אירועים
אירועים והרצאות בפקולטה למדעי המחשב ע"ש הנרי ומרילין טאוב
שחר לווט (מכון ויצמן למדע)
יום רביעי, 06.05.2009, 15:00
חדר 337, בניין טאוב למדעי המחשב
The widely held belief that BQP strictly contains BPP raises fundamental
questions: Upcoming generations of quantum computers might already be
too large to be simulated classically. Is it possible to experimentally
test that these systems perform as they should, if we cannot efficiently
compute predictions for their behavior? Vazirani has asked [Vaz07]: If
computing predictions for Quantum Mechanics requires exponential resources,
is Quantum Mechanics a falsifiable theory? In cryptographic settings, an
untrusted future company wants to sell a quantum computer or perform a
delegated quantumcomputation. Can the customer be convinced of correctness
without the ability to compare results to predictions?
To provide answers to these questions, we define Quantum Prover Interactive
Proofs (QPIP). Whereas in standard Interactive Proofs [GMR85] the prover is
computationally unbounded, here our prover is in BQP, representing a quantum
computer. The verifier models our current computational capabilities: it is a
BPP machine, with access to few qubits. Our main theorem can be roughly stated as:
"Any language in BQP has a QPIP, and moreover, a fault tolerant one" (providing a
partial answer to a challenge posted in [Aar07]). We provide two proofs. The simpler
one uses a new (possibly of independent interest) quantum authentication scheme (QAS)
based on random Clifford elements. ThisQPIP however, is not fault tolerant. Our second
protocol uses polynomial codes QAS due to Ben-Or, Crepeau, Gottesman, Hassidim, and
Smith [BOCG+ 06], combined with quantum fault tolerance and secure multiparty quantum
computation techniques. A slight modification of our constructions makes the protocol
"blind": the quantum computation and input remain unknown to the prover.