Frédéric Wang Subscribe   About Me   Blog Archive   Mathematics   Computer Science

Thoughts on the Dihedral Hidden Subgroup Problem (part 3)

Back to the DHSP again (see part 1 and part 2 in previous blog posts)... This time, I've tried to approximate the value of d rather than finding its parity. For convenience, we assume N to be even and define N ' = 2 M = N 2 . We consider for a N and b 2 the sets of N ' successive values F a b = { f ( a + i , b ) , i N }

We suppose that we can efficiently create uniform superposition over these states. As in part 2, we have F a 1 = F a d 0 = F s 0 with N < s < N and we measure the tensor product of the uniform superpositions over F a 1 = F s 0 and F 0 0 in the basis x x x N , 1 2 ( x y + x y ) x < y N , 1 2 ( x y x y ) x < y N . We define l = F 0 0 F a 1 the number of common elements.

f ( 0 , 0 ) f(0,0) f ( N ' , 0 ) f(0,0) f ( N 1 , 0 ) f(0,0) F 0 0 F_0^0 F s 0 F_s^0 s s l l N ' N' 0 s N ' 0 ≤ s ≤ N'

The figure above shows that in the case 0 s N ' , we have l = N ' s . In general, the expression is

l = N ' s = N ' d a

Using an analysis similar to the one part 2, we get the probability to measure an element in 1 2 ( x y x y ) x < y N :

P = 1 2 [ 1 ( l N ) 2 ]

Repeating the measurements, we can approximate P , and consequently l , s and finally d . We can also play with the value a , to improve the approximation. Unfortunately, using a number of repetitions polynomial in log N , it does not seem possible to bound the error better than O ( N ) . It seems however that it is still a better result than the one that I obtained with the standard Coset Sampling method. Hence it is another hint of the fact that using a superposition over several oracles values would yield improvement.

I'm still wondering how to create efficiently an uniform superposition over several oracle values. One thing I've read in many papers, is given a superposition over elements x f ( x ) , erase or uncompute the first register to get a superposition over elements f ( x ) . However, I'm not sure what are the requirements to apply such an operation. If it could work for the algorithm of part 2, then this would solve the case N = 2 n .