Reviving Nuclear Magnetic Resonance as a viable approach for quantum computation and Solving simultaneous Pell equations by quantum computational means

HAL Id: tel-00534864

https://tel.archives-ouvertes.fr/tel-00534864

Submitted on 13 Dec 2010

HAL is a multi-disciplinary open access

archive for the deposit and dissemination of

sci-entific research documents, whether they are

pub-lished or not. The documents may come from

teaching and research institutions in France or

abroad, or from public or private research centers.

L’archive ouverte pluridisciplinaire HAL, est

destinée au dépôt et à la diffusion de documents

scientifiques de niveau recherche, publiés ou non,

émanant des établissements d’enseignement et de

recherche français ou étrangers, des laboratoires

publics ou privés.

approach for quantum computation and Solving

simultaneous Pell equations by quantum computational

means

Kees van Schenk Brill

To cite this version:

Kees van Schenk Brill. Reviving Nuclear Magnetic Resonance as a viable approach for quantum

computation and Solving simultaneous Pell equations by quantum computational means. Mathematics

[math]. Université de Strasbourg, 2010. English. �NNT : 2010STRA6204�. �tel-00534864�

Ins titut de Recherche

Mathématique Avancée

INSTITUT DE

RECHERCHE

MATHÉMATIQUE

AVANCÉE

UMR 7501

Strasbourg

www-irma.u-strasbg.fr

Thèse

présentée pour obtenir le grade de docteur de

l’Université de Strasbourg

Spécialité MATHÉMATIQUES

Kees van Schenk Brill

Reviving Nuclear Magnetic Resonance as a viable

approach for quantum computation

and

Solving simultaneous Pell equations by quantum

computational means

Soutenue le 3 décembre 2010

devant la commission d’examen

Edward Belaga, invité

Frits Beukers, rapporteur

Yann Bugeaud, examinateur

Daniel Grucker, co-directeur de thèse

Maurice Mignotte, directeur de thèse

Francis Taulelle, rapporteur

physique d’un ordinateur quantique par Résonance Magnétique Nucléaire (RMN). Je

propose un nouveau cadre pour la RMN dans les réalisations physiques d’un ordinateur

quantique. Je construis une description de la RMN à partir de la mécanique quantique

avec laquelle je peux construire les opérateurs élémentaires essentiels pour le calcul

quantique. Je décris les expériences pour construire ces opérateurs. Je propose un

algorithme quantique en temps polynomial pour résoudre des équations de Pell

simulta-nées comme extension de l’algorithme de Hallgren pour des équations de Pell simples.

INSTITUT DE RECHERCHE MATHÉMATIQUE AVANCÉE

UMR 7501

Université de Strasbourg et CNRS

7 Rue René Descartes

67 084 STRASBOURG CEDEX

Tél. 03 68 85 01 29

Fax 03 68 85 03 28

www-irma.u-strasbg.fr

irma@math.unistra.fr

IRMA 2010/013

http ://tel.archives-ouvertes.fr/tel-00534864

ISSN 0755-3390

Ins titut de Recherche

Mathématique Avancée

UniversitédeStrasbourgetC.N.R.S.(UMR7501) InstitutdePhysiqueBiologique(UMR7191)

7rueRenéDes artes 4RueKirs hleger

67084STRASBOURGCedex 67085STRASBOURGCedex

RevivingNu lear Magneti Resonan e as a viable approa h for

quantum omputation

and

Solving simultaneous Pell equations by quantum omputational

means

par

Kees van S henk Brill

Keywords: QuantumComputing, Nu learMagneti Resonan e,

Time-dependent S hrödinger Equation,SimultaneousPell Equations,

DiophantineApproximation, Algebrai NumberTheory.

Mathemati s Subje t Classi ation: 11A51,11A55, 11D09, 11J86,

34L40,35Q41, 35Q60,43A25, 68Q12,81P68.

Cettethèse ontient deuxparties quipeuvent être luesindépendamment.

Dans la première partie je dé ris notre nouvelle appro he pour onstruire

une réalisation physique d'un ordinateur quantique par Résonan e

Magné-tiqueNu léaire (RMN).Avant deparlerdeRMN,jedonneuneintrodu tion

généralesurle al ulquantique. Jerappelle desnotionsdemé anique

quan-tiquené essaires pour pouvoir dé riredes algorithmes pour desordinateurs

quantiques.

Ensuite je rappelle la langage du al ul quantique. Je dé ris les

manipu-lations que l'on peut faire ave des quantum bits, ou qubits, équivalents

quantiques des bits pour un ordinateur ordinaire. Je détaille les avantages

des ordinateurs quantiques pour des opérations du type  Transformée de

Fourier  et je traite les deux algorithmes fondateurs dans le domaine: la

fa torisation en nombres premiers par l'algorithme de Shor et la re her he

dansdesbases dedonnées par l'algorithmede Grover.

Je ontinue ave une des ription des réalisations physiques possibles pour

onstruire untel ordinateur.

Je parle de plusieurs appro hes diérentes, mais elle à laquelleje onsa re

le plus de temps est l'appro he par RMN. C'est ave ette te hnique que

l'ona jusqu'àmaintenant obtenules résultatslesplus intéressantsen al ul

quantique. Je dis ute essu èsetégalement pourquoilaRMNestdevenue

une te hnique obsolète.

A partirde e point là, je proposeunnouveau adrepour laRMN dansles

réalisationsphysiquesd'unordinateurquantique. And'obteniruntel adre,

je onstruis une nouvelle des ription de la RMN à partir de la mé anique

quantiqueave laquellejepeux onstruire lesopérateursélémentaires

essen-tiels pour le al ul quantique. Je dé ris nosexpérien es pour onstruire es

opérateursen distinguant entre desopérateurs agissant sur unqubit etdes

opérateurs agissant surdeux qubits. Je nis la première partie de la thèse

ave une dis ussion sur la viabilité de ette appro he pour permettre à la

RMN de regagner sa pla e dansles te hniques utilisées pour onstruire un

ordinateur quantique.

Dans ladeuxième partie de ette thèse je proposeun algorithme quantique

entempspolynomialpourrésoudredeséquationsdePellsimultanées. Cette

partie est inspirée d'une part de l'algorithme quantique de Hallgren pour

résoudredeséquations de Pell simplesen temps polynomialet d'autre part

par la démonstration de Cipu et Mignotte du fait que dans le as général,

deséquations dePell simultanées ontau plus deuxsolutions distin tes.

Je ommen e ette partie ave une dis ussionsur l'équationde Pell simple.

Je traite la résolution par fra tions ontinues ainsi que les te hniques plus

modernesqui utilisent lathéoriealgébriquedesnombres, notamment la

no-tiondu régulateur d'un orps de nombres. Je ontinue ave l'algorithmede

Hallgren pour résoudredes équations de Pell. Cet algorithme est en temps

polynomial ontrairementauxméthodesdé rites auparavant. C'estun

algo-rithme quantique basé sur des extensions de te hniques de Transformée de

Fourier dis utées danslapremière partie.

Aprèsle asdeséquationsdePellsimples,jem'intéresseau asdeséquations

dePellsimultanées. Jedonne d'abordunebornesupérieurepourlaplus

pe-tite solution. Pour obtenir ette borne, j'utilise des résultats qui viennent

de lathéorie de l'approximation diophantienne pour les formeslinéaires en

logarithmes. Après avoir obtenu une borne supérieure, je ontinue ave la

démonstration de Cipu etMignotte du fait qu'il ya au plusdeux solutions

distin tespourunepaired'équationsdePellsimultanées. Dans ette

démon-strationon obtient une bornesupérieure pour toutes lessolutions des

équa-tionsdePellsimultanées. J'utilise etteborneensuiteainsiquel'algorithme

deHallgrenpourdeséquationsdePellsimplespour onstruireunalgorithme

qui résout en temps polynomial des équations de Pell simultanées. Cet

al-gorithmeaunepartie quantique, lapro éduredeHallgren pour résoudreles

équations de Pell simples et obtenir les solutions fondamentales de haque

équation, et une partie  lassique  de re her he de solutions à partir de

essolutionsfondamentales,jusqu'àlabornesupérieure. Jenis ettepartie

ave une dis ussionsurlapossibilitéd'étendre este hniques pour résoudre

d'autresproblèmes similaires danslathéoriede nombres.

Danslesappendi esjedonnequelquesdétailssupplémentairessurlathéorie

desfra tions ontinues etlathéoriedesnombres algébriques

Thistext onsistsoftwo parts that an be readalmost independently.

In therst partI des ribe a renewed approa h byNu lear Magneti

Reso-nan e(NMR)tobuildaquantum omputer. Istartwithanintrodu tionon

quantum omputing. I brieydes ribe the most important algorithms and

themost promising physi al realizationsofa quantum omputer. I ontinue

with a des ription of NMR and the methods used earlier to build a

quan-tum omputerbyNMR.Iexplaintheshort omings of thesete hniques and

onstru t a new framework for quantum omputation using NMR.For this

Iintrodu e a newquantumme hani al des ription ofNMR withwhi h the

basi quantum gates needed for quantum omputation an be built. I

de-s ribetheexperimentstobuildthesegates,distinguishingbetweenonequbit

operationsand two qubit operations. I on lude this partwitha dis ussion

on the pra ti ality of this approa h and whether these methods will allow

for arevivalofNMR asaquantum omputing devi e.

The se ond part onsists of the resolution and omputation of

simultane-ous Pell equations. This part is inspired by Hallgren's quantum algorithm

to solve the simple Pell equation in quantum polynomial time and by the

proof of Cipu and Mignotte that inthegeneral ase, thesimultaneous Pell

equationhasat mosttwosolutions. Istartthispartwithadis ussionofthe

simplePellequation,the lassi alte hniquesusedtosolveit,aswellasmore

modernte hniques. Afterwards Ides ribeHallgren's algorithm, for whi h I

will need some extensions of the quantum omputing te hniques that I

in-trodu ed inthe rst part. After this, I ta kle simultaneous Pell equations.

FirstIdes ribesome lassi alresultsandsolvingte hniques, ulminatingin

the proof by Cipu and Mignotte that there are at most two distin t

solu-tionsforanygiven pairofindependentPell equations. Toobtainthisresult,

I have to introdu e some Diophantine approximation theory. Finally I

ex-tendHallgren'salgorithm tosimultaneousPellequations usingboundsfrom

Diophantine approximation theory and some simple sieving te hniques to

ompute solutions of simultaneous Pell equations in polynomial time on a

quantum omputer. Iend this partwithadis ussionon extensionsof these

te hniquesto similar omputationalnumber theoryproblems.

In the appendi es I give a short overview on ontinued fra tions and on

algebrai number theory.

doesso withoutthehelpof others. Thewiseand ondent a knowledgethishelpwith gratitude.

Alfred NorthWhitehead Prefa e

Thisthesisnds its originina han emeeting between two of myadvisors,

Edward BelagaandDanielGru kerduringaMathemati sandBiology

sem-inarin the winter of 2005,where Professor Belagagave atalk onmole ular

omputing. During a oee break they de ided to organise another

onfer-en e,this time on omputing ingeneraland onquantum omputingandits

physi al realizations inparti ular. Theyre eived a resear h grant from the

ANR(Agen e Nationalede laRe her he)to ontinue their interdis iplinary

workandtheyde idedthatitwouldbeagoodideatolookforaPhDstudent

to assist them. I applied for this position and after two pleasant meetings

theyoered methe possibility towork withthem. As Iwasnot the

bene- iaryof aPhD grant from the Fren h state and as theANRgrant wasnot

su ienttonan eafullPhDposition,itwasdi ulttobeginourresear h.

At this point itbe ame unlikely that our ollaboration would ontinue and

I started to explore other avenues. During this time I was invited by the

Fren h embassyintheHagueto are eption forformer bene iariesoftheir

embassy'sgrant tostudy ayearinFran e. At thisre eption Iexplainedmy

problems to two members of their grant ommittee, Jos van der Kruk and

GilbertvanderLouw, whotoldmethatoneofthe appli antsfor thatyear's

grant hadrefused the embassy'soer. Theythensuggestedmeto applyfor

thisgrant. Thankstothesenegentlemenandtheswiftanda uratehelpof

Catherine Déli e,I ouldnallybegin myresear h onquantum omputing.

For this,I heartfullythankthem.

Myadvisor,DanielGru ker,hasbeenatremendoushelponallfrontsduring

theentire period ofmy thesis. From a nan ial point of view,he managed

to nd me a position as a te hni al assistant in my se ond and third year

of resear h, whi h allowed me to ontinue my PhD. From an edu ational

point of view, he taught me the basi s and intri a ies of Nu learMagneti

Resonan e with mu h larity and great enthousiasm. As an

experimental-ist, he showed me howto operate the ma hines at our disposition and how

to prepare our samples. As an advisor, he has been a driving for e behind

ourresear h,pushingmeto investigateour approa h,showinganadmirable

patien efor meduring all these years and guiding me throughthe arduous

pro ess of writing a thesis. Daniel, I annot thank you enough for all your

helpduring myPhD.It hasbeena greatpleasure.

Myotheradvisor, Edward Belaga, hasfrom thestart fo usedon theglobal

pi ture of our resear h, refusing to be arried away by details and always

keeping inmind our ultimate goal, a fun tioning quantum omputer

om-binedwithawell- onsideredar hite ture andwell- on eivedalgorithms. He

has personally taken my mathemati al edu ation in hand, pointing me in

theright dire tionsandprovidingimportant referen es forour resear h. He

madeitpossiblefor metoattend onferen esintheUnitedStates, England

andPortugal, whi h leadto many interesting onta ts. Ithas been

impres-sive to see him make time for me at the most unlikely moments. While

travelling between onferen es he would all me to help me out with some

mathemati al problem, givingme justthe luethat waseluding me. I

on-sider myself lu ky to have been hisstudent and regret thefa t that due to

hisretirement he ould no longer o ially be myadvisor. Edward, Ithank

youfor all the time you invested inme.

Be auseEdwardBelagahadtoretire,Ineededanotheradvisorforthe

math-emati al ontents of my resear h. Mauri e Mignotte, who had previously

supervised my Master thesis, was willing to take on this task. As my

the-sis was almost nished, his main ontributions have been to proofread my

manus ript, but this he has done with his usual modesty and expertise.

Alongthe way,he managed to helpme withthener details on

simultane-ousPell equationsand diophantine approximationtheory. Mauri e,Ithank

you for a eptingto be myadvisor for justa year andfor thepleasant

dis- ussionsthatusually startedwithMathemati s but rarelyended there.

Asforthejurymembers,IwarmlythankFritsBeukers, Fran isTaulelleand

Yann Bugeaud not only for having a epted to be on mythesis ommittee

butalsoforthe arewithwhi htheyhavereadmymanus riptandtheuseful

suggestionstheyhave made.

A lot of people helped me with my resear h during my thesis. First and

foremost Tarek Khalil, who gave my work a mu h rmer physi al

ground-ingand who veried most of my omputations. Tarek, I thankyou for our

heateddis ussions and foryour insisten eto orre tly formulate our

frame-work. Next, my gratitude goes to Jean Ri hert, who helped both Daniel

and meunderstand how to approa h thedipole-dipoleintera tion and who

double- he ked mu h of our work.

Oneof the perksof having two advisors is having two o es and therefore

twi e as many interesting olleagues. I would like to thank Jerome Steibel

for his many fun suggestions regarding our experiments; Jerome, one day

our omputer will run on beer ! Many thanks also to, amongst others :

Nathalie, Thierry, Renée, Laura and Hélène, who made my stay at the

In-stituteof Physi s and Biology avery pleasant one.

Asto myfellowPhD-students at theInstitutefor Mathemati s, what an I

say. Itwasagreatpleasuretoshareo eswithVin ent,Audrey,Rémi,

Ben-jamin,Alain, Jeanand Auguste. Tohave oee breakswithAdrien,Cédri ,

Camille, Alexandre, Florian, Hélène and Anne-Laure. The most pleasant

timeswere howeverduring thoses ar e momentsof extra-mathemati al

a -tivity,forwhi haroyalthankyougoestoFabien,Aurélien,S oum,Thomas,

Aurore, Ghislain, Jürgen and everybody else who ontributed to the good

spiritof the rst oor.

Duringmythesisa lotofbureau rati workwasdonefor mebypeoplewho

arefarmore apablethanIam. Iwouldliketo thankSimone, Nathalieand

Yvonne espe iallyfor allthey have done forme.

Ani ethingaboutfriendsisthattheyhelpyoukeep upwhenyourresear h

is desperately trying to make you feel miserable. I would like to take this

opportunityto thank Alexandre and Jannes,who both greatly restoredmy

moralewhen needed.

My family has been there for me during all these years and without them

Ineverwould have nished mythesis. Di k, thank you for themany hours

you spent proofreading andspell he king, formaking meseehowto

formu-late my ideas more learly and for all thetimes you helped me out. Willy,

thank you for supporting methroughout theentire pro ess and helping me

through the last di ult hurdles, when I felt ready to throw in the towel.

I know it has been hard on both of you to have your son far away from

you and Isin erely hope thatin thefuture thiswill hange. Maartje, Erik,

Floor, Midas, Thijs and Esther, thank you for the pleasant moments, the

good ho olate, the y ling,the roller oasters andsomu h more.

Finally I thank my little family of my own. Julia, you had to put up with

me during all those times when morale was low, when deadlines were set,

whenplanswerealtered, whendatesgot pushedfurtherandfurtherintothe

future, when everything seemed un ertain. Iknowthat withoutyou bymy

side, I would have given up long ago. You have been my ro k, even if you

think that it is the other way around. A last word goes to the smallest of

my family, my lovely daughter, Mina. You have helped me realize what is

important and what is se ondary, you may not have known it at the time,

but youhave done mea greatservi einjustbeingthere.

Sommaire iii

Abstra t v

Prefa e vii

I Quantum Computing using NMR 1

1 Quantum Computing 3

1.1 Introdu tion . . . 3

1.2 QuantumMe hani s . . . 4

1.3 Classi alandQuantumLogi . . . 5

1.3.1 Qubits . . . 5

1.3.2 Manipulatingbits and qubits . . . 6

1.3.3 Limitations . . . 10

1.4 QuantumAlgorithms . . . 11

1.4.1 Dis reteFourier and Quantum Fourier Transform . . . 11

1.4.2 Fourier Transforms overAbelian Groups . . . 13

1.4.3 Shor's Fa toringAlgorithm . . . 17

1.4.4 Grover's Sear h Algorithm. . . 22

1.5 Physi al Realisations . . . 25

1.5.1 Introdu tion. . . 25

1.5.2 Opti al photonquantum omputer . . . 27

1.5.3 Trapped ions . . . 29

1.5.4 Other physi al realizations . . . 31

2 NMR and Quantum Computing 33 2.1 Nu learMagneti Resonan e . . . 33

2.1.1 Introdu tion. . . 33

2.2 Quantum omputing withNMR. . . 37

2.2.1 Ensemble system . . . 37

2.2.2 Labeling thequbits . . . 38

2.2.3 Unitarytransformations . . . 39

2.2.4 Ensemble measurements . . . 40

3 Reviving the NMR Approa h 43

3.1 Introdu tion . . . 43

3.2 Framework for QuantumComputing . . . 44

3.2.1 Onespin

1

2

. . . 44 3.2.2 Two spins

1

2

. . . 56 3.2.3

N

spins . . . 60 3.2.4 Dipole-dipole oupling . . . 61 3.2.5 Two oupledspins . . . 63

3.3 FiveSteps to anNMR Quantum Computer . . . 64

3.4 Experimentalresults . . . 65

3.4.1 Materialand methods . . . 65

3.4.2 Results . . . 65

3.4.3 Numeri alsolutionof equation(3.2.18) . . . 68

3.5 Con lusionandPerspe tive . . . 71

II Solving Simultaneous Pell Equations 73 4 Pell equations 75 4.1 Introdu tion . . . 75

4.2 Classi alTe hniques . . . 76

4.2.1 ChakravalaMethod . . . 76

4.2.2 Continued fra tionmethod . . . 79

4.3 ModernTe hniques . . . 80

4.4 QuantumComputational Te hniques . . . 81

5 Simultaneous Pell equations 87 5.1 Introdu tion . . . 87

5.2 A onje tureon

5

integers . . . 88

5.3 An upperbound . . . 89

5.3.1 Diophantine Approximation . . . 89

5.3.2 Upperboundfor smallest solution . . . 94

5.4 Finite Numberof Solutions . . . 97

5.4.1 Introdu tion. . . 97

5.4.2 Transforming the equations . . . 98

5.4.3 Linearform inthreelogarithms . . . 99

5.4.4 Gapprin iples . . . 101

5.5 QuantumAlgorithm . . . 102

5.6 Con lusion andPerspe tive . . . 104

A Krone ker produ t and sum 107

B Continued Fra tions 109

C Algebrai Number Theory 113

List of Symbols and A ronyms 127

Quantum Computing using

Nu lear Magneti Resonan e

te hnologyisindistinguishable frommagi . ArthurC. Clarke Chapter 1 Quantum Computing 1.1 Introdu tion

The idea of the quantum omputer has been around for some time. One

of its basi elements is the notion of reversible omputation, whi h was

de-veloped by Charles Bennett [Ben73 , Ben82 ℄. This is a model of omputing

thatis reversible,for whi h a ne essary onditionis that the orresponding

binary mapping is one-to-one. A major motivation for this type of models

isthatreversible omputing an improve theenergy e ien y of omputers

beyondthe vonNeumann-Landauer limit [Lan61,vN66℄of

k

B

T log 2

energy dissipatedperirreversible bitoperation.

We on entrate onlogi allyreversible systems,whi h isane essarybutnot

asu ient onditionfora omputationalpro esstobephysi allyreversible.

Landauer's prin iple is the notion that the erasure of

n

bits of information hasa ost of

nk

B

T log 2

inthermodynami entropy.

Poplavskii wrote in the seventies that lassi al omputers are unable to

simulate quantum me hani al systems be ause of the superposition

prin- iple [Pop75℄. Maninadded a few years later [Man80 ℄ that theexponential

number of basis states of a quantum system ould be exploited but that a

theoryofquantum omputation wasneededthat aptured thefundamental

prin ipleswithout ommitting toa physi al realization.

Ri hard Feynmann wrote intheearly eighties [Fey82 ℄ thatin order to

sim-ulate the evolution of quantum systems with omputers, these omputers

would need to have quantum me hani al properties if we wanted the

sim-ulation to be done e iently. In 1985 David Deuts h proposed a universal

quantum omputer [Deu85 ℄, whi h an simulate any other quantum

om-puter. In the same arti le he also inventeda simple quantum algorithm for

ade ision problem,that heproved to be fasterthan any lassi alalgorithm

that an be onstru ted for this problem. Ri hard Josza later produ ed a

generalization of this algorithm [DJ92 ℄. The de ision problem in question

is to de ide whether a given binary fun tion is balan ed or onstant, given

thatithasone ofthese properties.

Until the middle of the nineties, no serious proposal for a physi al

realiza-tionofaquantum omputerhadbeenmade. Whilenewquantumalgorithms

ontinued to be found, most based on the quantum omputational

equiva-lentoftheFourier Transform,nobodyseemedtoknowhowtoa tuallybuild

su h a hypotheti al omputer. In

1995

, Cira and Zoller proposed to build a quantum omputer from ion traps [CZ95 ℄. From that point on, dierent

proposalsforphysi alrealizationshaveslowlystartedtooutnumberthe

pro-posalsfor dierent quantum algorithms.

Inthe rest of this hapter we introdu e the basi elements that are needed

for a quantum omputer. We give a very short overview on quantum

me- hani s ingeneral anda littlemore detailon quantumlogi . We dis ussthe

Quantum Fourier Transform and des ribe the two important algorithms in

the domain of quantum omputation. We then pro eed by detailing some

proposalsfor physi al realizations.

1.2 Quantum Me hani s

Quantum omputingshould beseen intheframework ofquantum

me han-i s. We give a brief overview on the basi s for quantum me hani s. For

a more pre ise reviewwe re ommend theex ellent a ount by Nielsen and

Chuang [NC00 ℄ or the standard text books on quantum me hani s [Sak94 ,

CTDL77℄.

Throughout these hapters we will suppose to be working in a omplex

Hilbert spa e

V

of dimension

N

. The standard quantum me hani al no-tation for a ve tor in a ve tor spa e is

|φi

whi h is alled a ket. Itsve tor dual

hφ|

is alled a bra. An inner produ t between two ve tors

φ, ψ

is de-noted

hφ|ψi

. Thetensorprodu tbetweentwove torsisdenotedas

|φi ⊗ |ψi

butwewill usetheshorthand notation

|φi|ψi

.

Wewill xan orthonormal basis

B = {|0i, . . . , |N − 1i}

for

V

. Thus we an write

|φi =

N −1

X

i=0

ai|ii,

(1.2.1a)

hφ| =

N −1

X

i=0

a

∗

_i

_hi|,

(1.2.1b)

where the

a

i

are omplex numbers.

Anylinear operator

A

on

V

an be written intheform

A =

X

i,j

a

ij

|iihj|.

(1.2.2)

Quantumme hani s an be summarizedby4postulates.

1. Toan isolatedphysi al systemweasso iateaHilbertspa ewithinner

produ t whi h is the state spa e of the system. The system is

om-pletely des ribedbyits state ve torwhi h isaunitve tor inthestate

spa e.

2. The evolution of a losed quantum system is des ribed by a unitary

transformation.

3. Quantum measurements aredes ribed bya olle tion

{Mm

}

of meas-urement operators. Theseoperatorssatisfythe ompleteness relation

X

m

M

_m

†

M

m

= I.

(1.2.3)

4. The state spa e of a omposite physi al systemis the tensor produ t

ofthe state spa es of the omponent systems.

1.3 Classi al and Quantum Logi

1.3.1 Qubits

Bits are the basi elements in lassi al omputing. As a physi al entity

they anbe onsideredasele troni swit hesthatareeither swit hed ONor

swit hedOFF. In a omputational sense theyhave either thevalue

0

or

1

. The quantum me hani al analogue of bits are qubits, whi h is shorthand

for quantum bits. Asa physi al entity they an be a multitude of obje ts.

They ould be the two dierent polarizations of a photon, the alignment

of a nu lear spin in a uniform magneti eld or something else entirely. In

a mathemati al sense they are simply unit ve tors in

C

2

. The standard

orthonormal basisfor qubitsisdenotedas

|0i, |1i

. Theseve tors orrespond tothe olumn ve tors

(1, 0)

T

_{, (0, 1)}

T

. Anarbitraryqubit

|ψi

an bewritten as

|ψi = α0

|0i + α1|1i,

(1.3.1) with

α

0

, α

1

∈ C

and

α

2

0

+ α

2

1

= 1

. Measuring the qubit

|ψi

will give

|0i

withprobability

|α0|

2

and

|1i

withprobability

|α1|

2

. Itispossibletorewrite

equation(1.3.1) as

|ψi = e

iγ



cos

θ

₂

|0i + e

iφ

sin

θ

₂

|1i



,

(1.3.2)

where

θ, φ

and

γ

arereal numbers. The fa tor

e

iγ

an be ignored asit has

noobservable ee t. Thisleads to

|ψi = cos

θ

2

|0i + e

iφ

sin

θ

2

|1i.

(1.3.3) The qubit

|ψi

an be onsidered as a point on the three-dimensional unit sphere. Thissphere is alledthe Blo h-sphere.

~z

~y

~x

•

|ψi

•

|0i

•

|1i

θ

φ

Figure1.1: Blo hsphererepresentationofaqubit

|ψi = cos

θ

2

|0i+e

iφ

_sin

θ

2

|1i

.

We an use the fourth postulate in order to ombine several qubits. The

ve tors

{|0i ⊗ · · · ⊗ |0i, . . . , |1i ⊗ · · · ⊗ |1i}

forma set of

n

qubits thatspan a spa e of dimension

2

n

. We will denote by

|ni

the qubit

|z0i ⊗ · · · ⊗ |zki

with

z

i

∈ {0, 1}

and

n =

P

k

i=0

z

i

2

i

. Anarbitraryqubit

|ψi =

P

2

n

−1

i=0

α

i

|ii

isaunitve torin

C

2

n

. Whenmeasured

itreturnsthestate

|ji

withprobability

|αj

|

2

. Aftermeasuring thestate

|ψi

be omes

|ψ

′

_{i = |ji}

. Thispro ess is alledthe ollapse ofthewaveform.

1.3.2 Manipulating bits and qubits

Classi al bits

In order to ompute with lassi al bits we use logi al gates. A logi al gate

isa fun tion

f :

{0, 1}

k

_{−→ {0, 1}}

l

with

k

input bits and

l

outputbits. The following seven gatesare well-known.

¬ = NOT: {0, 1} −→ {0, 1}

x

7−→ x + 1

(mod 2)

(1.3.4a)

∨ = OR: {0, 1} −→ {0, 1}

(x

1

, x

2

)

7−→ x1

x

2

+ x

1

+ x

2

(mod 2)

(1.3.4b)

⊕ = XOR : {0, 1}

2

−→ {0, 1}

(x

1

, x

2

)

7−→ x1

+ x

2

(mod 2)

(1.3.4 )

∧ = AND: {0, 1}

2

−→ {0, 1}

(x

1

, x

2

)

7−→ x1

x

2

(mod 2)

(1.3.4d)

↑= NAND: {0, 1}

2

−→ {0, 1}

(x

1

, x

2

)

7−→ x1

x

2

+ 1

(mod 2)

(1.3.4e)

FAN :

_{{0, 1} −→ {0, 1}}

2

x

7−→ (x, x)

(1.3.4f)

SWAP :

_{{0, 1}}

2

_{−→ {0, 1}}

2

(x

1

, x

2

)

7−→ (x2

, x

1

)

(1.3.4g )

Withthese gateswe an ompute anyfun tion.

Theorem 1.1. An arbitraryfun tion

f :

{0, 1}

n

_{−→ {0, 1}}

an be simulated

withthe logi al gates NOT, AND, XOR, FAN andSWAP.

Proof. We useindu tionon

n

. For

n = 1

thereare fourpossible fun tions: 1. Theidentityfun tion, whi h doesnot need any gate.

2. TheNOT-fun tion,whi h isone of theve gatesthat anbe used.

3. The onstantfun tion

0

,whi hwe anprodu e byusing thefollowing gates:

0 = 0(x) =

∧



FAN

1

(x),

¬ FAN2

(x)



,

(1.3.5)

where

FAN

i

isthe

i

-thoutputbit oftheFAN-fun tion.

4. We an obtainthe onstant fun tion

1

bytakingtheNOTof the pre-viousfun tion:

1 =

¬ 0(x)

.

(1.3.6)

Suppose now that any fun tion on

n

bits an be omputed and let

f

be a fun tion on

n + 1

bits. Denethe

n

-bit fun tions

f

0

and

f

1

by

f

i

(x

1

, . . . , x

n

) = f (i, x

1

, . . . , x

n

).

(1.3.7) Thenwehave

f (x

0

, . . . , x

n

) =

⊕



∧ f0

(x

1

, . . . , x

n

),

¬(x0

)

, ∧ f

1

(x

1

, . . . , x

n

), x

0



.

(1.3.8)

Alternative proof withoutindu tion. Thefun tion

f

an bewritten as

f =

X

x

f (x)χ

x

,

=

X

x|f(x)=1

χ

x

(1.3.9)

where

χx(y) = δxy

=

(

1,

if

x = y,

0,

otherwise

.

(1.3.10)

Sothat we an write

f =

_

x|f(x)=1

χ

x

,

(1.3.11)

where

χx

is aprodu tof

zi

or

zi

¯

and

z

i

(y) =

(

1,

if

y

i

= 1,

0,

otherwise

.

(1.3.12)

We a tually need onlythree gates.

Theorem 1.2. The NAND-fun tion together with the FAN-fun tion an

simulatethe fun tions NOT, AND and XOR.

Proof.

¬(x) =↑ FAN(x)

(1.3.13a)

∧(x1

, x

2

) =

↑



FAN

↑ (x1

, x

2

)



(1.3.13b)

⊕(x1

, x

2

) =

↑



↑



↑ FAN(x1

)
, x2



,

_↑



x

1

,

↑ FAN(x2

)





(1.3.13 )

So the NAND-gate together withthe FAN-gate and theSWAP-gate allows

us to ompute any fun tion. However, the NAND-gate is not reversible,

nor an it be made reversible by adding an extra bit with information on

the input. There arelogi al gates on three bits that arereversible and an

ompute anyfun tion. For instan ethe Tooli-gate

TOF(x

1

, x

2

, x

3

) = (x

1

, x

2

, x

1

x

2

+ x

3

),

(1.3.14)

andtheFredkin-gate

FRE(x

1

, x

2

, x

3

) = SWAP(x

1

, x

2

)x

3

+ Id(x

1

, x

2

)(x

3

+ 1), x

3

,

(1.3.15)

whi h swapsthersttwo bits ifandonly ifthethird bitis setto

1

.

Manipulating qubits

The quantum equivalent of logi al gates on bits are unitary transforms on

qubits. Given a

2

n

-dimensional ve tor spa e

V

withbasis

B

and a

2

m

_{× 2}

m

matrix

U

with

m

≤ n

,an expansion of

U

relative to

B

is anymatrix ofthe form

G(U

⊗ I2

n−m

)G

−1

,

(1.3.16) where

G

permutes the basisand

I

k

isthe

k

× k

identity matrix.

Let

U = {U1

, . . . , U

k}

be asetof unitarymatri esofdimension dividing

2

n

.

Then

(

B, U)

isthe set ofall expansionsofthe

U

i

relative to

B

.

Wedenethefollowingmatri es,whi harerespe tively alledtheHadamard

operator,the rotationoperatorof angle

θ

,the ontrol-Notoperator andthe ontrol- ontrol-Not operator:

H =

√

1

2

1

1

1

₋₁



,

P (θ) =





e

iθ

2

₀

0

e

−

iθ

2





,

(1.3.17ab)

CN OT =









1 0 0 0

0 1 0 0

0 0 0 1

0 0 1 0









,

(1.3.17 )

CCN OT =

























1 0 0 0 0 0 0 0

0 1 0 0 0 0 0 0

0 0 1 0 0 0 0 0

0 0 0 1 0 0 0 0

0 0 0 0 1 0 0 0

0 0 0 0 0 1 0 0

0 0 0 0 0 0 0 1

0 0 0 0 0 0 1 0

























.

(1.3.17d)

The ontrol-NOToperator isaspe ial aseofthegeneral lassof ontrolled

operators. These operators a t on two registers of qubits ina very spe i

manner. If the rst register of qubits isin a spe ied ontrol state, usually

|1i · · · |1i

, thenan operator

U

isapplied to these ond register ofqubits. If the rst register is not in the spe ied ontrol state, the identity operator

is applied to the se ond register. For any

n > 2

and

θ

, su h that

P (θ)

is notidempotent,theset

U

τ

=

{H, CNOT, CCNOT, P (θ)}

generatesagroup

GUτ

that is dense in

U (2

n

₎

. To be a little bit more pre ise we dene the

normof ave tor

k|φik =

phφ|φi.

(1.3.18)

Thenorm ofan operator

U

isdened as

kUk = sup

|φi6=0

kU|φik

k|φik

.

(1.3.19)

We saythatan operator

U

˜

representsan operator

U

withpre ision

ǫ

if

˜

U

− U

≤ ǫ.

(1.3.20)

Withthis denition we an saythat the group

GU

τ

represents

U (2

n

₎

with

pre ision

ǫ

for any

ǫ > 0

.

Aquantum ir uitis aunitary matrixbuilt by omposing elementary

oper-ations from

U

τ

. The size of a quantum ir uit will be theminimal number of operations omposed to obtain it. A register in a quantum omputer is

a subset of the total set of qubits. Writing

|φ1i|φ2i

means that the rst register isinstate

|φ1i

and the se ondin

|φ2

i

.

1.3.3 Limitations

Themost important limitation for qubitsisthefollowing theorem.

Theorem 1.3 (No Cloning Theorem). It is not possible to opy any given

quantumstate

Proof. Suppose we have two qubits. Thequbit to be opied isin state

|φ1i

and the other qubit in some state

|si

. Suppose that we have a opying ma hine, usinga unitaryoperation

U

. Then

|φ1i ⊗ |si

7−→ U |φ1i ⊗ |si
= |φ1i ⊗ |φ1i.

U

(1.3.21)

For another quantum state

|φ2i

we have the same relation. We now take innerprodu ts toget thefollowing.

hφ1| ⊗ hs|

U

†

_U

_{|φ2i ⊗ |si
= hφ1| ⊗ hφ1}

_|

|φ2i ⊗ |φ2i

.

(1.3.22a)

hφ1|φ2ihs|si = hφ1|φ2

ihφ1|φ2

i.

(1.3.22b)

hφ1

|φ2i = hφ1|φ2

i

2

.

(1.3.22 )

Thisequationhassolutionsifandonlyif

hφ1

|φ2i

is

0

or

1

. So opying annot be done forgeneral states.

The onsequen esofthisnegativeresultare lear. Evenforsimpleoperations

like swit hing two bits we would like to make a opy of one of the bits

before overwriting it. Inquantum omputing we need to design algorithms

insu h a way that we never need to store an intermediate result, whi h is

a fundamentally dierent approa h than what we are used to on lassi al

omputers. So ina sense we need to develop a quantumme hani al wayof

algorithmi thinking to design algorithmsfor quantum omputers.

1.4 Quantum Algorithms

1.4.1 Dis rete Fourier and Quantum Fourier Transform

Let

x0, . . . , x

N −1

be a ve tor of omplex numbers. The Dis rete Fourier Transform isdened by:

y

k

=

1

√

N

N −1

X

j=0

x

j

e

2πijk

N

.

(1.4.1)

TheCoole-Tukeyalgorithm [CT65 ℄forDis reteFourier Transforms redu ed

the omplexityfrom

O e

n

2

to

O e

n log n

. Let

|ki

be ave torina omplex Hilbertspa e

V

of dimension

N

andlet

|0i, . . . , |N − 1i

bean orthonormal basisfor

V

. The Quantum Fourier Transform(QFT)is dened inthesame wayasthe Dis reteFourier Transform:

|ki 7−→

√

1

N

N −1

X

j=0

e

2πijk

N

_|ji.

(1.4.2)

It ispossible to give amatrix notation fortheQFT. Let

ξ = e

2πi

2

N

,thenthe unitary

2

N

_{× 2}

N

matrix, given by

a

jk

=

√

1

₂

N

ξ

(j−1)(k−1)

,

(1.4.3)

istheQuantum Fourier Transform. An example for

N = 3

and

ξ

8

_{= 1}

:

QFT

_{N =3}

=

√

1

8

























1 1

1

1

1

1

1

1

1 ξ

ξ

2

ξ

3

ξ

4

ξ

5

ξ

6

ξ

7

1 ξ

2

ξ

4

ξ

6

ξ

8

ξ

10

ξ

12

ξ

14

1 ξ

3

_ξ

6

_ξ

9

_ξ

12

_ξ

15

_ξ

18

_ξ

21

1 ξ

4

ξ

8

ξ

12

ξ

16

ξ

20

ξ

24

ξ

28

1 ξ

5

_ξ

10

_ξ

15

_ξ

20

_ξ

25

_ξ

30

_ξ

35

1 ξ

6

_ξ

12

_ξ

18

_ξ

24

_ξ

30

_ξ

36

_ξ

42

1 ξ

7

ξ

14

ξ

21

ξ

28

ξ

35

ξ

42

ξ

49

























=

√

1

8

























1 1

1

1

1

1

1

1

1 ξ

ξ

2

_ξ

3

_ξ

4

_ξ

5

_ξ

6

_ξ

7

1 ξ

2

ξ

4

ξ

6

1

ξ

2

ξ

4

ξ

6

1 ξ

3

ξ

6

ξ

ξ

4

ξ

7

ξ

2

ξ

5

1 ξ

4

₁

_ξ

4

₁

_ξ

4

₁

_ξ

4

1 ξ

5

ξ

2

ξ

7

ξ

4

ξ

ξ

6

ξ

3

1 ξ

6

_ξ

4

_ξ

2

₁

_ξ

6

_ξ

4

_ξ

2

1 ξ

7

_ξ

6

_ξ

5

_ξ

4

_ξ

3

_ξ

2

_ξ

























.

(1.4.4)

TheQFTisusefulbe ausethe omplexityofthe DFTis

O(e

n log n

₎

whereas

the omplexityof the QFTis

O(n

2

₎

. Itisexa tlythis gainwhi h willallow

ustosolve lassi allyinfeasibleproblems withquantumalgorithmsbyusing

theQFT.Thefollowingexample,ofwhi hShor'salgorithm isaspe ial ase,

learly showshowtheQFT an be usedinquantum algorithms.

Let

N > 1

be a positive integer,

G = Z/N Z

theadditive group of integers modulo

N

and

X

aniteset. Supposethatwehaveafun tion

f : G

−→ X

, su hthatforsomesubgroup

H =

hdi

of

G

,

f

is onstanton

H

andseparates osetsof

H

. Supposethat we do not know

d

. We want to nd a generator for

H

. To do sowe start withtwo registers in thezero state

|0i|0i

and we applytheQFT to the rstregister to obtain

1

√

N

N −1

X

j=0

|ji|0i.

(1.4.5)

We thenapply

f

tothe se ondregister to get

1

√

N

N −1

X

j=0

|ji|f(j)i.

(1.4.6)

Wenowmeasurethese ondregisterandobtain

f (j

0

)

forsome

j

0

. Theee t ofmeasuring these ond register is thatall registers thatdo not have

f (j

0

)

inthe se ond register ollapse. As

f

separates osets of

H

this means that only the oset

H + j

0

remains in the rst register. If

|H| = M

, the rst register anbe des ribed as

1

√

M

M −1

X

s=0

|j0

+ sd

_i.

(1.4.7)

We applythe QFT to this registerto obtain

1

√

M N

N −1

X

k=0

e

2πij

N

0

k

_|ki

M −1

X

s=0

e

2πisdk

N

.

(1.4.8)

Usingthe fa tthat

N = dM

and evaluatingthese ond sumasa geometri series,onlythe values of

|ki

thataremultiples of

M

remain, giving

1

√

d

d−1

X

t=0

e

2πij

N

0

tM

_|tMi.

(1.4.9)

Measuringtherstregistergivesamultipleof

M

. Repeatingthis pro edure we getseveral multiples of

M

. Using theEu lidean algorithm weobtain

M

withhighprobability.

1.4.2 Fourier Transforms over Abelian Groups

Theaboveexampleworkswellbe auseitwasstraightforward toidentifythe

elements of the group

Z/N Z

with the qubits

|0i, . . . , |N − 1i

. For general nite abelian groups, this identi ation is not thatsimple and we will need

to dene a more general form of Fourier transform. To do so we need to

introdu e some basi representation and hara ter theory. We follow the

des ription of Chris Lomont [Lom ℄. Every nite Abelian group

G

an be written asthe dire tsumof y li groups, so

G = Z/N

1

Z

⊕ · · · ⊕ Z/Nk

Z.

(1.4.10) We supposethat we have a fun tion

f

from

G

to a nite set

X

, su h that

f

separates osets of a subgroup

H

of

G

. We will write elements of

G

as

k

-tuples

(g

1

, . . . , g

k

)

,with

g

i

∈ {0, . . . , Ni

− 1}

. Dene

βi

= (0, . . . , 0

_i−1

, 1i, 0i+1, . . . , 0).

(1.4.11) A hara ter of

G

isa group homomorphism

χ

from

G

to the multipli ative group of nonzero omplex numbers

C

∗

. For every hara ter

χ

and every element

g = (g

1

, . . . , g

k

)

we have

χ(g) = χ

k

X

i=1

giβi

!

=

k

Y

i=1

χ(βi)

g

i

_.

(1.4.12)

So every hara ter

χ

is determined byits a tion on the

β

i

. As theorder of

βi

is

Ni

,the order of

χ(βi)

mustdivide

Ni

. Therefore

χ(β

i

) = e

2πih

i

N

i

,

(1.4.13)

forsome

h

i

∈ {0, . . . , Ni

− 1}

. Sowe andetermine a hara ter bya

k

-tuple

(h

1

, . . . , h

k

)

, whi h an be seen as an element

h

∈ G

. This leads to the following denitionfor hara ters. For every

g

∈ G

,we dene

χ

g

: G

−→ C

∗

h

_7−→

k

Y

j=1

e

2πig

j

h

j

N

j

.

(1.4.14)

A usefultheoremon hara tersis thefollowing.

Theorem 1.4. Let

G

be a nite Abeliangroup and

χ

a hara ter. Then

X

g∈G

χ(g) =

(

|G|

if

χ = χ

e

,

0

otherwise

.

(1.4.15)

Here

χ

e

is the identity hara ter sending every element of the group to

1

.

Proof. We have

G = Z/N

1

Z

⊕ · · · ⊕ Z/Nk

Z.

(1.4.16) Choose

h

∈ G

. Then

X

g∈G

χ

h

(g) =

X

g

j

∈Z/N

j

Z

j∈{1,...,k}





k

Y

j=1

e

2πih

j

g

j

/N

j





=

k

Y

j=1

X

g

j

∈Z/N

j

Z

e

2πih

j

g

j

/N

j

_.

(1.4.17)

Iffor some

j

we have

e

2πih

j

/N

j

6= 1

, thenthegeometri series

X

g

j

∈Z/N

j

Z

e

2πih

j

N

j

gj

_{= 0.}

(1.4.18)

Theonly timethis doesnot happen iswhenfor all

j

we have

e

2πih

j

N

j

_{= 1.}

(1.4.19)

Thisistheidentity hara ter. Inthis asetheresultis

Qk

j=1

Nj

=

|G|

. We an nowdene thenotion of an orthogonal subgroup. Let

H

be a sub-groupof

G

. Theorthogonal subgroupof

H

is

H

⊥

=

{g ∈ G | χg(h) = 1,

for all

h

∈ H}.

(1.4.20) While the y li QFT returns multiples of the generator of

H

, the general nite abelian QFT returns elementsof the orthogonalsubgroup of

H

. It is dened as

F

G

=

1

p|G|

X

g,h∈G

χ

g

(h)

|gihh|.

(1.4.21)

We alsodene a translationoperator

τ

t

=

X

g∈G

|t + gihg|,

(1.4.22)

anda phase- hange operator

φ

h

=

X

g∈G

χ

g

(h)

|gihg|.

(1.4.23)

We rst show that the Fourier transform of a subgroup is its orthogonal

subgroup.

Theorem1.5. WehavethefollowingrelationbetweensubgroupsandFourier

transforms:

F

_{G|Hi = |H}

⊥

_i.

(1.4.24) Proof. Bydenition, we have

|Hi =

1

p|H|

X

h∈H

|hi.

(1.4.25) We thenhave:

F

G|Hi =

1

p|G|

X

g,h

′

_∈G

χ

g

(h

′

)

|gihh

′

|

1

p|H|

X

h∈H

|hi.

(1.4.26)

Using the fa t that

hh|h

′

i = 1

, if

h = h

′

and zero otherwise, the above expression an besimplied to

1

p|G||H|

X

g∈G

X

h∈H

χ

g

(h)

!

|gi.

(1.4.27)

The hara ter

χ

g

of

G

isalsoa hara terof

H

,therefore

P

h∈H

χ

g

(h)

iszero unless the hara ter is the identity on

H

, in whi h ase the sum is equal to

|H|

. That is exa tlythe denition of theorthogonal subgroup, therefore we an redu ethe equation to

1

p|G||H|

X

g∈H

⊥

|H||gi.

(1.4.28) As

|H||H

⊥

| = |G|

,this isequal to

1

p|H

⊥

_|

X

g∈H

⊥

|gi = |H

⊥

i.

(1.4.29)

Ina similarwaythefollowing three identities anbe proved.

Theorem 1.6. For all elements

h, t

∈ G

we have

χ

h

(t)τtφ

h

= φ

h

τt,

(1.4.30a)

F

G

φ

h

= τ

−h

F

G

,

(1.4.30b)

F

G

τ

t

= φ

t

F

G

.

(1.4.30 )

We an nowgivethealgorithm forthehiddensubgroupproblemforgeneral

nite abelian groups. As in the y li ase we start with two registers of

qubits in the zero state and we apply the Fourier transform to the rst register.

|0i|0i 7−→

1

p|G|

X

g∈G

|gi|0i.

(1.4.31)

Wethenapply the osetseparating fun tion

f

to these ondregister,whi h leadsto

1

p|G|

X

g∈G

|gi|f(g)i.

(1.4.32)

Dene

T = (t

1

, . . . , t

m

)

as a set of oset representatives for

H

in

G

. We obviously have

|T ||H| = |G|

. Using the separation property of

f

we an simplifythe aboveexpression to

1

p|T |

X

t∈T

|t + Hi|f(t)i.

(1.4.33) Thisisequal to

1

p|T |

X

t∈T

τ

_t|Hi|f(t)i.

(1.4.34)

Weapply the Fourier transformto therst register andusetheabove

theo-rems toobtain thefollowing result.

1

p|T |

X

t∈T

τ

t|Hi|f(t)i

F

G

7−→

1

p|T |

X

t∈T

F

G

τ

t|Hi|f(t)i

=

1

p|T |

X

t∈T

φ

t

F

G|Hi|f(t)i

(1.4.35)

=

1

p|H

⊥

_|

X

t∈T

φt|H

⊥

i|f(t)i.

We now measure the rst register and obtain a random element of the

or-thogonal subgroup of

H

. Sin e

(H

⊥

)

⊥

= H

, determining a generating set for the orthogonal subgroup determines

H

ompletely. This does however not meanthatit isan easy taskto geta generatingset for

H

starting with a generating set for

H

⊥

. Suppose that we have a generating set

g

1

, . . . , g

t

for

H

⊥

. As

H = H

⊥⊥

,we have

h

∈ H

ifand only if

χ

h

(g

j

) = 1,

for all

j = 1, . . . , t.

(1.4.36) Let

d = LCM(N

1

, . . . , N

k

)

and

α

i

=

d

N

l

. Then

χ

h

(g

j

) =

k

Y

l=1

e

2πiα

l

h

l

g

jl

d

= 1,

(1.4.37)

ifandonly if

k

X

l=1

α

l

h

l

g

jl

≡ 0 (mod d).

(1.4.38)

So to nd elementsof

H

we have to solve this systemof

t

linear equations. This is a simple linear algebra problem that an be e iently solved with

theuseof Smith normalforms. Solvingthis equationgivesan element

h = (h

1

, . . . , h

k

)

∈ H.

(1.4.39) Repeatingthe pro edure will leadto aset ofgenerators for

H

.

1.4.3 Shor's Fa toring Algorithm

Let

N

beaninteger. Wewant tondaninteger

1 < p < N

,su hthat

p

| N

. By repeating this pro ess for the integers

p

and

q =

N

p

we will eventually nda fa torization

N =

n

Y

i=1

p

e

i

i

,

(1.4.40)

where

p

i

areprime numbers and

e

i

are positive integers. The fundamental theoremofarithmeti tellsus thatthis fa torizationisunique. Theproblem

is to nd integers

pi

that divide

N

. The fa toring algorithm proposed by Shor[Sho97 ℄isdesignedtondtheorder

r

ofanelement

x

modulo

N

,whi h isthesmallest positive integer,su h that

x

r

≡ 1 (mod N).

(1.4.41)

Ifwe an nd su han element,thenweverify whether

x

r

2

_{6≡ −1 (mod N).}

(1.4.42) Ifthis isthe ase we ompute

GCD x

r

2

_{± 1, N}

,

(1.4.43) and we might nd a non-trivial fa tor of

N

. The quantum part of this algorithm revolves around the Quantum Fourier Transform and Quantum

PhaseEstimation.

Quantum Phase Estimation

Let

U

be a unitaryoperator and let

|ui

be an eigenve tor of

U

with eigen-value

e

2πiφ

. So

U

_{|ui = e}

2πiφ

_|ui.

(1.4.44) The purpose of phase estimation is to nd an approximation

φ

˜

for the un-known value

0

≤ φ < 1

. The quantum algorithm for phase estimation uses

two registers ofqubits. Therst register

|0ik

onsistsof

k

qubitsinitialized inthe state

|0i

. The number

k

dependson the desired a ura yof the ap-proximation

φ

˜

and onthe desiredsu essprobabilityof thealgorithm. The se ondregisterisinitializedas

|ui

andtakesasmanyqubitsasareneededto des ribe

|ui

. Onea hofthequbitsoftherstregisteraHadamardoperator isapplied:

|0i 7−→

√

1

2

|0i + |1i

.

(1.4.45)

Thenon ea hqubit

1

√

2

|0i + |1i

j+1

(1.4.46)

oftherstregistera ontrolled-

U

2

j

gateisapplied,wheretheinteger

j

ranges from

0

to

k

− 1

:

1

√

2

|0i + |1i
|ui 7−→

1

√

2



|0i|ui + |1iU

2

j

|ui



=

√

1

2



|0i|ui + |1ie

2πiφ2

j

|ui



(1.4.47)

=

_√

1

2



|0i + e

2πiφ2

j

|1i



|ui.

Doing this operation on ea h ofthe

k

qubitsof therst register, we obtain the following state:

|0ik

7−→

√

1

2

k



|0i + e

2πiφ2

k−1

|1i
· · · |0i + e

2πiφ2

0

|1i



|ui

=

√

1

2

k

2

k

−1

X

j=0

e

2πiφj

_|ji,

(1.4.48)

where weuse the onvention thatif

j = a

0

· 2

0

+

· · · + an

2

n

,

(1.4.49) with

a

i

∈ {0, 1}

,then

|ji

indi ates the qubits

|a0i · · · |ani

. We anwrite

φ =



a

2

k

+ δ



,

(1.4.50) where

a = a

k−1

. . . a

0

is inbinarynotation,

|δ| ≤

₂

_k+1

1

,

(1.4.51) and

a

2

k

is the best

k

-bit approximationof

φ

. Thisgives

1

√

2

k

2

k

−1

X

j=0

e

2πij

“

_a

2

k

+δ

”

|ji.

(1.4.52)

We apply the inverse Fourier Transform ontherst register,sending

|ji

to

1

√

2

k

2

k

−1

X

l=0

e

−

2πijl

2

k

_|li.

(1.4.53)

Putting this intothe equationwe obtain:

|0ik|ui 7−→

√

1

2

k

2

k

₋₁

X

j=0

e

2πij

“

_a

2

k

+δ

”

|ji|ui

7−→

√

1

2

k





2

k

₋₁

X

j=0

e

2πij

“

_a

2

k

+δ

”

1

√

2

k

2

k

₋₁

X

l=0

e

−

2πijl

2

k

_|li





|ui

=

1

2

k

2

k

₋₁

X

j,l=0

e

−

2πijl

2

k

_e

2πij

“

_a

2

k

+δ

”

|li|ui

=

1

2

k

2

k

−1

X

j,l=0

e

2πij(a−l)

2

k

_e

2πijδ

_|li|ui.

(1.4.54)

Nowtherstregisterismeasured. Therearetwo asesto onsider. If

δ = 0

, then we will measure exa tly

|ai = |φi

. If

δ

6= 0

, we will measure

|ai

, the best

k

-bitapproximation of

φ

withprobability

p

a

=

|ca|

2

,where

c

a

=

1

2

k

2

k

−1

X

j=0

(e

2πiδ

)

j

.

(1.4.55)

This is a geometri series whi h an be bounded with some trigonometri

manipulations to obtain

p

a

≥

4

π

2

≥ 0.4.

(1.4.56)

Order nding

We use quantum phase estimation to nd the order of an element

x

mod-ulo

N

. The quantum algorithm for nding the order of

x

uses the unitary operator

Ux

thata ts inthe following way:

U

_{x|yi =}



xy (mod N ).

(1.4.57)

Theeigenstates ofthis operator are

|usi =

√

1

r

r

X

k=0

e

−

2πisk

r





x

k

(mod N ),

(1.4.58)

with

0

≤ s ≤ r − 1

aninteger. Indeed we have that

U

_{x|usi =}

√

1

r

r

X

k=0

e

−

2πisk

r





x

k+1

(mod N )



= e

2πis

r

_|usi.

(1.4.59)

Sotheeigenvalues of

U

x

are

e

2πis

r

,with

0

≤ s ≤ r − 1

aninteger.

Weapplythequantumphaseestimationalgorithm on

Ux

toobtain approxi-mationsof

φ =

s

r

. Therearetwo problemsthatneedtobesolvedto exe ute this algorithm. We have to e iently implement ontrolled-

U

2

j

operators

for integers

j

and we need to prepare an eigenstate

|usi

witha non-trivial eigenvalue. The rst of these problems an be over ome by modular

expo-nentiation.

ModularExponentiation Modularexponentiationmeans omputingthe

remainderwhendividingapositiveinteger

x

k

byapositiveinteger

N

. That is,wewant to ompute

x

′

,su hthat:

x

′

_{≡ x}

k

(mod N ).

(1.4.60) If we ompute this value by rst al ulating

x

k

and then omputing the

remainder modulo

N

,thenthis wouldrequire

O(k)

multipli ations to om-plete. Thismethod anbeslightly improved byusingthefollowing relation:

a

_{· b (mod m) ≡ a (mod m)
· b (mod m)
(mod m).}

(1.4.61) So after ea h multipli ation by

x

we ompute the remainder modulo

N

. Thiswill redu e the size of the numbers that need to be multiplied, saving

memory, butthis still requires

O(k)

multipli ations.

A third method redu es both the number of operations and the memory

required to perform modular exponentiation. It is a ombination of the

previousmethodand amoregeneral prin iple alledbinaryexponentiation.

We rst onvert

k

to abinary number:

k =

n−1

X

i=0

a

i

2

i

,

(1.4.62)

where

a

i

iseither

0

or

1

. We an thenwrite

x

k

inbinaryform:

x

k

= x

P

n−1

i=0

a

i

2

i

₌

n−1

Y

i=0



x

2

i

a

i

.

(1.4.63)

Therefore

x

′

is equalto:

x

′

_≡

n−1

Y

i=0



x

2

i

a

i

(mod m).

(1.4.64)

Therunning timeofthis algorithm is

O(log k)

.

Eigenstate Preparation The se ond problem that needed to be

over- omewasthe preparationofaneigenstate

|usi

withouttheknowledgeofthe order

r

. Itis relatively straightforward to prove that

1

√

r

r−1

X

s=0

e

−

2πisk

r

_{|usi =}



x

k

(mod N ).

(1.4.65)

Using thisresult with

k = 0

,we obtain

1

√

r

r−1

X

s=0

|usi = |1i.

(1.4.66)

Thequantum state we produ e before applyingtheinverse QFTis

|φi1|φi2

=

2

n

−1

X

j=0

|jiU

j

|1i =

2

n

−1

X

j=0





j

i|x

j

(mod N ),

(1.4.67)

where

n

isthesizeoftherstregisterofqubitsandisofsize

O(log N )

. Inthe end wehave an

n

-bit approximationof

φ =

s

r

. Wewouldliketo nd

r

from this resultandwe an do this byusing the ontinued fra tionalgorithm.

Theorem 1.7. Let

s

r

∈ Q

be su h that





φ −

s

r





 ≤

1

2r

2

.

(1.4.68) Then

s

r

is a onvergent of the ontinued fra tion of

φ

and an be omputed by the ontinued fra tionalgorithm.

Thisalgorithm produ es numbers

r

′

_{, s}

′

withno ommon fa tor,su h that

s

′

r

′

=

s

r

.

(1.4.69)

Therearetwowaysforthealgorithmtofail. Thephaseestimationalgorithm

mayprodu eabadestimateof

s

r

inwhi h asetheabove theoremnolonger applies. Theprobabilityofthiseventdependsonthesizeoftherstregister

and an be made negligibly small. The se ond problem is that

s

will be randomly hosenbythequantumalgorithm, whenwe measure,and thereis

alwaysthepossibilitythatitisadivisorof

r

. Inthat ase

r

′

willbeadivisor of

r

andnot

r

itself. If thishappens, then

x

r

′

_{6≡ 1 (mod N).}

(1.4.70) We repeat the algorithm to obtain

r

′′

, s

′′

. If

r

′′

6= r

and

GCD(s

′′

, s

′

) = 1

, then

r = LCM(r

′′

, r

′

).

(1.4.71) Theprobability that

GCD(s

′′

_{, s}

′

_{) = 1}

isat least

1

4

.