Category Archives: Physics

The ins and outs of quantum cryptography

This post is based on a conversation with Bill Munro from HP Labs.

One of the few uses for quantum information theory which is accessible using existing technology is quantum cryptography or quantum key distribution (QKD). QKD gives us a means by which to - in principle - share random bit strings with complete security, by which we mean that any attempt to eavesdrop on the communication can be detected and there is no way of circumventing this. So what's the use in sharing a random bit string with someone? There is only one completely uncrackable encryption protocol, known as the one-time pad or Vernam cipher. By 'completely uncrackable' we mean that - hypothetically speaking - even with infinite computing power at one's disposal, it is not possible to crack. The one-time pad protocol relies on a completely secure random bit string as a resource. The caveat is that the random bit string must be as long as the message being encrypted. For this reason the one-time pad is rather impractical in most situations, since if we had the means by which to securely share a random bit string we could have just used it to share our secret message in the first place. QKD solves this problem.

There have been many experimental demonstrations of QKD over increasingly long distances and recently commercial cryptography systems based on QKD have become available, most notably by MagiQ. Companies which manufacture commercial QKD systems tout the incredible security of QKD which is 'guaranteed by the laws of physics'. In principle such a claim is correct. However, Bill drew my attention to a very interesting point recently. The rate at which commerical QKD systems can communicate random bit strings is very slow - on the order of a hundred bits per second. Since the one-time pad requires a random bit string as long as the message to be encrypted, it should be clear that such a system is not going to be useful for anything but the smallest messages. For this reason, these systems don't actually employ the one-time pad algorithm at all. Instead they employ conventional cryptographic protocols such as triple-DES and AES, which require much smaller keys. Of course this completely undermines the security of QKD, since QKD inherently derives its security from the fact that the one-time pad is the only completely secure cipher.

When I first learned this I was extremely surprised, since, while it may not be explicitly advertised, it is taken for granted that any QKD system will employ the one-time pad cipher. My take on all this is that customers of current QKD systems are paying hundreds of thousands of dollars for cryptosystems no more secure than freely available software packages like PGP.

New paper: Optimal photons for quantum information processing

Photons - particles of light - are not like the particles we encounter in everyday life, like say, a marble, which is localized in space. Instead, photons are distributed across space. The way in which a photon is distributed, which we can loosely think of as its shape, is characterized by its so-called wave-packet or wave-function. There are many different ways in which photons can be produced experimentally, and the wave-packets of the produced photons varies enormously between these different schemes.

In my previous paper ``Quantum gate characterization in an extended Hilbert space" (discussed in my previous post), we examined the effects of mode-matching upon the operation of linear optics quantum gates. During this research, one observation we made was that the significance of mode-mismatch in a circuit depends very heavily on the wave-packets of the photons used in the experiment. Naturally, every experimentalist wants to minimize the effects of mode-mismatch since it destroys the operation of their gates. This motivates the question ``what type of wave-packets minimize the effects of mode-mismatch?". In this paper - joint work with Tim Ralph and Michael Nielsen - (pre-print available at quant-ph/0505139) we address this question and establish two criteria which minimize such effects:

  • Photons should be Gaussian in shape (i.e. they should look like a Bell-curve)
  • Photons should be as broad as possible (i.e. the Gaussian curve should be stetched out as much as possible)

From a practical perspective this means that experimentalists should try and employ photon sources which produce photons of this type. In principle this should improve the operation of experimental quantum gates.

New paper: Quantum gate characterization in an extended Hilbert space

This paper is joint work with Tim Ralph, who assisted with the theoretical component, and Jemery O'Brien and Geoff Pryde, who performed the experimental work. In fact, this paper isn't so new. It's been sitting on the arXiv for quite a while now (pre-print available at quant-ph/0411144), but I haven't had the chance to write a post about it yet.

In my previous post on my paper ``Frequency and temporal effects in linear optics quantum computing", I discussed the importance of photon distinguishability on the operation of linear optics quantum gates (see my previous post for an introduction). In this previous work we considered the effects of input distinguishability, which arises during the production of photons. In reality, while this is a very significant problem worth considering, photon distinguishability can arise in more ways than just during preparation. Specifically, it can arise internally within gates, a phenomena referred to as mode-mismatch. This is one of the most significant problems facing the experimental realization of linear optics quantum computing. In this paper we consider this more general problem of mode-mismatch. We develop a means by which to model it theoretically, and demonstrate this by applying it to a model of the controlled-NOT gate which was experimentally demonstrated at the University of Queensland Quantum Technology Lab.

Using our model for mode-mismatch and experimental data obtained from the laboratory, we were able to use a fitting procedure to estimate the parameters characterizing the magnitude of the mode-mismatch at different locations in the circuit. This is very useful as an experimental diagnostic tool, since it allows us to non-intrusively gain insight into what's going on inside experimental gates using data measured from the gate. This information, which gives an indication as to where things are going wrong, can then potentially be used to tweak experimental gates and improve their performance.

Heading overseas: US, UK & Europe

On Saturday I'm heading off to Baltimore, Maryland, for CLEO/QELS, an international optics conference, where I'll be giving a presentation entitled "Quantum gate characterization in an extended Hilbert space", based on the paper with the same name (pre-print quant-ph/0411144). This is joint work with Tim Ralph, Geoff Pryde and Jeremy O'Brien.

Following the conference I'll be heading to the UK, where I'll spend two weeks visiting Ian Walmsley's group in the Physics Department at Oxford University. I'm very excited about this and it should be a fantastic opportunity to work with new people with similar research interests, who are outstanding in their field.

Finally, following my visit to Oxford, I'm taking two weeks holiday leave to visit friends and family in Germany. With any luck I hope to briefly head down the the German Alps and climb a few peaks, most notably the Zugspitze (2964m), Germany's highest mountain. I had originally intended to go to the French Alps and have a shot at Mt. Blanc (4810m), the highest mountain in Western Europe, however time was too short. I'll leave it for next year, when I hope to be back in Europe again.

New paper: Frequency and temporal effects in linear optical quantum computing

My joint paper with Tim Ralph, entitled "Frequency and temporal effects in linear optical quantum computing" has just appeared in Physical Review A (e-print quant-ph/0411114).

In my previous post on linear optics quantum computing (LOQC) I discussed the notion of interfering photons, which is a fundamental requirement for LOQC. It turns out that for photons to interfere they must be indistinguishable. In quantum mechanics the term indistinguishable has a very strict interpretation: if we have two photons, there must be no way, in principle, for us to tell them apart. For example, suppose we had two identical photons arriving one after another. In this case, the different timing of the two photons allows us to know which is which. Thus, the photons are temporally distinguishable. Simlilarly, two photons might arrive simultaneously, but be spatially separated, in which case the photons are also distinguishable. Experimentally, making photons which are completely indistinguishable is extremely challenging and requires an enormous amount of precision, which is limited by technology. This problem of making indistinguishable photons is one of the most significant complications facing experimentalists.

In this paper we analysed the effect of photon distinguishability on the operation of LOQC circuits, in particular the controlled-NOT (CNOT) gate, which I described in an earlier post. From this analysis we were able to specify how distinguishable photons need to be for an experimental CNOT gate to work effectively. Understanding this is clearly very important from an experimental point of view, since it gives us an idea of how well we can reasonably expect our experimental gates to work.

New paper: Non-deterministic approximation of photon number discriminating detectors using non-discriminating detectors

Quantum computing is one of those mysterious fields that most people don't have any familiarity with at all. This problem is excaccerbated by the fact that the literature in this field is typically very technical and out of reach to non-specialists. In fact, even I, as a student in the field, find it extremely difficult to follow the literature. Consequently, I've decided that whenever I publish a new paper, I'll complement it with a layman's description of the paper in this blog, hopefully in a form pallateable to those who have never even heard of the word physics before.

Several months ago my first physics paper was accepted for publication in the Journal of Optics B., entitled "Non-deterministic approximation of photon number discriminating detectors using non-discriminating detectors" (e-print quant-ph/0411114). This is quite a mouthful I confess, however the idea behind the paper is very simple and I'll now attempt to explain it in as non-technical a manner as possible.

In optical quantum computing (see my previous post for an introduction), my area of research, we use photons, or particles of light, to represent qubits. One of the most fundamental requirements to experimentally realize optical quantum gates is photo-detectors. A photo-detector is simply a device which tells you when a photon hits it. However, there are two types of photo-detectors: discriminating (or number-resolving) and non-discriminating. A discriminating photo-detector is one which is able to tell you how many photons have hit it, whereas a non-discriminating detector can only tell you if one or more photons hit it, but not how many. In the long term, if we're going to able to construct optical quantum computers, it turns out that we'll need the former discriminating variety. However, building discriminating photo-detectors is very technologically challenging and presently we only have reliable non-discriminating ones. In this paper I describe how non-discriminating detectors can be used to approximate discriminating detectors. The proposal is non-deterministic, which simply means that the device doesn't always work, but when it does, you can be very confident that it has worked correctly. Because the proposal in non-deterministic, it's application is quite limited. However, there are still many experiments for which the proposal may be applicable.

My proposal describes a class of detectors which do the following. We have some unknown number of photons n, hitting our detector, and we want to know if the number of incident photons is m. If n=m our detector gives a response, otherwise it does not.

I'll begin by explaining the simplest case, an m=1 detector. That is, a detector which tells us if there is exactly one incident photon. There are only two basic components we need to do this: a beamsplitter and two non-discriminating detectors. A beamsplitter is simply a device which, when a photon hits it, has some probability P, of going one way, and some other probability 1-P, of going the other. To construct our m=1 detector we will simply direct the incoming beam onto a very low reflectivity beamsplitter (i.e. very small P). At each of the beamsplitter outputs we place a non-discriminating detector. Now imagine that n=1, i.e. a single photon is incident on the beamsplitter. The photon has probability P of hitting the first detector, and probability 1-P of hitting the second detector. If we have two incident photons (i.e n=2) then the probability that both photons reach the first detector is P squared, and the rest of the time at least one of the photons will reach the second detector. In general, for an arbitary n-photon input state, the probability that all photons reach the first detector drops of exponentially as P to the power of n. Recall that P is chosen to be very small. Therefore, P squared is much smaller than P. This realization forms the basis of the proposal. We apply a so-called post-selection procedure. Namely, if the first photo-detector triggers, but the second does not, we can say with high probability that exactly one photon was incident on the beamsplitter, since the probability that multiple photons are all directed to the first detector is extremely low. If the second detector does trigger, we ignore the result as a failure. This is where the non-determinism comes in. So we see that using a low-reflectivity beamsplitter and two non-discriminating detectors we can construct a device which fails most of the time, but when it succeeds, tells us that we almost certainly had exactly one photon at the input.

The idea I just described for an m=1 detector can be generalized to construct arbitrary m-photon discriminating detectors, by using a chain of m beamsplitters instead of just one. In principle the idea works very well, however there is one experimental challenge in particular which limits its effectiveness. Specifically, experimental photo-detectors are inefficient, which means they don't always click when a photon hits them. Let's consider what this means in the context of the m=1 detector I described earlier. We said that when the first detector clicks, but the second does not, we can be fairly sure that we had exactly one photon in our input. Suppose, however, that the detectors are ineffecicient. This means that a photon might hit the second detector, but not trigger it. This means that we may have in fact had two incident photons, but we simply missed one of them. Clearly this makes the results erroneous. This problem of having inefficient detectors is actually quite signficant since present-day detectors are really quite inefficient. Nonetheless, with the future in mind, when highly efficienty detectors may be available, the proposal may find a use.

So what is it that I do? – Part 3: Linear Optics Quantum Computing

In my previous post I discussed quantum computing and why it has the potential to be more powerful than classical computing. Until now however I've only discussed quantum computing in a very abstract sense. I've talked about quantum gates and qubits without giving any clue as to how these things are made in practise. Clearly this is pivotal, since otherwise quantum computing would be nothing more than a cool theory without much of a future. Once again I'll discuss the classical case as a starting point. In classical computers, as everyone is probably aware, bits are represented using electrical signals. For example, the presence of an electrical current could represent a logical '1' and its absense a logical '0'. Using electrical signals has the advantage that we can use electronic circuits consisting of transistors to implement gates. So what about the quantum case? It turns out that in fact there are countless ways in which qubits can be represented and quantum gates constructed.

In my research I focus on one idea in particular, referred to as linear optics quantum computing, or LOQC. In LOQC we use photons, or particles of light, to represent qubits. Most of us will be familiar with the idea of polarization of light from high school experiments. For those not familar with polarization, it can simply be thought of as the orientation of light, which must always be perpendicular to the direction in which the light travels. As a crude analogy, image a plane flying along which then rolls to one side. This would be changing the plane's polarization. Using the polarization of a photon we can very easily represent a qubit. We simply define that if a photon is polarized along say a horizontal axis that it represents a '0', and a vertical axis a logical '1'. Naturally, the all important superpositions are possible. For example if a photon were polarized at 45 degrees to the horizontal, this would be an equal superposition of horizontal and vertical, or '0' and '1'.

So we have our qubits. What about constructing quantum gates? In my previous post I talked about the CNOT gate, a 2-qubit quantum gate. The picture below is a schematic for an implementation of this gate using LOQC. It isn't terribly important, or instructive, to understand exactly how it works. I really only want to draw your attention to two features. Firstly the black lines. These represent paths which the light (i.e. photons) take. Secondly, the horizontal bars. These are beamsplitters, and are nothing other than partially silvered mirrors which split a light beam into multiple weaker beams. The beamsplitters serve to interfere the photons in the circuit in a cleverly designed way such that the device implements a CNOT gate.

As this point in time, things are probably looking very bright for LOQC. Unfortunately however there are some pretty hideous problems with the gate I've just described. Most notably, the gate is non-determinisitc, which simply means that it has some definite probability of failing. It's probably immediately obvious just what a problem this presents. If we only need to implement a single gate, and we have one which succeeds with say probability P, there are no worries. We simply repeat the gate over and over until it works. In practise however we'll be wanting to make complicated circuits consisting of perhaps thousands of these gates. In this case the probability of the circuit working is P to the power the number of gates in the circuit. In other words, we could be waiting a million years for the circuit to work. Fortunately, there are some extremely clever proposals on how this problem can be circumvented. Unfortunately, they are also quite complicated and experimentally very difficult.

In conclusion, we know that in theory LOQC can work. In fact, the gate shown below has been experimentally demonstrated at the University of Queensland Quantum Technology Lab. In practise however there are many technological obstacles to overcome before any useful quantum computing algorithms can be implemented using LOQC.

So what is it that I do? – Part 2: Quantum Computing

In my previous post I presented a few ideas from quantum mechanics. The next question to address is "how does this relate to computing?". Let's start by familiarizing ourselves with classical computing. A classical computer is just a normal, everyday style computer, like the one you're looking at right now. Anyone who's done any computer science or electronics will know that a computer employs binary logic, i.e. a language consisting of '0' and '1', and is constructed from gates. A gate is the most fundamental building block in a classical computer and performs very simple logical operations. For example, there is the so called AND gate, which has two binary inputs and one binary output. The output of the gate is '1' only if both inputs are '1', otherwise the output is '0'. Similarly, there is the OR gate, which outputs a '1' if either or both inputs are a '1'. There is also a single bit gate, called the NOT gate, which simply inverts whatever the input state was. In fact, these three gates form a so called universal set of gates for classical computing, which means that any logical operation can be implemented using them. The PC on your desk is constructed from nothing other than a massive number of elementary gates like these, which jointly perform the much more complicated logical operations your computer is capable of.

So, that's classical computers in a nutshell. What about quantum computers? Much in the same way that a classical computer uses bits, a quantum computer employs so called qubits, or quantum bits. If you read my last post you'll recall that in quantum mechanics, superpositions of different states are possible. The idea of superpositions applies to qubits as well, which means that, in addition to taking on values of '0' and '1', a qubit can take on superpositions of '0' and '1'. In other words, a qubit can simultaneously be in some combination of these two states. If we have multiple qubits we can have superpositions of multiple qubit states. For example, with two qubits, we could have a superpostion of all the states '00', '01', '10' and '11'. In a classical computer we could only represent any one of these states at a given time.

So what do we do with our wonderful qubits? In quantum computing we have something analogous to the classical gate. You guessed it, the quantum gate. Much like a classical gate, a quantum gate operates on one or more input qubits to produce output qubits. What makes quantum gates so powerful however is that if we input a superposition state we get more than just a binary sequence at the output. Instead we get a superposition state, where each element of the superposition is the action of the gate on the corresponding element of the input superposition. In short, the gate simultaneously operates on all components of a superposition state. This idea is probably best illustrated by example. We'll consider the so called controlled-NOT (or CNOT) gate. This gate has two input and two output qubits and performs the following logical operation: if the first qubit is '1' the second qubit has its value flipped, otherwise it is left alone. So, if we input the state '00' we get an output state of '00', and if we input the state '10' we get '11'. Now suppose that we input a superposition of these two states. In this case we get an output state containing a superposition of '00' and '11'. Pretty cool, huh?

I'm sure it won't take much to convince you that quantum circuits have the potential to be much more powerful than their classical counterparts, since we can input superposition states into a circuit and get an output state which contains a superposition of all the results, all in one go. Unfortunately there are some rather nasty caveats associated with qubits. Most notably, it actually isn't posibble to directly measure a superpostion state and determine what all the components in the superposition are. So even though we might have some wonderful quantum circuit which gives us a superposition of answers to some problem, we can't extract what the solutions are. This is clearly pretty nasty and limits the applications for quantum computers. Nonetheless, in some cases there are clever ways around this problem, which I won't go into here. Rest assured however that despite the aforementioned problem, quantum computers still have the potential to solve problems which could otherwise never be solved on classical computers due to their computational complexity.

So what is it that I do? – Part 1: Quantum Mechanics

My work in physics focusses on quantum computing, one of those hot topics that the media love to talk about, but nobody actually seems to know what it is. So providing a very layman's explanation of quantum computing, that even I can understand, seems like a reasonable place to start. Over the next few posts I hope to provide something along the lines of Quantum Computing for Complete Twits, or perhaps even more rudimentary than that. I'll start by trying to explain some of the basic ideas of quantum mechanics, the study of things which are very very small, which is necessary if we're going to understand the idea behind quantum computing.

In the world around us (not the TV show) we're all used to seeing objects with precisely defined states. By states I mean things like position, velocity, whatever. Any old property will do. As it turns out, when we delve into the world of quantum mechanics this is no longer the case. For example, if you try and look at things like individual atoms, their states are no longer very well defined. Instead things are sort of fuzzy. If you try and measure the position of an atom, you just can't get a precise answer as to where it is. This doesn't present much of conceptual problem to us, right?. "Surely the fuzziness is just experimental error and noise?" we might say. Strangely this isn't the case at all. In fact the fuzziness is an instrinsic property of physics. That is to say, things actually are fuzzy, and no matter how high-tech our measurement devices are, we will never be able to overcome it. From here, I'm afraid, things only begin to become more strange. The idea of states not being well defined, or fuzzy, leads on to the next bizarre phenomena of quantum mechanics, that of superpositions.

We've all grown up used to things being in one place or another. In quantum mechanics the rules are a bit looser than this and in fact things can be in one place and another, called a superposition of the different states. This should be taken quite literally as meaning that something can simultaneously be in multiple places at once. How do we know this? Hopefully we all remember our high-school optics experiments where we shine a laser beam through a double slit and observe interference effects on the other side. Well we can do this with single photons too. The problem is that the photon is a fundamental, indivisible unit, unlike a bright beam of laser light. When a single photon hits a double slit, it doesn't become two photons. There's still only one photon. Nonetheless, we can oberserve exactly the same kind of interference effect at the back end of the double slit as we do with laser light. This seems like a bit of a contradiction. If the individual photons are indivisble and always go one way or another at the double slit then cleary there would be no interference pattern. We'd just see two bright spots, corresponding to the two slits. However we do see interference patterns. The explanation is that the single photon enters a superposition of the two possible routes and self-interference occurs at the other side of the double slit. In other words, even though there is only one photon, it simultaneously takes both routes. Strange but true!