Applying Grover's algorithm to AES: quantum resource estimates

We present quantum circuits to implement an exhaustive key search for the Advanced Encryption Standard (AES) and analyze the quantum resources required to carry out such an attack. We consider the overall circuit size, the number of qubits, and the circuit depth as measures for the cost of the presented quantum algorithms. Throughout, we focus on Clifford$+T$ gates as the underlying fault-tolerant logical quantum gate set. In particular, for all three variants of AES (key size 128, 192, and 256 bit) that are standardized in FIPS-PUB 197, we establish precise bounds for the number of qubits and the number of elementary logical quantum gates that are needed to implement Grover's quantum algorithm to extract the key from a small number of AES plaintext-ciphertext pairs.Comment: 13 pages, 3 figures, 5 tables; to appear in: Proceedings of the 7th International Conference on Post-Quantum Cryptography (PQCrypto 2016

Disentangling Cooper-pair formation above Tc from the pseudogap state in the cuprates

The discovery of the pseudogap in the cuprates created significant excitement amongst physicists as it was believed to be a signature of pairing, in some cases well above the room temperature. In this "pre-formed pairs" scenario, the formation of pairs without quantum phase rigidity occurs below T*. These pairs condense and develop phase coherence only below Tc. In contrast, several recent experiments reported that the pseudogap and superconducting states are characterized by two different energy scales, pointing to a scenario, where the two compete. However a number of transport, magnetic, thermodynamic and tunneling spectroscopy experiments consistently detect a signature of phase-fluctuating superconductivity above leaving open the question of whether the pseudogap is caused by pair formation or not. Here we report the discovery of a spectroscopic signature of pair formation and demonstrate that in a region of the phase diagram commonly referred to as the "pseudogap", two distinct states coexist: one that persists to an intermediate temperature Tpair and a second that extends up to T*. The first state is characterized by a doping independent scaling behavior and is due to pairing above Tc, but significantly below T*. The second state is the "proper" pseudogap - characterized by a "checker board" pattern in STM images, the absence of pair formation, and is likely linked to Mott physics of pristine CuO2 planes. Tpair has a universal value around 130-150K even for materials with very different Tc, likely setting limit on highest, attainable Tc in cuprates. The observed universal scaling behavior with respect to Tpair indicates a breakdown of the classical picture of phase fluctuations in the cuprates.Comment: 9 pages, 4 figure

Direct evidence for a competition between the pseudogap and high temperature superconductivity in the cuprates

A pairing gap and coherence are the two hallmarks of superconductivity. In a classical BCS superconductor they are established simultaneously at Tc. In the cuprates, however, an energy gap (pseudogap) extends above Tc. The origin of this gap is one of the central issues in high temperature superconductivity. Recent experimental evidence demonstrates that the pseudogap and the superconducting gap are associated with different energy scales. It is however not clear whether they coexist independently or compete. In order to understand the physics of cuprates and improve their superconducting properties it is vital to determine whether the pseudogap is friend or foe of high temperature supercondctivity. Here we report evidence from angle resolved photoemission spectroscopy (ARPES) that the pseudogap and high temperature superconductivity represent two competing orders. We find that there is a direct correlation between a loss in the low energy spectral weight due to the pseudogap and a decrease of the coherent fraction of paired electrons. Therefore, the pseudogap competes with the superconductivity by depleting the spectral weight available for pairing in the region of momentum space where the superconducting gap is largest. This leads to a very unusual state in the underdoped cuprates, where only part of the Fermi surface develops coherence.Comment: Improved version was published in Natur

Ferritins: furnishing proteins with iron

Ferritins are a superfamily of iron oxidation, storage and mineralization proteins found throughout the animal, plant, and microbial kingdoms. The majority of ferritins consist of 24 subunits that individually fold into 4-α-helix bundles and assemble in a highly symmetric manner to form an approximately spherical protein coat around a central cavity into which an iron-containing mineral can be formed. Channels through the coat at inter-subunit contact points facilitate passage of iron ions to and from the central cavity, and intrasubunit catalytic sites, called ferroxidase centers, drive Fe2+ oxidation and O2 reduction. Though the different members of the superfamily share a common structure, there is often little amino acid sequence identity between them. Even where there is a high degree of sequence identity between two ferritins there can be major differences in how the proteins handle iron. In this review we describe some of the important structural features of ferritins and their mineralized iron cores and examine in detail how three selected ferritins oxidise Fe2+ in order to explore the mechanistic variations that exist amongst ferritins. We suggest that the mechanistic differences reflect differing evolutionary pressures on amino acid sequences, and that these differing pressures are a consequence of different primary functions for different ferritins

Reciprocity as a foundation of financial economics

This paper argues that the subsistence of the fundamental theorem of contemporary financial mathematics is the ethical concept ‘reciprocity’. The argument is based on identifying an equivalence between the contemporary, and ostensibly ‘value neutral’, Fundamental Theory of Asset Pricing with theories of mathematical probability that emerged in the seventeenth century in the context of the ethical assessment of commercial contracts in a framework of Aristotelian ethics. This observation, the main claim of the paper, is justified on the basis of results from the Ultimatum Game and is analysed within a framework of Pragmatic philosophy. The analysis leads to the explanatory hypothesis that markets are centres of communicative action with reciprocity as a rule of discourse. The purpose of the paper is to reorientate financial economics to emphasise the objectives of cooperation and social cohesion and to this end, we offer specific policy advice

Implementing Grover Oracles for Quantum Key Search on AES and LowMC

Grover's search algorithm gives a quantum attack against block ciphers by searching for a key that matches a small number of plaintext-ciphertext pairs. This attack uses $O(\sqrt{N})$ calls to the cipher to search a key space of size $N$. Previous work in the specific case of AES derived the full gate cost by analyzing quantum circuits for the cipher, but focused on minimizing the number of qubits. In contrast, we study the cost of quantum key search attacks under a depth restriction and introduce techniques that reduce the oracle depth, even if it requires more qubits. As cases in point, we design quantum circuits for the block ciphers AES and LowMC. Our circuits give a lower overall attack cost in both the gate count and depth-times-width cost models. In NIST's post-quantum cryptography standardization process, security categories are defined based on the concrete cost of quantum key search against AES. We present new, lower cost estimates for each category, so our work has immediate implications for the security assessment of post-quantum cryptography. As part of this work, we release Q# implementations of the full Grover oracle for AES-128, -192, -256 and for the three LowMC instantiations used in Picnic, including unit tests and code to reproduce our quantum resource estimates. To the best of our knowledge, these are the first two such full implementations and automatic resource estimations.Comment: 36 pages, 8 figures, 14 table

A DNA-based method for studying root responses to drought in field-grown wheat genotypes

Root systems are critical for water and nutrient acquisition by crops. Current methods measuring root biomass and length are slow and labour-intensive for studying root responses to environmental stresses in the field. Here, we report the development of a method that measures changes in the root DNA concentration in soil and detects root responses to drought in controlled environment and field trials. To allow comparison of soil DNA concentrations from different wheat genotypes, we also developed a procedure for correcting genotypic differences in the copy number of the target DNA sequence. The new method eliminates the need for separation of roots from soil and permits large-scale phenotyping of root responses to drought or other environmental and disease stresses in the field.Chun Y. Huang, Haydn Kuchel, James Edwards, Sharla Hall, Boris Parent, Paul Eckermann, Herdina, Diana M. Hartley, Peter Langridge & Alan C. McKa

Elimination, reversal, and directional bias of optical diffraction

We experimentally demonstrate the manipulation of optical diffraction, utilizing the atomic thermal motion in a hot vapor medium of electromagnetically-induced transparency (EIT). By properly tuning the EIT parameters, the refraction induced by the atomic motion may completely counterbalance the paraxial free-space diffraction and by that eliminates the effect of diffraction for arbitrary images. By further manipulation, the diffraction can be doubled, biased asymmetrically to induced deflection, or even reversed. The latter allows an experimental implementation of an analogy to a negative-index lens