We can be clever and only look at SQRT(N_bits).-Classical factoring algorithm is of order O(e^log(N_bits)^3) and called General Number Field Sieve.-Number of particles in universe: 10^80 ~ 2^256
-Coprime meaning no common factor other than 1. GCD(x,N)=1.-Exponential number of a’s to check since we don’t know it. a is from 0-q-1-r has to be even or above won’t work.-GCD of last factors and N will yield non-trivial factor of N.
-take O(M^3) steps, where M is the number of bits N is.
A Complexity Analysis of Shor's Quantum Factoring Algorithm
A Complexity Analysis of Shor’s Quantum Factoring Algorithm<br />J. Caleb Wherry<br />Austin Peay State University<br />Department of Computer Science<br />
Introduction<br />3<br />Relativity Computer<br />QuantumComputing<br />Closed Timelike Curve Computation<br />DNA Computing<br />S. Aaronson and J. Watrous. Closed Timelike Curves Make Quantum and Classical Computing Equivalent, Proceedings of the Royal Society A 465:631-647, 2009. arXiv:0808.2669. <br />3<br />
Classical Factoring<br />4<br />Composite Number<br />For RSA, p & q are prime.<br />Why is Factoring Hard?<br />Example 1: N being 16 bits long<br />Example 2: N being 32 bits long<br />216 = 65,536 possible values<br />232 = 4,294,967,296 possible values<br />RSA<br />Normal RSA public key (above N) is around 1024-2048 bits.<br />
Shor’s Quantum Factoring Algorithm<br />6<br />We have an integer N that we want to factor.<br />To factor, we have to find the period of this function:<br />Where x < N and coprime to N.<br />Using rules of modular arithmetic to yield:<br />Set up quantum side:<br />Quantum Register:<br />
Shor’s Quantum Factoring Algorithm<br />7<br />Quantum Register:<br />State After Transformation:<br />Measure Register 1:<br />New State:<br />Quantum Fourier <br />Transform<br />What does this do?<br />“Peaks” values in Register 1 around multiples of:<br />Measure this register to get one of these values, then compute classically r with continued fractions. <br />
Shor’s Quantum Factoring Algorithm<br />Once we have r, computing above will yield a non-trivial factor of N. QFT takes no more than O(M3), where M is the number of bits N is.<br />*Caveat: Shor’s Algorithm resides in BQP, so the answer could be wrong. Re-run to get another answer or to verify first answer. Note though, running polynomial algorithm multiple times is much better than running 1 exponential algorithm.<br />
Conclusion<br />10<br /><ul><li> We have seen how hard factoring is for even a small amount of bits.
Quantum computing is a computational paradigm that can potentially give exponential speed up over classical computing.
Algorithms are counterintuitive.</li></li></ul><li>References<br />11<br />Arora, Sanjeev;Barak, Boaz. “Computational Complexity: A Modern Approach.” New York: Cambridge University Press. 2009. Print.<br />Hayward, Matthew. “Quantum Computing and Shor’s Algorithm.” Sydney: Macquarie University Mathematics Department. 2008. Print.<br />Nielsen, Michael A.; Chuang, Isaac L. “Quantum Computation and Quantum Information.” New York: Cambridge University Press. 2000. Print.<br />Shor, Peter W. “Algorithms for Quantum Computation: Discrete Logarithms and Factoring.” Proc. 35th Annual Symposium on Foundations of Computer Science. Ed. ShafiGoldwasser. IEEE Computer Society Press, 1994. 124-136. Print.<br />