Ruhr-Uni-Bochum

Noisy Simon Period Finding

2021

Konferenz / Medium

Research Hub

Research Hub A: Kryptographie der Zukunft

Research Challenges

RC 2: Quantum-Resistant Cryptography

Abstract

Let f:Fn2→Fn2 be a Boolean function with period s. It is well-known that Simon’s algorithm finds s in time polynomial in n on quantum devices that are capable of performing error-correction. However, today’s quantum devices are inherently noisy, too limited for error correction, and Simon’s algorithm is not error-tolerant.

We show that even noisy quantum period finding computations may lead to speedups in comparison to purely classical computations. To this end, we implemented Simon’s quantum period finding circuit on the 15-qubit quantum device IBM Q 16 Melbourne. Our experiments show that with a certain probability τ(n) we measure erroneous vectors that are not orthogonal to s. We propose new, simple, but very effective smoothing techniques to classically mitigate physical noise effects such as e.g. IBM Q’s bias towards the 0-qubit.

After smoothing, our noisy quantum device provides us a statistical distribution that we can easily transform into an LPN instance with parameters n and τ(n). Hence, in the noisy case we may not hope to find periods in time polynomial in n. However, we may still obtain a quantum advantage if the error τ(n) does not grow too large. This demonstrates that quantum devices may be useful for period finding, even before achieving the level of full error correction capability.

Tags

Symmetric Cryptography