# Quantum Computing Lecture 7. Quantum Factoring. Anuj Dawar

Save this PDF as:

Size: px
Start display at page:

## Transcription

1 Quantum Computing Lecture 7 Quantum Factoring Anuj Dawar

2 Quantum Factoring A polynomial time quantum algorithm for factoring numbers was published by Peter Shor in polynomial time here means that the number of gates is bounded by a polynomial in the number of bits n of the number being factored. The best known classical algorithms are exponential (in n 1/3 ). Fast factoring would undermine public-key cryptographic systems such as RSA.

3 Period Finding Suppose we are given a function f : N {0,..., N 1} which we know is periodic, i.e. f (x + r) = f (x) for some fixed r and all x. Can we find the least value of r? If we can find the period of a function efficiently, we can factor integers quickly.

4 Order Finding Suppose we are given an integer N and an a with a < N and gcd(a, N) = 1. Consider the function f a : N {0,..., N 1} given by f a (x) a x (mod N) Then, f a is periodic, and if we can find the period r, we can factor N.

5 Factoring Suppose (for simplicity) N = pq, where p and q are prime. And, for some a < N, we know the period r of the function f a. Then, a r+1 a (mod N), so a r 1 (mod N). If r is even and a r/ (mod N), then take x 2 = a r. x (mod N) (x 1)(x + 1) 0 (mod N) But, x 1 0 (mod N) (by minimality of r) x (mod N) (by assumption)

6 Factoring contd. So, (x 1)(x + 1) = kpq for some k. Now, finding gcd(n, x 1) and gcd(n, x + 1) will find p and q. If we randomly choose a < N (and check that gcd(a, N) = 1 if not, we ve already found a factor of N) then, there is a probability > 1 2 that the period of f a is even; and a r/ (mod N).

7 Using a Fourier Transform A fast period-finding algorithm allows us to factor numbers quickly. The idea is to use a Fourier Transform to find the period of a function f. Note, classically, we can use the fast Fourier transform algorithm for this purpose, but it can be shown that this would require time N log N, which is exponential in the number of bits of N.

8 Discrete Fourier Transform The discrete Fourier transform of a sequence of complex numbers x 0,..., x M 1 is another sequence of numbers y 0,..., y M 1 where or where ω = e 2πi/M. y k = 1 M 1 x j e 2πijk/M M j=0 y k = 1 M 1 x j ω jk. M j=0

9 DFT is Unitary The discrete Fourier transform is a unitary operation on C M. Writing ω for e 2πi/M, are the Mth roots of 1. D = 1 M ω, ω 2,..., ω M 1, ω M = ω ω 2 ω 1 1 ω 2 ω 4 ω 2 1 ω 3 ω 6 ω ω M 1 ω 2M 2 ω

10 Inverse DFT The inverse of the discrete Fourier Transform is given by: ω 1 ω 2 ω 1 ω 2 ω 4 ω 2 1 ω 3 ω 6 ω 3 D 1 = 1 M ω 1 M ω 2 2M ω M 1 Exercise: Verify that D is unitary. Verify that D 1 as given above is the inverse of D.

11 Quantum Fourier Transform Computing the discrete Fourier transform classically takes time polynomial in M. Shor showed that D can be implemented using a number of one and two-qubit gates that is only polynomial in the number of qubits O((log M) 2 ). Note: This does not give a fast way to compute the DFT on a quantum computer. There is no way to extract all the complex components from the transformed state.

12 Fourier Transform on Binary Strings Suppose M = 2 n, and let x be a computational basis state in C M with binary representation b 1 b n. Let η j = e 2πi(0 b j b j+1 b n). Then D x = ( 0 + η n 1 )( 0 + η n 1 1 ) ( 0 + η 1 1 ). Exercise: Verify.

13 Quantum Fourier Transform Circuit We can use this form to implement the quantum Fourier transform using Hadamard gates and conditional phase-shift gates. H H P H P Q H P Q R In the input, the least significant bit is at the top, in the output, it is at the bottom.

14 Conditional Phase Shifts Here P = [ i ] Q = [ e iπ/4 ] R = [ e iπ/8 ] Two-qubit conditional phase shift gates are actually symmetric between the two bits, despite the asymmetry in the drawn circuit. It seems that for large n, an n-bit quantum Fourier transform circuit would require conditional phase shifts of arbitrary precision. It can be shown that this can be avoided with some (but not significant) loss in the probability of success for the factoring algorithm.

15 Preparing the State We are given an implementation of the function f as a unitary operator U f x 0 U f x f(x) Where, now, each of the two input wires represents n distinct qubits Writing Ψ for the state H n 0 n = 1 2 n 1 x. 2 n/2 x=0 We have, U f Ψ 0 n = 1 2 n 1 x f (x). 2 n/2 x=0

16 First Measurement We measure the second n qubits of the state U f Ψ 0 n and get a value f 0. The state after measurement is: where: m 1 ( 1 x 0 + kr ) f 0. m k=0 x 0 is the least value such that f (x 0 ) = f 0 r is the period of the function f m = 2n r.

17 Applying the QFT We apply the n-qubit quantum Fourier transform to the first n bits of the transformed state. where ω = e 2πi/2n. D ( 1 x 0 + kr ) m m 1 k=0 2 n 1 = 1 2 n/2 y=0 2 n 1 = y=0 m 1 1 ω (x0+kr)y y m k=0 ω x0y 1 2 n/2 m ( m 1 k=0 ω kry ) y.

18 Second Measurement The probability of observing a given state y is: 1 2 n m m 1 2 ω kry. k=0 This probability function has peaks when ry/2 n is close to an integer. Indeed, if ry/2 n is an integer, then with probability 1 we measure a y that is a multiple of r/2 n. Given an integer multiple of 2 n /r, it is not difficult to find r.

19 Exponentiation To complete the factoring algorithm, we need to check that we can also implement the unitary transform U f for the particular function f a (x) = a x mod N. with a number of quantum gates that is polynomial in log N. This is achieved through repeated squaring.

20 Some Points to Note The two measurement steps can be combined at the end, with the Fourier transform applied before the measurement of f (x). The probability of successfully finding the period in any run of the algorithm is only about 0.4. However, this means a small number of repetitions will suffice to find the period with high probability. Putting a lower bound on the conditional phase shift we are allowed to perform affects the probability of success, but not the rest of the algorithm.

### Modular arithmetic. x ymodn if x = y +mn for some integer m. p. 1/??

p. 1/?? Modular arithmetic Much of modern number theory, and many practical problems (including problems in cryptography and computer science), are concerned with modular arithmetic. While this is probably

### MA2C03 Mathematics School of Mathematics, Trinity College Hilary Term 2016 Lecture 59 (April 1, 2016) David R. Wilkins

MA2C03 Mathematics School of Mathematics, Trinity College Hilary Term 2016 Lecture 59 (April 1, 2016) David R. Wilkins The RSA encryption scheme works as follows. In order to establish the necessary public

### What Has Quantum Mechanics to Do With Factoring? Things I wish they had told me about Peter Shor s algorithm

What Has Quantum Mechanics to Do With Factoring? Things I wish they had told me about Peter Shor s algorithm 1 Question: What has quantum mechanics to do with factoring? Answer: Nothing! 2 Question: What

### Quantum Algorithms in NMR Experiments. 25 th May 2012 Ling LIN & Michael Loretz

Quantum Algorithms in NMR Experiments 25 th May 2012 Ling LIN & Michael Loretz Contents 1. Introduction 2. Shor s algorithm 3. NMR quantum computer Nuclear spin qubits in a molecule NMR principles 4. Implementing

### Quantum Computing. Robert Sizemore

Quantum Computing Robert Sizemore Outline Introduction: What is quantum computing? What use is quantum computing? Overview of Quantum Systems Dirac notation & wave functions Two level systems Classical

### U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009. Notes on Algebra

U.C. Berkeley CS276: Cryptography Handout 0.1 Luca Trevisan January, 2009 Notes on Algebra These notes contain as little theory as possible, and most results are stated without proof. Any introductory

### 6.080 / 6.089 Great Ideas in Theoretical Computer Science Spring 2008

MIT OpenCourseWare http://ocw.mit.edu 6.080 / 6.089 Great Ideas in Theoretical Computer Science Spring 2008 For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms.

### QUANTUM COMPUTERS AND CRYPTOGRAPHY. Mark Zhandry Stanford University

QUANTUM COMPUTERS AND CRYPTOGRAPHY Mark Zhandry Stanford University Classical Encryption pk m c = E(pk,m) sk m = D(sk,c) m??? Quantum Computing Attack pk m aka Post-quantum Crypto c = E(pk,m) sk m = D(sk,c)

### Lecture 8: Applications of Quantum Fourier transform

Department of Physical Sciences, University of Helsinki http://theory.physics.helsinki.fi/ quantumgas/ p. 1/25 Quantum information and computing Lecture 8: Applications of Quantum Fourier transform Jani-Petri

### Bits Superposition Quantum Parallelism

7-Qubit Quantum Computer Typical Ion Oscillations in a Trap Bits Qubits vs Each qubit can represent both a or at the same time! This phenomenon is known as Superposition. It leads to Quantum Parallelism

### Lecture 13 - Basic Number Theory.

Lecture 13 - Basic Number Theory. Boaz Barak March 22, 2010 Divisibility and primes Unless mentioned otherwise throughout this lecture all numbers are non-negative integers. We say that A divides B, denoted

### Quantum implementation of elementary arithmetic operations

Quantum implementation of elementary arithmetic operations G. Florio and D. Picca INFN (Sezione di Bari and Dipartimento di Fisica, Università di Bari, Via Orabona 4, 706, Bari, Italy Abstract Quantum

### Factoring by Quantum Computers

Factoring by Quantum Computers Ragesh Jaiswal University of California, San Diego A Quantum computer is a device that uses uantum phenomenon to perform a computation. A classical system follows a single

### Quantum Computation CMU BB, Fall 2015

Quantum Computation CMU 5-859BB, Fall 205 Homework 3 Due: Tuesday, Oct. 6, :59pm, email the pdf to pgarriso@andrew.cmu.edu Solve any 5 out of 6. [Swap test.] The CSWAP (controlled-swap) linear operator

### Breaking The Code. Ryan Lowe. Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and

Breaking The Code Ryan Lowe Ryan Lowe is currently a Ball State senior with a double major in Computer Science and Mathematics and a minor in Applied Physics. As a sophomore, he took an independent study

### Factoring & Primality

Factoring & Primality Lecturer: Dimitris Papadopoulos In this lecture we will discuss the problem of integer factorization and primality testing, two problems that have been the focus of a great amount

### Outline. Computer Science 418. Digital Signatures: Observations. Digital Signatures: Definition. Definition 1 (Digital signature) Digital Signatures

Outline Computer Science 418 Digital Signatures Mike Jacobson Department of Computer Science University of Calgary Week 12 1 Digital Signatures 2 Signatures via Public Key Cryptosystems 3 Provable 4 Mike

### Lecture 13: Factoring Integers

CS 880: Quantum Information Processing 0/4/0 Lecture 3: Factoring Integers Instructor: Dieter van Melkebeek Scribe: Mark Wellons In this lecture, we review order finding and use this to develop a method

### Shor s algorithm and secret sharing

Shor s algorithm and secret sharing Libor Nentvich: QC 23 April 2007: Shor s algorithm and secret sharing 1/41 Goals: 1 To explain why the factoring is important. 2 To describe the oldest and most successful

### Lukasz Pater CMMS Administrator and Developer

Lukasz Pater CMMS Administrator and Developer EDMS 1373428 Agenda Introduction Why do we need asymmetric ciphers? One-way functions RSA Cipher Message Integrity Examples Secure Socket Layer Single Sign

### A Recent Improvements in Quantum Model and Counter Measures in Quantum Computing

A Recent Improvements in Quantum Model and Counter Measures in Quantum Computing J.Senthil Murugan 1, V.Parthasarathy 2, S.Sathya 3, M.Anand 4 Assistant Professor, VelTech HighTech Dr.Rangarajan Dr.Sakunthala

### 0.1 Phase Estimation Technique

Phase Estimation In this lecture we will describe Kitaev s phase estimation algorithm, and use it to obtain an alternate derivation of a quantum factoring algorithm We will also use this technique to design

### Factoring. Factoring 1

Factoring Factoring 1 Factoring Security of RSA algorithm depends on (presumed) difficulty of factoring o Given N = pq, find p or q and RSA is broken o Rabin cipher also based on factoring Factoring like

### Lecture 2: The Complexity of Some Problems

IAS/PCMI Summer Session 2000 Clay Mathematics Undergraduate Program Basic Course on Computational Complexity Lecture 2: The Complexity of Some Problems David Mix Barrington and Alexis Maciel July 18, 2000

### Lecture 3: One-Way Encryption, RSA Example

ICS 180: Introduction to Cryptography April 13, 2004 Lecturer: Stanislaw Jarecki Lecture 3: One-Way Encryption, RSA Example 1 LECTURE SUMMARY We look at a different security property one might require

### Quantum Computers. And How Does Nature Compute? Kenneth W. Regan 1 University at Buffalo (SUNY) 21 May, 2015. Quantum Computers

Quantum Computers And How Does Nature Compute? Kenneth W. Regan 1 University at Buffalo (SUNY) 21 May, 2015 1 Includes joint work with Amlan Chakrabarti, U. Calcutta If you were designing Nature, how would

### Quantum Circuits. We have already seen the notation for quantum circuits, quite analogous to that for classical Boolean circuits.

p. 1/25 Quantum Circuits We have already seen the notation for quantum circuits, quite analogous to that for classical Boolean circuits. Like classical reversible circuits, the number of quantum bits in

### Using quantum computing to realize the Fourier Transform in computer vision applications

Using quantum computing to realize the Fourier Transorm in computer vision applications Renato O. Violin and José H. Saito Computing Department Federal University o São Carlos {renato_violin, saito }@dc.uscar.br

### RSA Question 2. Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true?

RSA Question 2 Bob thinks that p and q are primes but p isn t. Then, Bob thinks Φ Bob :=(p-1)(q-1) = φ(n). Is this true? Bob chooses a random e (1 < e < Φ Bob ) such that gcd(e,φ Bob )=1. Then, d = e -1

### Classical Information and Bits

p. 1/24 Classical Information and Bits The simplest variable that can carry information is the bit, which can take only two values, 0 or 1. Any ensemble, description, or set of discrete values can be quantified

### Prime Numbers The generation of prime numbers is needed for many public key algorithms:

CA547: CRYPTOGRAPHY AND SECURITY PROTOCOLS 1 7 Number Theory 2 7.1 Prime Numbers Prime Numbers The generation of prime numbers is needed for many public key algorithms: RSA: Need to find p and q to compute

### An Overview of Integer Factoring Algorithms. The Problem

An Overview of Integer Factoring Algorithms Manindra Agrawal IITK / NUS The Problem Given an integer n, find all its prime divisors as efficiently as possible. 1 A Difficult Problem No efficient algorithm

### Public Key Cryptography and RSA. Review: Number Theory Basics

Public Key Cryptography and RSA Murat Kantarcioglu Based on Prof. Ninghui Li s Slides Review: Number Theory Basics Definition An integer n > 1 is called a prime number if its positive divisors are 1 and

### Quantum Algorithms Lecture Notes Summer School on Theory and Technology in Quantum Information, Communication, Computation and Cryptography

Quantum Algorithms Lecture Notes Summer School on Theory and Technology in Quantum Information, Communication, Computation and Cryptography Julia Kempe CNRS & LRI, Université de Paris-Sud 9405 Orsay, France

### Public Key Cryptography: RSA and Lots of Number Theory

Public Key Cryptography: RSA and Lots of Number Theory Public vs. Private-Key Cryptography We have just discussed traditional symmetric cryptography: Uses a single key shared between sender and receiver

### Polynomials and the Fast Fourier Transform (FFT) Battle Plan

Polynomials and the Fast Fourier Transform (FFT) Algorithm Design and Analysis (Wee 7) 1 Polynomials Battle Plan Algorithms to add, multiply and evaluate polynomials Coefficient and point-value representation

### arxiv:quant-ph/9508027v2 25 Jan 1996

Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer arxiv:quant-ph/9508027v2 25 Jan 1996 Peter W. Shor Abstract A digital computer is generally believed to

Family Name:... First Name:... Section:... Advanced Cryptography Final Exam July 18 th, 2006 Start at 9:15, End at 12:00 This document consists of 12 pages. Instructions Electronic devices are not allowed.

### A 2D NEAREST-NEIGHBOR QUANTUM ARCHITECTURE FOR FACTORING IN POLYLOGARITHMIC DEPTH

Quantum Information and Computation, Vol. 13, No. 11&12 (2013) 0937 0962 c Rinton Press A 2D NEAREST-NEIGHBOR QUANTUM ARCHITECTURE FOR FACTORING IN POLYLOGARITHMIC DEPTH PAUL PHAM a Quantum Theory Group,

### Quantum Computing Principles

Chapter Quantum Computing Principles The massive amount of processing power generated by computer manufacturers has not yet been able to quench our thirst for speed and computing capacity. In 1947, American

### Integer multiplication

Integer multiplication Suppose we have two unsigned integers, A and B, and we wish to compute their product. Let A be the multiplicand and B the multiplier: A n 1... A 1 A 0 multiplicand B n 1... B 1 B

### Introduction to Quantum Computing

Introduction to Quantum Computing Javier Enciso encisomo@in.tum.de Joint Advanced Student School 009 Technische Universität München April, 009 Abstract In this paper, a gentle introduction to Quantum Computing

### 2.1 Complexity Classes

15-859(M): Randomized Algorithms Lecturer: Shuchi Chawla Topic: Complexity classes, Identity checking Date: September 15, 2004 Scribe: Andrew Gilpin 2.1 Complexity Classes In this lecture we will look

### Quantum Computing: Lecture Notes. Ronald de Wolf

Quantum Computing: Lecture Notes Ronald de Wolf Preface These lecture notes were formed in small chunks during my Quantum computing course at the University of Amsterdam, Feb-May 2011, and compiled into

### The Mathematics of the RSA Public-Key Cryptosystem

The Mathematics of the RSA Public-Key Cryptosystem Burt Kaliski RSA Laboratories ABOUT THE AUTHOR: Dr Burt Kaliski is a computer scientist whose involvement with the security industry has been through

### Faster deterministic integer factorisation

David Harvey (joint work with Edgar Costa, NYU) University of New South Wales 25th October 2011 The obvious mathematical breakthrough would be the development of an easy way to factor large prime numbers

### Cryptography and Network Security Chapter 9

Cryptography and Network Security Chapter 9 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 9 Public Key Cryptography and RSA Every Egyptian received two names,

### Lecture 1: Course overview, circuits, and formulas

Lecture 1: Course overview, circuits, and formulas Topics in Complexity Theory and Pseudorandomness (Spring 2013) Rutgers University Swastik Kopparty Scribes: John Kim, Ben Lund 1 Course Information Swastik

### RSA Attacks. By Abdulaziz Alrasheed and Fatima

RSA Attacks By Abdulaziz Alrasheed and Fatima 1 Introduction Invented by Ron Rivest, Adi Shamir, and Len Adleman [1], the RSA cryptosystem was first revealed in the August 1977 issue of Scientific American.

### Modern Factoring Algorithms

Modern Factoring Algorithms Kostas Bimpikis and Ragesh Jaiswal University of California, San Diego... both Gauss and lesser mathematicians may be justified in rejoicing that there is one science [number

### Quantum Computability and Complexity and the Limits of Quantum Computation

Quantum Computability and Complexity and the Limits of Quantum Computation Eric Benjamin, Kenny Huang, Amir Kamil, Jimmy Kittiyachavalit University of California, Berkeley December 7, 2003 This paper will

### 1 Die hard, once and for all

ENGG 2440A: Discrete Mathematics for Engineers Lecture 4 The Chinese University of Hong Kong, Fall 2014 6 and 7 October 2014 Number theory is the branch of mathematics that studies properties of the integers.

### CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash

### Discrete Mathematics Lecture 3 Elementary Number Theory and Methods of Proof. Harper Langston New York University

Discrete Mathematics Lecture 3 Elementary Number Theory and Methods of Proof Harper Langston New York University Proof and Counterexample Discovery and proof Even and odd numbers number n from Z is called

### COMP 250 Fall 2012 lecture 2 binary representations Sept. 11, 2012

Binary numbers The reason humans represent numbers using decimal (the ten digits from 0,1,... 9) is that we have ten fingers. There is no other reason than that. There is nothing special otherwise about

### Homework 5 Solutions

Homework 5 Solutions 4.2: 2: a. 321 = 256 + 64 + 1 = (01000001) 2 b. 1023 = 512 + 256 + 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = (1111111111) 2. Note that this is 1 less than the next power of 2, 1024, which

### arxiv:quant-ph/ v1 2 Nov 2000

Basic concepts in quantum computation arxiv:quant-ph/0011013v1 Nov 000 Artur Ekert, Patrick Hayden and Hitoshi Inamori Centre for Quantum Computation, University of Oxford, Oxford OX1 3PU, United Kingdom

### Alternative machine models

Alternative machine models Computational complexity thesis: All reasonable computer models can simulate one another in polynomial time (i.e. P is robust or machine independent ). But the Turing machine

### S hor s prime factoring algorithm1 reduces the factorization of a product N 5 pp9 of distinct odd primes p and

OPEN SUBJECT AREAS: QUANTUM INFORMATION QUBITS Received 21 August 2013 Accepted 3 October 2013 Published 28 October 2013 Correspondence and requests for materials should be addressed to M.R.G. (mgeller@uga.

### Notes for Recitation 5

6.042/18.062J Mathematics for Computer Science September 24, 2010 Tom Leighton and Marten van Dijk Notes for Recitation 5 1 Exponentiation and Modular Arithmetic Recall that RSA encryption and decryption

### Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring

Breaking Generalized Diffie-Hellman Modulo a Composite is no Easier than Factoring Eli Biham Dan Boneh Omer Reingold Abstract The Diffie-Hellman key-exchange protocol may naturally be extended to k > 2

### Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs

Cryptographic hash functions and MACs Solved Exercises for Cryptographic Hash Functions and MACs Enes Pasalic University of Primorska Koper, 2014 Contents 1 Preface 3 2 Problems 4 2 1 Preface This is a

### Chapter 9 Public Key Cryptography and RSA

Chapter 9 Public Key Cryptography and RSA Cryptography and Network Security: Principles and Practices (3rd Ed.) 2004/1/15 1 9.1 Principles of Public Key Private-Key Cryptography traditional private/secret/single

### Enhancing privacy with quantum networks

Enhancing privacy with quantum networks P. Mateus N. Paunković J. Rodrigues A. Souto SQIG- Instituto de Telecomunicações and DM - Instituto Superior Técnico - Universidade de Lisboa Abstract Using quantum

### Lecture 1 Version: 14/08/28. Frontiers of Condensed Matter San Sebastian, Aug. 28-30, 2014. Dr. Leo DiCarlo l.dicarlo@tudelft.nl dicarlolab.tudelft.

Introduction to quantum computing (with superconducting circuits) Lecture 1 Version: 14/08/28 Frontiers of Condensed Matter San Sebastian, Aug. 28-30, 2014 Dr. Leo DiCarlo l.dicarlo@tudelft.nl dicarlolab.tudelft.nl

### Cryptography and Network Security Chapter 10

Cryptography and Network Security Chapter 10 Fifth Edition by William Stallings Lecture slides by Lawrie Brown (with edits by RHB) Chapter 10 Other Public Key Cryptosystems Amongst the tribes of Central

### NP-Completeness I. Lecture 19. 19.1 Overview. 19.2 Introduction: Reduction and Expressiveness

Lecture 19 NP-Completeness I 19.1 Overview In the past few lectures we have looked at increasingly more expressive problems that we were able to solve using efficient algorithms. In this lecture we introduce

### SOLUTIONS FOR PROBLEM SET 2

SOLUTIONS FOR PROBLEM SET 2 A: There exist primes p such that p+6k is also prime for k = 1,2 and 3. One such prime is p = 11. Another such prime is p = 41. Prove that there exists exactly one prime p such

### Quantum Computing Architectures

Quantum Computing Architectures 1:-2: Fred Chong (UCD) - Intro, quantum algorithms, and error correction 2:-2:3 Break and discussion 2:3-3:3 Ike Chuang (MIT) - Device technology and implementation issues

### Algebraic Computation Models. Algebraic Computation Models

Algebraic Computation Models Ζυγομήτρος Ευάγγελος ΜΠΛΑ 201118 Φεβρουάριος, 2013 Reasons for using algebraic models of computation The Turing machine model captures computations on bits. Many algorithms

### Quantum Computing and Grover s Algorithm

Quantum Computing and Grover s Algorithm Matthew Hayward January 14, 2015 1 Contents 1 Motivation for Study of Quantum Computing 3 1.1 A Killer App for Quantum Computing.............. 3 2 The Quantum Computer

### 1 Digital Signatures. 1.1 The RSA Function: The eth Power Map on Z n. Crypto: Primitives and Protocols Lecture 6.

1 Digital Signatures A digital signature is a fundamental cryptographic primitive, technologically equivalent to a handwritten signature. In many applications, digital signatures are used as building blocks

### Primality - Factorization

Primality - Factorization Christophe Ritzenthaler November 9, 2009 1 Prime and factorization Definition 1.1. An integer p > 1 is called a prime number (nombre premier) if it has only 1 and p as divisors.

### A simple and fast algorithm for computing exponentials of power series

A simple and fast algorithm for computing exponentials of power series Alin Bostan Algorithms Project, INRIA Paris-Rocquencourt 7815 Le Chesnay Cedex France and Éric Schost ORCCA and Computer Science Department,

### Announcements. CS243: Discrete Structures. More on Cryptography and Mathematical Induction. Agenda for Today. Cryptography

Announcements CS43: Discrete Structures More on Cryptography and Mathematical Induction Işıl Dillig Class canceled next Thursday I am out of town Homework 4 due Oct instead of next Thursday (Oct 18) Işıl

### Lecture 10: Distinct Degree Factoring

CS681 Computational Number Theory Lecture 10: Distinct Degree Factoring Instructor: Piyush P Kurur Scribe: Ramprasad Saptharishi Overview Last class we left of with a glimpse into distant degree factorization.

### Overview of Public-Key Cryptography

CS 361S Overview of Public-Key Cryptography Vitaly Shmatikov slide 1 Reading Assignment Kaufman 6.1-6 slide 2 Public-Key Cryptography public key public key? private key Alice Bob Given: Everybody knows

### Lecture 3: Finding integer solutions to systems of linear equations

Lecture 3: Finding integer solutions to systems of linear equations Algorithmic Number Theory (Fall 2014) Rutgers University Swastik Kopparty Scribe: Abhishek Bhrushundi 1 Overview The goal of this lecture

### Embedding more security in digital signature system by using combination of public key cryptography and secret sharing scheme

International Journal of Computer Sciences and Engineering Open Access Research Paper Volume-4, Issue-3 E-ISSN: 2347-2693 Embedding more security in digital signature system by using combination of public

### RSA Cryptosystem. Yufei Tao. Department of Computer Science and Engineering Chinese University of Hong Kong. RSA Cryptosystem

Yufei Tao Department of Computer Science and Engineering Chinese University of Hong Kong In this lecture, we will discuss the RSA cryptosystem, which is widely adopted as a way to encrypt a message, or

### FACTORING. n = 2 25 + 1. fall in the arithmetic sequence

FACTORING The claim that factorization is harder than primality testing (or primality certification) is not currently substantiated rigorously. As some sort of backward evidence that factoring is hard,

### CSCE 465 Computer & Network Security

CSCE 465 Computer & Network Security Instructor: Dr. Guofei Gu http://courses.cse.tamu.edu/guofei/csce465/ Public Key Cryptogrophy 1 Roadmap Introduction RSA Diffie-Hellman Key Exchange Public key and

### Minimal memory requirements for. pearl-necklace encoders of quantum convolutional codes

Minimal memory requirements for pearl-necklace encoders of quantum convolutional codes Monireh Houshmand, Saied Hosseini-Khayat, and Mark M. Wilde arxiv:004.579v2 [quant-ph] Nov 200 Abstract One of the

### 1 Formulating The Low Degree Testing Problem

6.895 PCP and Hardness of Approximation MIT, Fall 2010 Lecture 5: Linearity Testing Lecturer: Dana Moshkovitz Scribe: Gregory Minton and Dana Moshkovitz In the last lecture, we proved a weak PCP Theorem,

### THE MATHEMATICS OF PUBLIC KEY CRYPTOGRAPHY.

THE MATHEMATICS OF PUBLIC KEY CRYPTOGRAPHY. IAN KIMING 1. Forbemærkning. Det kan forekomme idiotisk, at jeg som dansktalende og skrivende i et danskbaseret tidsskrift med en (formentlig) primært dansktalende

### ORDERS OF ELEMENTS IN A GROUP

ORDERS OF ELEMENTS IN A GROUP KEITH CONRAD 1. Introduction Let G be a group and g G. We say g has finite order if g n = e for some positive integer n. For example, 1 and i have finite order in C, since

### Quantum Computers vs. Computers Security. @veorq http://aumasson.jp

Quantum Computers vs. Computers Security @veorq http://aumasson.jp Schrodinger equation Entanglement Bell states EPR pairs Wave functions Uncertainty principle Tensor products Unitary matrices Hilbert

### Influences in low-degree polynomials

Influences in low-degree polynomials Artūrs Bačkurs December 12, 2012 1 Introduction In 3] it is conjectured that every bounded real polynomial has a highly influential variable The conjecture is known

### Cryptography: RSA and the discrete logarithm problem

Cryptography: and the discrete logarithm problem R. Hayden Advanced Maths Lectures Department of Computing Imperial College London February 2010 Public key cryptography Assymmetric cryptography two keys:

### Factorization Methods: Very Quick Overview

Factorization Methods: Very Quick Overview Yuval Filmus October 17, 2012 1 Introduction In this lecture we introduce modern factorization methods. We will assume several facts from analytic number theory.

### Quantum and Non-deterministic computers facing NP-completeness

Quantum and Non-deterministic computers facing NP-completeness Thibaut University of Vienna Dept. of Business Administration Austria Vienna January 29th, 2013 Some pictures come from Wikipedia Introduction

### Discrete Mathematics, Chapter 4: Number Theory and Cryptography

Discrete Mathematics, Chapter 4: Number Theory and Cryptography Richard Mayr University of Edinburgh, UK Richard Mayr (University of Edinburgh, UK) Discrete Mathematics. Chapter 4 1 / 35 Outline 1 Divisibility

### Data Encryption A B C D E F G H I J K L M N O P Q R S T U V W X Y Z. we would encrypt the string IDESOFMARCH as follows:

Data Encryption Encryption refers to the coding of information in order to keep it secret. Encryption is accomplished by transforming the string of characters comprising the information to produce a new

### An introduction to post-quantum cryptography

An introduction to post-quantum cryptography Andrew Savchenko NRNU MEPhI, Moscow, Russia LVEE Winter 2016 Outline 1 Terminology 2 Quantum computing 3 Impact on cryptographic algorithms 4 Free software

### Public Key (asymmetric) Cryptography

Public-Key Cryptography UNIVERSITA DEGLI STUDI DI PARMA Dipartimento di Ingegneria dell Informazione Public Key (asymmetric) Cryptography Luca Veltri (mail.to: luca.veltri@unipr.it) Course of Network Security,

### CIS 5371 Cryptography. 8. Encryption --

CIS 5371 Cryptography p y 8. Encryption -- Asymmetric Techniques Textbook encryption algorithms In this chapter, security (confidentiality) is considered in the following sense: All-or-nothing secrecy.

### The Laws of Cryptography Cryptographers Favorite Algorithms

2 The Laws of Cryptography Cryptographers Favorite Algorithms 2.1 The Extended Euclidean Algorithm. The previous section introduced the field known as the integers mod p, denoted or. Most of the field

### A New Generic Digital Signature Algorithm

Groups Complex. Cryptol.? (????), 1 16 DOI 10.1515/GCC.????.??? de Gruyter???? A New Generic Digital Signature Algorithm Jennifer Seberry, Vinhbuu To and Dongvu Tonien Abstract. In this paper, we study

### Notes on Network Security Prof. Hemant K. Soni

Chapter 9 Public Key Cryptography and RSA Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications