Algorithms for quantum computation: discrete logarithms and factoring

@article{Shor1994AlgorithmsFQ,
  title={Algorithms for quantum computation: discrete logarithms and factoring},
  author={Peter W. Shor},
  journal={Proceedings 35th Annual Symposium on Foundations of Computer Science},
  year={1994},
  pages={124-134}
}
  • P. Shor
  • Published 20 November 1994
  • Mathematics, Computer Science
  • Proceedings 35th Annual Symposium on Foundations of Computer Science
A computer is generally considered to be a universal computational device; i.e., it is believed able to simulate any physical computational device with a cost in computation time of at most a polynomial factor: It is not clear whether this is still true when quantum mechanics is taken into consideration. Several researchers, starting with David Deutsch, have developed models for quantum mechanical computers and have investigated their computational properties. This paper gives Las Vegas… 
Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
  • P. Shor
  • Computer Science, Mathematics
    SIAM Rev.
  • 1999
TLDR
Efficient randomized algorithms are given for factoring integers and finding discrete logarithms, two problems which are generally thought to be hard on a classical computer and have been used as the basis of several proposed cryptosystems.
Polynomial-Time Algorithms for Prime Factorization and Discrete Logarithms on a Quantum Computer
  • P. Shor
  • Computer Science, Mathematics
  • 1999
TLDR
Efficient randomized algorithms are given for factoring integers and finding discrete logarithms, two problems that are generally thought to be hard on classical computers and that have been used as the basis of several proposed cryptosystems.
Quantum Resistant Cryptography
TLDR
Algorithms proposed by Peter Shor solve the integer factoring problem and the discrete logarithm problem quite efficiently, and thereby crack RSA-based cryptosystems and Diffie-Hellman key exchange.
Quantum algorithms for computing short discrete logarithms and factoring RSA integers
TLDR
The quantum algorithm for computing short discrete logarithms is generalized to allow for various tradeoffs between the number of times that the algorithm need be executed, and the complexity of the algorithm and the requirements it imposes on the quantum computer.
Quantum Computers, Factoring, and Decoherence
TLDR
Here it is shown how the decoherence process degrades the interference pattern that emerges from the quantum factoring algorithm, a problem of practical significance for cryptographic applications.
Quantum algorithms for computing short discrete logarithms and factoring RSA integers
TLDR
This paper generalizes the quantum algorithm for computing short discrete logarithms to allow for various tradeoffs between the number of times that the algorithm need be executed on the one hand, and the complexity of the algorithm and the requirements it imposes on the quantum computer on the other hand.
Shor's discrete logarithm quantum algorithm for elliptic curves
We show in some detail how to implement Shor's efficient quantum algorithm for discrete logarithms for the particular case of elliptic curve groups. It turns out that for this problem a smaller
Proposing a Quantum simulator for integer factorization1
— Many cryptographic algorithms depend on computational complexity assumptions. Notorious cases are the RSA algorithm for public key criptography or the DiffieHellman key exchange protocol, to
Quadratic Sieve Factorization Quantum Algorithm and its Simulation
TLDR
This paper has designed a quantum variant of the second fastest classical factorization algorithm named "Quadratic Sieve", and constructed the simulation framework of quantized quadratic sieve algorithm using high-level programming language Mathematica.
A Compare between Shor's quantum factoring algorithm and General Number Field Sieve
Factoring large integers has been one of the most difficult problems in the history of mathematics and computer science. There was no efficient solution of this problem until Shor's algorithm
...
1
2
3
4
5
...

References

SHOWING 1-10 OF 39 REFERENCES
Oracle Quantum Computing
This paper continues the study of the power of oracles to separate quantum com.plexity classes from classical (including probabilistic and nondeterministic) complexity classes, which we initiated in
The quantum challenge to structural complexity theory
  • A. Berthiaume, G. Brassard
  • Computer Science
    [1992] Proceedings of the Seventh Annual Structure in Complexity Theory Conference
  • 1992
TLDR
There are cryptographic tasks that are demonstrably impossible to implement with unlimited computing power probabilistic interactive turning machines, yet they can be implemented even in practice by quantum mechanical apparatus.
Two-bit gates are universal for quantum computation.
  • DiVincenzo
  • Physics, Medicine
    Physical review. A, Atomic, molecular, and optical physics
  • 1995
A proof is given, which relies on the commutator algebra of the unitary Lie groups, that quantum gates operating on just two bits at a time are sufficient to construct a general quantum circuit. The
Quantum Circuit Complexity
  • A. Yao
  • Mathematics, Computer Science
    FOCS
  • 1993
TLDR
It is shown that any function computable in polynomial time by a quantum Turing machine has aPolynomial-size quantum circuit, and this result enables us to construct a universal quantum computer which can simulate a broader class of quantum machines than that considered by E. Bernstein and U. Vazirani (1993), thus answering an open question raised by them.
An improved algorithm for computing logarithms over GF(p) and its cryptographic significance (Corresp.)
TLDR
An improved algorithm is derived which requires O =(\log^{2} p) complexity if p - 1 has only small prime factors and such values of p must be avoided in the cryptosystem.
Quantum complexity theory
TLDR
This dissertation proves that relative to an oracle chosen uniformly at random, the class NP cannot be solved on a quantum Turing machine in time $o(2\sp{n/2}).$ and gives evidence suggesting that quantum Turing Machines cannot efficiently solve all of NP.
A rigorous time bound for factoring integers
In this paper a probabilistic algorithm is exhibited that factors any positive integer n into prime factors in expected time at most Ln[2, 1 + o()] for n oo, where L,[a, b] = exp(b(logx)a(loglogx)l
Quantum theory, the Church–Turing principle and the universal quantum computer
  • D. Deutsch
  • Mathematics
    Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences
  • 1985
It is argued that underlying the Church–Turing hypothesis there is an implicit physical assertion. Here, this assertion is presented explicitly as a physical principle: ‘every finitely realizible
An approximate Fourier transform useful in quantum factoring", IBM Research Report RC19642 ,; R. Cle
We define an approximate version of the Fourier transform on $2^L$ elements, which is computationally attractive in a certain setting, and which may find application to the problem of factoring
Discrete Logarithms in GF(P) Using the Number Field Sieve
  • D. M. Gordon
  • Mathematics, Computer Science
    SIAM J. Discret. Math.
  • 1993
TLDR
This paper presents an algorithm to solve the discrete logarithm problem forGF ( p) with heuristic expected running time L_p [ 1/3; 3^{2/3}] and for umbers of a special form, there is an asymptotically slower but more practical version of the algorithm.
...
1
2
3
4
...