Download Quantum computer - Universidad de Murcia

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
Document related concepts

Quantum dot cellular automaton wikipedia , lookup

Ensemble interpretation wikipedia , lookup

Theoretical and experimental justification for the Schrödinger equation wikipedia , lookup

Renormalization group wikipedia , lookup

Relativistic quantum mechanics wikipedia , lookup

Quantum decoherence wikipedia , lookup

Basil Hiley wikipedia , lookup

Topological quantum field theory wikipedia , lookup

Wave–particle duality wikipedia , lookup

Probability amplitude wikipedia , lookup

Renormalization wikipedia , lookup

Density matrix wikipedia , lookup

Double-slit experiment wikipedia , lookup

Particle in a box wikipedia , lookup

Bohr–Einstein debates wikipedia , lookup

Scalar field theory wikipedia , lookup

Path integral formulation wikipedia , lookup

Quantum electrodynamics wikipedia , lookup

Measurement in quantum mechanics wikipedia , lookup

Delayed choice quantum eraser wikipedia , lookup

Coherent states wikipedia , lookup

Hydrogen atom wikipedia , lookup

Quantum field theory wikipedia , lookup

Quantum dot wikipedia , lookup

Copenhagen interpretation wikipedia , lookup

Max Born wikipedia , lookup

Quantum fiction wikipedia , lookup

Quantum entanglement wikipedia , lookup

Many-worlds interpretation wikipedia , lookup

Bell test experiments wikipedia , lookup

Symmetry in quantum mechanics wikipedia , lookup

Orchestrated objective reduction wikipedia , lookup

Quantum computing wikipedia , lookup

Quantum group wikipedia , lookup

Bell's theorem wikipedia , lookup

Quantum machine learning wikipedia , lookup

History of quantum field theory wikipedia , lookup

Interpretations of quantum mechanics wikipedia , lookup

EPR paradox wikipedia , lookup

Quantum state wikipedia , lookup

Canonical quantization wikipedia , lookup

T-symmetry wikipedia , lookup

Quantum cognition wikipedia , lookup

Quantum teleportation wikipedia , lookup

Hidden variable theory wikipedia , lookup

Quantum key distribution wikipedia , lookup

Transcript 
Device-Independent Quantum Information Processing
Antonio Acín
ICREA Professor at ICFO-Institut de Ciencies Fotoniques, Barcelona
Spanish Cryptography Days, November 2011, Murcia, Spain
Computational security
• Standard Classical Cryptography schemes are based
on computational security.
• Assumption: eavesdropper computational power is
limited.
• Even with this assumption, the security is unproven.
E.g.: factoring is believed to be a hard problem.
• Quantum computers sheds doubts on the long-term
applicability of these schemes, e.g. Shor’s algorithm
for efficient factorization.
Quantum Computation
Quantum computer: device able to manipulate information encoded on quantum
particles. These devices allow one to solve computational problems in a much more
efficient way than a classical computer.
Shor’s algorithm (1994): factorization problem.
6=3x2
Easy!
30790518401361202507 =
4575351673 x
6729650659
A quantum computer allows the efficient factorization of large numbers.
Computational security
It was easy to generate the factors and then compute the product.
One-way functions: easy in one direction, hard in the opposite.
Many cryptographic schemes, such as RSA, are based on the factorization problem.
Alice
Bob
Multiply
Multiply
Eve
Factorize
If factorization becomes easy, the enemy can break the protocol!
Quantum Information Theory
Quantum Information Theory studies how to manipulate and transmit
information encoded on quantum particles.
Quantum Mechanics: set of laws
describing the Physics of the
microscopic world.
(Einstein, Planck, Bohr,
Schrödinger, Heisenberg,…, first
half of the XX century).
Information Theory:
mathematical formalism
describing how information can
be stored, processed and
transmitted.
(Shannon, 1950).
Why now?
Quantum Information Theory
Current technological progress on devices miniaturization leads to a scenario
where information is encoded on quantum particles, such as atoms or photons.
• Moore’s Law: information-device size
decreases exponentially with time.
• Information is encoded in fewer and
fewer atoms.
• It is very plausible that quantum
effects will manifest in the near future.
Quantum Information Theory
What happens when we encode information in the quantum world?
Novel information applications become possible when using
information encoded on quantum states, e.g. more
powerful computers and secure communication.
Heisenberg Uncertainty Principle
Quantum Theory only predicts the probabilities of outcomes.
Quantum
Particle
50%
Measurement
50%
The measurement process modifies the state of the particle!
Heisenberg uncertainty principle: the measurement process perturbs the
state of a quantum system.
Quantum Cryptography
Heisenberg uncertainty principle → Secure cryptography!
Quantum bits
Alice
Bob
Eve
The eavesdropper, Eve, when
measuring the particles, introduces
noise, errors, in the channel and is
detected by the honest parties.
Bennett
Brassard
Ekert
Quantum Cryptography: a new form of security
Standard Classical
Cryptography
areon
based
•• Quantum
Cryptography
protocolsschemes
are based
on computational
physical
security. security.
Assumption: Quantum
eavesdropper
computational
power is
•• Assumption:
Mechanics
offers a correct
limited. description of the devices.
physical
• Even with this assumption, the security is unproven.
• No assumption is required on the eavesdropper’s
E.g.: factoring is believed to be a hard problem.
power, provided it does not contradict any quantum
• Quantum computers sheds doubts on the long-term
law.
applicability of these schemes, e.g. Shor’s algorithm
• Using
this (these)
assumption(s), the security of the
for efficient
factorization.
schemes can be proven.
Quantum Cryptography: you can buy it!
•
Quantum cryptography is a commercial product.
Ribordy
•
In 2007, it was used to secure part of the vote
counting in a referendum in the canton of Geneva.
•
The Quantum Stadium: in 2010, in collaboration
with the University of Kwazulu-Natal, South Africa,
it was used to encrypt a connection in the Durban
stadium during the World Cup.
Quantum hacking
How come?!
Quantum hacking
Quantum hacking attacks break the implementation, not the principle.
Quantum channel
Single-photon source
Attenuated laser source
Single-photon detector
Realistic APD detector
Device-Independent Quantum
Information Processing
Scenario
Distant parties performing m different measurements of r outcomes.
x=1,…,m
Alice
a=1,…,r
y=1,…,m
p(a, b x, y)
b=1,…,r
Bob
Vector of m2 r2 positive components satisfying m2 normalization conditions
pa, b x, y    p1,11,1, p1,21,1,, pr, r 1,1,, pr, r m, m
 pa, b x, y   1
r
a ,b 1
x, y
Quantum Correlations
Assumption: the observed correlations should be compatible with the quantum
formalism.

pa, b x, y   tr  AB M  M
x
a
y
b

M
x
a
1
a
M ax' M ax   aa' M ax
No constraint is imposed on the quantum state and measurements
reproducing the observed correlations. They act on an arbitrary Hilbert space.
Standard Quantum Information applications are not device-independent: they
crucially rely on the details of states and measurements used in the protocol.
Bell inequality violation
Bell inequality violation is a necessary condition for DIQIP.
If the correlations are local:
p(a, b x, y)   p  pa x,  qb y,  
The observed statistics can be reproduced by classically correlated data →
no improvement can be expected over Classical Information Theory.
Any protocol should be built from non-local correlations.
Characterization of
Quantum Correlations
Motivation
Given p(a,b|x,y), does it have a quantum realization?

pa, b x, y   tr  AB M ax  M by

x
M
 a 1
a
M ax M ax'   a 'a M ax
Example:
pa, b 0,0  pa, b 0,1  pa, b 1,0 
pa, b1,1  0.245,0.255,0.255,0.245

1
2  3 ,2  3 ,2  3 ,2  3
8

Hierarchy of necessary conditions
Given a probability distribution p(a,b|x,y), we have
defined a hierarchy consisting of a series of tests based on
semi-definite programming techniques allowing the
detection of supra-quantum correlations.
1  0
NO
YES
2  0
YES

YES
  0
NO
The hierarchy is asymptotically convergent.
NO
YES
Convergence of the hierarchy
If some correlations satisfy all the steps in the hierarchy, then:

pa, b x, y   tr  M M
x
a
y
b

with
?

pa, b x, y   tr  AB M ax  M by
M

, M by  0
x
M
 a 1
a

x
a
Device-Independent
Quantum Key Distribution
Device-Independent QKD
Standard QKD protocols based their security on:
1. Quantum Mechanics: any eavesdropper, however
powerful, must obey the laws of quantum physics.
2. No information leakage: no unwanted classical information
must leak out of Alice's and Bob's laboratories.
3. Trusted Randomness: Alice and Bob have access to local
random number generators.
4. Knowledge of the devices: Alice and Bob require some
control (model) of the devices.
Are there protocols for secure QKD based on p(a, b x, y)
without requiring any assumption on the devices?
Motivation
• The fewer the assumptions for a cryptographic
protocol → the stronger the security.
• Device-Independent QKD represents the strongest
form of quantum cryptography. It is based on the
minimal number of assumptions.
• It may be useful when considering practical
implementations. If some correlations are observed
→ secure key distribution. No security loopholes
related to technological issues.
Secure device-independent quantum
key distribution with causally
independent measurement devices
The model
We require that the generation of raw key elements define causally independent events.
All raw-key
elements
General quantum state
Measurements by
Alice and Bob
The model
• This requirement can be satisfied by performing space-like separated
measurements. Secure DIQKD is, in principle, possible.
• The requirement can just be assumed, either by assuming memoryless devices or
some shielding ability by the honest parties (which is always necessary).
• This requirement is always one of the assumptions (among many more) needed
for security in standard QKD.
x1
a1
xn
an
y1
.
.
.
b1
yn
bn
Bound on the key rate
K   log 2 f gexp   H a b
1- V
QBER 
2
The critical error for the CHSH
inequality is of approx 5%.
For the chained inequality
with 3 settings, one has 7.5%.
The protocols are competitive
in terms of error rate.
Device-Independent
Randomness Generation
Can the presence of randomness be guaranteed
by any physical mechanism?
Known solutions
• Classical Random Number Generators (CRNG). All of them are of
deterministic Nature.
• Quantum Random Number Generators (QRNG). There exist different
solutions, but the main idea is encapsulated by the following example:
T
50%
R
50%
Single photons are prepared and
sent into a mirror with
transmittivity equal to ½. The
random numbers are provided by
the clicks in the detectors.
• In any case, all these solutions have three problems, which are important
both from a fundamental and practical point of view.
Problem 1: certification
• Good randomness is usually verified by a series of
statistical tests.
• There exist chaotic systems, of deterministic nature,
that pass all existing randomness tests.
• Do these tests really certify the presence of
randomness?
• Do these tests certify any form of quantum
randomness? Classical systems pass them!
RANDU
RANDU is an infamous linear congruential pseudorandom number generator
of the Park–Miller type, which has been used since the 1960s.
Three-dimensional plot of 100,000 values generated with RANDU. Each
point represents 3 subsequent pseudorandom values. It is clearly seen
that the points fall in 15 two-dimensional planes.
Problem 2: privacy
• Many applications require private randomness.
T
50%
R
50%
r1
r2
.
.
.
Classical
Memory
rr1n2 …
rn
• How can one be sure that the observed random numbers are also random
to any other observer, possibly adversarial?
Problem 3: device dependence
• All the solutions crucially rely on the details of the devices used in the
generation.
T
50%
R
50%
Single photons are prepared and
sent into a mirror with
transmittivity equal to ½. The
random numbers are provided by
the clicks in the detectors.
• How can imperfections in the devices affect the quality of the generated
numbers? Can these imperfections be exploited by an adversary?
Random Numbers from Bell’s Theorem
We want to explore the relation between non-locality, measured by the
violation β of a Bell inequality, and local randomness, quantified by the
parameter r  max a, x pa x  . Clearly, if β =0 → r=1.
x=1,2
a=+1,-1
y=1,2
p(a, b x, y)
b=+1,-1
Results
All the region
above the curve is
impossible within
Quantum
Mechanics.
Statement of the problem
r  max p a x 
p a, b x, y  Q
xy
c
 ab p a, b x, y   
We have developed an asymptotically convergent series of
sets approximating the quantum set.
rn  max p a x 
p a, b x, y   n
xy
c
 ab p a, b x, y   
Experimental realization
• The two-box scenario is performed by two atomic particles located in two
distant traps.
• Using our theoretical techniques, we can certify that 42 new random bits are
generated in the experiment.
• It is the first time that randomness generation is certified without making
any detailed assumption about the internal working of the devices.
Concluding Remarks
Quantum correlations
• Hierarchy of necessary condition for detecting
the quantum origin of correlations.
• Each condition can be mapped into an SDP
problem.
• How does this picture change if we fix the
dimension of the quantum system?
• Are all finite correlations achievable measuring
finite-dimensional quantum systems?
Device-Independent QKD
• Classical cryptographic is based on computational
security. Quantum computers may change what we
understand today as a hard problem.
• Quantum Key Distribution is based on physical laws.
• Standard protocols require good control of the devices.
• It seems possible to construct QKD protocols whose
security does not require any assumption on the devices.
• General security proofs?
• The implementation of these protocols using current
technology is still a challenge!
• Hybrid scenarios: partial control of the devices suffices.
Random Numbers from Bell’s Theorem
• Randomness can be derived from non-local quantum
correlations.
• The obtained randomness is certifiable, private and
device-independent.
• It represents a novel application of Quantum Information
Theory, solving a task whose classical realization is, at
least, unclear.
• These techniques allow quantifying the intrinsic quantum
randomness generated in Bell tests.
• General security proof?
• More efficient schemes for generation?
Related documents
Quantum mechanical model
Quantum mechanical model
David Williams (University of Cambridge)
David Williams (University of Cambridge)
Prof. Bertrand Reulet, Université de Sherbrooke, Canada Talk: 23. May 2014
Prof. Bertrand Reulet, Université de Sherbrooke, Canada Talk: 23. May 2014
Project suggestion as part of the course 203-1-3431 November 7 , 2011
Project suggestion as part of the course 203-1-3431 November 7 , 2011
An Introduction to Quantum Computing
An Introduction to Quantum Computing
Quantum phase transition - Condensed Matter Theory and Quantum
Quantum phase transition - Condensed Matter Theory and Quantum
Probing contextuality with superconducting quantum circuits Talk 27. Oct. 2015 ABSTRACT:
Probing contextuality with superconducting quantum circuits Talk 27. Oct. 2015 ABSTRACT:
Some Families of Probability Distributions Within Quantum Theory
Some Families of Probability Distributions Within Quantum Theory
Chapter 3- Atomic Structure (light interaction with e-)
Chapter 3- Atomic Structure (light interaction with e-)
vu_quantum_physics_research_report
vu_quantum_physics_research_report
`12
`12
More with Quantum Numbers
More with Quantum Numbers
Simulating Steady-State Strongly correlated Nonlinear Transport
Simulating Steady-State Strongly correlated Nonlinear Transport
Time-resolved electron transport through quantum dots
Time-resolved electron transport through quantum dots