This preview shows pages 1–2. Sign up to view the full content.
This preview has intentionally blurred sections. Sign up to view the full version.View Full Document
Unformatted text preview: Last revised 4/7/05 LECTURE NOTES ON QUANTUM COMPUTATION Cornell University, Physics 481-681, CS 483; Spring, 2005 c 2005, N. David Mermin III. Breaking RSA Encryption with a Quantum Computer In Simons problem we are presented with a subroutine which calculates a function f ( x ). We are told that f satisfies f ( x ) = f ( y ) for distinct x and y if and only if y = x a , where denotes the bitwise modulo-2 sum of the n-bit integers a and x . The number of times a classical computer must invoke the subroutine to determine a grows exponentially with n , but with a quantum computer it grows only linearly. This is a rather artificial problem, of interest primarily because it gives a simple demonstration of the remarkable computational power a quantum computer is capable of exhibiting. It amounts to finding the unknown period of a function on n-bit integers that is periodic under bitwise modulo-2 addition. A more natural problem is to find the period r of a function on the integers that is periodic under ordinary addition, satisfying f ( x ) = f ( y ) for distinct x and y if and only if x and y differ by an integral multiple of r . Finding the period of such a periodic function turns out to be the key to factoring products of large prime numbers, a mathematically natural problem with quite practical applications. The best known classical algorithms for finding the period r of such a periodic function take a time that grows faster than any power of the number n of bits of r (exponentially with n 1 / 3 ). Peter Shor, however, discovered that one can exploit the power of a quantum computer to learn the period r , with probability arbitrarily close to one, in a time that scales only a little faster than n 3 . This is of considerable practical interest because effi- cient period finding, combined with some number-theoretic tricks, enables one to factor efficiently the product of two large prime numbers. The very great computational effort required by all known classical factorization techniques underlies the security of the widely used RSA 1 method of encryption. Any computer that can efficiently find periods would be an enormous threat to the security of both military and commercial comunications. This is why research into the feasibility of quantum computers is a matter of considerable interest in the worlds of war and business. 1 Named for the people who invented it in 1977, Ronald Rivest, Adi Shamir, and Leonard Adelman. RSA encryption was independently invented by Clifford Cocks four years earlier, but his discovery was classified top secret by British Intelligence and he was not allowed to reveal his priority until 1997. For this and other fascinating tales about cryptography, see Simon Singh, The Code Book , Doubleday, New York, 1999....
View Full Document
This note was uploaded on 09/28/2008 for the course PHYS 481 taught by Professor Anon during the Spring '05 term at Cornell University (Engineering School).
- Spring '05