6 research outputs found
Inverting a permutation is as hard as unordered search
We show how an algorithm for the problem of inverting a permutation may be
used to design one for the problem of unordered search (with a unique
solution). Since there is a straightforward reduction in the reverse direction,
the problems are essentially equivalent.
The reduction we present helps us bypass the hybrid argument due to Bennett,
Bernstein, Brassard, and Vazirani (1997) and the quantum adversary method due
to Ambainis (2002) that were earlier used to derive lower bounds on the quantum
query complexity of the problem of inverting permutations. It directly implies
that the quantum query complexity of the problem is asymptotically the same as
that for unordered search, namely in Theta(sqrt(n)).Comment: 5 pages. Numerous changes to improve the presentatio
Query and Depth Upper Bounds for Quantum Unitaries via Grover Search
We prove that any -qubit unitary can be implemented (i) approximately in
time with query access to an appropriate classical
oracle, and also (ii) exactly by a circuit of depth
with one- and two-qubit gates and ancillae. The proofs of (i) and
(ii) involve similar reductions to Grover search. The proof of (ii) also
involves a linear-depth construction of arbitrary quantum states using one- and
two-qubit gates (in fact, this can be improved to constant depth with the
addition of fanout and generalized Toffoli gates) which may be of independent
interest. We also prove a matching lower bound for
(i) and (ii) for a certain class of implementations.Comment: 16 page
The Structure of Promises in Quantum Speedups
In 1998, Beals, Buhrman, Cleve, Mosca, and de Wolf showed that no super-polynomial quantum speedup is possible in the query complexity setting unless there is a promise on the input. We examine several types of "unstructured" promises, and show that they also are not compatible with super-polynomial quantum speedups. We conclude that such speedups are only possible when the input is known to have some structure.
Specifically, we show that there is a polynomial relationship of degree 18 between D(f) and Q(f) for any Boolean function f defined on permutations (elements of [n]^n in which each alphabet element occurs exactly once). More generally, this holds for all f defined on orbits of the symmetric group action (which acts on an element of [M]^n by permuting its entries). We also show that any Boolean function f defined on a "symmetric" subset of the Boolean hypercube has a polynomial relationship between R(f) and Q(f) - although in that setting, D(f) may be exponentially larger
On the Two-sided Permutation Inversion Problem
In the permutation inversion problem, the task is to find the preimage of some challenge value, given oracle access to the permutation. This is a fundamental problem in query complexity, and appears in many contexts, particularly cryptography. In this work, we examine the setting in which the oracle allows for quantum queries to both the forward and the inverse direction of the permutation---except that the challenge value cannot be submitted to the latter. Within that setting, we consider two options for the inversion algorithm: whether it can get quantum advice about the permutation, and whether it must produce the entire preimage (search) or only the first bit (decision). We prove several theorems connecting the hardness of the resulting variations of the inversion problem, and establish a number of lower bounds. Our results indicate that, perhaps surprisingly, the inversion problem does not become significantly easier when the adversary is granted oracle access to the inverse, provided it cannot query the challenge itself
Inverting a permutation is as hard as unordered search ∗
We describe a reduction from problem of unordered search (with a unique solution) to the problem of inverting a permutation. Since there is a straighforward reduction in the reverse direction, the problems are essentially equivalent. The reduction helps us bypass the Bennett-Bernstein-Brassard-Vazirani hybrid argument [2] and the Ambainis quantum adversary method [1] that were earlier used to derive lower bounds on the quantum query complexity of the problem of inverting permutations. It directly implies that the quantum query complexity of the problem is in Ω ( √ n).
De la sécurité calculatoire des protocoles cryptographiques devant la menace quantique
On ne s’en inquiète peut-être pas assez, mais toute communication confidentielle sur Internet, dont on prend désormais la sécurité pour acquise, pourrait du jour au lendemain devenir très facile à espionner. Nous savons en effet qu’un ordinateur quantique, s’il en existe un de suffisante envergure, pourra –ou peut déjà , qui sait ?– rendre obsolète les protocoles cryptographiques qui nous permettent de gérer nos comptes utilisateurs, faire des transactions bancaires et simplement d’avoir des conversations privées. Heureusement, une communauté de chercheurs se penche déjà sur des protocoles alternatifs ; cependant chacune des propositions est isolée dans son propre sous-domaine de recherche et il est difficile de faire la lumière sur laquelle est la plus prometteuse. À travers trois horizons, explorant respectivement pourquoi la cryptographie actuelle est considérée sécuritaire, comment l’arrivée d’un seul ordinateur quantique sur la planète changera toute la cryptographie, et que faire pour communiquer confidentiellement dans un monde où l’informatique quantique est omniprésente, nous développons un cadre uniforme pour analyser lesquels de ces nouveaux protocoles cryptographiques sont assis sur les bases théoriques présageant la plus grande sécurité