scholarly journals A quantum lower bound for distinguishing random functions from random permutations

2014 ◽  
Vol 14 (13&14) ◽  
pp. 1089-1097
Author(s):  
Henry Yuen
Keyword(s):  
Lower Bound ◽  
Quantum Algorithm ◽  
Input Function ◽  
Random Permutation ◽  
Query Complexity ◽  
Random Permutations ◽  
Random Functions ◽  
Collision Problem ◽  
Bounded Error ◽  
Quantum Query

The problem of distinguishing between a random function and a random permutation on a domain of size $N$ is important in theoretical cryptography, where the security of many primitives depend on the problem's hardness. We study the quantum query complexity of this problem, and show that any quantum algorithm that solves this problem with bounded error must make $\Omega(N^{1/5}/\polylog N)$ queries to the input function. Our lower bound proof uses a combination of the Collision Problem lower bound and Ambainis's adversary theorem.

scholarly journals The quantum query complexity of AC0

2012 ◽  
Vol 12 (7&8) ◽  
pp. 670-676
Author(s):  
Paul Beame ◽  
Widad Machmouchi
Keyword(s):  
Lower Bound ◽  
Quantum Algorithm ◽  
Input Function ◽  
Query Complexity ◽  
Quantum Query Complexity ◽  
Quantum Query

We show that any quantum algorithm deciding whether an input function $f$ from $[n]$ to $[n]$ is 2-to-1 or almost 2-to-1 requires $\Theta(n)$ queries to $f$. The same lower bound holds for determining whether or not a function $f$ from $[2n-2]$ to $[n]$ is surjective. These results yield a nearly linear $\Omega(n/\log n)$ lower bound on the quantum query complexity of $\cl{AC}^0$. The best previous lower bound known for any $\cl{AC^0}$ function was the $\Omega ((n/\log n)^{2/3})$ bound given by Aaronson and Shi's $\Omega(n^{2/3})$ lower bound for the element distinctness problem.

A note on the quantum collision and set equality problems

2015 ◽  
Vol 15 (7&8) ◽  
pp. 557-567
Author(s):  
Mark Zhandry
Keyword(s):  
Lower Bound ◽  
Symmetric Functions ◽  
Query Complexity ◽  
Random Functions ◽  
Quantum Query Complexity ◽  
Collision Problem ◽  
Equality Problem ◽  
The Relationship ◽  
Quantum Query

A collision for a function $f$ is two distinct inputs $x_1\neq x_2$ such that $f$ outputs the same value on both inputs: $f(x_1)=f(x_2)$. The quantum query complexity of finding collisions has been shown~\cite{BHT1997,AS2004, Ambainis05, Kutin05} in some settings to be $\Theta(N^{1/3})$; however, these results do not apply to random functions. The issues are two-fold. First, the $\Omega(N^{1/3})$ lower bound only applies when the domain is no larger than the co-domain, which precludes many of the cryptographically interesting applications. Second, most of the results in the literature only apply to $r$-to-1 functions, which are quite different from random functions. Understanding the collision problem for random functions is of great importance to cryptography, and we seek to fill the gaps of knowledge for this problem. To that end, we prove that, as expected, a quantum query complexity of $\Theta(N^{1/3})$ holds for all interesting domain and co-domain sizes. Our proofs are simple, and combine existing techniques with several novel tricks to obtain the desired results. Using our techniques, we also give an optimal $\Omega(M^{1/3})$ lower bound for the set equality problem. This lower bound can be used to improve the relationship between classical randomized query complexity and quantum query complexity for so-called permutation-symmetric functions.

scholarly journals Quantum query complexity of symmetric oracle problems

Quantum ◽  
2021 ◽  
Vol 5 ◽  
pp. 403
Author(s):  
Daniel Copeland ◽  
Jamie Pommersheim
Keyword(s):  
Polynomial Interpolation ◽  
Quantum Algorithms ◽  
Success Probability ◽  
Quantum Algorithm ◽  
Random Permutation ◽  
Query Complexity ◽  
Learning Problems ◽  
Unitary Matrices ◽  
Query Algorithm ◽  
Quantum Query

We study the query complexity of quantum learning problems in which the oracles form a group G of unitary matrices. In the simplest case, one wishes to identify the oracle, and we find a description of the optimal success probability of a t-query quantum algorithm in terms of group characters. As an application, we show that Ω(n) queries are required to identify a random permutation in Sn. More generally, suppose H is a fixed subgroup of the group G of oracles, and given access to an oracle sampled uniformly from G, we want to learn which coset of H the oracle belongs to. We call this problem coset identification and it generalizes a number of well-known quantum algorithms including the Bernstein-Vazirani problem, the van Dam problem and finite field polynomial interpolation. We provide character-theoretic formulas for the optimal success probability achieved by a t-query algorithm for this problem. One application involves the Heisenberg group and provides a family of problems depending on n which require n+1 queries classically and only 1 query quantumly.

scholarly journals Exact quantum algorithms have advantage for almost all Boolean functions

2015 ◽  
pp. 435-452
Author(s):  
Andris Ambainis ◽  
Jozef Gruska ◽  
Shenggen Zheng
Keyword(s):  
Boolean Function ◽  
Boolean Functions ◽  
Quantum Algorithms ◽  
Quantum Algorithm ◽  
Query Complexity ◽  
Exact Quantum ◽  
Quantum Query Complexity ◽  
Almost All ◽  
Quantum Query

It has been proved that almost all n-bit Boolean functions have exact classical query complexity n. However, the situation seemed to be very different when we deal with exact quantum query complexity. In this paper, we prove that almost all n-bit Boolean functions can be computed by an exact quantum algorithm with less than n queries. More exactly, we prove that ANDn is the only n-bit Boolean function, up to isomorphism, that requires n queries.

scholarly journals Impossibility of succinct quantum proofs for collision-freeness

2012 ◽  
Vol 12 (1&2) ◽  
pp. 21-28 ◽  
Author(s):  
Scott Aaronson
Keyword(s):  
Lower Bound ◽  
Quantum Algorithm ◽  
Simple Extension ◽  
Class A ◽  
Collision Problem ◽  
Open Question

We show that any quantum algorithm to decide whether a function f[n] \rightarrow [n] is a permutation or far from a permutation\ must make \Omega( n^{1/3}/w) queries to f, even if the algorithm is given a w-qubit quantum witness in support of f being a permutation. This implies that there exists an oracle A such that {SZK}^{A}\not \subset {QMA}^{A}, answering an eight-year-old open question of the author. \ Indeed, we show that relative to some oracle, {SZK} is not in the counting class {A}_0{PP} defined by Vyalyi. The proof is a fairly simple extension of the quantum lower bound for the collision problem.

scholarly journals Explicit relation between all lower bound techniques for quantum query complexity

2015 ◽  
Vol 13 (04) ◽  
pp. 1350059
Author(s):  
Loïck Magnin ◽  
Jérémie Roland
Keyword(s):  
Lower Bound ◽  
Boolean Functions ◽  
Query Complexity ◽  
Polynomial Method ◽  
Quantum Query Complexity ◽  
State Generation ◽  
Adversary Method ◽  
Explicit Relation ◽  
Special Case ◽  
Quantum Query

The polynomial method and the adversary method are the two main techniques to prove lower bounds on quantum query complexity, and they have so far been considered as unrelated approaches. Here, we show an explicit reduction from the polynomial method to the multiplicative adversary method. The proof goes by extending the polynomial method from Boolean functions to quantum state generation problems. In the process, the bound is even strengthened. We then show that this extended polynomial method is a special case of the multiplicative adversary method with an adversary matrix that is independent of the function. This new result therefore provides insight on the reason why in some cases the adversary method is stronger than the polynomial method. It also reveals a clear picture of the relation between the different lower bound techniques, as it implies that all known techniques reduce to the multiplicative adversary method.

Quantum collision-resistance of non-uniformly distributed functions: upper and lower bounds

2018 ◽  
Vol 18 (15&16) ◽  
pp. 1332-1349
Author(s):  
Ehsan Ebrahimi ◽  
Dominique Unruh
Keyword(s):  
Lower Bound ◽  
Uniform Distribution ◽  
Lower Bounds ◽  
Upper Bounds ◽  
Query Complexity ◽  
Upper And Lower Bounds ◽  
Collision Resistance ◽  
Quantum Query Complexity ◽  
Quantum Query

We study the quantum query complexity of finding a collision for a function f whose outputs are chosen according to a non-uniform distribution D. We derive some upper bounds and lower bounds depending on the min-entropy and the collision-entropy of D. In particular, we improve the previous lower bound by Ebrahimi Targhi et al. from \Omega(2^{k/9}) to \Omega(2^{k/5}) where k is the min-entropy of D.

scholarly journals Quantum and randomized lower bounds for local search on vertex-transitive graphs

2010 ◽  
Vol 10 (7&8) ◽  
pp. 638-652
Author(s):  
H. Dinh ◽  
A. Russell
Keyword(s):  
Lower Bound ◽  
Local Search ◽  
Lower Bounds ◽  
Randomized Algorithm ◽  
Query Complexity ◽  
Major Step ◽  
Vertex Transitive ◽  
Vertex Transitive Graphs ◽  
Transitive Graphs ◽  
Quantum Query

We study the problem of \emph{local search} on a graph. Given a real-valued black-box function $f$ on the graph's vertices, this is the problem of determining a local minimum of $f$---a vertex $v$ for which $f(v)$ is no more than $f$ evaluated at any of $v$'s neighbors. In 1983, Aldous gave the first strong lower bounds for the problem, showing that any randomized algorithm requires $\Omega(2^{n/2 - o(n)} )$ queries to determine a local minima on the $n$-dimensional hypercube. The next major step forward was not until 2004 when Aaronson, introducing a new method for query complexity bounds, both strengthened this lower bound to $\Omega(2^{n/2}/n^2)$ and gave an analogous lower bound on the quantum query complexity. While these bounds are very strong, they are known only for narrow families of graphs (hypercubes and grids). We show how to generalize Aaronson's techniques in order to give randomized (and quantum) lower bounds on the query complexity of local search for the family of vertex-transitive graphs. In particular, we show that for any vertex-transitive graph $G$ of $N$ vertices and diameter $d$, the randomized and quantum query complexities for local search on $G$ are $\Omega\left({\sqrt{N}}/{d\log N}\right)$ and $\Omega\left({\sqrt[4]{N}}/{\sqrt{d\log N}}\right)$, respectively.

scholarly journals The quantum query complexity of certification

2010 ◽  
Vol 10 (3&4) ◽  
pp. 181-189
Author(s):  
A. Ambainis ◽  
A.M. Childs ◽  
F. Le Gall ◽  
S. Tani
Keyword(s):  
Lower Bound ◽  
Query Complexity ◽  
Direct Sum ◽  
Quantum Query Complexity ◽  
Sum Theorem ◽  
Adversary Method ◽  
Quantum Query

We study the quantum query complexity of finding a certificate for a d-regular, k-level balanced \nand formula. We show that the query complexity is $\tilde\Theta(d^{(k+1)/2})$ for 0-certificates, and $\tilde\Theta(d^{k/2})$ for 1-certificates. In particular, this shows that the zero-error quantum query complexity of evaluating such formulas is $\tilde O(d^{(k+1)/2})$. Our lower bound relies on the fact that the quantum adversary method obeys a direct sum theorem.

Sign in / Sign up

Export Citation Format

Share Document