  • 42.
    8.1. QUANTUM SUBROUTINESCHAPTER 8. algorithms +|01 . . . 00 + |01 . . . 10 + |01 . . . 01 + |01 . . . 11 + . . . +|10 . . . 00 + |10 . . . 01 + |10 . . . 10 + |10 . . . 11 + . . . +|11 . . . 00 + |11 . . . 01 + |11 . . . 10 + · · · + |11 . . . 11 Again, let the above basis states be considered binary for the numbers ( 0 → N − 1), and this can be described by 1 √ N N−1 ∑ y=0 |y We call this general operation the Walsh-Hadamard transformation [12]. When it acts on on a system of n unentangled qubits, all initialised to |0 and therefore denoted |0 ⊗n , W(|0 ⊗n ) = 1 √ 2n 2n−1 ∑ y=0 |y (8.3) More generally, consider the case where not all qubits in a system are initially |0 . Suppose we have |z = |z0, z1, z2, ..., zn , then there exists |y = |y0, y1, ..., yn . Then z · y is the number of common bits in z and y. For example, if |z = |0011 and |y = |1110 , then only the third entry is the same in both, so z · y = 1. Now, |z is a representation of |z = |z0 ⊗ |z1 ⊗ ... ⊗ |zn So let zi ∈ {0, 1} and compute W|z = (H ⊗ H ⊗ H ⊗ · · · ⊗ H)(|z0 ⊗ |z1 ⊗ ... ⊗ |zn ) = (H|z0 ) ⊗ (H|z1 ) ⊗ · · · ⊗ (H|zn ) = 1 √ 2n (|0 + (−1)z0 |1 ) ⊗ (|0 + (−1)z1 |1 ⊗ · · · ⊗ (|0 + (−1)zn |1 ) Again we will prove a simplified case and assume the generalisation as trivial. Consider n = 3. = 1 √ 8 |0 + (−1)z0 |1 ⊗ |0 + (−1)z1 |1 ⊗ |0 + (−1)z2 |1 = |000 + (−1)z2 |001 + (−1)z1 |010 +(−1)z0 |100 + (−1)(z0+z2) |101 + (−1)(z0+z1) |110 + (−1)(z0+z1+z3) |111 (8.4) And as this is an evenly distributed three-qubit state, we can represent it as a sum over basis states, given by 1 √ 8 8 ∑ y=0 |y = 1 √ 8 |000 ± |001 ± |010 ± |011 ± |100 ± |101 ± |110 ± |111 (8.5) 37
  • 43.
    8.2. QUANTUM PARALLELISMCHAPTER 8. algorithms It will help clarify this point if we take an explicit value for the initial |z , say |z = |011 Then, for instance (−1)(z0+z2)|101 = (−1)(0+1)|101 = −|101 , so we know the sign in 8.5 is negative for y = |101 . Consider, then, the value z · y = |011 · |101 = 1 as they share only the third qubit value. We can then express the |101 term as being generated by (−1)z·y, and so the entire sum given by 8.5 become 1 8 8 ∑ y=0 (−1)z·y |y And so in general, we have the Walsh Hadamard Transformation, or simply the Walsh transformation, described by W(|z ) = 1 √ 2n 2n−1 ∑ y=0 (−1)(z·y) |y (8.6) This transformation is often applied at the outset of quantum algorithms, or within a larger scheme, so that the generated superposition may be exploited throughout, as we will see. 8.2 quantum parallelism The concept of generating a state which spans many or all solutions of a function is referred to as quantum parallelism. That is, rather than finding a specific f (x0), generating the superposition 1 √ N N−1 ∑ x=0 |x |f (x) which contains the value of f for the n x’s under consideration. Here, N = 2n. This requires the use of auxiliary qubits: these are additional qubits initially in the state |0 . These auxiliary qubits are passed through some black box, Uf , and then hold f (x). This can be visualised by the circuit diagram |x1 U |x0 |x2 |x1 ... ... |x2n−1 |x2n−1 |0 |f (x0) |0 |f (x1) ... ... |0 |f (x2n−1) 38
  • 44.
    8.2. QUANTUM PARALLELISMCHAPTER 8. algorithms It is incorrect to think that, because a quantum process generates and works on the superposition 1√ N ∑N x=0 |x, f (x) , that a quantum computer can simply calculate and out- put all possible results in one step. While it works on the superposition across the state space of solutions of f (x), we must note that measurement of an n-qubit system will only give one result. This is the same level of efficiency as a classical algorithm which simply calculates f (x) for one x at a time. It is through methods as outlined above, § 7.1.1, that we may exploit quantum mechanics: rather than compute all solutions in very few steps and then measure them, we must find a property common to all values of f (x), and use it to work our way backwards to find a solution. This idea is utilised in many quantum subroutines, including Simon’s Problem, which finds the period of a function, and in more applicable complete algorithms, most famously Shor’s Algorithm, which uses the period of a generated function to obtain prime factors of a number. We will explore this algorithm fully in § 9. 8.2.1 Deutsch-Jozsa Problem As another demonstration of generalising specific problems addressed, we will compose a multiple qubit generalisation of Deutsch’s Problem, § 7.1.1. This is an improved version of the above process, given 7 years later by [5]. We again consider a function f : Z2n → Z2 i.e that x ∈ X = {0, ..., 2n − 1} and f (x) ∈ {0, 1}.The function is known to be one of two types: it will either be constant, always returns 0 or 1, or balanced, returns 0 exactly half the time and 1 the other half. Our aim is to determine which of these types of function f is. Again we have a quantum oracle Uf : |x |y → |x |y ⊕ f (x) . Through parallelisation, we are working with the superposition |ψ = 1 √ N N ∑ x=0 |x (8.7) We must note that it is possible to change the phase of a basis state depending on some criteria of our choosing (see §7.4.2 of [11]). For our purpose, suppose there is a subset X0 ∈ X, such that {f (xi) = 1|xi ∈ X0}. We change the phase for such vectors by a global phase, a physically meaningless constant. In this case, the phase change we choose is (−1). In other words, we have sent |xi → −|xi = (−1)f (xi) |xi And applying this phase change throughout, 8.7 becomes |ψ = 1 √ N N ∑ x=0 (−1)f (x) |x (8.8) So for this problem then, we start with n qubits in the state |0 , and one in the state |1 . |ψ = |0 ⊗n |1 39
  • 45.
    8.2. QUANTUM PARALLELISMCHAPTER 8. algorithms We perform a Walsh transformation on this state. Say W = H ⊗ H · · · ⊗ H = H⊗n ⊗ H ⇒ W(|ψ ) = H⊗n |0 ⊗n H|1 = 1 √ 2n 2n−1 ∑ x=0 |x ⊗ 1 √ 2 |0 − |1 W|ψ = 1 √ 2n+1 2n−1 ∑ x=0 |x ⊗ |0 − |1 (8.9) Then perform the subroutine outlined above to send |x → (−1)f (x)|x ⇒ 1 √ 2n+1 2n−1 ∑ x=0 (−1)f (x) |x |0 − |1 (8.10) Now we can show that for f (x) constant, reperforming a Walsh transform on the first n qubits will allow us to measure, with certainty, |0 if f (0) = f (1), and |1 for f (0) = f (1). We will show this explicitly for the simplest case of a single qubit, and the result extends generically to higher n. n = 1 ⇒ 2n − 1 = 1 ⇒ 2n−1 ∑ x=0 → 1 ∑ x=0 ⇒ 1 √ 22−1 1 ∑ x=0 (−1)f (x) |x, 0 − |x, 1 = 1 2 (−1)f (0) |0, 0 − (−1)f (0) |0, 1 + (−1)f (1) |1, 0 − (−1)f (1) |1, 1 (8.11) Now we consider two cases: firstly, that f (x) is constant, and we can therefore factor out the (−1)f (x) terms as (−1)f (0) (−1)f (0) 2 |0, 0 − |0, 1 + |1, 0 − |1, 1 = (−1)f (0) √ 2 |0 ( |0 − |1 √ 2 ) + |1 ( |0 − |1 √ 2 ) = (−1)f (0) |0 + |1 √ 2 |0 − |1 √ 2 = (−1)f (0) |+ |− At this point, we perform another Walsh transformation on this system, which will return |0 in the first qubit (recall n = 1 and that all n qubits would be found in |0 in the general case). The (−1)f (0) is a global phase, which carries no physical meaning. W(|+ |− ) = |0 |1 (8.12) 40
  • 46.
    8.2. QUANTUM PARALLELISMCHAPTER 8. algorithms So with probability 1, if f (x) is constant, |0 will be measured in the first n qubits following this procedure. Otherwise, in the case f (0) = f (1), the logic would change at 8.11: 1 2 (−1)f (0) (|0, 0 − |0, 1 ) + (−1)f (1) (|1, 0 − |1, 1 ) = 1 √ 2 (−1)f (0) |0 |− + (−1)f (1) |1 |− However, we know that either (f (0) = 0; f (1) = 1) or (f (0) = 1; f (1) = 0), and substituting these would differ only by a constant, −1, so we can use the substitution f (0) = 0; f (1) = 1, giving (−1)f (0) = (−1)0 = +1, (−1)f (1) = (−1)1 = −1 ⇒ 1 √ 2 |0 |− + (−1)|1 |− = |0 − |1 √ 2 |− = |− |− (8.13) And again we apply the Walsh tranform W(|− |− ) = |1 |1 And so we can see clearly that, if f (0) = f (1), that, with probability 1, following the Deutsch-Josza algorithm the first n qubits will be observed in the state |1 . This algorithm has solved a problem with effectively no application, but it has proven that there is a solution to this problem which requires only a single call to the oracle. Comparatively, for a classical machine to find this result deterministically, it would require at least 2n−1 + 1 calls to find the same result with certainty. 8.2.2 Simon’s Problem Simon’s Problem addresses a function f with f (x) = f (x ⊕ a), (here ⊕ denotes modulus- a addition), and aims to determine what value of a satisfies this [13]. In other words, Simon’s Algorithm find the period of a function f. We focus on this particular subroutine rather than the many others because it was this routine which suggested to Shor that factorisation of large integers could be achieved by quantum computers in reasonable time limits. An initial state is generated by quantum parallelisation 2n−1 ∑ x=0 |x |f (x) = ∑|ψ |φ Where we have denoted the register of qubits holding initial values x as |ψ and the register holding the values after evaluation in f as |φ . We know that f (x) = f (x ⊕ a) 41
  • 47.
    8.2. QUANTUM PARALLELISMCHAPTER 8. algorithms where a is the period. Then, if the register |φ is measured, it will return some f (x0), and we can deduce that the input required to return this value must have been either x0 or x0 ⊕ a, and that there is an equal probability that it was either of these cases. From this we infer that |ψ is in an even superposition of the states |x0 and |x0 ⊕ a after the second register is measured. ψ = 1 √ 2 |x0 + |x0 ⊕ a Then consider applying the Walsh transformation to this state. Recall 8.6 W|z = (−1)z·y |y ⇒ W( ψ ) = W 1 √ 2 |x0 + |x0 ⊕ a = 1 √ 2 W(|x0 ) + W(|x0 ⊕ a ) = 1 √ 2 1 √ 2n 2n−1 ∑ y=0 (−1)(x0·y) |y + 1 √ 2 2n−1 ∑ y=0 (−1)(x0⊕a)·y |y = 1 √ 2n+1 2n−1 ∑ y=0 (−1)x0·y 1 + (−1)a·y |y In the case where a · y is an odd number, 1 + (−1)a·y = 1 + (−1) = 0, and the sum disappears. Thus we may only consider the case where a · y is even from now on, 1 + (−1)a·y = 2. This is equivalent to the requirement a · y = 0 mod 2, so the system is now in the state 2 √ 2n+1 ∑ a·y=0 mod 2 (−1)x0·y |y (8.14) Adding even numbers always returns an even number, but if we use modulo-2 addition, then adding even numbers always gives 0. For instance 2 + 6 + 10 = 18 ⇒ 18 mod 2 = 0 ⇒ a0 · y0 ⊕ a1 · y1 ⊕ · · · ⊕ an · yn = 0 (8.15) Measuring when the system is in 8.14 will result in a value for y for which we know that y · a = 0 mod 2. Then each iteration, i of this procedure produces a linear equation yi · ai = 0. y0 · a0 = 0 y1 · a1 = 0 ... yn · an = 0 (8.16) 42
  • 48.
    8.2. QUANTUM PARALLELISMCHAPTER 8. algorithms To solve for a, we need n linearly independent equations of this form. The equation produced upon iteration is not necessarily linearly independent: there is a probability (< 0.5) that the new equation is not independent from the previous ones. Computing the value of (yi · ai) a total of 2n times will therefore produce a set of n linearly independent equations with a probability of 50%. It may take more computations to obtain the set of equations, but there is an extremely high probability that the set can be found in O(n) calls to Uf . Such a system can then be used to solve for a in O(n2) steps. So, overall the period a of a 2-to-1 function f can be found in O(n) + O(n2) steps. Classically, it would require O(2n/2) calls to the function to achieve this result. 43
  • 49.
    W H Y Nowthat we have seen what properties quantum computers exploit, and how they can be used to achieve circuits and al- gorithms, we may finally address the real question of Why we should be interested to do so in the first place. Concep- tual mathematical physics aside, this topic has the potential to propel the already fast expanding field of computer science. We will provide instances where quantum computers can of- fer substantial computational advances, and examine in detail the most famous result of the field to date, Shor’s Factoring Algorithm, so that we can understand a true application of the subject. 44
  • 50.
    9 S H OR ’ S A L G O R I T H M Providing concrete examples of what only quantum machines can achieve is pivotal to justifying funding research into their construction. We will outline the major driving factor to date in quantum computation, factorisation of large numbers, described by Shor’s Algorithm, to see one such example. The aim of the algorithm is to factor large numbers, which is known to be extremely difficult to achieve classically, [14]. To do so, we describe first the reasons that this can be seen as a worthwhile driving force for research into quantum computation by outlining how cryptography currently works. To describe mathematically how quantum methods can uniquely be used in this area, we briefly discuss Fourier transforms and how they can be translated into Quantum Fourier Transforms. To realise the potential application of quantum mechanics, we will reduce the problem of factoring a large number to that of finding the period of a function we can generate based on the number we wish to factorise, and then show how we may find such a period only through manipulation of quantum states. True quantum mechanics will play only a minor role insofar as it will be used in very few steps of the algorithm, but by doing so we will see how and why classical computation could never achieve the same efficiency as we will find for quantum computation. 9.1 cryptography Current encryption relies on the principle that it is very easy to multiply two large primes together to form a semi-prime number, while it is extremely difficult to factor a semi prime into its two factors. Multiplying two prime numbers of the order 10100 will result in a number of order 10200, which is extremely hard to factor classically. Encryption therefore generates a public key, the product of the primes, and a private key, the numbers used to generate it, known only to those who need to know how to decrypt the message. For this reason, Shor’s factoring algorithm poses a threat to standard cryptography at present, as it would drastically simplify the process of decoding the secret key, and would thus render currently secure communications as potentially insecure, [15]. This is a detractor for the field of study, though it is seen as a turning point in quantum computing insofar as it sparked huge interest in the subject immediately following the publication of the original paper, [6]. It is a fundamental concept to the subject, so 45
  • 51.
    9.2. FOURIER TRANSFORMATIONCHAPTER 9. shor’s algorithm we examine the entire process to understand how quantum computers can solve a real problem, factorisation, significantly faster than classical machines. 9.2 fourier transformation 9.2.1 Classical Fourier Transform Recall the classical Discrete Fourier Transformation, a classical transformation which takes a discrete complex valued function, f (x), to another discrete complex valued function, F(x), given by F(x) = 1 √ N N−1 ∑ k=0 f (k) exp(2πi kx N ) (9.1) The values F(0), F(1), ..., F(N − 1) are called the Fourier coefficients of the function f. 9.2.1.1 Fast Fourier Transform There exists a particularly efficient implementation for the Fourier Transform for the special case when the number of values f acts on is a power of two. That is, N = 2n. The Fast Fourier Transform, FFT, exploits the periodicity of such functions by decomposing the transformation recursively. 9.2.2 Quantum Fourier Transform A variation of the discrete Fourier Transform is the Quantum Fourier Transform, QFT. As with the FFT, the QFT considers the case N = 2n. If we consider the quantum state N−1 ∑ x fx|x where fx = f (x) is the amplitude for the basis state |x , then the Fourier coefficients F(x) represent the amplitude of the basis states of the quantum Fourier transformed state N−1 ∑ x F(x)|x Then if we consider the Fourier coefficients F(x) which now represent the probability amplitude of measuring a state |x after performing the transformation, we can observe that only certain values for x result in non-zero values for F(x). Recall that we have defined N = 2n. We also impose that the period of f (x) is a power of two: f (x) = f (x + r) , r = 2R We also have F(x) = 1 √ N N−1 ∑ k=0 f (k) exp(2πi kx N ) 46
  • 52.
    9.2. FOURIER TRANSFORMATIONCHAPTER 9. shor’s algorithm As previously, we will consider a specific case in order to understand the general concepts involved. Here, take N = 23 = 8 and r = 21 = 2, so N r = 4 . ⇒ F(x) = 1 √ 8 7 ∑ k=0 f (k) exp(2πi kx 8 ) = 1 √ 8 7 ∑ k=0 f (k) (eiπ ) kx 4 = 1 √ 8 7 ∑ k=0 f (k) (−1) kx 4 = 1 √ 8 f (0)(−1)(0) + f (1)(−1) x 4 + f (2)(−1) 2x 4 + f (3)(−1) 3x 4 +f (4)(−1) 4x 4 + f (5)(−1) 5x 4 + f (6)(−1) 6x 4 + f (7)(−1) 7x 4 And now recall that due to the periodicity of f (x) = f (x + 2) f (0) = f (2) = f (4) = f (6) , f (1) = f (3) = f (5) = f (7) ⇒ 1 √ 8 f (0) (1 + (−1) x 2 + (−1)x + (−1) 3x 2 + f (1) (−1) x 4 + (−1) 3x 4 + (−1) 5x 4 + (−1) 7x 4 = 1 √ 8 f (0) (1 + (−1) x 2 + (−1)x + (−1) 3x 2 + (−1) x 4 f (1) (1 + (−1) x 2 + (−1)x + (−1) 3x 2 F(x) = 1 √ 8 f (0) + (−1) x 4 f (1) 1 + (−1) x 2 + (−1)x + (−1) 3x 2 (9.2) We focus on the term 1 + (−1) x 2 + (−1)x + (−1) 3x 2 (9.3) Now consider that x ∈ {0, ..., N − 1} = {0, 1, 2, 3, 4, 5, 6, 7}. Also recall that N r = 8 2 = 4. In cases where x is an integer multiple of N r , in this case x = 0, 4, 9.3 becomes x = 0 ⇒ 1 + (−1)0 + (−1)0 + (−1)0 = 4 x = 4 ⇒ 1 + (−1)2 + (−1)4 + (−1)6 = 4 So clearly, when x is a multiple of N r , the Fourier coefficient is nonzero. Otherwise, however, say for instance x = 3: Eqn.( 9.3) = 1 + (−1) 3 2 + (−1)3 + (−1) 9 2 47
  • 53.
    9.3. FACTORISATION BYPERIOD FINDING CHAPTER 9. shor’s algorithm = 1 + (−1)(−1) 1 2 + (−1) + (−1)4 (−1) 1 2 = 1 − i − 1 + i = 0 Any other value of x that isn’t an integer multiple of N r will demonstrate this behaviour and sum to zero. This behaviour extends to larger values of n and R such that we can say that the only Fourier coefficients which are non zero are F(x = k N r ), k ∈ N. In this case, the state after QFT is a superposition of |0 and |4 : F(0)|0 + F(1)|4 = F(0) 0( N r ) + F(1) 1( N r ) Now that we know that the only nonzero Fourier coefficients correspond to x being a multiple of N r we can say that the state after Fourier transformation F(x)|x can only be measured to exist for such values of x. So then, if measured, the observed value would be some k N r . The state after performing the QFT is given by QFT(f (x)) = r−1 ∑ k=0 F(k) k( N r ) (9.4) Producing this state is the most important quantum subroutine used in quantum computation, and we will see its use in Shor’s Algorithm. The realisation of the QFT is explained in §7.8 of [11], which builds on the earlier idea of defining relatively simple gates and combining them recursively. 9.3 factorisation by period finding Recall our overall aim here: we wish to factor an integer, M, into its prime factors, mi. For example, M = 21 = m1 × m2 = 7 × 3. Using modular addition, we define any integer as a mod M, e.g to define 30, we say 30mod21 ≡ 9mod21. We define the order of such an integer as the first r which satisfies ar − 1 ≡ 0mod M (9.5) Example 9.1. If we consider M = 7 and we wish to find the order of a = 2, we are considering integers a mod M ≡ 2mod 7, 9mod 7, 16 mod 7, ... . We have p mod 7 ≡ 0 for p = 7, 14, 21, 28, ... So we are looking for the lowest value of r for each a to give ar − 1 = 7k where k ∈ N. 48
  • 54.
    9.3. FACTORISATION BYPERIOD FINDING CHAPTER 9. shor’s algorithm a r ar − 1 2 1 1 ≡ 0 mod 7 2 2 3 ≡ 0 mod 7 2 3 7 ≡ 0 mod 7 So for a mod M ≡ 2mod7, the order r = 3. So now if we can find the order of a mod M, we have ar − 1 ≡ 0 modM ⇒ (a r 2 + 1)(a r 2 − 1) ≡ 0 mod M In general, both (a r 2 + 1) and (a r 2 − 1) will share common factors with M. Then, if r is even, we have found two numbers which share non-trivial factors with M. We can factor by simply using a Euclidean algorithm to find the greatest common divisor of (M, a r 2 ± 1). By repeating, the prime factors of M can be found. So, if we are trying to find factors of M, we must choose some random a, and use it to determine the order of (a mod M), and call it r. Example 9.2. Take a simple example M = 15. We now must choose a random a, and find the order of amod15. Suppose we considered a = 7, to find r: a r ar − 1 7 1 6 ≡ 0mod 15 7 2 48 ≡ 0mod 15 7 3 342 ≡ 0mod 15 7 4 2400 (60 ×15) ≡ 0 mod 15 So we have that the order (period) of our function is r = 4. Then compute (a r 2 + 1) = (72 + 1) = 50 (a r 2 − 1) = (72 − 1) = 48 So to find the prime factors of M = 15, we use a Euclidean algorithm to determine m1 = gcd(50, 15) : 5 m2 = gcd(48, 15) = 3 And we can easily confirm that this simple case is correct. In other words, we started with wanting to factor M into prime factors. To do so, it is necessary to find the period of a function given by (f (x) = f (x + r) = ax mod M). We have reduced the problem to period-finding. In general, it may be more difficult to determine the period than simply finding the order as outlined here, but we can proceed with the knowledge that, if we can find the period, the rest of the problem becomes achievable classically, as we did not employ any quantum techniques in this argument. 49
  • 55.
    9.4. STEPS OFSHOR’S ALGORITHM CHAPTER 9. shor’s algorithm 9.4 steps of shor’s algorithm We are now in a position to describe the steps taken in Shor’s Algorithm to factor an integer M into its prime factors. A preliminary to the algorithms is deciding how many qubits to compose the system of. It can be shown (§8.3, [11]) that the number of qubits, n, should be chosen to satisfy M2 ≤ 2n ≤ 2M2 (9.6) We will do so a number of times. First, we will go through each step in explicit detail and explain the concepts involved. Then, we will succinctly summarise the steps. Finally, we will walk through the programme precisely for a specific value to be factorised. 9.4.1 Detailed Description of Steps 1. Randomly choose a value for a that is relatively prime to M. (If they are not relatively prime then a is a factor and the rest of the algorithm is redundant, so it is necessary to check this condition early by a simple Euclidean algorithm). 2. Since we are interested in the function f (x) = ax mod M, we generate it within the superposition of an n-qubit state obtained through quantum parallelisation (recall § 8.2), by passing a register of qubits |x together with a register of |0 ’s through a parallelisation scheme, giving the output 1 √ 2n 2n−1 ∑ x=0 |x |f (x) = 1 √ 2n 2n−1 ∑ x=0 |x |ax modM (9.7) Since our function is periodic in r, f (x) = f (x + r), we saw in 8.2.2 that measuring only the second register would place the first register into a superposition over some x0 and x0 + l.r, l ∈ Z, where the second register was observed in |f (x0) . We introduce a function, g(x), to determine whether each x is separated from x0 by the period or not: g(x) = 1 f (x) = f (x0) , (x = x0 + l.r) 0 f (x) = f (x0) , (x = x0 + l.r) After measurement of the second qubit, our system is in the state C ∑ x g(x) |x |f (x0) (9.8) Where C is a scaling factor. 3. Since the two registers are not entangled, we can safely ignore the register that holds f (x), and focus solely on the state C ∑ x g(x) |x (9.9) 50
  • 56.
    9.4. STEPS OFSHOR’S ALGORITHM CHAPTER 9. shor’s algorithm Applying the Quantum Fourier Transform, 9.4: QFT C ∑ x g(x)|x = C2 r−1 ∑ k=0 G(k) k( N r ) (9.10) Where C2 is another scaling constant. g(x) has the same period, r, as f (x) and G(x) is the Fourier coefficient for g(x), given by 9.1. 4. The above assumes that N = 2n and r = 2R. In the case that r = 2R, the transform approximates the exact case: most of the amplitude is associated with integers equal to or near a multiple of the ratio N r . In this way, following this procedure, were we to measure the system, with high probability we can say that the observed value for x is a multiple of N r , or else a value very near to it. Assign the measure- ment found in this step the label β. 5. Having obtained a β, use the purely classical procedure of continued fractions to deduce the period r. We have obtained a measurement from step 4 which we are confident generates an integer near to a multiple of N r , (given by β = jN r + ε, where ε is small compared with N). We are interested in finding r. We know N = 2n, so if we consider the fraction β N = j N r 1 N + ε N = j r + ε N In the simplest case, r = 2R, so ε = 0, and this means that simply reducing the fraction β N yields a fraction which we can see as being j r , and we can read the denominator as the period r we’re interested in. In general, this is not the case, so we must consider ε = 0. In this case we apply the method of continuously expanding fractions. This is a purely classical mathematical argument, examined well by much of the literature on this topic, for instance in [16]. β N = j r + ε N By fraction expansion, we may continuously change the fraction β N to reflect a significant fraction, j r with some small correction, ε N . We aim to calculate the signif- icant fraction and use it to read the denominator as the period r. We require that r < M, so we terminate the procedure when the denominator of our ”significant” fraction exceeds M. A general fraction expansion is given by A B = a0 + 1 a1 + 1 a2+ 1 ...+ 1 ap (9.11) 51
  • 57.
    9.4. STEPS OFSHOR’S ALGORITHM CHAPTER 9. shor’s algorithm This is represented by A B = [a0; a1, a2, ..., ap]. The the qth convergent is an approxima- tion for A B given by [a0, a1, ..., aq] for any 0 ≤ q ≤ p. For instance, 85 70 = [1; 4, 1, 2] = 1 + 1 4 + 1 1+ 1 1+ 1 2 = 1.214286 And if we take q1 corresponding to approximation using only one fraction, q1 = [1; 4], we would find 83 70 ≈ q1 = [1; 4] = 1 + 1 4 = 5 4 = q1,num q1,den Which is a fair approximation. ⇒ 85 70 = 1.214286 = 5 4 − 0.035714 If we consider q2 = [1; 4, 1] q2 = 1 + 1 4 + 1 1 = 1 + 1 5 = 6 5 = 1.2 ⇒ 1.214286 = 6 5 + 0.014286 So we can see that every time we boil the fraction down to the next value of q, the dominant fraction gets closer to the actual value and the correction becomes very small. We are trying to generate a guess for our period r, but r < M, so we are only interested in denominators of qi which are less than M. If we say qi = qi,num qi,den , we look for the first such qi,den to satisfy (qi,den < M < qi+1,den), and we try to complete the algorithm using r = qi,den. Now, if we apply this to our situation: we have measured a β which we know to be near a multiple of N r . Take an explicit example, say N = 512 = 210, and that we are trying to factor M = 21. Suppose the output of the quantum implementation is β = 89. β N = 89 512 = 0.173823 = [0; 5, 1, 3, 22] = 0 + 1 5 + 1 1+ 1 3+ 1 22 We calculate the values for qi q0 = [0] = 0 52
  • 58.
    9.4. STEPS OFSHOR’S ALGORITHM CHAPTER 9. shor’s algorithm q1 = [0; 5] = 0 + 1 5 = 0.2 q2 = [0; 5, 1] = 0 + 1 5 + 1 1 = 1 6 = 0.16667 q3 = [0; 5, 1, 3] = 0 + 1 5 + 1 1+1 3 = 1 5 + 4 3 = 1 23 4 = 4 23 = 0.173913 q4 = [0; 5, 1, 3, 22] = 0 + 1 5 + 1 1+ 1 3+ 1 22 = 89 512 = 0.173823 Clearly, the highest qi,den < M is (q2,den = 6) < (M = 21) < (23 = q3,den) Thus we take r = 6 as our period and try to complete the algorithm using this. One way to think of this is as β = j r + ε N = α j r In our particular example, r = 6 and β = 89 = 1( 512 6 ) + 3.67 so j = 1. β N = 89 512 = 0.173828 = α0 1 6 ⇒ α0 = 1.042969 After the first expanded fraction we said that q1 = [0; 5] ⇒ 89 512 = 0 + 1 5 = 0.2 = α1 j r = α1 1 6 ⇒ α1 = 1.2 Taking q2 = [0; 5, 1] 89 512 = 0 + 1 5 + 1 1 = 1 6 = α2 1 6 ⇒ α2 = 1 Note this is the case we’re looking for; we’ve boiled β N down to j r . We now need to know when we’ve gotten to this point in general. q3 = [0; 5, 1, 3] = 0 + 1 5 + 1 1+1 3 = 4 23 = α3 1 6 ⇒ α3 = 24 23 At the point where the denominator of qi exceeds M, we must have passed the case where the denominator was the period r, since r < M, so we can read r from the denominator of qi. 6. When r is odd, return to the start of the procedure using a different value for a. 7. When r is even, use a Euclidean algorithm to determine whether either of (a r 2 + 1) or (a r 2 − 1) share a non-trivial factor with M. If so, we have found a factor of M. 53
  • 59.
    9.4. STEPS OFSHOR’S ALGORITHM CHAPTER 9. shor’s algorithm 9.4.2 Summary of Shor’s Algorithm In order to factorise an integer M, using n qubits where M2 ≤ 2n < 2 < M2: 1. Choose some random a, where 0 < a < M. 2. Generate a superposition 1 √ 2 N−1 ∑ x=0 |x |f (x) Where f (x) = axmod M. f (x) is periodic in r: f (x) = f (x + r). 3. Perform the quantum Fourier Transformation on the superposition. 4. Measure the system to obtain β = jN r + ε, where we know that ε is either zero or small compared to N. This concludes the quantum core of this algorithm, and from here onwards everything done is classical. 5. Use the continued fraction expansion on the value β N to determine a possible value for the period r of f (x). 6. If r is odd, restart the algorithm with a new initial a. 7. If r is even, use the Euclidean algorithm to find common factors between (a r 2 ± 1) and M. If no nontrivial factor is found, return to the start of the algorithm. 9.4.3 Complete Example of Shor’s Algorithm Let us demonstrate a complete run of Shor’s Algorithm for M = 35. To determine n: M2 = 1225 < 2n < 2(1225) is satisfied only for n = 11 : 1225 < 2048 < 2450. Then we have N = 2n = 2048. 1. Choose a = 6, and check that this is relatively prime to M: gcd(35, 6) = 1 So we can continue with this choice. 2. f (x) = axmodM = 6xmod35. We now try to determine the period of f (x). Gener- ate the superposition 1 √ 2048 2047 ∑ x=0 |x |f (x) Measurement on only the second register only forces the x values in the first regis- ter to become x + l.r, l ∈ N: C 2047 ∑ x=0 g(x)|x |f (x) 54
  • 60.
    9.4. STEPS OFSHOR’S ALGORITHM CHAPTER 9. shor’s algorithm with g(x) = 1 x = x0 + l.r 0 x = x0 + l.r We can now ignore the second register and focus only on the superposition C 2047 ∑ x=0 g(x)|x 3. Perform the quantum Fourier Transformation, yielding QFT(C 2047 ∑ x=0 g(x)|x ) = C2 r−1 ∑ k=0 G(k)|k 4. Measure the system after this transformation. This will result in some β. Suppose we measure β = 206. 5. Compute β N = 206 2048 = 103 1024 By continued fraction expansion this can be represented by 103 1024 = 0 + 1 9 + 1 1+ 1 16+ 1 6 We calculate the values of q for this fraction q0 = [0] = 0 q1 = [0; 9] = 1 9 q2 = [0; 9, 1] = 1 10 q3 = [0; 9, 1, 16] = 17 169 q4 = [0; 9, 1, 16, 6] = 103 1024 Considering the denominators of these shows that q2,den < M < q3,den holds: 10 < 35 < 169 So we proceed using r = q2,den = 10. 6. r is not odd, so we move to the next step. 55
  • 61.
    9.5. EFFICIENCY IMPROVEMENTCHAPTER 9. shor’s algorithm 7. r is even, so we compute (a r 2 ± 1) (6 10 2 + 1) = (65 + 1) = 7777 (6 10 2 − 1) = (65 − 1) = 7775 Then use the Euclidean algorithm to show that m1 = gcd(7777, 35) = 7 m2 = gcd(7775, 35) = 5 Thus we have found 35 = m1.m2 = 7 × 5, and we can verify that, for this simple case, the algorithm works. It is worth noting here that the period of (f (x) = 6x mod 35) is in fact 2: 62 mod 35 ≡ 1 64 mod 35 ≡ 1 ... 610 mod 35 ≡ 1 Yet the algorithm still worked and found the correct factorisation for 35. 9.5 efficiency improvement In order that we can understand the improvement offered by Shor’s factoring algo- rithm, we must consider how many steps it requires for its implementation, and compare this with the number of steps a classical algorithm would take 9.5.1 Classical Factorisation The general approach, [14], to finding a factor of M is to sequentially compute M 1 , M 2 , M 3 , ... , M √ M In some cases, a suitable factor will appear very early in this procedure, but in some cases it could take all √ M attempts. On average, it is fair to say that it will take √ M 2 trials to identify a factor. Each iteration will have some time expense, we will say as small as 10−12 seconds, so let us consider how many trials a realistic problem would require and find how long it would take a classical computer to solve this. 56
  • 62.
    9.5. EFFICIENCY IMPROVEMENTCHAPTER 9. shor’s algorithm Example 9.3. If the number we wish to factorise, M, has, for instance, 77 digits, we can sat that is of the order 2256 since 2256 = 1.15 × 1077. Then √ M ∼ (2256 ) 1 2 = 2128 ⇒ √ M 2 ∼ (2128 )−1 = 2127 Trials In time, this will take 2127 Trials × 10−12 seconds per Trial ∼ 1026 seconds The universe is approximately 4 × 1017 seconds old, so obviously trying to factor such a number is not achievable classically. The best known factoring algorithm, the number field sieve, [17] offers an improvement over this time scale, but not by nearly the same amount as the improvement offered by quantum computing, [18]. 9.5.2 Quantum Factoring Algorithm The most demanding part of the algorithm is the modular exponentiation required to generate the calculation of f (x) = ax mod M inside the state. §6.4 of [11] discusses this generation in detail, and Shor shows that it can be most efficiently achieved in O(n2 log2 n log2 log2 n) time steps, where n is the number of qubits involved in the system [19]. (Recall N = 2n) Rieffel and Polak also discuss the number of steps required of each section of the algorithm as outlined here, §8.4 of [11]. Clearly the most computationally expensive calculation is that of modular exponentiation, which we have seen to cost of the order (n2 log2 n log2 log2 n) in time. Again aiming to factorise a number of the order 2256, we must first find what size of a system (number of qubits) would be required. This is determined by M2 ≤ 2n ≤ 2M2 ⇒ 2512 ≤ 2n ≤ 2513 In general M will not be a power of two, and there will be only one such n to satisfy this condition. It suffices here to choose n = 512. The majority of the computation is due to the modular exponentiation, so we must calculate O(n2 log2 nlog2log2 n) to get an idea of how many steps are needed. n = 512 ⇒ log2n = log2(29 ) ⇒ log2 n = 9 57
  • 63.
    9.5. EFFICIENCY IMPROVEMENTCHAPTER 9. shor’s algorithm ⇒ log2 log2 n = log2(9) ≈ 3 ⇒ n2 log2 n log2 log2 n = (512)2 × 9 × 3 = 7, 077, 888 Trials ⇒ Time = (7, 077, 888 Trials) × (10−12 seconds per Trial) = 7 × 10−6 seconds This is clear evidence that Shor’s Algorithm is definitively faster than any classical algorithm can ever achieve. Thus, we have given a concrete example of a case where quantum computing can be implemented to solve a real problem which cannot be efficiently dealt with by a classical computer. There are, however, many other promising applications, such as the needle-in-the-haystack problem addressed by Grover’s Algorithm, [20]. There is potential to model quantum chemistry far more accurately than is done at present by modelling chemical bonds at quantum levels through use of quantum computation, [21]. Such modelling currently occupies a huge amount of computa- tional resources worldwide in trying to achieve accurate models at quantum scales. It is thought that quantum computers may be able to save resources and help in the modelling of specific chemical bonds at quantum levels, [22], and therefore help in the development of more effective medicines. These are only some of the vast possible applications of the technology, and so it is clear that there is suffi- cient motivation for the field to develop and to potentially shape the technological landscape over the coming years and decades. 58
  • 64.
    10 C O NC L U S I O N The aim of this thesis was to bring the reader from little or no knowledge of quantum computation to a point of understanding of the fundamental mathematics and quantum mechanics involved in describing the subject. To achieve this, we examined What the subject considers: the use of linear algebra to describe physics at the smallest possible scales through the formulation of quantum mechanics. The combination of this quantum mechanics with a basic concept in com- puter science, the unit of communication, the bit, lead us to a new building block for computation, the qubit. We considered How qubits could be manipulated uniquely to achieve computational results not available to classical bits. This involved equating quantum operations with quantum analogues to logic gates, which were then combined to form quantum circuits. We then discussed the uniquely quantum property of parallelism to examine how we may take advantage of the superposition of states inherent to quantum mechanics, and how we can build useful subroutines to simplify larger algorithms. Finally we thought about Why this is such an area of interest at present by considering what real-world application can be achieved by a quantum computer that would not be as easily or efficiently achievable using only classical technology. Shor’s Algorithm provided a clear mathematical problem, of factorising large numbers, which has been puzzling mathematicians for decades, and which can be handled by a quantum machine in significantly less time than it can be on a standard computer. Overall then, we have provided motivation and means for why quantum computa- tion is well placed to be a driving force in research in the coming decades. Our focus here has been on conceptual mathematical proofs rather than physical challenges to the construction of such machines, or of approaching the topic from a computer science per- spective and rigorously calculating efficiency in the number of space and time required to carry out computations. This has lead us to an understanding of why, mathematically at least, quantum computation holds huge promise for the future. 59
  • 65.
    B I BL I O G R A P H Y [1] Yu I Manin. Vychislimoe i nevychislimoe (computable and noncomputable), moscow: Sov, 1980. [2] Richard P Feynman. Simulating physics with computers. International journal of theoretical physics, 21(6):467–488, 1982. [3] Paul Benioff. Quantum mechanical hamiltonian models of turing machines. Journal of Statistical Physics, 29(3):515–546, 1982. [4] David Deutsch. Quantum theory, the church-turing principle and the universal quantum computer. In Proceedings of the Royal Society of London A: Mathematical, Physical and Engineering Sciences, volume 400, pages 97–117. The Royal Society, 1985. [5] David Deutsch and Richard Jozsa. Rapid solution of problems by quantum compu- tation. Proceedings of the Royal Society of London. Series A: Mathematical and Physical Sciences, 439(1907):553–558, 1992. [6] Peter W Shor. Algorithms for quantum computation: Discrete logarithms and fac- toring. In Foundations of Computer Science, 1994 Proceedings., 35th Annual Symposium on, pages 124–134. IEEE, 1994. [7] Michael A Nielsen and Isaac L Chuang. Quantum computation and quantum informa- tion. Cambridge university press, 2010. [8] Charles H Bennett, Gilles Brassard, Claude Cr´epeau, Richard Jozsa, Asher Peres, and William K Wootters. Teleporting an unknown quantum state via dual classical and einstein-podolsky-rosen channels. Physical review letters, 70(13):1895, 1993. [9] WK Wooters and WK Zurek. Quantum no-cloning theorem. Nature, 299:802, 1982. [10] Mark M Wilde. Quantum information theory. Cambridge University Press, 2013. [11] Eleanor G Rieffel and Wolfgang H Polak. Quantum computing: A gentle introduction. MIT Press, 2011. [12] Bernard J. Fino and V. Ralph Algazi. Unified matrix treatment of the fast walsh- hadamard transform. IEEE Transactions on Computers, 25(11):1142–1146, 1976. [13] Daniel R Simon. On the power of quantum computation. SIAM journal on computing, 26(5):1474–1483, 1997. [14] John M Pollard. A monte carlo method for factorization. BIT Numerical Mathematics, 15(3):331–334, 1975. [15] Isaac Chuang, Raymond Laflamme, P Shor, and W Zurek. Quantum computers, factoring, and decoherence. arXiv preprint quant-ph/9503007, 1995. [16] C Lavor, LRU Manssur, and R Portugal. Shor’s algorithm for factoring large integers. arXiv preprint quant-ph/0303175, 2003. 60
  • 66.
    BIBLIOGRAPHY BIBLIOGRAPHY [17] ArjenK Lenstra, Hendrik W Lenstra Jr, Mark S Manasse, and John M Pollard. The number field sieve. Springer, 1993. [18] Shah Muhammad Hamdi, Syed Tauhid Zuhori, Firoz Mahmud, and Biprodip Pal. A compare between shor’s quantum factoring algorithm and general number field sieve. In Electrical Engineering and Information & Communication Technology (ICEEICT), 2014 International Conference on, pages 1–6. IEEE, 2014. [19] Peter W Shor. Polynomial-time algorithms for prime factorization and discrete log- arithms on a quantum computer. SIAM journal on computing, 26(5):1484–1509, 1997. [20] Lov K Grover. A fast quantum mechanical algorithm for database search. In Pro- ceedings of the twenty-eighth annual ACM symposium on Theory of computing, pages 212–219. ACM, 1996. [21] Benjamin P Lanyon, James D Whitfield, GG Gillett, Michael E Goggin, Marcelo P Almeida, Ivan Kassal, Jacob D Biamonte, Masoud Mohseni, Ben J Powell, Marco Bar- bieri, et al. Towards quantum chemistry on a quantum computer. Nature Chemistry, 2(2):106–111, 2010. [22] Christof Zalka. Simulating quantum systems on a quantum computer. Proceedings of the Royal Society of London. Series A: Mathematical, Physical and Engineering Sciences, 454(1969):313–322, 1998. 61