Upload
aleesha-blair
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Exploring the Limits of the Efficiently Computable
Research Directions I Like In Complexity and Physics
Scott Aaronson (MIT)Papers and slides at www.scottaaronson.com
Quantum Mechanics in One Slide
n
1
nnn
n
uu
uu
1
111
n
1
1,1
2
n
iii C
Quantum Mechanics:
Linear transformations that conserve 2-norm of
amplitude vectors:Unitary matrices
np
p
1
nnn
n
ss
ss
1
111
nq
q
1
1,01
n
iii pp
Probability Theory:
Linear transformations that conserve 1-norm of
probability vectors:Stochastic matrices
A general entangled state of n qubits requires ~2n amplitudes to specify:
Quantum Computing
nxx x
1,0
Presents an obvious practical problem when using conventional computers to simulate quantum mechanics
Feynman 1981: So then why not turn things around, and build computers that themselves exploit superposition?
Could such a machine get any advantage over a classical computer with a random number generator? If so, it would have to come from interference between amplitudes
BQP (Bounded-Error Quantum Polynomial-Time): The class of problems solvable efficiently by a quantum computer, defined by Bernstein and Vazirani in 1993
Shor 1994: Factoring integers is in BQP
NP
NP-complete
P
FactoringBQP
Interesting
1. Meeting Experimentalists Halfway
Using complexity theory to find quantum advantage in systems of current experimental interest (e.g. linear-optical networks), which fall short of universal quantum computers
2. Publicly-Verifiable Quantum Money
First scheme based on a “standard” crypto assumption
3. Rise and Fall of Complexity in Thermodynamic Systems
Resource-bounded sophistication and coffee cups
This Talk: Three Recent Directions
1. Meeting Experimentalists Halfway
BosonSampling (A.-Arkhipov 2011)
A rudimentary type of quantum computing, involving only non-interacting photons
Classical counterpart: Galton’s Board
Replacing the balls by photons leads to famously counterintuitive phenomena,
like the Hong-Ou-Mandel dip
In general, we consider a network of beamsplitters, with n input “modes” (locations) and m>>n output modesn identical photons enter, one per input modeAssume for simplicity they all leave in different modes—there are possibilities
The beamsplitter network defines a column-orthonormal matrix ACmn, such that
nS
n
iiixX
1,Per
n
m
2PeroutcomePr SAS
where nn submatrix of A corresponding to S
Amazing connection between permanents and physics, which even leads to a simpler proof of Valiant’s famous result that the permanent is #P-complete [A. 2011]
So, Can We Use Quantum Optics to Solve a #P-Complete Problem?
Explanation: If X is sub-unitary, then |Per(X)|2 will usually be exponentially small. So to get a reasonable estimate of |Per(X)|2 for a given X, we’d generally need to repeat the optical experiment exponentially many times
That sounds way too good to be true…
Better idea: Given ACmn as input, let BosonSampling be the problem of merely sampling from the same distribution DA that the beamsplitter network samples from—the one defined by Pr[S]=|Per(AS)|2
Theorem (A.-Arkhipov 2011): Suppose BosonSampling is solvable in classical polynomial time. Then P#P=BPPNP
Better Theorem: Suppose we can sample DA even approximately in classical polynomial time. Then in BPPNP, it’s possible to estimate Per(X), with high probability over a Gaussian random matrix nn
CΝX 1,0~
Upshot: Compared to (say) Shor’s factoring algorithm, we get different/stronger evidence that a
weaker system can do something classically hard
We conjecture that the above problem is already #P-complete. If it is, then a fast classical algorithm for approximate BosonSampling would already have the consequence that P#P=BPPNP
Prove #P-completeness for natural average-case approximation problems (like permanents of Gaussians)—thereby yielding hardness for approximate BosonSampling
As a first step, understand the distribution of Per(X), X Gaussian
Early experimental implementations have been done (Rome, Brisbane, Vienna, Oxford)! But so far with just 3-4 photons. For scaling, will be crucial to understand the complexity of BosonSampling when a constant fraction of photons are lost
Can the BosonSampling model solve hard “conventional” problems? How do we verify that a BosonSampling device is working correctly? [A.-Arkhipov 2014, A.-Nguyen 2014]
BosonSampling with thermal states: fast classical algorithm to approximate Per(X) when X is positive semidefinite?
Challenges
Can a quantum computer solve problems for which a classical computer can’t even efficiently verify the answers? Or better yet: that are still classically hard even if P=NP?
BQP vs. the Polynomial Hierarchy
BosonSampling: A candidate for such a problem. If it’s solvable anywhere in BPPPH, then PH collapses.
A. 2009: Unconditionally, there’s a black-box sampling problem (Fourier Sampling) solvable in BQP but not in BPPPH
Boils down to: are there problems in BQP but not in PH?
Given a Boolean function 1,11,0: nfoutput z0,1n with probability 2ˆ zf
nx
zx
nxfzf
1,0
12
1:ˆ
What’s the largest possible quantum speedup?
“Forrelation”: Given two Boolean functions f,g:0,1n-1,1, estimate how correlated g is with the Fourier transform of f:
?6.0
?01.01
2
1
1,0,2/3
nyx
yx
nygxf
A.-Ambainis 2014: This problem is solvable using only 1 quantum query, but requires at least ~2n/2/n queries classically
Furthermore, this separation is essentially the largest possible! Any N-bit problem that’s solvable with k quantum queries, is also solvable with ~N1-1/2k classical queries
Conjecture (A. 2009): Forrelation Polynomial Hierarchy
2. Publicly-Verifiable Quantum Money
Quantum MoneyIdea: Quantum states that can be created by a bank, traded as currency, and verified as legitimate, but can’t be cloned by counterfeiters, because of quantum mechanics’ No-Cloning Theorem
A.-Christiano 2012: First quantum money scheme where anyone can verify a bill, and whose security is based on a “conventional” crypto assumption
Wiesner ca. 1970: First quantum money scheme, but only the bank could verify the bills. If anyone can verify a bill, then computational assumptions clearly needed, in addition to QM
Our Hidden Subspace Scheme
Ax
nxA
4/2
1:
Quantum money state:
2
dim
2
nA
GFA nR
Corresponding “serial number” s: Somehow describes how to check membership in A and in A (the dual subspace of A), yet doesn’t reveal A or A
Our proposal: Random low-degree polynomials p1,…,pm and q1,…,qm that vanish on A and A respectively
Mint can easily choose a random A and prepare |A
Procedure to Verify Money State(assuming ability to decide membership in A and A)
A
A
1. Project onto A elements (reject if this fails)
2. Hadamard all n qubits to map |A to |A
3. Project onto A elements (reject if this fails)
4. Hadamard all n qubits to return state to |A
Theorem: The above just implements a projection onto |A—i.e., it accepts | with probability ||A|2
Security
Theorem: There’s no efficient counterfeiting procedure, assuming there’s no an efficient quantum algorithm to learn a basis for A with 2-O(n) probability, given p1,…,pm and q1,…,qm. [Recently: Attack on noiseless version of scheme]
Theorem: If the A and A membership tests are black boxes, then any counterfeiting procedure requires Ω(2n/2) queries to them.
3. Rise and Fall of Complexity in Thermodynamic Systems
How to Measure Interesting Structure?Can define structure and in many other ways
One simpleminded measure: the Kolmogorov complexity of a coarse-grained description of our cellular automaton or other system
Sean Carroll’s example:
The Coffee AutomatonA., Carroll, Mohan, Ouellette, Werness 2015: A probabilistic nn reversible system that starts half “coffee” and half “cream.” At each time step, we randomly “shear” half the coffee cup horizontally or vertically (assuming a toroidal cup)
We prove that the apparent complexity of this image has a rising-falling pattern, with a maximum of at least ~n1/6
Quantum lower bound for the collision problem [A. 2002]
Quantum (+classical!) lower bound for local search [A. 2004]
First direct product theorem for quantum search [A. 2004]
PostBQP = PP [A. 2004]
BQP/qpoly QMA/poly, learnability of quantum states [A.-Drucker 2010, A. 2004, A. 2006]
Algebrization [A.-Wigderson 2008]
Other Work
Some Future DirectionsQuantum copy-protected software
Complexity theory of quantum states and unitary transformations
Classification of quantum gate sets
Noisy BosonSampling
The power of quantum proofs
See also my talk at Perimeter on Wednesday at 10:30, for complexity and quantum gravity!