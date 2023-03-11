In 1994, as Professor Peter Shor PhD 85 says, the internal workshops at AT&T Bell Labs were lively affairs. The audience of physicists was an active and inquisitive bunch, often prodding the speakers with questions during their talks. Shor, who worked at Bell Labs at the time, recalls a few times when a speaker couldn’t get past the third slide as they tried to address a quick line of questions before time ran out.

That year, when Shor took his turn to present an algorithm he had recently worked out, physicists paid rapt attention to Shor’s entire speech and then some.

Mine went pretty well, he told an MIT audience yesterday.

In that 1994 seminar talk, Shor presented a proof showing how a quantum system could be implemented to solve a given problem faster than a classical computer. This problem, known as the discrete logarithm problem, was known to be unsolvable by classical means. As such, discrete logarithms were used as the basis for a small number of security systems at the time.

Shore’s work was the first to show that a quantum computer could solve a real, practical problem. His speech caused a sensation in the seminar and the news spread and then got confused. Four days after his commencement speech, physicists around the country were assuming that Shor had solved a related, though much more acute, problem: prime factorization, the challenge of finding a very large number of two prime factors. Although some security systems use discrete logarithms, most encryption schemes today are based on prime factorization and the assumption that it is impossible to break.

It was like a children’s game of telephone, where the rumor spread that I had figured out factoring, says Shor. And in four days since then [the talk]church!

Reversing his original problem, Shor found a similar quantum solution for prime factorization. His solution, known today as the Shors algorithm, showed how a quantum computer could factor very large numbers. Quantum computing, once thought of as a thought experiment, suddenly had in the Shors algorithm an instruction manual for a very real and potentially disruptive application. His work simultaneously sparked numerous new lines of research in quantum computing, information science, and cryptography.

The rest is history, the highlights of which Shor told a standing-room-only audience in MITs Huntington Hall, Room 10-250. Shor, who is the Morss Professor of Applied Mathematics at MIT, spoke as this year’s recipient of the James R. Killian, Jr. Faculty Achievement Award, which is the highest honor Institute faculty can bestow one of its members every academic year.

In introducing Shors’ speech, Lily Tsai, chair of the faculty, quoted the award’s citation:

Without exception, the faculty who nominated him all commented on his vision, genius and technical mastery and praised him for the brilliance of his work, Tsai said. Professor Shors’ work shows that quantum computers have the potential to open new avenues of human thought and endeavour.

A quantum story

During the hour-long lecture, Shor took the audience through a brief history of quantum computing, peppering the conversation with personal recollections of his role. The story, he said, begins in the 1930s with the discovery of quantum mechanics, the physical behavior of matter at the smallest, subatomic scales, and the question that quickly followed: Why was the quantum so strange?

Physicists encountered the new description of the physical world, which was so different from the classical Newtonian mechanics that had been understood for centuries. Shor says that the physicist Erwin Schrdinger tried to illustrate the absurdity of the new theory with his now famous thought experiment involving a cat in a box: How can it embody both the dead and the alive states? The exercise challenged the idea of ​​superposition, a key property of quantum mechanics that predicts that a quantum bit like an atom must hold more than one state simultaneously.

More exciting still was the prediction of entanglement, which postulated that two atoms could be inextricably bound. Any change in one must then affect the other, regardless of the distance between them.

No one thought of using this quirk for information storage until Wiesner, Shor said.

Wiesner was Stephen Wiesner, who in the late 1960s was a graduate student at Columbia University who was later credited with formulating some of the basic principles of quantum information theory. Wiesner’s main contribution was a paper that was initially rejected. He had proposed a way to create quantum money, or currency that was resistant to counterfeiting, by exploiting a strange property in which quantum states cannot be perfectly duplicated, a prediction known as the no-cloning theorem.

As Shor recalls it, Wiesner wrote his idea on a typewriter, sent it out for peer review, and was roundly rejected. It wasn’t until another physicist, Charles Bennett, found the paper, pulled it out of a drawer and published it, cementing Wiesner’s role in the history of quantum computing. Bennett went further, realizing that the basic idea of ​​quantum money could be applied to develop a quantum key distribution scheme, in which the security of a piece of information, such as a private key passed between parties, is protected by another feature strange quantum. .

Bennett developed the idea with Gilles Brassard in 1984. The BB84 algorithm was the first protocol for a cryptosystem that relied entirely on the strange phenomena of quantum physics. Sometime in the 1980s, Bennett came to Bell Labs to introduce the BB84. It was the first time Shores heard about quantum computing, and he was hooked.

Shor first tried to find an answer to a question Bennett posed to the audience: How can one prove mathematically that the protocol is truly secure? The problem, however, was too acute, and Shor dropped the question, though not the subject. He followed the efforts of his colleagues in the growing field of quantum information science, eventually landing on a paper by physicist Daniel Simon, who proposed something truly strange: that a system of quantum computing bits could solve a problem of especially exponentially faster than a classic computer. .

The problem itself, as Simon put it, was an esoteric one, and his paper, like Wiesner’s, was initially rejected. But Shor saw something in its concrete structure that related the problem to the much more concrete problems of discrete logarithms and factorization. He worked from Simons’ starting point to see if a quantum system could solve discrete logarithms faster than a classical system. His first attempts were a draw. The quantum algorithm solved a problem just as quickly as its classical counterpart. But there were hints that he could do better.

There’s still hope in the effort, Shor recalls thinking.

When he worked it out, he presented his algorithm for a discrete quantum log algorithm at the 1994 symposium at Bell Labs. In the four days since his talk, he also managed to work out his eponymous prime factorization algorithm.

The anticipation was overwhelming, but also skeptical, as physicists assumed that a practical quantum computer would instantly crumble under the implication of noise, resulting in a cascade of errors in the factorization calculation.

I worried about this problem, Shor said.

So he went back to work, looking for a way to correct errors in a quantum system without disrupting the state of the computational quantum bits. He found an answer through association, which broadly refers to a series of interrelated events. In his case, Shor found a way to connect qubits and store the information of a logical or computational qubit among nine highly entangled physical qubits. In this way, any error in the logical qubit can be measured and fixed within the physical qubits, without having to measure (and therefore destroy) the qubit involved in the actual calculation.

The new Shors algorithm was the first quantum error-correcting code to prove that a quantum computer could be fault-tolerant, and therefore a very real possibility.

The world of quantum mechanics is not the world of your intuition, Shor said in closing his talk. Quantum mechanics is the way the world really is.

The quantum future

After his talk, Shor took several questions from the audience, including one that drives a major push in quantum information science today: When will we see a real, practical quantum computer?

To factor a large number, Shor estimates that a quantum system would require at least 1,000 qubits. To factor the very large numbers that support today’s Internet and security systems would require millions of qubits.

That will take many years, Shor said. We may never make a quantum computer, but if someone has a good idea, we might see one 10 years from now.

Meanwhile, he noted that while work on quantum computing has grown in recent years, so too has work toward post-quantum cryptography and efforts to develop alternative cryptosystems that are secure against code-based cracking. quantum. Shor compares these efforts to the scramble leading up to Y2K and the prospect of a digital catastrophe at the turn of the last century.

Maybe you should have started years ago, Shor said. If you wait until the last minute, when his obvious quantum computers will be built, you will probably be too late.

Shor received his PhD from MIT in 1985, and went on to complete a postdoc at the Mathematical Sciences Research Institute in Berkeley, California. He then spent several years at AT&T Bell Labs, and then AT&T Shannon Labs, before returning to MIT as a tenured faculty member in 2003.

Shors’ contributions have been recognized by numerous awards, most recently the 2023 Progress Prize in Fundamental Physics, which he shared with Bennett, Brassard, and physicist David Deutsch. His other awards include the MacArthur Fellowship, the Nevanlinna Prize (now the IMU Abacus Medal), the Dirac Medal, the King Faisal International Prize in Science, and the BBVA Foundation Frontiers of Knowledge Award. Shor is a member of the National Academy of Sciences and the American Academy of Arts and Sciences. He is also a member of the American Mathematical Society and the Society for Computing Machinery.