Quantum computing

Template:Short description Template:Use American English Template:Use dmy dates

A quantum computer is a computer that exploits quantum mechanical phenomena. On small scales, physical matter exhibits properties of both particles and waves, and quantum computing takes advantage of this behavior using specialized hardware. Classical physics cannot explain the operation of these quantum devices, and a scalable quantum computer could perform some calculations exponentially fasterTemplate:Efn than any modern "classical" computer. Theoretically a large-scale quantum computer could break some widely used encryption schemes and aid physicists in performing physical simulations; however, the current state of the art is largely experimental and impractical, with several obstacles to useful applications.

The basic unit of information in quantum computing, the qubit (or "quantum bit"), serves the same function as the bit in classical computing. However, unlike a classical bit, which can be in one of two states (a binary), a qubit can exist in a superposition of its two "basis" states, a state that is in an abstract sense "between" the two basis states. When measuring a qubit, the result is a probabilistic output of a classical bit. If a quantum computer manipulates the qubit in a particular way, wave interference effects can amplify the desired measurement results. The design of quantum algorithms involves creating procedures that allow a quantum computer to perform calculations efficiently and quickly.

Quantum computers are not yet practical for real-world applications. Physically engineering high-quality qubits has proven to be challenging. If a physical qubit is not sufficiently isolated from its environment, it suffers from quantum decoherence, introducing noise into calculations. National governments have invested heavily in experimental research aimed at developing scalable qubits with longer coherence times and lower error rates. Example implementations include superconductors (which isolate an electrical current by eliminating electrical resistance) and ion traps (which confine a single atomic particle using electromagnetic fields).

In principle, a classical computer can solve the same computational problems as a quantum computer, given enough time. Quantum advantage comes in the form of time complexity rather than computability, and quantum complexity theory shows that some quantum algorithms are exponentially more efficient than the best-known classical algorithms. A large-scale quantum computer could in theory solve computational problems that are not solvable within a reasonable timeframe for a classical computer. This concept of additional ability has been called "quantum supremacy". While such claims have drawn significant attention to the discipline, near-term practical use cases remain limited.

HistoryEdit

Template:For timeline

For many years, the fields of quantum mechanics and computer science formed distinct academic communities.Template:Sfn Modern quantum theory developed in the 1920s to explain perplexing physical phenomena observed at atomic scales,<ref name="Zwiebach2022">Template:Cite book</ref><ref>Template:Cite book</ref> and digital computers emerged in the following decades to replace human computers for tedious calculations.<ref>Template:Cite book</ref> Both disciplines had practical applications during World War II; computers played a major role in wartime cryptography,<ref>Template:Cite book</ref> and quantum physics was essential for nuclear physics used in the Manhattan Project.<ref>Template:Cite journal</ref>

As physicists applied quantum mechanical models to computational problems and swapped digital bits for qubits, the fields of quantum mechanics and computer science began to converge. In 1980, Paul Benioff introduced the quantum Turing machine, which uses quantum theory to describe a simplified computer.<ref name="The computer as a physical system">Template:Cite journal</ref> When digital computers became faster, physicists faced an exponential increase in overhead when simulating quantum dynamics,<ref>Template:Cite journal</ref> prompting Yuri Manin and Richard Feynman to independently suggest that hardware based on quantum phenomena might be more efficient for computer simulation.<ref name="manin1980vychislimoe">Template:Cite book</ref><ref>Template:Cite journal</ref>Template:Sfn In a 1984 paper, Charles Bennett and Gilles Brassard applied quantum theory to cryptography protocols and demonstrated that quantum key distribution could enhance information security.<ref name="bb84">Template:Cite book Reprinted as Template:Cite journal</ref><ref name="personal">Template:Cite book</ref>

Quantum algorithms then emerged for solving oracle problems, such as Deutsch's algorithm in 1985,<ref>Template:Cite journal</ref> the [[BernsteinTemplate:En dashVazirani algorithm]] in 1993,<ref>Template:Cite book</ref> and Simon's algorithm in 1994.<ref>Template:Cite book</ref> These algorithms did not solve practical problems, but demonstrated mathematically that one could gain more information by querying a black box with a quantum state in superposition, sometimes referred to as quantum parallelism.Template:Sfn

Peter Shor built on these results with his 1994 algorithm for breaking the widely used RSA and [[DiffieTemplate:En dashHellman]] encryption protocols,Template:Sfn which drew significant attention to the field of quantum computing. In 1996, Grover's algorithm established a quantum speedup for the widely applicable unstructured search problem.<ref>Template:Cite conference</ref>Template:Sfn The same year, Seth Lloyd proved that quantum computers could simulate quantum systems without the exponential overhead present in classical simulations,<ref name="273.5278.1073">Template:Cite journal</ref> validating Feynman's 1982 conjecture.<ref>Template:Cite journal</ref>

Over the years, experimentalists have constructed small-scale quantum computers using trapped ions and superconductors.Template:Sfn In 1998, a two-qubit quantum computer demonstrated the feasibility of the technology,<ref>Template:Cite journal</ref><ref>Template:Cite news</ref> and subsequent experiments have increased the number of qubits and reduced error rates.Template:Sfn

In 2019, Google AI and NASA announced that they had achieved quantum supremacy with a 54-qubit machine, performing a computation that is impossible for any classical computer.<ref>Template:Cite journal</ref><ref name="1910.11333">Lay summary: Template:Cite journal
Template:*Journal article: Template:Cite journal</ref><ref>Template:Cite news</ref> However, the validity of this claim is still being actively researched.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref><ref>Template:Cite arXiv</ref>

Quantum information processingEdit

Template:See also

Computer engineers typically describe a modern computer's operation in terms of classical electrodynamics. Within these "classical" computers, some components (such as semiconductors and random number generators) may rely on quantum behavior, but these components are not isolated from their environment, so any quantum information quickly decoheres. While programmers may depend on probability theory when designing a randomized algorithm, quantum mechanical notions like superposition and interference are largely irrelevant for program analysis.

Quantum programs, in contrast, rely on precise control of coherent quantum systems. Physicists describe these systems mathematically using linear algebra. Complex numbers model probability amplitudes, vectors model quantum states, and matrices model the operations that can be performed on these states. Programming a quantum computer is then a matter of composing operations in such a way that the resulting program computes a useful result in theory and is implementable in practice.

As physicist Charlie Bennett describes the relationship between quantum and classical computers,<ref>Template:Cite AV media</ref>

<templatestyles src="Template:Blockquote/styles.css" />

A classical computer is a quantum computer ... so we shouldn't be asking about "where do quantum speedups come from?" We should say, "well, all computers are quantum. ... Where do classical slowdowns come from?"{{#if:|{{#if:|}}

— {{#if:|, in }}Template:Comma separated entries

}}

{{#invoke:Check for unknown parameters|check|unknown=Template:Main other|preview=Page using Template:Blockquote with unknown parameter "_VALUE_"|ignoreblank=y| 1 | 2 | 3 | 4 | 5 | author | by | char | character | cite | class | content | multiline | personquoted | publication | quote | quotesource | quotetext | sign | source | style | text | title | ts }}

Quantum informationEdit

Just as the bit is the basic concept of classical information theory, the qubit is the fundamental unit of quantum information. The same term qubit is used to refer to an abstract mathematical model and to any physical system that is represented by that model. A classical bit, by definition, exists in either of two physical states, which can be denoted 0 and 1. A qubit is also described by a state, and two states often written <math>|0\rangle</math> and <math>|1\rangle</math> serve as the quantum counterparts of the classical states 0 and 1. However, the quantum states <math>|0\rangle</math> and <math>|1\rangle</math> belong to a vector space, meaning that they can be multiplied by constants and added together, and the result is again a valid quantum state. Such a combination is known as a superposition of <math>|0\rangle</math> and <math>|1\rangle</math>.Template:SfnTemplate:Sfn

A two-dimensional vector mathematically represents a qubit state. Physicists typically use Dirac notation for quantum mechanical linear algebra, writing <math>|\psi\rangle</math> Template:Gloss for a vector labeled <math>\psi</math> . Because a qubit is a two-state system, any qubit state takes the form <math>\alpha|0\rangle+\beta|1\rangle</math> , where <math>|0\rangle</math> and <math>|1\rangle</math> are the standard basis states,Template:Efn and <math>\alpha</math> and <math>\beta</math> are the probability amplitudes, which are in general complex numbers.Template:Sfn If either <math>\alpha</math> or <math>\beta</math> is zero, the qubit is effectively a classical bit; when both are nonzero, the qubit is in superposition. Such a quantum state vector acts similarly to a (classical) probability vector, with one key difference: unlike probabilities, probability Template:Em are not necessarily positive numbers.Template:Sfn Negative amplitudes allow for destructive wave interference.

When a qubit is measured in the standard basis, the result is a classical bit. The Born rule describes the norm-squared correspondence between amplitudes and probabilitiesTemplate:Mdashwhen measuring a qubit <math>\alpha|0\rangle+\beta|1\rangle</math>, the state collapses to <math>|0\rangle</math> with probability <math>|\alpha|^2</math>, or to <math>|1\rangle</math> with probability <math>|\beta|^2</math>. Any valid qubit state has coefficients <math>\alpha</math> and <math>\beta</math> such that <math>|\alpha|^2+|\beta|^2 = 1</math>. As an example, measuring the qubit <math>1/\sqrt {2}|0\rangle+1/\sqrt{2}|1\rangle</math> would produce either <math>|0\rangle</math> or <math>|1\rangle</math> with equal probability.

Each additional qubit doubles the dimension of the state space.Template:Sfn As an example, the vector Template:Nowrap represents a two-qubit state, a tensor product of the qubit Template:Ket with the qubit Template:Nowrap. This vector inhabits a four-dimensional vector space spanned by the basis vectors Template:Ket, Template:Ket, Template:Ket, and Template:Ket. The Bell state Template:Nowrap is impossible to decompose into the tensor product of two individual qubitsTemplate:Mdashthe two qubits are entangled because neither qubit has a state vector of its own. In general, the vector space for an n-qubit system is 2ⁿ-dimensional, and this makes it challenging for a classical computer to simulate a quantum one: representing a 100-qubit system requires storing 2¹⁰⁰ classical values.

Unitary operatorsEdit

Template:See also

The state of this one-qubit quantum memory can be manipulated by applying quantum logic gates, analogous to how classical memory can be manipulated with classical logic gates. One important gate for both classical and quantum computation is the NOT gate, which can be represented by a matrix <math display="block">X := \begin{pmatrix} 0 & 1 \\ 1 & 0 \end{pmatrix}.</math> Mathematically, the application of such a logic gate to a quantum state vector is modelled with matrix multiplication. Thus

<math>X|0\rangle = |1\rangle</math> and <math>X|1\rangle = |0\rangle</math>.

The mathematics of single qubit gates can be extended to operate on multi-qubit quantum memories in two important ways. One way is simply to select a qubit and apply that gate to the target qubit while leaving the remainder of the memory unaffected. Another way is to apply the gate to its target only if another part of the memory is in a desired state. These two choices can be illustrated using another example. The possible states of a two-qubit quantum memory are <math display="block">

|00\rangle := \begin{pmatrix} 1 \\ 0 \\ 0 \\ 0 \end{pmatrix};\quad
|01\rangle := \begin{pmatrix} 0 \\ 1 \\ 0 \\ 0 \end{pmatrix};\quad
|10\rangle := \begin{pmatrix} 0 \\ 0 \\ 1 \\ 0 \end{pmatrix};\quad
|11\rangle := \begin{pmatrix} 0 \\ 0 \\ 0 \\ 1 \end{pmatrix}.

</math> The controlled NOT (CNOT) gate can then be represented using the following matrix: <math display="block">

\operatorname{CNOT} :=
\begin{pmatrix}
 1 & 0 & 0 & 0 \\
  0 & 1 & 0 & 0 \\
  0 & 0 & 0 & 1 \\
  0 & 0 & 1 & 0
\end{pmatrix}.

</math> As a mathematical consequence of this definition, <math display="inline">\operatorname{CNOT}|00\rangle = |00\rangle</math>, <math display="inline">\operatorname{CNOT}|01\rangle = |01\rangle</math>, <math display="inline">\operatorname{CNOT}|10\rangle = |11\rangle</math>, and <math display="inline">\operatorname{CNOT}|11\rangle = |10\rangle</math>. In other words, the CNOT applies a NOT gate (<math display="inline">X</math> from before) to the second qubit if and only if the first qubit is in the state <math display="inline">|1\rangle</math>. If the first qubit is <math display="inline">|0\rangle</math>, nothing is done to either qubit.

In summary, quantum computation can be described as a network of quantum logic gates and measurements. However, any measurement can be deferred to the end of quantum computation, though this deferment may come at a computational cost, so most quantum circuits depict a network consisting only of quantum logic gates and no measurements.

Quantum parallelismEdit

Quantum parallelism is the heuristic that quantum computers can be thought of as evaluating a function for multiple input values simultaneously. This can be achieved by preparing a quantum system in a superposition of input states and applying a unitary transformation that encodes the function to be evaluated. The resulting state encodes the function's output values for all input values in the superposition, allowing for the computation of multiple outputs simultaneously. This property is key to the speedup of many quantum algorithms. However, "parallelism" in this sense is insufficient to speed up a computation, because the measurement at the end of the computation gives only one value. To be useful, a quantum algorithm must also incorporate some other conceptual ingredient.Template:SfnTemplate:Sfn

Quantum programmingEdit

Template:Further

There are a number of models of computation for quantum computing, distinguished by the basic elements in which the computation is decomposed.

Gate array Template:AnchorEdit

A quantum gate array decomposes computation into a sequence of few-qubit quantum gates. A quantum computation can be described as a network of quantum logic gates and measurements. However, any measurement can be deferred to the end of quantum computation, though this deferment may come at a computational cost, so most quantum circuits depict a network consisting only of quantum logic gates and no measurements.

Any quantum computation (which is, in the above formalism, any unitary matrix of size <math>2^n \times 2^n</math> over <math>n</math> qubits) can be represented as a network of quantum logic gates from a fairly small family of gates. A choice of gate family that enables this construction is known as a universal gate set, since a computer that can run such circuits is a universal quantum computer. One common such set includes all single-qubit gates as well as the CNOT gate from above. This means any quantum computation can be performed by executing a sequence of single-qubit gates together with CNOT gates. Though this gate set is infinite, it can be replaced with a finite gate set by appealing to the Solovay-Kitaev theorem. Implementation of Boolean functions using the few-qubit quantum gates is presented here.<ref>Template:Cite book</ref>

Measurement-based quantum computingEdit

A measurement-based quantum computer decomposes computation into a sequence of Bell state measurements and single-qubit quantum gates applied to a highly entangled initial state (a cluster state), using a technique called quantum gate teleportation.

Adiabatic quantum computingEdit

An adiabatic quantum computer, based on quantum annealing, decomposes computation into a slow continuous transformation of an initial Hamiltonian into a final Hamiltonian, whose ground states contain the solution.<ref name="Das 2008 1061–1081">Template:Cite journal</ref>

Neuromorphic quantum computingEdit

Neuromorphic quantum computing (abbreviated as 'n.quantum computing') is an unconventional type of computing that uses neuromorphic computing to perform quantum operations. It was suggested that quantum algorithms, which are algorithms that run on a realistic model of quantum computation, can be computed equally efficiently with neuromorphic quantum computing. Both traditional quantum computing and neuromorphic quantum computing are physics-based unconventional computing approaches to computations and do not follow the von Neumann architecture. They both construct a system (a circuit) that represents the physical problem at hand and then leverage their respective physics properties of the system to seek the "minimum". Neuromorphic quantum computing and quantum computing share similar physical properties during computation.

Topological quantum computingEdit

A topological quantum computer decomposes computation into the braiding of anyons in a 2D lattice.<ref name="Nayaketal2008">Template:Cite journal</ref>

Quantum Turing machineEdit

A quantum Turing machine is the quantum analog of a Turing machine.<ref name="The computer as a physical system"/> All of these models of computation—quantum circuits,<ref>Template:Cite book</ref> one-way quantum computation,<ref>Template:Cite journal</ref> adiabatic quantum computation,<ref>Template:Cite journal</ref> and topological quantum computation<ref name="FLW02">Template:Cite journal</ref>—have been shown to be equivalent to the quantum Turing machine; given a perfect implementation of one such quantum computer, it can simulate all the others with no more than polynomial overhead. This equivalence need not hold for practical quantum computers, since the overhead of simulation may be too large to be practical.

Noisy intermediate-scale quantum computingEdit

The threshold theorem shows how increasing the number of qubits can mitigate errors,Template:Sfn yet fully fault-tolerant quantum computing remains "a rather distant dream".<ref name="preskill2018"/> According to some researchers, noisy intermediate-scale quantum (NISQ) machines may have specialized uses in the near future, but noise in quantum gates limits their reliability.<ref name="preskill2018">Template:Cite journal</ref> Scientists at Harvard University successfully created "quantum circuits" that correct errors more efficiently than alternative methods, which may potentially remove a major obstacle to practical quantum computers.<ref>Template:Cite journal</ref><ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref> The Harvard research team was supported by MIT, QuEra Computing, Caltech, and Princeton University and funded by DARPA's Optimization with Noisy Intermediate-Scale Quantum devices (ONISQ) program.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref><ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref>

Quantum cryptography and cybersecurityEdit

Quantum computing has significant potential applications in the fields of cryptography and cybersecurity. Quantum cryptography, which leverages the principles of quantum mechanics, offers the possibility of secure communication channels that are fundamentally resistant to eavesdropping. Quantum key distribution (QKD) protocols, such as BB84, enable the secure exchange of cryptographic keys between parties, ensuring the confidentiality and integrity of communication. Additionally, quantum random number generators (QRNGs) can produce high-quality randomness, which is essential for secure encryption.

At the same time, quantum computing poses substantial challenges to traditional cryptographic systems. Shor's algorithm, a quantum algorithm for integer factorization, could potentially break widely used public-key encryption schemes like RSA, which rely on the intractability of factoring large numbers. This has prompted a global effort to develop post-quantum cryptography—algorithms designed to resist both classical and quantum attacks. This field remains an active area of research and standardization, aiming to future-proof critical infrastructure against quantum-enabled threats.

Ongoing research in quantum and post-quantum cryptography will be critical for maintaining the integrity of digital infrastructure. Advances such as new QKD protocols, improved QRNGs, and the international standardization of quantum-resistant algorithms will play a key role in ensuring the security of communication and data in the emerging quantum era.<ref>Template:Cite journal</ref>

Quantum computing also presents broader systemic and geopolitical risks. These include the potential to break current encryption protocols, disrupt financial systems, and accelerate the development of dual-use technologies such as advanced military systems or engineered pathogens. As a result, nations and corporations are actively investing in post-quantum safeguards, and the race for quantum supremacy is increasingly shaping global power dynamics.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref>

CommunicationEdit

Template:Further

Quantum cryptography enables new ways to transmit data securely; for example, quantum key distribution uses entangled quantum states to establish secure cryptographic keys.<ref>Template:Cite journal</ref> When a sender and receiver exchange quantum states, they can guarantee that an adversary does not intercept the message, as any unauthorized eavesdropper would disturb the delicate quantum system and introduce a detectable change.<ref>Template:Cite journal</ref> With appropriate cryptographic protocols, the sender and receiver can thus establish shared private information resistant to eavesdropping.<ref name="bb84" /><ref>Template:Cite conference</ref>

Modern fiber-optic cables can transmit quantum information over relatively short distances. Ongoing experimental research aims to develop more reliable hardware (such as quantum repeaters), hoping to scale this technology to long-distance quantum networks with end-to-end entanglement. Theoretically, this could enable novel technological applications, such as distributed quantum computing and enhanced quantum sensing.<ref>Template:Cite conference</ref><ref>Template:Cite journal</ref>

AlgorithmsEdit

Progress in finding quantum algorithms typically focuses on this quantum circuit model, though exceptions like the quantum adiabatic algorithm exist. Quantum algorithms can be roughly categorized by the type of speedup achieved over corresponding classical algorithms.<ref name="zoo">{{#invoke:citation/CS1|citation |CitationClass=web }}</ref>

Quantum algorithms that offer more than a polynomial speedup over the best-known classical algorithm include Shor's algorithm for factoring and the related quantum algorithms for computing discrete logarithms, solving Pell's equation, and more generally solving the hidden subgroup problem for abelian finite groups.<ref name="zoo"/> These algorithms depend on the primitive of the quantum Fourier transform. No mathematical proof has been found that shows that an equally fast classical algorithm cannot be discovered, but evidence suggests that this is unlikely.<ref>Template:Cite conference</ref> Certain oracle problems like Simon's problem and the Bernstein–Vazirani problem do give provable speedups, though this is in the quantum query model, which is a restricted model where lower bounds are much easier to prove and doesn't necessarily translate to speedups for practical problems.

Other problems, including the simulation of quantum physical processes from chemistry and solid-state physics, the approximation of certain Jones polynomials, and the quantum algorithm for linear systems of equations, have quantum algorithms appearing to give super-polynomial speedups and are BQP-complete. Because these problems are BQP-complete, an equally fast classical algorithm for them would imply that no quantum algorithm gives a super-polynomial speedup, which is believed to be unlikely.Template:Sfn

Some quantum algorithms, like Grover's algorithm and amplitude amplification, give polynomial speedups over corresponding classical algorithms.<ref name="zoo"/> Though these algorithms give comparably modest quadratic speedup, they are widely applicable and thus give speedups for a wide range of problems.Template:Sfn

Simulation of quantum systemsEdit

{{#invoke:Labelled list hatnote|labelledList|Main article|Main articles|Main page|Main pages}}

Since chemistry and nanotechnology rely on understanding quantum systems, and such systems are impossible to simulate in an efficient manner classically, quantum simulation may be an important application of quantum computing.<ref>Template:Cite magazine</ref> Quantum simulation could also be used to simulate the behavior of atoms and particles at unusual conditions such as the reactions inside a collider.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref> In June 2023, IBM computer scientists reported that a quantum computer produced better results for a physics problem than a conventional supercomputer.<ref name="NYT-20230614">Template:Cite news</ref><ref name="NAT-20230614">Template:Cite journal</ref>

About 2% of the annual global energy output is used for nitrogen fixation to produce ammonia for the Haber process in the agricultural fertilizer industry (even though naturally occurring organisms also produce ammonia). Quantum simulations might be used to understand this process and increase the energy efficiency of production.<ref>Template:Cite AV media</ref> It is expected that an early use of quantum computing will be modeling that improves the efficiency of the Haber–Bosch process<ref>Template:Cite news</ref> by the mid-2020s<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref> although some have predicted it will take longer.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref>

Post-quantum cryptographyEdit

{{#invoke:Labelled list hatnote|labelledList|Main article|Main articles|Main page|Main pages}}

A notable application of quantum computation is for attacks on cryptographic systems that are currently in use. Integer factorization, which underpins the security of public key cryptographic systems, is believed to be computationally infeasible with an ordinary computer for large integers if they are the product of few prime numbers (e.g., products of two 300-digit primes).<ref>Template:Cite journal</ref> By comparison, a quantum computer could solve this problem exponentially faster using Shor's algorithm to find its factors.Template:Sfn This ability would allow a quantum computer to break many of the cryptographic systems in use today, in the sense that there would be a polynomial time (in the number of digits of the integer) algorithm for solving the problem. In particular, most of the popular public key ciphers are based on the difficulty of factoring integers or the discrete logarithm problem, both of which can be solved by Shor's algorithm. In particular, the RSA, Diffie–Hellman, and elliptic curve Diffie–Hellman algorithms could be broken. These are used to protect secure Web pages, encrypted email, and many other types of data. Breaking these would have significant ramifications for electronic privacy and security.

Identifying cryptographic systems that may be secure against quantum algorithms is an actively researched topic under the field of post-quantum cryptography.<ref name="pqcrypto_survey">Template:Cite book</ref><ref>See also pqcrypto.org, a bibliography maintained by Daniel J. Bernstein and Tanja Lange on cryptography not known to be broken by quantum computing.</ref> Some public-key algorithms are based on problems other than the integer factorization and discrete logarithm problems to which Shor's algorithm applies, like the McEliece cryptosystem based on a problem in coding theory.<ref name="pqcrypto_survey" /><ref>Template:Cite journal</ref> Lattice-based cryptosystems are also not known to be broken by quantum computers, and finding a polynomial time algorithm for solving the dihedral hidden subgroup problem, which would break many lattice based cryptosystems, is a well-studied open problem.<ref>Template:Cite journal</ref> It has been proven that applying Grover's algorithm to break a symmetric (secret key) algorithm by brute force requires time equal to roughly 2^n/2 invocations of the underlying cryptographic algorithm, compared with roughly 2ⁿ in the classical case,<ref name=bennett_1997>Template:Cite journal</ref> meaning that symmetric key lengths are effectively halved: AES-256 would have the same security against an attack using Grover's algorithm that AES-128 has against classical brute-force search (see Key size).

Search problemsEdit

{{#invoke:Labelled list hatnote|labelledList|Main article|Main articles|Main page|Main pages}}

The most well-known example of a problem that allows for a polynomial quantum speedup is unstructured search, which involves finding a marked item out of a list of <math>n</math> items in a database. This can be solved by Grover's algorithm using <math>O(\sqrt{n})</math> queries to the database, quadratically fewer than the <math>\Omega(n)</math> queries required for classical algorithms. In this case, the advantage is not only provable but also optimal: it has been shown that Grover's algorithm gives the maximal possible probability of finding the desired element for any number of oracle lookups. Many examples of provable quantum speedups for query problems are based on Grover's algorithm, including Brassard, Høyer, and Tapp's algorithm for finding collisions in two-to-one functions,<ref>Template:Cite encyclopedia</ref> and Farhi, Goldstone, and Gutmann's algorithm for evaluating NAND trees.<ref>Template:Cite journal</ref>

Problems that can be efficiently addressed with Grover's algorithm have the following properties:<ref>Template:Cite book</ref><ref>Template:Cite arXiv</ref>

1. There is no searchable structure in the collection of possible answers,
2. The number of possible answers to check is the same as the number of inputs to the algorithm, and
3. There exists a Boolean function that evaluates each input and determines whether it is the correct answer.

For problems with all these properties, the running time of Grover's algorithm on a quantum computer scales as the square root of the number of inputs (or elements in the database), as opposed to the linear scaling of classical algorithms. A general class of problems to which Grover's algorithm can be applied<ref>Template:Cite journal</ref> is a Boolean satisfiability problem, where the database through which the algorithm iterates is that of all possible answers. An example and possible application of this is a password cracker that attempts to guess a password. Breaking symmetric ciphers with this algorithm is of interest to government agencies.<ref>Template:Cite news</ref>

Quantum annealingEdit

Quantum annealing relies on the adiabatic theorem to undertake calculations. A system is placed in the ground state for a simple Hamiltonian, which slowly evolves to a more complicated Hamiltonian whose ground state represents the solution to the problem in question. The adiabatic theorem states that if the evolution is slow enough the system will stay in its ground state at all times through the process. Template:AnchorAdiabatic optimization may be helpful for solving computational biology problems.<ref>Template:Cite journal</ref>

Machine learningEdit

{{#invoke:Labelled list hatnote|labelledList|Main article|Main articles|Main page|Main pages}}

Since quantum computers can produce outputs that classical computers cannot produce efficiently, and since quantum computation is fundamentally linear algebraic, some express hope in developing quantum algorithms that can speed up machine learning tasks.<ref name="preskill2018"/><ref>Template:Cite journal</ref>

For example, the HHL Algorithm, named after its discoverers Harrow, Hassidim, and Lloyd, is believed to provide speedup over classical counterparts.<ref name="preskill2018"/><ref name="Quantum algorithm for solving linear systems of equations by Harrow et al.">Template:Cite journal</ref> Some research groups have recently explored the use of quantum annealing hardware for training Boltzmann machines and deep neural networks.<ref>Template:Cite journal</ref><ref>Template:Cite journal</ref><ref>Template:Cite journal</ref>

Template:Anchor Deep generative chemistry models emerge as powerful tools to expedite drug discovery. However, the immense size and complexity of the structural space of all possible drug-like molecules pose significant obstacles, which could be overcome in the future by quantum computers. Quantum computers are naturally good for solving complex quantum many-body problems<ref name="273.5278.1073"/> and thus may be instrumental in applications involving quantum chemistry. Therefore, one can expect that quantum-enhanced generative models<ref>Template:Cite journal</ref> including quantum GANs<ref>Template:Cite arXiv</ref> may eventually be developed into ultimate generative chemistry algorithms.

EngineeringEdit

Template:As of classical computers outperform quantum computers for all real-world applications. While current quantum computers may speed up solutions to particular mathematical problems, they give no computational advantage for practical tasks. Scientists and engineers are exploring multiple technologies for quantum computing hardware and hope to develop scalable quantum architectures, but serious obstacles remain.<ref name="good-for-nothing" /><ref name="CACM" />

ChallengesEdit

There are a number of technical challenges in building a large-scale quantum computer.<ref>Template:Cite journal</ref> Physicist David DiVincenzo has listed these requirements for a practical quantum computer:<ref>Template:Cite journal</ref>

• Physically scalable to increase the number of qubits
• Qubits that can be initialized to arbitrary values
• Quantum gates that are faster than decoherence time
• Universal gate set
• Qubits that can be read easily.

Sourcing parts for quantum computers is also very difficult. Superconducting quantum computers, like those constructed by Google and IBM, need helium-3, a nuclear research byproduct, and special superconducting cables made only by the Japanese company Coax Co.<ref>Template:Cite news</ref>

The control of multi-qubit systems requires the generation and coordination of a large number of electrical signals with tight and deterministic timing resolution. This has led to the development of quantum controllers that enable interfacing with the qubits. Scaling these systems to support a growing number of qubits is an additional challenge.<ref>Template:Cite journal</ref>

DecoherenceEdit

One of the greatest challenges involved in constructing quantum computers is controlling or removing quantum decoherence. This usually means isolating the system from its environment as interactions with the external world cause the system to decohere. However, other sources of decoherence also exist. Examples include the quantum gates and the lattice vibrations and background thermonuclear spin of the physical system used to implement the qubits. Decoherence is irreversible, as it is effectively non-unitary, and is usually something that should be highly controlled, if not avoided. Decoherence times for candidate systems in particular, the transverse relaxation time T₂ (for NMR and MRI technology, also called the dephasing time), typically range between nanoseconds and seconds at low temperatures.<ref name="DiVincenzo 1995">Template:Cite journal</ref> Currently, some quantum computers require their qubits to be cooled to 20 millikelvin (usually using a dilution refrigerator<ref>Template:Cite journal</ref>) in order to prevent significant decoherence.<ref>Template:Cite journal</ref> A 2020 study argues that ionizing radiation such as cosmic rays can nevertheless cause certain systems to decohere within milliseconds.<ref>Template:Cite journal</ref>

As a result, time-consuming tasks may render some quantum algorithms inoperable, as attempting to maintain the state of qubits for a long enough duration will eventually corrupt the superpositions.<ref>Template:Cite arXiv</ref>

These issues are more difficult for optical approaches as the timescales are orders of magnitude shorter and an often-cited approach to overcoming them is optical pulse shaping. Error rates are typically proportional to the ratio of operating time to decoherence time; hence any operation must be completed much more quickly than the decoherence time.

As described by the threshold theorem, if the error rate is small enough, it is thought to be possible to use quantum error correction to suppress errors and decoherence. This allows the total calculation time to be longer than the decoherence time if the error correction scheme can correct errors faster than decoherence introduces them. An often-cited figure for the required error rate in each gate for fault-tolerant computation is 10⁻³, assuming the noise is depolarizing.

Meeting this scalability condition is possible for a wide range of systems. However, the use of error correction brings with it the cost of a greatly increased number of required qubits. The number required to factor integers using Shor's algorithm is still polynomial, and thought to be between L and L², where L is the number of binary digits in the number to be factored; error correction algorithms would inflate this figure by an additional factor of L. For a 1000-bit number, this implies a need for about 10⁴ bits without error correction.<ref>Template:Cite journal</ref> With error correction, the figure would rise to about 10⁷ bits. Computation time is about L² or about 10⁷ steps and at 1Template:NbspMHz, about 10 seconds. However, the encoding and error-correction overheads increase the size of a real fault-tolerant quantum computer by several orders of magnitude. Careful estimates<ref name=":1">Template:Cite book</ref><ref name=":2">Template:Cite journal</ref> show that at least 3Template:Nbspmillion physical qubits would factor 2,048-bit integer in 5 months on a fully error-corrected trapped-ion quantum computer. In terms of the number of physical qubits, to date, this remains the lowest estimate<ref>Template:Cite journal</ref> for practically useful integer factorization problem sizing 1,024-bit or larger.

Another approach to the stability-decoherence problem is to create a topological quantum computer with anyons, quasi-particles used as threads, and relying on braid theory to form stable logic gates.<ref>Template:Cite journal</ref><ref>Template:Cite journal</ref>

Quantum supremacyEdit

Physicist John Preskill coined the term quantum supremacy to describe the engineering feat of demonstrating that a programmable quantum device can solve a problem beyond the capabilities of state-of-the-art classical computers.<ref>Template:Cite arXiv</ref><ref>Template:Cite journal</ref><ref>Template:Cite journal</ref> The problem need not be useful, so some view the quantum supremacy test only as a potential future benchmark.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref>

In October 2019, Google AI Quantum, with the help of NASA, became the first to claim to have achieved quantum supremacy by performing calculations on the Sycamore quantum computer more than 3,000,000 times faster than they could be done on Summit, generally considered the world's fastest computer.<ref name="1910.11333"/><ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref><ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref> This claim has been subsequently challenged: IBM has stated that Summit can perform samples much faster than claimed,<ref>Template:Cite arXiv</ref><ref>Template:Cite journal</ref> and researchers have since developed better algorithms for the sampling problem used to claim quantum supremacy, giving substantial reductions to the gap between Sycamore and classical supercomputers<ref>Template:Cite book</ref><ref>Template:Cite journal</ref><ref>Template:Cite journal</ref> and even beating it.<ref>Template:Cite journal</ref><ref>Template:Cite journal</ref><ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref>

In December 2020, a group at USTC implemented a type of Boson sampling on 76 photons with a photonic quantum computer, Jiuzhang, to demonstrate quantum supremacy.<ref>Template:Cite journal</ref><ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref><ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref> The authors claim that a classical contemporary supercomputer would require a computational time of 600 million years to generate the number of samples their quantum processor can generate in 20 seconds.<ref name=":6">Template:Cite journal</ref>

Claims of quantum supremacy have generated hype around quantum computing,<ref>Template:Cite journal</ref> but they are based on contrived benchmark tasks that do not directly imply useful real-world applications.<ref name="good-for-nothing" /><ref>Template:Cite journal</ref>

In January 2024, a study published in Physical Review Letters provided direct verification of quantum supremacy experiments by computing exact amplitudes for experimentally generated bitstrings using a new-generation Sunway supercomputer, demonstrating a significant leap in simulation capability built on a multiple-amplitude tensor network contraction algorithm. This development underscores the evolving landscape of quantum computing, highlighting both the progress and the complexities involved in validating quantum supremacy claims.<ref>Template:Cite journal</ref>

SkepticismEdit

Despite high hopes for quantum computing, significant progress in hardware, and optimism about future applications, a 2023 Nature spotlight article summarized current quantum computers as being "For now, [good for] absolutely nothing".<ref name="good-for-nothing"> Template:Cite journal </ref> The article elaborated that quantum computers are yet to be more useful or efficient than conventional computers in any case, though it also argued that in the long term such computers are likely to be useful. A 2023 Communications of the ACM article<ref name = "CACM">{{#invoke:citation/CS1|citation |CitationClass=web }} </ref> found that current quantum computing algorithms are "insufficient for practical quantum advantage without significant improvements across the software/hardware stack". It argues that the most promising candidates for achieving speedup with quantum computers are "small-data problems", for example in chemistry and materials science. However, the article also concludes that a large range of the potential applications it considered, such as machine learning, "will not achieve quantum advantage with current quantum algorithms in the foreseeable future", and it identified I/O constraints that make speedup unlikely for "big data problems, unstructured linear systems, and database search based on Grover's algorithm".

This state of affairs can be traced to several current and long-term considerations.

• Conventional computer hardware and algorithms are not only optimized for practical tasks, but are still improving rapidly, particularly GPU accelerators.
• Current quantum computing hardware generates only a limited amount of entanglement before getting overwhelmed by noise.
• Quantum algorithms provide speedup over conventional algorithms only for some tasks, and matching these tasks with practical applications proved challenging. Some promising tasks and applications require resources far beyond those available today.<ref>{{#invoke:citation/CS1|citation

|CitationClass=web }} </ref><ref>{{#invoke:citation/CS1|citation |CitationClass=web }} </ref> In particular, processing large amounts of non-quantum data is a challenge for quantum computers.<ref name=CACM/>

• Some promising algorithms have been "dequantized", i.e., their non-quantum analogues with similar complexity have been found.
• If quantum error correction is used to scale quantum computers to practical applications, its overhead may undermine speedup offered by many quantum algorithms.<ref name=CACM/>
• Complexity analysis of algorithms sometimes makes abstract assumptions that do not hold in applications. For example, input data may not already be available encoded in quantum states, and "oracle functions" used in Grover's algorithm often have internal structure that can be exploited for faster algorithms.

In particular, building computers with large numbers of qubits may be futile if those qubits are not connected well enough and cannot maintain sufficiently high degree of entanglement for a long time. When trying to outperform conventional computers, quantum computing researchers often look for new tasks that can be solved on quantum computers, but this leaves the possibility that efficient non-quantum techniques will be developed in response, as seen for Quantum supremacy demonstrations. Therefore, it is desirable to prove lower bounds on the complexity of best possible non-quantum algorithms (which may be unknown) and show that some quantum algorithms asymptomatically improve upon those bounds.

Bill Unruh doubted the practicality of quantum computers in a paper published in 1994.<ref>Template:Cite journal</ref> Paul Davies argued that a 400-qubit computer would even come into conflict with the cosmological information bound implied by the holographic principle.<ref>Template:Cite arXiv</ref> Skeptics like Gil Kalai doubt that quantum supremacy will ever be achieved.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref><ref>Template:Cite journal</ref><ref>Template:Cite arXiv</ref> Physicist Mikhail Dyakonov has expressed skepticism of quantum computing as follows:

"So the number of continuous parameters describing the state of such a useful quantum computer at any given moment must be... about 10³⁰⁰... Could we ever learn to control the more than 10³⁰⁰ continuously variable parameters defining the quantum state of such a system? My answer is simple. No, never."<ref>{{#invoke:citation/CS1|citation

|CitationClass=web }}</ref>

Physical realizationsEdit

Template:Further

A practical quantum computer must use a physical system as a programmable quantum register.<ref>Template:Cite journal</ref> Researchers are exploring several technologies as candidates for reliable qubit implementations.Template:Sfn Superconductors and trapped ions are some of the most developed proposals, but experimentalists are considering other hardware possibilities as well.Template:Sfn For example, topological quantum computer approaches are being explored for more fault-tolerance computing systems.<ref>Template:Cite journal</ref>

The first quantum logic gates were implemented with trapped ions and prototype general purpose machines with up to 20 qubits have been realized. However, the technology behind these devices combines complex vacuum equipment, lasers, microwave and radio frequency equipment making full scale processors difficult to integrate with standard computing equipment. Moreover, the trapped ion system itself has engineering challenges to overcome.Template:Sfn

The largest commercial systems are based on superconductor devices and have scaled to 2000 qubits. However, the error rates for larger machines have been on the order of 5%. Technologically these devices are all cryogenic and scaling to large numbers of qubits requires wafer-scale integration, a serious engineering challenge by itself.Template:Sfn

Potential applicationsEdit

With focus on business management's point of view, the potential applications of quantum computing into four major categories are cybersecurity, data analytics and artificial intelligence, optimization and simulation, and data management and searching.<ref>{{#invoke:citation/CS1|citation |CitationClass=web }}</ref>

TheoryEdit

ComputabilityEdit

Template:Further

Any computational problem solvable by a classical computer is also solvable by a quantum computer.Template:Sfn Intuitively, this is because it is believed that all physical phenomena, including the operation of classical computers, can be described using quantum mechanics, which underlies the operation of quantum computers.

Conversely, any problem solvable by a quantum computer is also solvable by a classical computer. It is possible to simulate both quantum and classical computers manually with just some paper and a pen, if given enough time. More formally, any quantum computer can be simulated by a Turing machine. In other words, quantum computers provide no additional power over classical computers in terms of computability. This means that quantum computers cannot solve undecidable problems like the halting problem, and the existence of quantum computers does not disprove the Church–Turing thesis.Template:Sfn

ComplexityEdit

{{#invoke:Labelled list hatnote|labelledList|Main article|Main articles|Main page|Main pages}}

While quantum computers cannot solve any problems that classical computers cannot already solve, it is suspected that they can solve certain problems faster than classical computers. For instance, it is known that quantum computers can efficiently factor integers, while this is not believed to be the case for classical computers.

The class of problems that can be efficiently solved by a quantum computer with bounded error is called BQP, for "bounded error, quantum, polynomial time". More formally, BQP is the class of problems that can be solved by a polynomial-time quantum Turing machine with an error probability of at most 1/3. As a class of probabilistic problems, BQP is the quantum counterpart to BPP ("bounded error, probabilistic, polynomial time"), the class of problems that can be solved by polynomial-time probabilistic Turing machines with bounded error.Template:Sfn It is known that <math>\mathsf{BPP\subseteq BQP}</math> and is widely suspected that <math>\mathsf{BQP\subsetneq BPP}</math>, which intuitively would mean that quantum computers are more powerful than classical computers in terms of time complexity.Template:Sfn

The exact relationship of BQP to P, NP, and PSPACE is not known. However, it is known that <math>\mathsf{P\subseteq BQP \subseteq PSPACE}</math>; that is, all problems that can be efficiently solved by a deterministic classical computer can also be efficiently solved by a quantum computer, and all problems that can be efficiently solved by a quantum computer can also be solved by a deterministic classical computer with polynomial space resources. It is further suspected that BQP is a strict superset of P, meaning there are problems that are efficiently solvable by quantum computers that are not efficiently solvable by deterministic classical computers. For instance, integer factorization and the discrete logarithm problem are known to be in BQP and are suspected to be outside of P. On the relationship of BQP to NP, little is known beyond the fact that some NP problems that are believed not to be in P are also in BQP (integer factorization and the discrete logarithm problem are both in NP, for example). It is suspected that <math>\mathsf{NP\nsubseteq BQP}</math>; that is, it is believed that there are efficiently checkable problems that are not efficiently solvable by a quantum computer. As a direct consequence of this belief, it is also suspected that BQP is disjoint from the class of NP-complete problems (if an NP-complete problem were in BQP, then it would follow from NP-hardness that all problems in NP are in BQP).<ref name=BernVazi>Template:Cite journal</ref>

See alsoEdit

Template:Sister project Template:Cols

• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link
• Template:Annotated link

Template:Colend

NotesEdit

Template:Notelist

ReferencesEdit

Template:Reflist

SourcesEdit

• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite conference

Further readingEdit

Template:Refbegin

TextbooksEdit

• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book
• Template:Cite book

Academic papersEdit

• Template:Cite journal
• Template:Cite book
• Template:Cite journal
• Template:Cite journal Table 1 lists switching and dephasing times for various systems.
• Template:Cite journal
• Template:Cite journal
• {{#invoke:citation/CS1|citation

|CitationClass=web }}

• {{#invoke:citation/CS1|citation

|CitationClass=web }} Template:Refend

External linksEdit

• Template:Commons-inline
• Template:Wikiversity inline
• Stanford Encyclopedia of Philosophy: "Quantum Computing" by Amit Hagar and Michael E. Cuffaro.
• Template:Springer
• Introduction to Quantum Computing for Business by Koen Groenland

Lectures

• Quantum computing for the determined – 22 video lectures by Michael Nielsen
• Video Lectures by David Deutsch
• Lomonaco, Sam. Four Lectures on Quantum Computing given at Oxford University in July 2006

Template:CPU technologies Template:Quantum computing Template:Emerging technologies Template:Quantum mechanics topics

Template:Authority control