Skip to main content
QUICK REVIEW

[论文解读] Interactive Proofs For Quantum Computations

Dorit Aharonov, Michael Ben-Or|ArXiv.org|Oct 30, 2008
Quantum Computing Algorithms and Architecture参考文献 25被引用 88
一句话总结

本文提出了量子证明者交互式证明(QPIP),一种协议,使经典验证者(BPP)能够验证BQP证明者执行的量子计算的正确性,即使验证者无法经典地模拟该量子系统。该文提出了两种容错QPIP协议——一种基于随机Clifford门的量子认证,另一种基于多项式码的认证——证明了BQP中的任意语言都具有QPIP,并进一步实现了盲计算,即证明者无法获知输入或计算内容。

ABSTRACT

The widely held belief that BQP strictly contains BPP raises fundamental questions: Upcoming generations of quantum computers might already be too large to be simulated classically. Is it possible to experimentally test that these systems perform as they should, if we cannot efficiently compute predictions for their behavior? Vazirani has asked: If predicting Quantum Mechanical systems requires exponential resources, is QM a falsifiable theory? In cryptographic settings, an untrusted future company wants to sell a quantum computer or perform a delegated quantum computation. Can the customer be convinced of correctness without the ability to compare results to predictions? To answer these questions, we define Quantum Prover Interactive Proofs (QPIP). Whereas in standard Interactive Proofs the prover is computationally unbounded, here our prover is in BQP, representing a quantum computer. The verifier models our current computational capabilities: it is a BPP machine, with access to few qubits. Our main theorem can be roughly stated as: "Any language in BQP has a QPIP, and moreover, a fault tolerant one". We provide two proofs. The simpler one uses a new (possibly of independent interest) quantum authentication scheme (QAS) based on random Clifford elements. This QPIP however, is not fault tolerant. Our second protocol uses polynomial codes QAS due to BCGHS, combined with quantum fault tolerance and multiparty quantum computation techniques. A slight modification of our constructions makes the protocol "blind": the quantum computation and input are unknown to the prover. After we have derived the results, we have learned that Broadbent at al. have independently derived "universal blind quantum computation" using completely different methods. Their construction implicitly implies similar implications.

研究动机与目标

  • 本文旨在解决当经典模拟不可行时,验证量子计算的根本挑战。
  • 研究若对大规模量子系统的预测无法经典计算,量子力学是否仍可被证伪。
  • 目标是通过交互式验证实现对量子计算机的信任,即使证明者不可信或计算超出经典模拟能力。
  • 旨在为委托式量子计算提供密码学框架,使客户端能在不信任量子服务器的情况下验证结果。
  • 本文旨在形式化并证明所有BQP问题均存在容错、盲化的量子交互式证明。

提出的方法

  • 协议使用BQP证明者和BPP验证者,通信仅限经典消息与量子态传输。
  • 提出一种基于随机Clifford操作的新型量子认证方案(QAS),以保护量子态免受篡改。
  • 第二种容错协议结合Ben-Or等人提出的多项式码基QAS、量子容错性及安全多方量子计算。
  • 验证者通过测量控制量子比特在Bell态以检测与预期量子演化之间的偏差,实现欺骗检测。
  • 通过对接收输入和中间态应用随机Pauli或Clifford操作,确保证明者的观测与实际计算无关,从而实现盲性。
  • 通过限制未被检测到的欺骗概率实现可靠性,若控制量子比特不在预期的|0⟩态,验证者将中止。

实验结果

研究问题

  • RQ1当验证者无法经典模拟量子系统时,经典验证者能否验证BQP证明者执行的量子计算的正确性?
  • RQ2能否构建一个量子交互式证明系统,其中证明者受限于BQP,验证者受限于BPP,但仍能实现可靠且完备的验证?
  • RQ3此类验证协议能否实现容错,以应对现实中的量子噪声和错误?
  • RQ4协议能否实现盲性,使证明者无法获知输入、计算或输出内容?
  • RQ5该框架是否能为无法计算预测的通用量子力学提供可证伪或可验证的方法?

主要发现

  • BQP中的任意语言均具有量子证明者交互式证明(QPIP),证明了量子计算可被经典验证。
  • 本文构建了基于多项式码基量子认证的容错QPIP,确保对噪声和错误的鲁棒性。
  • 协议实现了盲性:无论输入为何,证明者的状态始终保持完全混合,确保无信息泄露。
  • 可靠性界限得到定量控制:验证后实际状态与正确状态之间的迹距离至多为2δ/γ,其中δ为欺骗概率,γ为不中止概率。
  • 对称QPIP定义与原始定义等价,且BQP = QPIPsym,表明在量子交互式证明模型中对补集具有封闭性。
  • 结果表明,即使预测不可行,通用量子计算仍可被验证与测试,解决了量子力学的可证伪性问题。

更好的研究,从现在开始

从论文设计到论文写作,大幅缩短您的研究时间。

无需绑定信用卡

本解读由 AI 生成,并经人工编辑审核。