Advice coins for classical and quantum computation

We study the power of classical and quantum algorithms equipped with nonuniform advice, in the form of a coin whose bias encodes useful information. This question takes on particular importance in the quantum case, due to a surprising result that we prove: a quantum finite automaton with just two states can be sensitive to arbitrarily small changes in a coin’s bias. This contrasts with classical probabilistic finite automata, whose sensitivity to changes in a coin’s bias is bounded by a classic 1970 result of Hellman and Cover. Despite this finding, we are able to bound the power of advice coins for space-bounded classical and quantum computation. We define the classes BPPSPACE/coin and BQPSPACE/coin, of languages decidable by classical and quantum polynomial-space machines with advice coins. Our main theorem is that both classes coincide with PSPACE/poly. Proving this result turns out to require substantial machinery. We use an algorithm due to Neff for finding roots of polynomials in NC; a result from algebraic geometry that lower-bounds the separation of a polynomial’s roots; and a result on fixed-points of superoperators due to Aaronson and Watrous, originally proved in the context of quantum computing with closed timelike curves

Classical Cryptographic Protocols in a Quantum World

Cryptographic protocols, such as protocols for secure function evaluation (SFE), have played a crucial role in the development of modern cryptography. The extensive theory of these protocols, however, deals almost exclusively with classical attackers. If we accept that quantum information processing is the most realistic model of physically feasible computation, then we must ask: what classical protocols remain secure against quantum attackers? Our main contribution is showing the existence of classical two-party protocols for the secure evaluation of any polynomial-time function under reasonable computational assumptions (for example, it suffices that the learning with errors problem be hard for quantum polynomial time). Our result shows that the basic two-party feasibility picture from classical cryptography remains unchanged in a quantum world.Comment: Full version of an old paper in Crypto'11. Invited to IJQI. This is authors' copy with different formattin

Quantum vs. Classical Read-once Branching Programs

The paper presents the first nontrivial upper and lower bounds for (non-oblivious) quantum read-once branching programs. It is shown that the computational power of quantum and classical read-once branching programs is incomparable in the following sense: (i) A simple, explicit boolean function on 2n input bits is presented that is computable by error-free quantum read-once branching programs of size O(n^3), while each classical randomized read-once branching program and each quantum OBDD for this function with bounded two-sided error requires size 2^{\Omega(n)}. (ii) Quantum branching programs reading each input variable exactly once are shown to require size 2^{\Omega(n)} for computing the set-disjointness function DISJ_n from communication complexity theory with two-sided error bounded by a constant smaller than 1/2-2\sqrt{3}/7. This function is trivially computable even by deterministic OBDDs of linear size. The technically most involved part is the proof of the lower bound in (ii). For this, a new model of quantum multi-partition communication protocols is introduced and a suitable extension of the information cost technique of Jain, Radhakrishnan, and Sen (2003) to this model is presented.Comment: 35 pages. Lower bound for disjointness: Error in application of info theory corrected and regularity of quantum read-once BPs (each variable at least once) added as additional assumption of the theorem. Some more informal explanations adde