-
High-dimensional quantum key distribution using a multi-plane light converter
Authors:
Ohad Lib,
Kfir Sulimany,
Mateus Araújo,
Michael Ben-Or,
Yaron Bromberg
Abstract:
High-dimensional quantum key distribution (QKD) offers higher information capacity and stronger resilience to noise compared to its binary counterpart. However, these advantages are often hindered by the difficulty of realizing the required high-dimensional measurements and transformations. Here, we implement a large-scale multi-plane light converter (MPLC) and program it as a high-dimensional mod…
▽ More
High-dimensional quantum key distribution (QKD) offers higher information capacity and stronger resilience to noise compared to its binary counterpart. However, these advantages are often hindered by the difficulty of realizing the required high-dimensional measurements and transformations. Here, we implement a large-scale multi-plane light converter (MPLC) and program it as a high-dimensional mode sorter of spatial modes for QKD. Using the MPLC, we demonstrate five-dimensional QKD with six mutually unbiased bases and 25-dimensional QKD with two mutually unbiased bases in the same experimental setup. Furthermore, we propose a construction of pairs of mutually unbiased bases that are robust to experimental errors, with measurement complexity scaling only with the square root of the encoded dimension. This approach paves the way for QKD implementations in higher dimensions.
△ Less
Submitted 28 May, 2024; v1 submitted 6 March, 2024;
originally announced March 2024.
-
High-dimensional coherent one-way quantum key distribution
Authors:
Kfir Sulimany,
Guy Pelc,
Rom Dudkiewicz,
Simcha Korenblit,
Hagai S. Eisenberg,
Yaron Bromberg,
Michael Ben-Or
Abstract:
High-dimensional quantum key distribution (QKD) offers secure communication, with secure key rates that surpass those achievable by QKD protocols utilizing two-dimensional encoding. However, existing high-dimensional QKD protocols require additional experimental resources, such as multiport interferometers and multiple detectors, thus raising the cost of practical high-dimensional systems and limi…
▽ More
High-dimensional quantum key distribution (QKD) offers secure communication, with secure key rates that surpass those achievable by QKD protocols utilizing two-dimensional encoding. However, existing high-dimensional QKD protocols require additional experimental resources, such as multiport interferometers and multiple detectors, thus raising the cost of practical high-dimensional systems and limiting their use. Here, we present and analyze a novel protocol for arbitrary-dimensional QKD, that requires only the hardware of a standard two-dimensional system. We provide security proofs against individual attacks and coherent attacks, setting an upper and lower bound on the secure key rates. Then, we test the new high-dimensional protocol in a standard two-dimensional QKD system over a 40 km fiber link. The new protocol yields a two-fold enhancement of the secure key rate compared to the standard two-dimensional coherent one-way protocol, without introducing any hardware modifications to the system. This work, therefore, holds great potential to enhance the performance of already deployed time-bin QKD systems through a software update alone. Furthermore, its applications extend across different encoding schemes of QKD qudits.
△ Less
Submitted 11 July, 2023; v1 submitted 10 May, 2021;
originally announced May 2021.
-
Interactive Proofs for Quantum Computations
Authors:
Dorit Aharonov,
Michael Ben-Or,
Elad Eban,
Urmila Mahadev
Abstract:
The widely held belief that BQP strictly contains BPP raises fundamental questions: if we cannot efficiently compute predictions for the behavior of quantum systems, how can we test their behavior? In other words, is quantum mechanics falsifiable? In cryptographic settings, how can a customer of a future untrusted quantum computing company be convinced of the correctness of its quantum computation…
▽ More
The widely held belief that BQP strictly contains BPP raises fundamental questions: if we cannot efficiently compute predictions for the behavior of quantum systems, how can we test their behavior? In other words, is quantum mechanics falsifiable? In cryptographic settings, how can a customer of a future untrusted quantum computing company be convinced of the correctness of its quantum computations? To provide answers to these questions, we define Quantum Prover Interactive Proofs (QPIP). Whereas in standard interactive proofs the prover is computationally unbounded, here our prover is in BQP, representing a quantum computer. The verifier models our current computational capabilities: it is a BPP machine, with access to only a few qubits. Our main theorem states, roughly: 'Any language in BQP has a QPIP, which also hides the computation from the prover'. We provide two proofs, one based on a quantum authentication scheme (QAS) relying on random Clifford rotations and the other based on a QAS which uses polynomial codes (BOCG+ 06), combined with secure multiparty computation methods.
This is the journal version of work reported in 2008 (ABOE08) and presented in ICS 2010; here we have completed the details and made the proofs rigorous. Some of the proofs required major modifications and corrections. Notably, the claim that the polynomial QPIP is fault tolerant was removed. Similar results (with different protocols) were reported independently around the same time of the original version in BFK08. The initial independent works (ABOE08, BFK08) ignited a long line of research of blind verifiable quantum computation, which we survey here, along with connections to various cryptographic problems. Importantly, the problems of making the results fault tolerant as well as removing the need for quantum communication altogether remain open.
△ Less
Submitted 14 April, 2017;
originally announced April 2017.
-
A Quasi-Random Approach to Matrix Spectral Analysis
Authors:
Michael Ben-Or,
Lior Eldar
Abstract:
Inspired by the quantum computing algorithms for Linear Algebra problems [HHL,TaShma] we study how the simulation on a classical computer of this type of "Phase Estimation algorithms" performs when we apply it to solve the Eigen-Problem of Hermitian matrices. The result is a completely new, efficient and stable, parallel algorithm to compute an approximate spectral decomposition of any Hermitian m…
▽ More
Inspired by the quantum computing algorithms for Linear Algebra problems [HHL,TaShma] we study how the simulation on a classical computer of this type of "Phase Estimation algorithms" performs when we apply it to solve the Eigen-Problem of Hermitian matrices. The result is a completely new, efficient and stable, parallel algorithm to compute an approximate spectral decomposition of any Hermitian matrix. The algorithm can be implemented by Boolean circuits in $O(\log^2 n)$ parallel time with a total cost of $O(n^{ω+1})$ Boolean operations. This Boolean complexity matches the best known rigorous $O(\log^2 n)$ parallel time algorithms, but unlike those algorithms our algorithm is (logarithmically) stable, so further improvements may lead to practical implementations.
All previous efficient and rigorous approaches to solve the Eigen-Problem use randomization to avoid bad condition as we do too. Our algorithm makes further use of randomization in a completely new way, taking random powers of a unitary matrix to randomize the phases of its eigenvalues. Proving that a tiny Gaussian perturbation and a random polynomial power are sufficient to ensure almost pairwise independence of the phases $(\mod (2π))$ is the main technical contribution of this work. This randomization enables us, given a Hermitian matrix with well separated eigenvalues, to sample a random eigenvalue and produce an approximate eigenvector in $O(\log^2 n)$ parallel time and $O(n^ω)$ Boolean complexity. We conjecture that further improvements of our method can provide a stable solution to the full approximate spectral decomposition problem with complexity similar to the complexity (up to a logarithmic factor) of sampling a single eigenvector.
△ Less
Submitted 6 April, 2017; v1 submitted 29 May, 2015;
originally announced May 2015.
-
Optimal algorithms for linear algebra by quantum inspiration
Authors:
Michael Ben-Or,
Lior Eldar
Abstract:
Recent results by Harrow et. al. and by Ta-Shma, suggest that quantum computers may have an exponential advantage in solving a wealth of linear algebraic problems, over classical algorithms. Building on the quantum intuition of these results, we step back into the classical domain, and explore its usefulness in designing classical algorithms. We achieve an algorithm for solving the major linear-al…
▽ More
Recent results by Harrow et. al. and by Ta-Shma, suggest that quantum computers may have an exponential advantage in solving a wealth of linear algebraic problems, over classical algorithms. Building on the quantum intuition of these results, we step back into the classical domain, and explore its usefulness in designing classical algorithms. We achieve an algorithm for solving the major linear-algebraic problems in time $O(n^{ω+ν})$ for any $ν>0$, where $ω$ is the optimal matrix-product constant. Thus our algorithm is optimal w.r.t. matrix multiplication, and comparable to the state-of-the-art algorithm for these problems due to Demmel et. al. Being derived from quantum intuition, our proposed algorithm is completely disjoint from all previous classical algorithms, and builds on a combination of low-discrepancy sequences and perturbation analysis. As such, we hope it motivates further exploration of quantum techniques in this respect, hopefully leading to improvements in our understanding of space complexity and numerical stability of these problems.
△ Less
Submitted 6 April, 2017; v1 submitted 13 December, 2013;
originally announced December 2013.
-
Quantum Refrigerator
Authors:
Michael Ben-Or,
Daniel Gottesman,
Avinatan Hassidim
Abstract:
We consider fault-tolerant quantum computation in the context where there are no fresh ancilla qubits available during the computation, and where the noise is due to a general quantum channel. We show that there are three classes of noisy channels: In the first, typified by the depolarizing channel, computation is only possible for a logarithmic time. In the second class, of which the dephasing ch…
▽ More
We consider fault-tolerant quantum computation in the context where there are no fresh ancilla qubits available during the computation, and where the noise is due to a general quantum channel. We show that there are three classes of noisy channels: In the first, typified by the depolarizing channel, computation is only possible for a logarithmic time. In the second class, of which the dephasing channel is an example, computation is possible for polynomial time. The amplitude dam** channel is an example of the third class, and for this class of channels, it is possible to compute for an exponential time in the number of qubits available.
△ Less
Submitted 9 January, 2013;
originally announced January 2013.
-
A Fault-Resistant Asynchronous Clock Function
Authors:
Ezra N. Hoch,
Michael Ben-Or,
Danny Dolev
Abstract:
Consider an asynchronous network in a shared-memory environment consisting of n nodes. Assume that up to f of the nodes might be Byzantine (n > 12f), where the adversary is full-information and dynamic (sometimes called adaptive). In addition, the non-Byzantine nodes may undergo transient failures. Nodes advance in atomic steps, which consist of reading all registers, performing some calculation a…
▽ More
Consider an asynchronous network in a shared-memory environment consisting of n nodes. Assume that up to f of the nodes might be Byzantine (n > 12f), where the adversary is full-information and dynamic (sometimes called adaptive). In addition, the non-Byzantine nodes may undergo transient failures. Nodes advance in atomic steps, which consist of reading all registers, performing some calculation and writing to all registers.
This paper contains three main contributions. First, the clock-function problem is defined, which is a generalization of the clock synchronization problem. This generalization encapsulates previous clock synchronization problem definitions while extending them to the current paper's model. Second, a randomized asynchronous self-stabilizing Byzantine tolerant clock synchronization algorithm is presented.
In the construction of the clock synchronization algorithm, a building block that ensures different nodes advance at similar rates is developed. This feature is the third contribution of the paper. It is self-stabilizing and Byzantine tolerant and can be used as a building block for different algorithms that operate in an asynchronous self-stabilizing Byzantine model.
The convergence time of the presented algorithm is exponential. Observe that in the asynchronous setting the best known full-information dynamic Byzantine agreement also has expected exponential convergence time, even though currently there is no known reduction between the two.
△ Less
Submitted 14 July, 2010; v1 submitted 10 July, 2010;
originally announced July 2010.
-
Simple Gradecast Based Algorithms
Authors:
Michael Ben-Or,
Danny Dolev,
Ezra N. Hoch
Abstract:
Gradecast is a simple three-round algorithm presented by Feldman and Micali. The current work presents a very simple algorithm that utilized Gradecast to achieve Byzantine agreement. Two small variations of the presented algorithm lead to improved algorithms for solving the Approximate agreement problem and the Multi-consensus problem.
An optimal approximate agreement algorithm was presented by…
▽ More
Gradecast is a simple three-round algorithm presented by Feldman and Micali. The current work presents a very simple algorithm that utilized Gradecast to achieve Byzantine agreement. Two small variations of the presented algorithm lead to improved algorithms for solving the Approximate agreement problem and the Multi-consensus problem.
An optimal approximate agreement algorithm was presented by Fekete, which supports up to 1/4 n Byzantine nodes and has message complexity of O(n^k), where n is the number of nodes and k is the number of rounds.
Our solution to the approximate agreement problem is optimal, simple and reduces the message complexity to O(k * n^3), while supporting up to 1/3 n Byzantine nodes.
Multi consensus was first presented by Bar-Noy et al. It consists of consecutive executions of l Byzantine consensuses. Bar-Noy et al., show an optimal amortized solution to this problem, assuming that all nodes start each consensus instance at the same time, a property that cannot be guaranteed with early stop**. Our solution is simpler, preserves round complexity optimality, allows early stop** and does not require synchronized starts of the consensus instances.
△ Less
Submitted 29 September, 2010; v1 submitted 7 July, 2010;
originally announced July 2010.
-
Interactive Proofs For Quantum Computations
Authors:
Dorit Aharonov,
Michael Ben-Or,
Elad Eban
Abstract:
The widely held belief that BQP strictly contains BPP raises fundamental questions: Upcoming generations of quantum computers might already be too large to be simulated classically. Is it possible to experimentally test that these systems perform as they should, if we cannot efficiently compute predictions for their behavior? Vazirani has asked: If predicting Quantum Mechanical systems requires…
▽ More
The widely held belief that BQP strictly contains BPP raises fundamental questions: Upcoming generations of quantum computers might already be too large to be simulated classically. Is it possible to experimentally test that these systems perform as they should, if we cannot efficiently compute predictions for their behavior? Vazirani has asked: If predicting Quantum Mechanical systems requires exponential resources, is QM a falsifiable theory? In cryptographic settings, an untrusted future company wants to sell a quantum computer or perform a delegated quantum computation. Can the customer be convinced of correctness without the ability to compare results to predictions?
To answer these questions, we define Quantum Prover Interactive Proofs (QPIP). Whereas in standard Interactive Proofs the prover is computationally unbounded, here our prover is in BQP, representing a quantum computer. The verifier models our current computational capabilities: it is a BPP machine, with access to few qubits. Our main theorem can be roughly stated as: "Any language in BQP has a QPIP, and moreover, a fault tolerant one". We provide two proofs. The simpler one uses a new (possibly of independent interest) quantum authentication scheme (QAS) based on random Clifford elements. This QPIP however, is not fault tolerant. Our second protocol uses polynomial codes QAS due to BCGHS, combined with quantum fault tolerance and multiparty quantum computation techniques. A slight modification of our constructions makes the protocol "blind": the quantum computation and input are unknown to the prover.
After we have derived the results, we have learned that Broadbent at al. have independently derived "universal blind quantum computation" using completely different methods. Their construction implicitly implies similar implications.
△ Less
Submitted 18 November, 2008; v1 submitted 30 October, 2008;
originally announced October 2008.
-
The Pursuit of Uniqueness: Extending Valiant-Vazirani Theorem to the Probabilistic and Quantum Settings
Authors:
Dorit Aharonov,
Michael Ben-Or,
Fernando G. S. L. Brandao,
Or Sattath
Abstract:
Valiant-Vazirani showed in 1985 [VV85] that solving NP with the promise that "yes" instances have only one witness is powerful enough to solve the entire NP class (under randomized reductions).
We are interested in extending this result to the quantum setting. We prove extensions to the classes Merlin-Arthur MA and Quantum-Classical-Merlin-Arthur QCMA. Our results have implications for the compl…
▽ More
Valiant-Vazirani showed in 1985 [VV85] that solving NP with the promise that "yes" instances have only one witness is powerful enough to solve the entire NP class (under randomized reductions).
We are interested in extending this result to the quantum setting. We prove extensions to the classes Merlin-Arthur MA and Quantum-Classical-Merlin-Arthur QCMA. Our results have implications for the complexity of approximating the ground state energy of a quantum local Hamiltonian with a unique ground state and an inverse polynomial spectral gap. We show that the estimation (to within polynomial accuracy) of the ground state energy of poly-gapped 1-D local Hamiltonians is QCMA-hard [AN02], under randomized reductions. This is in stark contrast to the case of constant gapped 1-D Hamiltonians, which is in NP [Has07]. Moreover, it shows that unless QCMA can be reduced to NP by randomized reductions, there is no classical description of the ground state of every poly-gapped local Hamiltonian that allows efficient calculation of expectation values.
Finally, we discuss a few of the obstacles to the establishment of an analogous result to the class Quantum-Merlin-Arthur (QMA). In particular, we show that random projections fail to provide a polynomial gap between two witnesses.
△ Less
Submitted 11 March, 2022; v1 submitted 27 October, 2008;
originally announced October 2008.
-
Quantum Multi Prover Interactive Proofs with Communicating Provers
Authors:
Michael Ben-Or,
Avinatan Hassidim,
Haran Pilpel
Abstract:
Multi Prover Interactive Proof systems (MIPs)were first presented in a cryptographic context, but ever since they were used in various fields. Understanding the power of MIPs in the quantum context raises many open problems, as there are several interesting models to consider. For example, one can study the question when the provers share entanglement or not, and the communication between the ve…
▽ More
Multi Prover Interactive Proof systems (MIPs)were first presented in a cryptographic context, but ever since they were used in various fields. Understanding the power of MIPs in the quantum context raises many open problems, as there are several interesting models to consider. For example, one can study the question when the provers share entanglement or not, and the communication between the verifier and the provers is quantum or classical. While there are several partial results on the subject, so far no one presented an efficient scheme for recognizing NEXP (or NP with logarithmic communication), except for [KM03], in the case there is no entanglement (and of course no communication between the provers). We introduce another variant of Quantum MIP, where the provers do not share entanglement, the communication between the verifier and the provers is quantum, but the provers are unlimited in the classical communication between them. At first, this model may seem very weak, as provers who exchange information seem to be equivalent in power to a simple prover. This in fact is not the case - we show that any language in NEXP can be recognized in this model efficiently, with just two provers and two rounds of communication, with a constant completeness-soundness gap.
△ Less
Submitted 24 June, 2008;
originally announced June 2008.
-
Secure Multiparty Quantum Computation with (Only) a Strict Honest Majority
Authors:
Michael Ben-Or,
Claude Crépeau,
Daniel Gottesman,
Avinatan Hassidim,
Adam Smith
Abstract:
Secret sharing and multiparty computation (also called "secure function evaluation") are fundamental primitives in modern cryptography, allowing a group of mutually distrustful players to perform correct, distributed computations under the sole assumption that some number of them will follow the protocol honestly. This paper investigates how much trust is necessary -- that is, how many players m…
▽ More
Secret sharing and multiparty computation (also called "secure function evaluation") are fundamental primitives in modern cryptography, allowing a group of mutually distrustful players to perform correct, distributed computations under the sole assumption that some number of them will follow the protocol honestly. This paper investigates how much trust is necessary -- that is, how many players must remain honest -- in order for distributed quantum computations to be possible.
We present a verifiable quantum secret sharing (VQSS) protocol, and a general secure multiparty quantum computation (MPQC) protocol, which can tolerate any (n-1)/2 (rounded down) cheaters among n players. Previous protocols for these tasks tolerated (n-1)/4 (rounded down) and (n-1)/6 (rounded down) cheaters, respectively. The threshold we achieve is tight - even in the classical case, ``fair'' multiparty computation is not possible if any set of n/2 players can cheat.
Our protocols rely on approximate quantum error-correcting codes, which can tolerate a larger fraction of errors than traditional, exact codes. We introduce new families of authentication schemes and approximate codes tailored to the needs of our protocols, as well as new state purification techniques along the lines of those used in fault-tolerant quantum circuits.
△ Less
Submitted 9 January, 2008;
originally announced January 2008.
-
Simple and secure quantum key distribution with biphotons
Authors:
I. Bregman,
D. Aharonov,
M. Ben-Or,
H. S. Eisenberg
Abstract:
The best qubit one-way quantum key distribution (QKD) protocol can tolerate up to 14.1% in the error rate. It has been shown how this rate can be increased by using larger quantum systems. The polarization state of a biphoton can encode a three level quantum system - a qutrit. The realization of a QKD system with biphotons encounters several problems in generating, manipulating and detecting suc…
▽ More
The best qubit one-way quantum key distribution (QKD) protocol can tolerate up to 14.1% in the error rate. It has been shown how this rate can be increased by using larger quantum systems. The polarization state of a biphoton can encode a three level quantum system - a qutrit. The realization of a QKD system with biphotons encounters several problems in generating, manipulating and detecting such photon states. We define those limitations and find within them a few protocols that perform almost as well as the ideal qutrit protocol. One advantage is that these protocols can be implemented with minor modifications into existing single photon systems. The security of one protocol is proved for the most general coherent attacks and the largest acceptable error rate for this protocol is found to be around 17.7%. This is the first time, to the best of our knowledge, that the security of qutrit QKD protocols is rigorously analyzed against general attacks.
△ Less
Submitted 13 February, 2008; v1 submitted 24 September, 2007;
originally announced September 2007.
-
Quantum Search in an Ordered List via Adaptive Learning
Authors:
M. Ben-Or,
Avinatan Hassidim
Abstract:
We use a Bayesian approach to optimally solve problems in noisy binary search. We deal with two variants:
1. Each comparison can be erroneous with some probability $1 - p$. 2. At each stage $k$ comparisons can be performed in parallel and a noisy answer is returned
We present a (classic) algorithm which optimally solves both variants together, up to an additive term of O(\log \log(n)), and p…
▽ More
We use a Bayesian approach to optimally solve problems in noisy binary search. We deal with two variants:
1. Each comparison can be erroneous with some probability $1 - p$. 2. At each stage $k$ comparisons can be performed in parallel and a noisy answer is returned
We present a (classic) algorithm which optimally solves both variants together, up to an additive term of O(\log \log(n)), and prove matching information theoretic lower bounds. We use the algorithm to improve the results of Farhi et al \cite{FGGS99} presenting a quantum (error free) search algorithm in an ordered list of expected complexity less than (\log_2n) / 3.
△ Less
Submitted 9 November, 2007; v1 submitted 24 March, 2007;
originally announced March 2007.
-
The Universal Composable Security of Quantum Key Distribution
Authors:
M. Ben-Or,
Michal Horodecki,
D. W. Leung,
D. Mayers,
J. Oppenheim
Abstract:
The existing unconditional security definitions of quantum key distribution (QKD) do not apply to joint attacks over QKD and the subsequent use of the resulting key. In this paper, we close this potential security gap by using a universal composability theorem for the quantum setting. We first derive a composable security definition for QKD. We then prove that the usual security definition of QK…
▽ More
The existing unconditional security definitions of quantum key distribution (QKD) do not apply to joint attacks over QKD and the subsequent use of the resulting key. In this paper, we close this potential security gap by using a universal composability theorem for the quantum setting. We first derive a composable security definition for QKD. We then prove that the usual security definition of QKD still implies the composable security definition. Thus, a key produced in any QKD protocol that is unconditionally secure in the usual definition can indeed be safely used, a property of QKD that is hitherto unproven. We propose two other useful sufficient conditions for composability. As a simple application of our result, we show that keys generated by repeated runs of QKD degrade slowly.
△ Less
Submitted 13 September, 2004;
originally announced September 2004.
-
General Security Definition and Composability for Quantum & Classical Protocols
Authors:
Michael Ben-Or,
Dominic Mayers
Abstract:
We generalize the universally composable definition of Canetti to the Quantum World. The basic idea is the same as in the classical world. The main contribution is that we unfold the result in a new model which is well adapted to quantum protocols. We also simplify some aspects of the classical case. In particular, the case of protocols with an arbitrary number of layers of sub-protocols is natu…
▽ More
We generalize the universally composable definition of Canetti to the Quantum World. The basic idea is the same as in the classical world. The main contribution is that we unfold the result in a new model which is well adapted to quantum protocols. We also simplify some aspects of the classical case. In particular, the case of protocols with an arbitrary number of layers of sub-protocols is naturally covered in the proposed model.
△ Less
Submitted 29 November, 2004; v1 submitted 10 September, 2004;
originally announced September 2004.
-
Fault-Tolerant Quantum Computation With Constant Error Rate
Authors:
Dorit Aharonov,
Michael Ben-Or
Abstract:
This paper proves the threshold result, which asserts that quantum computation can be made robust against errors and inaccuracies, when the error rate, $η$, is smaller than a constant threshold, $η_c$. The result holds for a very general, not necessarily probabilistic noise model, for quantum particles with any number of states, and is also generalized to one dimensional quantum computers with o…
▽ More
This paper proves the threshold result, which asserts that quantum computation can be made robust against errors and inaccuracies, when the error rate, $η$, is smaller than a constant threshold, $η_c$. The result holds for a very general, not necessarily probabilistic noise model, for quantum particles with any number of states, and is also generalized to one dimensional quantum computers with only nearest neighbor interactions. No measurements, or classical operations, are required during the quantum computation. The proceeding version was very succinct, and here we fill all the missing details, and elaborate on many parts of the proof. In particular, we devote a section for a discussion of universality issues and proofs that the sets of gates that we use are universal. Another section is devoted to a rigorous proof that fault tolerance can be achieved in the presence of general non probabilistic noise. The systematic structure of the fault tolerant procedures for polynomial codes is explained in length. The proof that the concatenation scheme works is written in a clearer way. The paper also contains new and significantly simpler proofs for most of the known results which we use. For example, we give a simple proof that it suffices to correct bit and phase flips, we significantly simplify Calderbank and Shor's original proof of the correctness of CSS codes. We also give a simple proof of the fact that two-qubit gates are universal. The paper thus provides a self contained and complete proof for universal fault tolerant quantum computation.
△ Less
Submitted 30 June, 1999;
originally announced June 1999.
-
Polynomial Simulations of Decohered Quantum Computers
Authors:
Dorit Aharonov,
Michael Ben-Or
Abstract:
We define formally decohered quantum computers (using density matrices), and present a simulation of them by a probabalistic classical Turing Machine. We study the slowdown of the simulation for two cases: (1) sequential quantum computers, or quantum Turing machines(QTM), and (2) parallel quantum computers, or quantum circuits. This paper shows that the computational power of decohered quantum c…
▽ More
We define formally decohered quantum computers (using density matrices), and present a simulation of them by a probabalistic classical Turing Machine. We study the slowdown of the simulation for two cases: (1) sequential quantum computers, or quantum Turing machines(QTM), and (2) parallel quantum computers, or quantum circuits. This paper shows that the computational power of decohered quantum computers depends strongly on the amount of parallelism in the computation.
The expected slowdown of the simulation of a QTM is polynomial in time and space of the quantum computation, for any non zero decoherence rate. This means that a QTM subjected to any amount of noise is worthless. For decohered quantum circuits, the situation is more subtle and depends on the decoherence rate, eta. We find that our simulation is efficient for circuits with decoherence rate higher than some constant, but exponential for general circuits with decoherence rate lower than some other constant. Using computer experiments, we show that the transition from exponential cost to polynomial cost happens in a short range of decoherence rates, and exhibit the phase transitions in various quantum circuits.
△ Less
Submitted 17 November, 1996;
originally announced November 1996.
-
Limitations of Noisy Reversible Computation
Authors:
D. Aharonov,
M. Ben-Or,
R. Impagliazzo,
N. Nisan
Abstract:
Noisy computation and reversible computation have been studied separately, and it is known that they are as powerful as unrestricted computation. We study the case where both noise and reversibility are combined and show that the combined model is weaker than unrestricted computation. In our noisy reversible circuits, each wire is flipped with probability p each time step, and all the inputs to…
▽ More
Noisy computation and reversible computation have been studied separately, and it is known that they are as powerful as unrestricted computation. We study the case where both noise and reversibility are combined and show that the combined model is weaker than unrestricted computation. In our noisy reversible circuits, each wire is flipped with probability p each time step, and all the inputs to the circuit are present in time 0. We prove that any noisy reversible circuit must have size exponential in its depth in order to compute a function with high probability. This is tight as we show that any circuit can be converted into a noise-resistant reversible one with a blow up in size which is exponential in the depth. This establishes that noisy reversible computation has the power of the complexity class NC^1.
We extend this to quantum circuits(QC). We prove that any noisy QC which is not worthless, and for which all inputs are present at time 0, must have size exponential in its depth. (This high-lights the fact that fault tolerant QC must use a constant supply of inputs all the time.) For the lower bound, we show that quasi-polynomial noisy QC are at least powerful as logarithmic depth QC, (or QNC^1). Making these bounds tight is left open in the quantum case.
△ Less
Submitted 17 November, 1996;
originally announced November 1996.
-
Fault Tolerant Quantum Computation with Constant Error
Authors:
Dorit Aharonov,
Michael Ben-Or
Abstract:
Recently Shor showed how to perform fault tolerant quantum computation when the error probability is logarithmically small. We improve this bound and describe fault tolerant quantum computation when the error probability is smaller than some constant threshold. The cost is polylogarithmic in time and space, and no measurements are used during the quantum computation. The result holds also for qu…
▽ More
Recently Shor showed how to perform fault tolerant quantum computation when the error probability is logarithmically small. We improve this bound and describe fault tolerant quantum computation when the error probability is smaller than some constant threshold. The cost is polylogarithmic in time and space, and no measurements are used during the quantum computation. The result holds also for quantum circuits which operate on nearest neighbors only. To achieve this noise resistance, we use concatenated quantum error correcting codes. The scheme presented is general, and works with all quantum codes that satisfy some restrictions, namely that the code is ``proper''.
We present two explicit classes of proper quantum codes. The first example of proper quantum codes generalizes classical secret sharing with polynomials. The second uses a known class of quantum codes and converts it to a proper code. This class is defined over a field with p elements, so the elementary quantum particle is not a qubit but a ``qupit''. With our codes, the threshold is about 10^(-6). Hopefully, this paper motivates a search for proper quantum codes with higher thresholds, at which point quantum computation becomes practical.
△ Less
Submitted 15 November, 1996; v1 submitted 14 November, 1996;
originally announced November 1996.