**Quantum computing** uses certain algebraic methods to develop algorithms for computations, where these algebraic methods are the ones or in parallel to the ones that are applied in quantum mechanics. A ‘conceptual’ computer that can implement those algorithms is the **quantum computer**.^{[1]:I-5}.

In a sense, the term quantum computing is a misnomer as it tends to imply the meaning of some technology to be developed using principles of physics whereas it is actually an applied mathematics of computations. (Perhaps it is better to adopt to a more meaningful name such as computing by the method of vector spaces, linear spaces computing, linear algebraic computing or even linear computing or similar, giving due respect to the mathematician.)

Quantum mechanics seeks to describe phenomena that cannot be explained by classical physics- movement of particles which defy any intuitive explanation. Still, mathematical methods have been developed in quantum mechanics from which meaningful predictions can be made. Using similar (or parallel) mathematical methods, it is possible to come up with computational algorithms with profound capabilities, such as the one that finds integer factorization (which underlies RSA encryption) substantially faster than classical ones. However, as how we do not know how exactly nature affects quantum phenomena, it remains unknown until today how exactly those algorithms could be physically implemented. Thus, a quantum computer is not a reality today.

Irrespective of whether there is quantum computer existing or not, that branch of applied mathematics known as quantum computing continues to study developing algorithms in parallel to the mathematical methods used in quantum mechanics.

The study of quantum computing is a subfield of quantum information science.

Quantum computing began in the early 1980s, when physicist Paul Benioff proposed a quantum mechanical model of the Turing machine.^{[2]} Richard Feynman and Yuri Manin later suggested that a quantum computer had the potential to simulate things that a classical computer could not.^{[3][4]} In 1994, Peter Shor developed a quantum algorithm for factoring integers that had the potential to decrypt RSA-encrypted communications.^{[5]} Despite ongoing experimental progress since the late 1990s, most researchers believe that “fault-tolerant quantum computing [is] still a rather distant dream.”^{[6]} In recent years, investment into quantum computing research has increased in both the public and private sector.^{[7][8]} On 23 October 2019, Google AI, in partnership with the U.S. National Aeronautics and Space Administration (NASA), claimed to have performed a quantum computation that is infeasible on any classical computer.^{[9]}

There are several models of quantum computers (or rather, quantum computing systems), including the quantum circuit model, quantum Turing machine, adiabatic quantum computer, one-way quantum computer, and various quantum cellular automata. The most widely used model is the quantum circuit. Quantum circuits are based on the quantum bit, or “qubit”, which is somewhat analogous to the bit in classical computation. Qubits can be in a 1 or 0 quantum state, or they can be in a superposition of the 1 and 0 states. However, when qubits are measured the result of the measurement is always either a 0 or a 1; the probabilities of these two outcomes depend on the quantum state that the qubits were in immediately prior to the measurement.

There are various approaches to implementing quantum computers, for example quantum simulation, quantum annealing and adiabatic quantum computation. Technologies such as transmons, ion traps and topological quantum computers use quantum logic gates for their computations. All these approaches use qubits.^{[1]:2–13} There are currently a number of significant obstacles in the way of constructing useful quantum computers. In particular, it is difficult to maintain the quantum states of qubits as they suffer from quantum decoherence and state fidelity. Quantum computers therefore require error correction.^{[10][11]}

Any computational problem that can be solved by a classical computer can also be solved by a quantum computer. Conversely, quantum computers obey the Church–Turing thesis; that is, any problem that can be solved by a quantum computer can also be solved by a classical computer, at least in principle given enough time. While this means that quantum computers provide no additional advantages over classical computers in terms of computability, they do enable the design of algorithms for certain problems that have significantly lower time complexities than known classical algorithms. Notably, quantum computers are believed to be able to quickly solve certain problems that no classical computer could solve *in any feasible amount of time*—a feat known as “quantum supremacy.” The study of the computational complexity of problems with respect to quantum computers is known as quantum complexity theory.

Potential applications

**Cryptography**

Integer factorization, which underpins the security of public key cryptographic systems, is believed to be computationally infeasible with an ordinary computer for large integers if they are the product of few prime numbers (e.g., products of two 300-digit primes).^{[13]} By comparison, a quantum computer could efficiently solve this problem using Shor’s algorithm to find its factors. This ability would allow a quantum computer to break many of the cryptographic systems in use today, in the sense that there would be a polynomial time (in the number of digits of the integer) algorithm for solving the problem. In particular, most of the popular public key ciphers are based on the difficulty of factoring integers or the discrete logarithm problem, both of which can be solved by Shor’s algorithm. In particular, the RSA, Diffie–Hellman, and elliptic curve Diffie–Hellman algorithms could be broken. These are used to protect secure Web pages, encrypted email, and many other types of data. Breaking these would have significant ramifications for electronic privacy and security.

However, other cryptographic algorithms do not appear to be broken by those algorithms.^{[14][15]} Some public-key algorithms are based on problems other than the integer factorization and discrete logarithm problems to which Shor’s algorithm applies, like the McEliece cryptosystem based on a problem in coding theory.^{[14][16]} Lattice-based cryptosystems are also not known to be broken by quantum computers, and finding a polynomial time algorithm for solving the dihedral hidden subgroup problem, which would break many lattice based cryptosystems, is a well-studied open problem.^{[17]} It has been proven that applying Grover’s algorithm to break a symmetric (secret key) algorithm by brute force requires time equal to roughly 2^{n/2} invocations of the underlying cryptographic algorithm, compared with roughly 2^{n} in the classical case,^{[18]} meaning that symmetric key lengths are effectively halved: AES-256 would have the same security against an attack using Grover’s algorithm that AES-128 has against classical brute-force search (see Key size).

Quantum cryptography could potentially fulfill some of the functions of public key cryptography. Quantum-based cryptographic systems could, therefore, be more secure than traditional systems against quantum hacking.^{[19]}

**Quantum search**

Besides factorization and discrete logarithms, quantum algorithms offering a more than polynomial speedup over the best known classical algorithm have been found for several problems,^{[20]} including the simulation of quantum physical processes from chemistry and solid state physics, the approximation of Jones polynomials, and solving Pell’s equation. No mathematical proof has been found that shows that an equally fast classical algorithm cannot be discovered, although this is considered unlikely.^{[21]} However, quantum computers offer polynomial speedup for some problems. The most well-known example of this is *quantum database search*, which can be solved by Grover’s algorithm using quadratically fewer queries to the database than that are required by classical algorithms. In this case, the advantage is not only provable but also optimal, it has been shown that Grover’s algorithm gives the maximal possible probability of finding the desired element for any number of oracle lookups. Several other examples of provable quantum speedups for query problems have subsequently been discovered, such as for finding collisions in two-to-one functions and evaluating NAND trees.

Problems that can be addressed with Grover’s algorithm have the following properties:

- There is no searchable structure in the collection of possible answers,
- The number of possible answers to check is the same as the number of inputs to the algorithm, and
- There exists a boolean function which evaluates each input and determines whether it is the correct answer

For problems with all these properties, the running time of Grover’s algorithm on a quantum computer will scale as the square root of the number of inputs (or elements in the database), as opposed to the linear scaling of classical algorithms. A general class of problems to which Grover’s algorithm can be applied^{[22]} is Boolean satisfiability problem. In this instance, the *database* through which the algorithm is iterating is that of all possible answers. An example (and possible) application of this is a password cracker that attempts to guess the password or secret key for an encrypted file or system. Symmetric ciphers such as Triple DES and AES are particularly vulnerable to this kind of attack.^{[citation needed]} This application of quantum computing is a major interest of government agencies.^{[23]}

**Quantum simulation**

Since chemistry and nanotechnology rely on understanding quantum systems, and such systems are impossible to simulate in an efficient manner classically, many believe quantum simulation will be one of the most important applications of quantum computing.^{[24]} Quantum simulation could also be used to simulate the behavior of atoms and particles at unusual conditions such as the reactions inside a collider.^{[25]}

**Quantum annealing and adiabatic optimization**

Quantum annealing or Adiabatic quantum computation relies on the adiabatic theorem to undertake calculations. A system is placed in the ground state for a simple Hamiltonian, which is slowly evolved to a more complicated Hamiltonian whose ground state represents the solution to the problem in question. The adiabatic theorem states that if the evolution is slow enough the system will stay in its ground state at all times through the process.

**Solving linear equations**

The Quantum algorithm for linear systems of equations, or “HHL Algorithm”, named after its discoverers Harrow, Hassidim, and Lloyd, is expected to provide speedup over classical counterparts.^{[26]}

**Quantum supremacy**

John Preskill has introduced the term *quantum supremacy* to refer to the hypothetical speedup advantage that a quantum computer would have over a classical computer in a certain field.^{[27]} Google announced in 2017 that it expected to achieve quantum supremacy by the end of the year though that did not happen. IBM said in 2018 that the best classical computers will be beaten on some practical task within about five years and views the quantum supremacy test only as a potential future benchmark.^{[28]} Although skeptics like Gil Kalai doubt that quantum supremacy will ever be achieved,^{[29][30]} in October 2019, a Sycamore processor created in conjunction with Google AI Quantum was reported to have achieved quantum supremacy,^{[31]} with calculations more than 3,000,000 times as fast as those of Summit, generally considered the world’s fastest computer.^{[32]} Bill Unruh doubted the practicality of quantum computers in a paper published back in 1994.^{[33]} Paul Davies argued that a 400-qubit computer would even come into conflict with the cosmological information bound implied by the holographic principle.^{[34]}

Obstacles

There are a number of technical challenges in building a large-scale quantum computer.^{[35]} Physicist David DiVincenzo has listed the following requirements for a practical quantum computer:^{[36]}

- Scalable physically to increase the number of qubits
- Qubits that can be initialized to arbitrary values
- Quantum gates that are faster than decoherence time
- Universal gate set
- Qubits that can be read easily

Sourcing parts for quantum computers is also very difficult. Many quantum computers, like those constructed by Google and IBM, need Helium-3, a nuclear research byproduct, and special superconducting cables that are only made by the Japanese company Coax Co.^{[37]}

The control of multi qubit systems requires the generation and coordination of a large number of electrical signals with tight and deterministic timing resolution. This had led to the development of quantum controllers which enable interfacing the qubit. Scaling these systems to support a growing number of qubits is an additional challenge in the scaling of quantum computers.^{[}

**Quantum decoherence**

One of the greatest challenges involved with constructing quantum computers is controlling or removing quantum decoherence. This usually means isolating the system from its environment as interactions with the external world cause the system to decohere. However, other sources of decoherence also exist. Examples include the quantum gates, and the lattice vibrations and background thermonuclear spin of the physical system used to implement the qubits. Decoherence is irreversible, as it is effectively non-unitary, and is usually something that should be highly controlled, if not avoided. Decoherence times for candidate systems in particular, the transverse relaxation time *T*_{2} (for NMR and MRI technology, also called the *dephasing time*), typically range between nanoseconds and seconds at low temperature.^{[38]} Currently, some quantum computers require their qubits to be cooled to 20 millikelvins in order to prevent significant decoherence.^{[39]} A 2020 study argues that ionizing radiation such as cosmic rays can nevertheless cause certain systems to decohere within milliseconds.^{[40]}

As a result, time-consuming tasks may render some quantum algorithms inoperable, as maintaining the state of qubits for a long enough duration will eventually corrupt the superpositions.^{[41]}

These issues are more difficult for optical approaches as the timescales are orders of magnitude shorter and an often-cited approach to overcoming them is optical pulse shaping. Error rates are typically proportional to the ratio of operating time to decoherence time, hence any operation must be completed much more quickly than the decoherence time.

As described in the Quantum threshold theorem, if the error rate is small enough, it is thought to be possible to use quantum error correction to suppress errors and decoherence. This allows the total calculation time to be longer than the decoherence time if the error correction scheme can correct errors faster than decoherence introduces them. An often cited figure for the required error rate in each gate for fault-tolerant computation is 10^{−3}, assuming the noise is depolarizing.

Meeting this scalability condition is possible for a wide range of systems. However, the use of error correction brings with it the cost of a greatly increased number of required qubits. The number required to factor integers using Shor’s algorithm is still polynomial, and thought to be between *L* and *L*^{2}, where *L* is the number of qubits in the number to be factored; error correction algorithms would inflate this figure by an additional factor of *L*. For a 1000-bit number, this implies a need for about 10^{4} bits without error correction.^{[42]} With error correction, the figure would rise to about 10^{7} bits. Computation time is about *L*^{2} or about 10^{7} steps and at 1 MHz, about 10 seconds.

A very different approach to the stability-decoherence problem is to create a topological quantum computer with anyons, quasi-particles used as threads and relying on braid theory to form stable logic gates.^{[43][44]}

Physicist Mikhail Dyakonov has expressed skepticism of quantum computing as follows:

“So the number of continuous parameters describing the state of such a useful quantum computer at any given moment must be… about 10^{300}… Could we ever learn to control the more than 10^{300} continuously variable parameters defining the quantum state of such a system? My answer is simple. *No, never.*“^{[45][46]}

Developments

**Quantum computing models**

There are a number of quantum computing models, distinguished by the basic elements in which the computation is decomposed. The four main models of practical importance are:

- Quantum gate array (computation decomposed into a sequence of few-qubit quantum gates)
- One-way quantum computer (computation decomposed into a sequence of one-qubit measurements applied to a highly entangled initial state or cluster state)
- Adiabatic quantum computer, based on quantum annealing (computation decomposed into a slow continuous transformation of an initial Hamiltonian into a final Hamiltonian, whose ground states contain the solution)
^{[47]} - Topological quantum computer
^{[48]}(computation decomposed into the braiding of anyons in a 2D lattice)

The quantum Turing machine is theoretically important but the physical implementation of this model is not feasible. All four models of computation have been shown to be equivalent; each can simulate the other with no more than polynomial overhead.

**Physical realizations**

For physically implementing a quantum computer, many different candidates are being pursued, among them (distinguished by the physical system used to realize the qubits):

- Superconducting quantum computing
^{[49][50]}(qubit implemented by the state of small superconducting circuits (Josephson junctions) - Trapped ion quantum computer (qubit implemented by the internal state of trapped ions)
- Neutral atoms in Optical lattices (qubit implemented by internal states of neutral atoms trapped in an optical lattice)
^{[51][52]} - Quantum dot computer, spin-based (e.g. the Loss-DiVincenzo quantum computer
^{[53]}) (qubit given by the spin states of trapped electrons) - Quantum dot computer, spatial-based (qubit given by electron position in double quantum dot)
^{[54]} - Quantum computing using engineered quantum wells, which could in principle enable the construction of quantum computers that operate at room temperature
^{[55][56]} - Coupled Quantum Wire (qubit implemented by a pair of Quantum Wires coupled by a Quantum Point Contact)
^{[57][58][59]} - Nuclear magnetic resonance quantum computer (NMRQC) implemented with the nuclear magnetic resonance of molecules in solution, where qubits are provided by nuclear spins within the dissolved molecule and probed with radio waves
- Solid-state NMR Kane quantum computers (qubit realized by the nuclear spin state of phosphorus donors in silicon)
- Electrons-on-helium quantum computers (qubit is the electron spin)
- Cavity quantum electrodynamics (CQED) (qubit provided by the internal state of trapped atoms coupled to high-finesse cavities)
- Molecular magnet
^{[60]}(qubit given by spin states) - Fullerene-based ESR quantum computer (qubit based on the electronic spin of atoms or molecules encased in fullerenes)
^{[61]} - Nonlinear optical quantum computer (qubits realized by processing states of different modes of light through both linear and nonlinear elements)
^{[62][63]} - Linear optical quantum computer (qubits realized by processing states of different modes of light through linear elements e.g. mirrors, beam splitters and phase shifters)
^{[64]} - Diamond-based quantum computer
^{[65][66][67]}(qubit realized by the electronic or nuclear spin of nitrogen-vacancy centers in diamond) - Bose-Einstein condensate-based quantum computer
^{[68]} - Transistor-based quantum computer – string quantum computers with entrainment of positive holes using an electrostatic trap
- Rare-earth-metal-ion-doped inorganic crystal based quantum computers
^{[69][70]}(qubit realized by the internal electronic state of dopants in optical fibers) - Metallic-like carbon nanospheres based quantum computers
^{[71]}

A large number of candidates demonstrates that quantum computing, despite rapid progress, is still in its infancy.

Relation to computability and complexity theory

**Computability theory**

Any computational problem solvable by a classical computer is also solvable by a quantum computer.^{[72]} Intuitively, this is because it is believed that all physical phenomena, including the operation of classical computers, can be described using quantum mechanics, which underlies the operation of quantum computers.

Conversely, any problem solvable by a quantum computer is also solvable by a classical computer; or more formally, any quantum computer can be simulated by a Turing machine. In other words, quantum computers provide no additional power over classical computers in terms of computability. This means that quantum computers cannot solve undecidable problems like the halting problem and the existence of quantum computers does not disprove the Church–Turing thesis.^{[73]}

As of yet, quantum computers do not satisfy the strong Church thesis. While hypothetical machines have been realized, a universal quantum computer has yet to be physically constructed. The strong version of Church’s thesis requires a physical computer, and therefore there is no quantum computer that yet satisfies the strong Church thesis.

References

- ^ Jump up to:
^{a}^{b}*The National Academies of Sciences, Engineering, and Medicine (2019). Grumbling, Emily; Horowitz, Mark (eds.). Quantum Computing : Progress and Prospects (2018). Washington, DC: National Academies Press. p. I-5. doi:10.17226/25196. ISBN 978-0-309-47969-1. OCLC 1081001288.* **^***Benioff, Paul (1980). “The computer as a physical system: A microscopic quantum mechanical Hamiltonian model of computers as represented by Turing machines”. Journal of Statistical Physics.***22**(5): 563–591. Bibcode:1980JSP….22..563B. doi:10.1007/bf01011339. S2CID 122949592.**^***Feynman, Richard (June 1982). “Simulating Physics with Computers”**(PDF)**. International Journal of Theoretical Physics.***21**(6/7): 467–488. Bibcode:1982IJTP…21..467F. doi:10.1007/BF02650179. S2CID 124545445. Archived from the original*(PDF)**on 8 January 2019. Retrieved 28 February2019.***^***Manin, Yu. I. (1980). Vychislimoe i nevychislimoe[Computable and Noncomputable] (in Russian). Sov.Radio. pp. 13–15. Archived from the original on 2013-05-10. Retrieved 2013-03-04.***^***Mermin, David (March 28, 2006). “Breaking RSA Encryption with a Quantum Computer: Shor’s Factoring Algorithm”**(PDF)**. Physics 481-681 Lecture Notes. Cornell University. Archived from the original**(PDF)**on 2012-11-15.***^***John Preskill (2018). “Quantum Computing in the NISQ era and beyond”. Quantum.***2**: 79. arXiv:1801.00862. doi:10.22331/q-2018-08-06-79. S2CID 44098998.