DOCSLIB.ORG

Low-Density Parity-Check Code-Based Cryptographic Systems Specification Revision 3.0 – April, 2020 Name of the Proposed Cryptosystem

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Low-Density Parity-Check Code-Based Cryptographic Systems Specification Revision 3.0 – April, 2020 Name of the Proposed Cryptosystem LEDAcrypt: Low-dEnsity parity-check coDe-bAsed cryptographic systems Specification revision 3:0 { April, 2020 Name of the proposed cryptosystem LEDAcrypt (Low-dEnsity parity-check coDe-bAsed cryptographic systems) Submitters This submission is from the following team, listed in alphabetical order: • Marco Baldi, Universit`aPolitecnica delle Marche, Ancona, Italy • Alessandro Barenghi, Politecnico di Milano, Milano, Italy • Franco Chiaraluce, Universit`aPolitecnica delle Marche, Ancona, Italy • Gerardo Pelosi, Politecnico di Milano, Milano, Italy • Paolo Santini, Universit`aPolitecnica delle Marche, Ancona, Italy E-mail addresses: [email protected], [email protected], [email protected], [email protected], [email protected]. Contact telephone and address Marco Baldi (phone: +39 071 220 4894), Universit`aPolitecnica delle Marche, Dipartimento di Ingegneria dell'Informazione (DII), Via Brecce Bianche 12, I-60131, Ancona, Italy. Names of auxiliary submitters There are no auxiliary submitters. The principal submitter is the team listed above. Name of the inventors/developers of the cryptosystem Same as submitters. Name of the owner, if any, of the cryptosystem Same as submitters. Backup contact telephone and address Gerardo Pelosi (phone: +39 02 2399 3476), Politecnico di Milano, Dipartimento di Elettronica, Informazione e Bioingegneria (DEIB), Via G. Ponzio 34/5, I-20133, Milano, Italy. Signature of the submitter1 × 1See also printed version of \Statement by Each Submitter". LEDAcrypt Page 3 Contents Foreword 9 1 Complete written specification 11 1.1 Preliminaries . 11 1.1.1 Finite fields and circulant matrix algebra . 11 1.1.2 Quasi-cyclic low-density parity-check codes and their efficient decoding . 15 1.1.3 Classic code-based cryptosystems . 19 1.2 QC-LDPC code-based McEliece and Niederreiter cryptosystems . 21 1.3 Description of LEDAcrypt Key Encapsulation Methods . 27 1.3.1 LEDAcrypt-KEM: encapsulation and decapsulation algorithms . 27 1.3.2 LEDAcrypt-KEM-CPA: encapsulation and decapsulation algorithms . 30 1.4 Description of LEDAcrypt Public Key Cryptosystem . 32 1.4.1 LEDAcrypt-PKC: encryption and decryption transformations . 32 1.4.2 Constant weight encoding/decoding . 36 2 Security analysis of LEDAcrypt 37 2.1 Quantitative security level goals . 37 2.2 Hardness of the underlying problem . 39 2.3 Attacks based on information set decoding . 40 2.3.1 Key recovery attacks via codeword finding . 41 2.4 Attacks based on weak keys . 43 2.5 Attacks based on exhaustive key search . 43 2.6 Attacks based on the receiver's reactions . 44 2.7 Side channel attacks . 45 4 LEDAcrypt 3 Decoders for LEDAcrypt 46 3.1 Preliminary analyses . 50 3.2 Residual distribution of the mis-matches between the sought error vector and the input estimated one after the execution of a single in-place iteration function . 53 3.3 Residual distribution of the mis-matches between the sought error vector and the input estimated one after the execution of a single out-of-place iteration function . 60 3.4 Maximum number of mismatches corrected with certainty by executing either an in-place or an out-of-place iteration function . 64 3.4.1 Efficient computation of Γ and µ(t)........................ 66 3.5 Efficient choice of out-of place decoder thresholds for the numerically simulated DFR of LEDAcrypt-KEM-CPA . 69 4 LEDAcrypt code parameters from a security standpoint 72 4.1 Parameters for LEDAcrypt-KEM and LEDAcrypt-PKC . 76 4.2 Parameters for LEDAcrypt-KEM-CPA . 82 5 Optimized LEDAcrypt Implementation 84 5.1 Selection of the LEDAdecoder strategy . 85 5.2 Binary Polynomial Multiplications . 88 5.2.1 Selection of Polynomial Multiplication Algorithms . 90 5.3 Optimized Out-Of-Place Iteration Function . 93 5.4 Binary Polynomial Inversion . 96 5.4.1 Schoolbook Euclid's Algorithm . 96 5.4.2 Optimized Polynomial Inversions . 98 5.4.3 Experimental Evaluation . 105 5.5 Parameter Tuning for LEDAcrypt-KEM-CPA . 108 6 LEDAcrypt performance evaluation and recommended parameters 111 6.1 Key-lengths, ciphertext and transmitted data sizes . 111 6.2 Performance evaluation considering execution times in milliseconds . 115 6.3 Performance evaluation considering execution times in clock cycles and their combi- nation with the size of transmitted data . 118 6.4 Recommended parameters . 121 Page 5 LEDAcrypt 6.4.1 Recommended parameters for LEDAcrypt-KEM-CPA . 121 6.4.2 Recommended parameters for the IND-CCA2 LEDAcrypt-KEM and LEDAcrypt-PKC systems . 122 Bibliography 124 A Deriving the bit-flipping probabilities for the in-place iteration function of the LEDAdecoder 130 Page 6 Acronyms ASIC Application-Specific Integrated Circuit BF Bit Flipping BQP Bounded-error Quantum Polynomial CFP Codeword Finding Problem DFR Decoding Failure Rate DRBG Deterministic Random Bit Generator GE Gate Equivalent GRS Generalized Reed-Solomon IND-CCA2 Indistinguishability Under Adaptive Chosen Ciphertext Attack IND-CPA Indistinguishability Under Chosen Plaintext Attack ISD Information Set Decoding KDF Key Derivation Function KEM Key Encapsulation Module KEM+DEM Key Encapsulation Module + Data Encapsulation Mechanism KI Kobara-Imai LDPC Low-Density Parity-Check NP Nondeterministic-Polynomial OW-CPA One Wayness against Chosen Plaintext Attack PFS Perfect Forward Secrecy PKE Public-Key Encryption PRNG Pseudo Random Number Generator QC Quasi-Cyclic QC-LDPC Quasi-Cyclic Low-Density Parity-Check 7 LEDAcrypt ROM Random Oracle Model SDP Syndrome Decoding Problem TM Turing Machine TRNG True Random Number Generator XOF Extensible Output Function Page 8 Foreword This document provides a complete and detailed specification of the post-quantum cryptographic primitives named LEDAcrypt (Low-dEnsity parity-check coDe-bAsed cryptographic systems), sub- mitted to the 2nd round of the NIST post-quantum contest [1] and resulting from the merger between the LEDAkem and LEDApkc proposals submitted to the 1st round of the contest [54]. LEDAcrypt provides a set of cryptographic primitives based on binary linear error-correcting codes. In particular, the following cryptographic primitives are proposed: i. An IND-CCA2 key encapsulation method, named LEDAcrypt-KEM. ii. An IND-CCA2 public key encryption scheme, named LEDAcrypt-PKC. iii. An IND-CPA key encapsulation method optimized for use in an ephemeral key scenario, while providing resistance against accidental key reuse, named LEDAcrypt-KEM-CPA. LEDAcrypt exploits the advantages of relying on Quasi-Cyclic Low-Density Parity-Check (QC-LDPC) codes to provide high decoding speeds and compact key pairs [6]. In particular: i. We present a theoretical model to provide sound upper bounds to the probability of a de- cryption failure of the underlying Niederreiter/McEliece encryption schemes, when employing QC-LDPC codes as the code family of choice. ii. We employ the constructions provided by [39, 45] to attain provable IND-CCA2 guarantees in the proposed LEDAcrypt-KEM and LEDAcrypt-PKC primitives, respectively. iii. We propose a method to allow the use of the classic definition of Decoding Failure Rate (DFR) from coding theory as a proxy for the notion of δ-correctness required by the construction in [39] for IND-CCA2 KEMs, under the assumption of a preimage resistant extensible output function (XOF) being available. iv. We provide three choices for the rate of the underlying QC-LDPC codes, and two choices of DFR for each security category specified by NIST. We highlight the engineering tradeoffs between key size, overall transmitted data, and execution time. v. We employ a reproducible parameter design procedure relying on finite-regime estimates of the computational effort required to carry out attacks against LEDAcrypt and jointly optimize the parameters for security and DFR. vi. We provide a constant time software implementation for the proposed LEDAcrypt-KEM and LEDAcrypt-PKC, optimized for the Intel Haswell Instruction Set Architecture, which exploits the presence of the Intel AVX2 instruction set extension. 9 LEDAcrypt The main innovations with respect to the second round specification are as follows: • We propose, and analyze from the DFR standpoint two decoding strategies, namely in-place and out-of-place Bit Flipping (BF) decoding. We provide closed form worst case estimates for the DFR of both of them, under consolidated assumptions from the literature on iteratively decoded codes. Our worst-case estimates for the DFR allow us to match the requirements for an IND-CCA2 construction with the choice of either one of the decoding strategies. Our models for the worst case behaviour of the DFR consider a finite number of decoder iterations, enabling the constant time implementation of the decoder. In particular, we choose to consider BF decoders with two iterations for performance reasons. • We provide an IND-CCA2 construction for LEDAcrypt-KEM which allows employing the common DFR notion from the coding theory lexicon, matching it with the requirement of the δ-correctness from the [39] proofs, and we provide a proof of its IND-CCA2 guarantees, under the (provided) bounded DFR of the employed QC-LDPC code. • A recent attack [2] highlighted that the product structure of the secret key matrix, HQ, can be exploited to lower the security margin provided by LEDAcrypt. We adopt a conservative solution, that is consider Q = I, removing the effects of the product structure altogether. A brief justification of this rationale is provided in Section 2.4, from which the current specifica- tion assumes that the secret key is a randomly drawn block circulant matrix H. While making this choice reduces the speed advantages coming from the performance-oriented criterion of using of a product-based secret key, we consider the importance of the security of the scheme paramount with respect to the speed gains. • New parameterizations for LEDAcrypt instances considering the case Q = I are provided. In addition to the previous specification, we also provide parameters for all the code rates 1 2 3 ( 2 ; 3 ; 4 ) also for the case of IND-CCA2 primitives. The parameters are obtained through a joint optimization of the circulant matrix size p, the error weight t and the column weight of the parity-check matrix v.
Load more

Recommended publications
  • Towards the First Practical Applications of Quantum Computers
    Towards the First Practical Applications of Quantum Computers by Kevin J. Sung A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Computer Science and Engineering) in the University of Michigan 2020 Doctoral Committee: Professor Christopher Peikert, Co-Chair Adjunct Professor Yaoyun Shi, Co-Chair Dr. Ryan Babbush, Google Professor John P. Hayes Professor Emeritus Kim Winick Kevin J. Sung [email protected] ORCID iD: 0000-0001-6459-6374 ©2020 Kevin J. Sung To my family ii Acknowledgments This thesis was made possible by my supportive advisors Yaoyun Shi and Christopher Peikert, my friends, and my family. I would like to thank the Google AI Quantum team for hosting me while I performed much of the research in this thesis. I cannot express how lucky I feel to have had ac- cess to their state-of-the-art quantum computing hardware. The experiments on this hardware that I present in this thesis were the result of large team-wide collaborations. iii TABLE OF CONTENTS Dedication ....................................... ii Acknowledgments ................................... iii List of Figures ..................................... vii List of Tables ...................................... xiii List of Algorithms ................................... xv List of Appendices ................................... xvi Abstract ......................................... xvii Chapter 1 Introduction ..................................... 1 1.1 Quantum computing in the NISQ era....................1 1.1.1 The
    [Show full text]
  • Arxiv:1812.09167V1 [Quant-Ph] 21 Dec 2018 It with the Tex Typesetting System Being a Prime Example
    Open source software in quantum computing Mark Fingerhutha,1, 2 Tomáš Babej,1 and Peter Wittek3, 4, 5, 6 1ProteinQure Inc., Toronto, Canada 2University of KwaZulu-Natal, Durban, South Africa 3Rotman School of Management, University of Toronto, Toronto, Canada 4Creative Destruction Lab, Toronto, Canada 5Vector Institute for Artificial Intelligence, Toronto, Canada 6Perimeter Institute for Theoretical Physics, Waterloo, Canada Open source software is becoming crucial in the design and testing of quantum algorithms. Many of the tools are backed by major commercial vendors with the goal to make it easier to develop quantum software: this mirrors how well-funded open machine learning frameworks enabled the development of complex models and their execution on equally complex hardware. We review a wide range of open source software for quantum computing, covering all stages of the quantum toolchain from quantum hardware interfaces through quantum compilers to implementations of quantum algorithms, as well as all quantum computing paradigms, including quantum annealing, and discrete and continuous-variable gate-model quantum computing. The evaluation of each project covers characteristics such as documentation, licence, the choice of programming language, compliance with norms of software engineering, and the culture of the project. We find that while the diversity of projects is mesmerizing, only a few attract external developers and even many commercially backed frameworks have shortcomings in software engineering. Based on these observations, we highlight the best practices that could foster a more active community around quantum computing software that welcomes newcomers to the field, but also ensures high-quality, well-documented code. INTRODUCTION Source code has been developed and shared among enthusiasts since the early 1950s.
    [Show full text]
  • Arxiv:1302.3247V5 [Quant-Ph] 10 Dec 2014 Pairwise Interaction
    Permutation-invariant quantum codes Yingkai Ouyang University of Waterloo, Waterloo, Ontario, Canada and Singapore University of Technology and Design, Singapore∗ A quantum code is a subspace of a Hilbert space of a physical system chosen to be correctable against a given class of errors, where information can be encoded. Ideally, the quantum code lies within the ground space of the physical system. When the physical model is the Heisenberg ferromagnet in the absence of an external magnetic field, the corresponding ground-space contains all permutation-invariant states. We use techniques from combinatorics and operator theory to construct families of permutation-invariant quantum codes. These codes have length proportional to t2; one family of codes perfectly corrects arbitrary weight t errors, while the other family of codes approximately correct t spontaneous decay errors. The analysis of our codes' performance with respect to spontaneous decay errors utilizes elementary matrix analysis, where we revisit and extend the quantum error correction criterion of Knill and Laflamme, and Leung, Chuang, Nielsen and Yamamoto. PACS numbers: 03.65.Aa,03.67.Pp,05.30.-d,75.10.Pq I. INTRODUCTION label the particles in the system, and e = fi; jg labels the exchange interactions in the system. Here Je and A quantum bit (qubit) is a fundamental resource Si denote the exchange constants and the vector of required in many quantum information theoretic tasks, spin operators respectively. Since exchange operators such as in quantum cryptographic protocols [1] and in essentially swap particles (see ex. 1.9 of Ref. [12] quantum computers [2]. To combat decoherence, a two- or Ref.
    [Show full text]
  • Arxiv:2012.11382V2 [Quant-Ph] 11 Jan 2021
    Quantum Integer Programming (QuIP) 47-779: Lecture Notes David E. Bernal, Sridhar Tayur, Davide Venturelli Fall 2020 Abstract This lecture series on Quantum Integer Programming (QuIP) { created by Professor Sridhar Tayur, David E. Bernal and Dr. Davide Venturelli, a collaboration between CMU and USRA, with the support from Amazon Braket during Fall 2020 { is intended for students and researchers interested in Integer Programming and the potential of near term quantum and quantum inspired computing in solving optimization problems. Originally created for Tepper School of Business course 47-779 (at CMU), these were also used for the course ID5840 (at IIT-Madras, by Professors Anil Prabhakar and Prabha Mandayam) whose students (listed at the beginning of each lecture) were scribes. Dr. Vikesh Siddhu, post-doc in CMU Quantum Computing Group, assisted during the lectures, student projects and with proof-reading this scribe. Through these lectures one will learn to formulate a problem and map it to a Quadratic Unconstrained Binary Optimization (QUBO) problem, understand various mapping and techniques like the Ising model, Graver Augmented Multiseed Algorithm (GAMA), Simulated or Quantum Annealing and QAOA, and ideas on how to solve these Integer problems using these quantum and classical methods. The course website (with lecture videos and colab notebooks): https://bernalde.github.io/QuIP/ Keywords: Ising model, Integer Programming, Computational Algebraic Geometry, Graver Basis, Quan- tum Annealing, Simulated Annealing, Combinatorial Optimization, Graph coloring, discrete nonlinear opti- mization. arXiv:2012.11382v2 [quant-ph] 11 Jan 2021 0-1 47-779. Quantum Integer Programming Mini-1, Fall 2020 Room: Zoom Online Time: Tuesday and Thursday 5:20pm-7:10pm Instructors: Sridhar Tayur Email: [email protected] Office: 4216 Tepper Quad Davide Venturelli Email: [email protected] Office: Online David E.
    [Show full text]
  • Solving Constrained Quadratic Binary Problems Via Quantum Adiabatic Evolution
    Solving Constrained Quadratic Binary Problems via Quantum Adiabatic Evolution Pooya Ronagh, Brad Woods, Ehsan Iranmanesh Abstract Quantum adiabatic evolution is perceived as useful for binary quadratic programming problems that are a priori unconstrained. For constrained problems, it is a common practice to relax linear equality constraints as penalty terms in the objective function. However, there has not yet been proposed a method for efficiently dealing with inequality constraints using the quantum adiabatic approach. In this paper, we give a method for solving the Lagrangian dual of a binary quadratic programming (BQP) problem in the presence of inequality constraints and employ this procedure within a branch-and-bound framework for constrained BQP (CBQP) problems. Keywords: Adiabatic quantum computation, Constrained integer programming, Branch and bound, Lagrangian duality 1 Introduction The unconstrained binary quadratic programming (UBQP) problem is defined by Minimize xT Qx subject to x 2 f0; 1gn; where, without loss of generality, Q 2 Zn×n. Recent advancements in quantum computing technology [6, 20, 22] have raised hopes of the production of computing systems that are capable of solving UBQP problems, showing quantum speedup. The stochastic nature of such systems, together with all sources of noise and error, are challenges yet to be overcome in achieving scalable quantum computing systems of this type. This paper is regardless motivated by the assumption of the existence of systems that can solve UBQP problems efficiently and to optimality, or at leastin conjunction with a framework of noise analysis of the suboptimal results. We call such a computing system a UBQP oracle. Many NP-hard combinatorial optimization problems arise naturally or can easily be reformulated as UBQP problems, such as the quadratic assignment problem, the maximum cut problem, the maximum clique problem, the set packing problem, and the graph colouring problem (see, for instance, Boros and Prékopa [9], Boros and Hammer [8], Bourjolly et al.
    [Show full text]
  • Master Thesis & Internship Projects @ Imec
    Master Thesis & Internship Projects @ imec 2018 Topic Guide 1 Information.............................................................................................................................................................................................1 I. CMOS & beyond CMOS ................................................................................................... 7 Machine learning based computational lithography........................................................................................................... 7 Ferroelectric device electrical characterization ................................................................................................................. 7 Selective low-k dielectric growth using metal nitride conversion approach .............................................................. 8 Impact of thermal budget on spin-orbit torque and SOT-MRAM performances ..................................................... 9 Low temperature epitaxial growth of Ga doped SiGe for future device applications ........................................... 10 Study of an optical metrology technique for advanced semiconductor process control...................................... 10 Spin wave-like excitations in low-dimensional ferromagnets ....................................................................................... 11 Time-dependent Ginzburg-Landau simulations for superconducting rings ............................................................... 12 Modeling of Transmon Qubits.............................................................................................................................................
    [Show full text]
  • Enfield: an Openqasm Compiler
    Enfield: An OpenQASM Compiler Marcos Yukio Siraichi1, Caio Henrique Segawa Tonetti1 1Departamento de Cienciaˆ da Computac¸ao˜ – UFMG Av. Antonioˆ Carlos, 6627 – 31.270-010 – Belo Horizonte – MG – Brazil fyukio.siraichi,[email protected] Abstract. In 2016, IBM made quantum computing accessible to everyone by deploying a cloud-based quantum computer. It elicited much enthusiasm for quantum computing research and testing. When writing programs for execut- ing in this environment, the programmer had to manually tune the program so that it complied to some resource restrictions specific to IBM’s machine. Hence, we generalized and automated this process, building Enfield: a source-to-source compiler for transforming quantum programs, allocating resources and optimiz- ing. It features state-of-the-art implementations and the extensibility necessary for implementing and comparing new solutions. We illustrate its effectiveness with benchmarks from IBM that were used in previous research and show that our tool performs at least 22% better. Video Link: https://youtu.be/u5OgQAlB3L0 1. Introduction With the recent popularization of quantum computing and the introduction of experi- mental prototypes available for the general public, the possibility of building and pro- gramming quantum experiments has elicited much enthusiasm [Devitt 2016]. In this plat- form, tools that aid the creation of programs are available, such as visual circuit repre- sentation and a gate-level syntax based on the Open Quantum Assembly (OpenQASM) [Cross et al. 2017]. Visual circuits are good for learning the basics of quantum program- ming, but it quickly becomes a tiresome activity for larger programs. OpenQASM, on the other hand, offers a low level of abstraction, demanding a deeper understanding of each gate and the specific constraints for the machine to be executed on [Haner¨ et al.
    [Show full text]
  • Verifying Results of the IBM Qiskit Quantum Circuit Compilation Flow
    Verifying Results of the IBM Qiskit Quantum Circuit Compilation Flow Lukas Burgholzer∗ Rudy Raymondy Robert Wille∗z ∗Institute for Integrated Circuits, Johannes Kepler University Linz, Austria yIBM Research – Tokyo, Japan zSoftware Competence Center Hagenberg GmbH (SCCH), Hagenberg, Austria [email protected] [email protected] [email protected] https://iic.jku.at/eda/research/quantum/ Abstract—Realizing a conceptual quantum algorithm on an two quantum circuits G and G0 boils down to comparing actual physical device necessitates the algorithm’s quantum the corresponding unitary matrices U and U 0, respectively. circuit description to undergo certain transformations in order to However, since these matrices U and U 0 are exponentially adhere to all constraints imposed by the hardware. In this regard, the individual high-level circuit components are first synthesized large, many existing approaches to this problem (e.g., [5]–[9]) to the supported low-level gate-set of the quantum computer, remain unsatisfactory and can hardly be employed on a large before being mapped to the target’s architecture—utilizing sev- scale. eral optimizations in order to improve the compilation result. Recently, a promising solution to address this problem Specialized tools for this complex task exist, e.g., IBM’s Qiskit, Google’s Cirq, Microsoft’s QDK, or Rigetti’s Forest. However, to has been proposed in [10]. There, the use of dedicated date, the circuits resulting from these tools are hardly verified, data-structures, in particular decision diagrams [9], [11], [12], which is mainly due to the immense complexity of checking if has been proposed which allow for a non-exponential rep- two quantum circuits indeed realize the same functionality.
    [Show full text]
  • Computer Physics Communications Massively Parallel Quantum Computer Simulator, Eleven Years Later
    Computer Physics Communications 237 (2019) 47–61 Contents lists available at ScienceDirect Computer Physics Communications journal homepage: www.elsevier.com/locate/cpc Massively parallel quantum computer simulator, eleven years later Hans De Raedt a, Fengping Jin b, Dennis Willsch b,c, Madita Willsch b,c, Naoki Yoshioka d, ∗ ∗∗ Nobuyasu Ito d,e, Shengjun Yuan f, , Kristel Michielsen b,c, a Zernike Institute for Advanced Materials, University of Groningen, Nijenborgh 4, NL-9747 AG Groningen, The Netherlands b Institute for Advanced Simulation, Jülich Supercomputing Center, Forschungzentrum Jülich, D-52425 Jülich, Germany c RWTH Aachen University, D-52056 Aachen, Germany d RIKEN Center for Computational Science, 7-1-26 Minatojima-minami-machi, Chuo-ku, Kobe, Hyogo 650-0047, Japan e Department of Applied Physics, School of Engineering, The University of Tokyo, Hongo 7-3-1, Bunkyo-ku, Tokyo 113-8656, Japan f School of Physics and Technology, Wuhan University, Wuhan 430072, China article info a b s t r a c t Article history: A revised version of the massively parallel simulator of a universal quantum computer, described in this Received 12 May 2018 journal eleven years ago, is used to benchmark various gate-based quantum algorithms on some of the Received in revised form 30 October 2018 most powerful supercomputers that exist today. Adaptive encoding of the wave function reduces the Accepted 8 November 2018 memory requirement by a factor of eight, making it possible to simulate universal quantum computers Available online 29 November 2018 with up to 48 qubits on the Sunway TaihuLight and on the K computer. The simulator exhibits close-to- Keywords: ideal weak-scaling behavior on the Sunway TaihuLight, on the K computer, on an IBM Blue Gene/Q, and Quantum computation on Intel Xeon based clusters, implying that the combination of parallelization and hardware can track the Computer simulation exponential scaling due to the increasing number of qubits.
    [Show full text]
  • Massively Parallel Quantum Computer Simulator, Eleven Years Later
    Computer Physics Communications 237 (2019) 47–61 Contents lists available at ScienceDirect Computer Physics Communications journal homepage: www.elsevier.com/locate/cpc Massively parallel quantum computer simulator, eleven years later Hans De Raedt a, Fengping Jin b, Dennis Willsch b,c, Madita Willsch b,c, Naoki Yoshioka d, ∗ ∗∗ Nobuyasu Ito d,e, Shengjun Yuan f, , Kristel Michielsen b,c, a Zernike Institute for Advanced Materials, University of Groningen, Nijenborgh 4, NL-9747 AG Groningen, The Netherlands b Institute for Advanced Simulation, Jülich Supercomputing Center, Forschungzentrum Jülich, D-52425 Jülich, Germany c RWTH Aachen University, D-52056 Aachen, Germany d RIKEN Center for Computational Science, 7-1-26 Minatojima-minami-machi, Chuo-ku, Kobe, Hyogo 650-0047, Japan e Department of Applied Physics, School of Engineering, The University of Tokyo, Hongo 7-3-1, Bunkyo-ku, Tokyo 113-8656, Japan f School of Physics and Technology, Wuhan University, Wuhan 430072, China article info a b s t r a c t Article history: A revised version of the massively parallel simulator of a universal quantum computer, described in this Received 12 May 2018 journal eleven years ago, is used to benchmark various gate-based quantum algorithms on some of the Received in revised form 30 October 2018 most powerful supercomputers that exist today. Adaptive encoding of the wave function reduces the Accepted 8 November 2018 memory requirement by a factor of eight, making it possible to simulate universal quantum computers Available online 29 November 2018 with up to 48 qubits on the Sunway TaihuLight and on the K computer. The simulator exhibits close-to- Keywords: ideal weak-scaling behavior on the Sunway TaihuLight, on the K computer, on an IBM Blue Gene/Q, and Quantum computation on Intel Xeon based clusters, implying that the combination of parallelization and hardware can track the Computer simulation exponential scaling due to the increasing number of qubits.
    [Show full text]
  • Free Software for Quantum Computation
    Free software for quantum computation Piotr Gawron Institute of Theoretical and Applied Informatics Polish Academy of Sciences KQIS AGH 13 March 2019 Kraków Outline Introduction—Free software Free software actions for quantum computation Quantum Open Source Foundation Fosdem 19 Quantum computing track Xanadu.ai Julia and quantum computing Introduction to Julia QuantumInformation.jl Programming D-Wave Annealer Quantum annealing D-Wave annealer D-Wave software stack Future work—interesting challenges Interesting goals to pursue Outline Introduction—Free software Free software actions for quantum computation Quantum Open Source Foundation Fosdem 19 Quantum computing track Xanadu.ai Julia and quantum computing Introduction to Julia QuantumInformation.jl Programming D-Wave Annealer Quantum annealing D-Wave annealer D-Wave software stack Future work—interesting challenges Interesting goals to pursue Free software IT Giants conference AGH 2009 Free software A program is free software if the program’s users have the four essential freedoms: I The freedom to run the program as you wish, for any purpose (freedom 0). I The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. I The freedom to redistribute copies so you can help others (freedom 2). I The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a
    [Show full text]
  • Release 0.2.0 Tech Team @ Unitary Fund
    mitiq Release 0.2.0 Tech Team @ Unitary Fund Oct 15, 2020 CONTENTS: 1 Mitiq 3 1.1 Installation................................................3 1.2 Getting started..............................................4 1.3 Error mitigation techniques.......................................4 1.4 Documentation..............................................5 1.5 Developer information..........................................5 1.6 Authors..................................................5 1.7 Citation..................................................5 1.8 License..................................................5 2 Users Guide 7 2.1 Overview of mitiq............................................7 2.2 Getting Started..............................................7 2.3 Back-end Plug-ins: Executor Examples................................. 11 2.4 Zero Noise Extrapolation........................................ 18 2.5 About Error Mitigation.......................................... 29 2.6 Error mitigation on IBMQ backends................................... 33 2.7 Mitigating a MaxCut Landscape with QAOA.............................. 37 2.8 Defining Hamiltonians as Linear Combinations of Pauli Strings.................... 41 3 API-doc 45 3.1 Benchmarks............................................... 45 3.2 Mitiq - PyQuil.............................................. 48 3.3 Mitiq - Qiskit............................................... 49 3.4 Utils................................................... 51 3.5 Zero Noise Extrapolation.......................................
    [Show full text]