15 research outputs found
Estimating the cost of generic quantum pre-image attacks on SHA-2 and SHA-3
We investigate the cost of Grover's quantum search algorithm when used in the
context of pre-image attacks on the SHA-2 and SHA-3 families of hash functions.
Our cost model assumes that the attack is run on a surface code based
fault-tolerant quantum computer. Our estimates rely on a time-area metric that
costs the number of logical qubits times the depth of the circuit in units of
surface code cycles. As a surface code cycle involves a significant classical
processing stage, our cost estimates allow for crude, but direct, comparisons
of classical and quantum algorithms.
We exhibit a circuit for a pre-image attack on SHA-256 that is approximately
surface code cycles deep and requires approximately
logical qubits. This yields an overall cost of
logical-qubit-cycles. Likewise we exhibit a SHA3-256 circuit that is
approximately surface code cycles deep and requires approximately
logical qubits for a total cost of, again,
logical-qubit-cycles. Both attacks require on the order of queries in
a quantum black-box model, hence our results suggest that executing these
attacks may be as much as billion times more expensive than one would
expect from the simple query analysis.Comment: Same as the published version to appear in the Selected Areas of
Cryptography (SAC) 2016. Comments are welcome
Programming Quantum Computers Using Design Automation
Recent developments in quantum hardware indicate that systems featuring more
than 50 physical qubits are within reach. At this scale, classical simulation
will no longer be feasible and there is a possibility that such quantum devices
may outperform even classical supercomputers at certain tasks. With the rapid
growth of qubit numbers and coherence times comes the increasingly difficult
challenge of quantum program compilation. This entails the translation of a
high-level description of a quantum algorithm to hardware-specific low-level
operations which can be carried out by the quantum device. Some parts of the
calculation may still be performed manually due to the lack of efficient
methods. This, in turn, may lead to a design gap, which will prevent the
programming of a quantum computer. In this paper, we discuss the challenges in
fully-automatic quantum compilation. We motivate directions for future research
to tackle these challenges. Yet, with the algorithms and approaches that exist
today, we demonstrate how to automatically perform the quantum programming flow
from algorithm to a physical quantum computer for a simple algorithmic
benchmark, namely the hidden shift problem. We present and use two tool flows
which invoke RevKit. One which is based on ProjectQ and which targets the IBM
Quantum Experience or a local simulator, and one which is based on Microsoft's
quantum programming language Q.Comment: 10 pages, 10 figures. To appear in: Proceedings of Design, Automation
and Test in Europe (DATE 2018
Formal Verification vs. Quantum Uncertainty
Quantum programming is hard: Quantum programs are necessarily probabilistic and impossible to examine without disrupting the execution of a program. In response to this challenge, we and a number of other researchers have written tools to verify quantum programs against their intended semantics. This is not enough. Verifying an idealized semantics against a real world quantum program doesn\u27t allow you to confidently predict the program\u27s output. In order to have verification that works, you need both an error semantics related to the hardware at hand (this is necessarily low level) and certified compilation to the that same hardware. Once we have these two things, we can talk about an approach to quantum programming where we start by writing and verifying programs at a high level, attempt to verify properties of the compiled code, and repeat as necessary
Sized Types for low-level Quantum Metaprogramming
One of the most fundamental aspects of quantum circuit design is the concept
of families of circuits parametrized by an instance size. As in classical
programming, metaprogramming allows the programmer to write entire families of
circuits simultaneously, an ability which is of particular importance in the
context of quantum computing as algorithms frequently use arithmetic over
non-standard word lengths. In this work, we introduce metaQASM, a typed
extension of the openQASM language supporting the metaprogramming of circuit
families. Our language and type system, built around a lightweight
implementation of sized types, supports subtyping over register sizes and is
moreover type-safe. In particular, we prove that our system is strongly
normalizing, and as such any well-typed metaQASM program can be statically
unrolled into a finite circuit.Comment: Presented at Reversible Computation 2019. Final authenticated
publication is available online at
https://doi.org/10.1007/978-3-030-21500-2_
SQUARE: Strategic Quantum Ancilla Reuse for Modular Quantum Programs via Cost-Effective Uncomputation
Compiling high-level quantum programs to machines that are size constrained
(i.e. limited number of quantum bits) and time constrained (i.e. limited number
of quantum operations) is challenging. In this paper, we present SQUARE
(Strategic QUantum Ancilla REuse), a compilation infrastructure that tackles
allocation and reclamation of scratch qubits (called ancilla) in modular
quantum programs. At its core, SQUARE strategically performs uncomputation to
create opportunities for qubit reuse.
Current Noisy Intermediate-Scale Quantum (NISQ) computers and forward-looking
Fault-Tolerant (FT) quantum computers have fundamentally different constraints
such as data locality, instruction parallelism, and communication overhead. Our
heuristic-based ancilla-reuse algorithm balances these considerations and fits
computations into resource-constrained NISQ or FT quantum machines, throttling
parallelism when necessary. To precisely capture the workload of a program, we
propose an improved metric, the "active quantum volume," and use this metric to
evaluate the effectiveness of our algorithm. Our results show that SQUARE
improves the average success rate of NISQ applications by 1.47X. Surprisingly,
the additional gates for uncomputation create ancilla with better locality, and
result in substantially fewer swap gates and less gate noise overall. SQUARE
also achieves an average reduction of 1.5X (and up to 9.6X) in active quantum
volume for FT machines.Comment: 14 pages, 10 figure
Synthesizing Quantum-Circuit Optimizers
Near-term quantum computers are expected to work in an environment where each
operation is noisy, with no error correction. Therefore, quantum-circuit
optimizers are applied to minimize the number of noisy operations. Today,
physicists are constantly experimenting with novel devices and architectures.
For every new physical substrate and for every modification of a quantum
computer, we need to modify or rewrite major pieces of the optimizer to run
successful experiments. In this paper, we present QUESO, an efficient approach
for automatically synthesizing a quantum-circuit optimizer for a given quantum
device. For instance, in 1.2 minutes, QUESO can synthesize an optimizer with
high-probability correctness guarantees for IBM computers that significantly
outperforms leading compilers, such as IBM's Qiskit and TKET, on the majority
(85%) of the circuits in a diverse benchmark suite.
A number of theoretical and algorithmic insights underlie QUESO: (1) An
algebraic approach for representing rewrite rules and their semantics. This
facilitates reasoning about complex symbolic rewrite rules that are beyond the
scope of existing techniques. (2) A fast approach for probabilistically
verifying equivalence of quantum circuits by reducing the problem to a special
form of polynomial identity testing. (3) A novel probabilistic data structure,
called a polynomial identity filter (PIF), for efficiently synthesizing rewrite
rules. (4) A beam-search-based algorithm that efficiently applies the
synthesized symbolic rewrite rules to optimize quantum circuits.Comment: Full version of PLDI 2023 pape