30 research outputs found
Linear time algorithm for quantum 2SAT
A canonical result about satisfiability theory is that the 2-SAT problem can
be solved in linear time, despite the NP-hardness of the 3-SAT problem. In the
quantum 2-SAT problem, we are given a family of 2-qubit projectors
on a system of qubits, and the task is to decide whether the Hamiltonian
has a 0-eigenvalue, or it is larger than for
some . The problem is not only a natural extension of the
classical 2-SAT problem to the quantum case, but is also equivalent to the
problem of finding the ground state of 2-local frustration-free Hamiltonians of
spin , a well-studied model believed to capture certain key
properties in modern condensed matter physics. While Bravyi has shown that the
quantum 2-SAT problem has a classical polynomial-time algorithm, the running
time of his algorithm is . In this paper we give a classical algorithm
with linear running time in the number of local projectors, therefore achieving
the best possible complexity.Comment: 20 page
ON CLASSICAL AND QUANTUM CONSTRAINT SATISFACTION PROBLEMS IN THE TRIAL AND ERROR MODEL
Ph.DDOCTOR OF PHILOSOPH
On the complexity of probabilistic trials for hidden satisfiability problems
What is the minimum amount of information and time needed to solve 2SAT? When
the instance is known, it can be solved in polynomial time, but is this also
possible without knowing the instance? Bei, Chen and Zhang (STOC '13)
considered a model where the input is accessed by proposing possible
assignments to a special oracle. This oracle, on encountering some constraint
unsatisfied by the proposal, returns only the constraint index. It turns out
that, in this model, even 1SAT cannot be solved in polynomial time unless P=NP.
Hence, we consider a model in which the input is accessed by proposing
probability distributions over assignments to the variables. The oracle then
returns the index of the constraint that is most likely to be violated by this
distribution. We show that the information obtained this way is sufficient to
solve 1SAT in polynomial time, even when the clauses can be repeated. For 2SAT,
as long as there are no repeated clauses, in polynomial time we can even learn
an equivalent formula for the hidden instance and hence also solve it.
Furthermore, we extend these results to the quantum regime. We show that in
this setting 1QSAT can be solved in polynomial time up to constant precision,
and 2QSAT can be learnt in polynomial time up to inverse polynomial precision.Comment: 24 pages, 2 figures. To appear in the 41st International Symposium on
Mathematical Foundations of Computer Scienc
Quantum Generalizations of the Polynomial Hierarchy with Applications to QMA(2)
The polynomial-time hierarchy (PH) has proven to be a powerful tool for providing separations in computational complexity theory (modulo standard conjectures such as PH does not collapse). Here, we study whether two quantum generalizations of PH can similarly prove separations in the quantum setting. The first generalization, QCPH, uses classical proofs, and the second, QPH, uses quantum proofs. For the former, we show quantum variants of the Karp-Lipton theorem and Toda\u27s theorem. For the latter, we place its third level, Q Sigma_3, into NEXP using the Ellipsoid Method for efficiently solving semidefinite programs. These results yield two implications for QMA(2), the variant of Quantum Merlin-Arthur (QMA) with two unentangled proofs, a complexity class whose characterization has proven difficult. First, if QCPH=QPH (i.e., alternating quantifiers are sufficiently powerful so as to make classical and quantum proofs "equivalent"), then QMA(2) is in the Counting Hierarchy (specifically, in P^{PP^{PP}}). Second, unless QMA(2)= Q Sigma_3 (i.e., alternating quantifiers do not help in the presence of "unentanglement"), QMA(2) is strictly contained in NEXP
Secure Software Leasing Without Assumptions
Quantum cryptography is known for enabling functionalities that are
unattainable using classical information alone. Recently, Secure Software
Leasing (SSL) has emerged as one of these areas of interest. Given a target
circuit from a circuit class, SSL produces an encoding of that enables
a recipient to evaluate , and also enables the originator of the software to
verify that the software has been returned -- meaning that the recipient has
relinquished the possibility of any further use of the software. Clearly, such
a functionality is unachievable using classical information alone, since it is
impossible to prevent a user from keeping a copy of the software. Recent
results have shown the achievability of SSL using quantum information for a
class of functions called compute-and-compare (these are a generalization of
the well-known point functions). These prior works, however all make use of
setup or computational assumptions. Here, we show that SSL is achievable for
compute-and-compare circuits without any assumptions.
Our technique involves the study of quantum copy-protection, which is a
notion related to SSL, but where the encoding procedure inherently prevents a
would-be quantum software pirate from splitting a single copy of an encoding
for into two parts, each of which enables a user to evaluate . We show
that point functions can be copy-protected without any assumptions, for a novel
security definition involving one honest and one malicious evaluator; this is
achieved by showing that from any quantum message authentication code, we can
derive such an honest-malicious copy-protection scheme. We then show that a
generic honest-malicious copy-protection scheme implies SSL; by prior work,
this yields SSL for compute-and-compare functions.Comment: 41 pages, 5 figure
Quantum learning algorithms imply circuit lower bounds
We establish the first general connection between the design of quantum
algorithms and circuit lower bounds. Specifically, let be a
class of polynomial-size concepts, and suppose that can be
PAC-learned with membership queries under the uniform distribution with error
by a time quantum algorithm. We prove that if , then , where
is an exponential-time analogue of
. This result is optimal in both and , since it is
not hard to learn any class of functions in (classical) time (with no error), or in quantum time with error at
most via Fourier sampling. In other words, even a
marginal improvement on these generic learning algorithms would lead to major
consequences in complexity theory.
Our proof builds on several works in learning theory, pseudorandomness, and
computational complexity, and crucially, on a connection between non-trivial
classical learning algorithms and circuit lower bounds established by Oliveira
and Santhanam (CCC 2017). Extending their approach to quantum learning
algorithms turns out to create significant challenges. To achieve that, we show
among other results how pseudorandom generators imply learning-to-lower-bound
connections in a generic fashion, construct the first conditional pseudorandom
generator secure against uniform quantum computations, and extend the local
list-decoding algorithm of Impagliazzo, Jaiswal, Kabanets and Wigderson (SICOMP
2010) to quantum circuits via a delicate analysis. We believe that these
contributions are of independent interest and might find other applications
Secure software leasing without assumptions
Quantum cryptography is known for enabling functionalities that are unattainable using classical information alone. Recently, Secure Software Leasing (SSL) has emerged as one of these areas of interest. Given a target circuit C from a circuit class, SSL produces an encoding of C that enables a recipient to evaluate C, and also enables the originator of the software to verify that the software has been returned -- meaning that the recipient has relinquished the possibility of any further use of the software. Clearly, such a functionality is unachievable using classical information alone, since it is impossible to prevent a user from keeping a copy of the software. Recent results have shown the achievability of SSL using quantum information for a class of functions called compute-and-compare (these are a generalization of the well-known point functions). These prior works, however all make use of setup or computational assumptions. Here, we show that SSL is achievable for compute-and-compare circuits without any assumptions.
Our technique involves the study of quantum copy-protection, which is a notion related to SSL, but where the encoding procedure inherently prevents a would-be quantum software pirate from splitting a single copy of an encoding for C into two parts, each of which enables a user to evaluate C. We show that point functions can be copy-protected without any assumptions, for a novel security definition involving one honest and one malicious evaluator; this is achieved by showing that from any quantum message authentication code, we can derive such an honest-malicious copy-protection scheme. We then show that a generic honest-malicious copy-protection scheme implies SSL; by prior work, this yields SSL for compute-and-compare functions