Limitations of the Macaulay matrix approach for using the HHL algorithm to solve multivariate polynomial systems

Jintai Ding1, Vlad Gheorghiu2, András Gilyén3, Sean Hallgren4, and Jianqiang Li4

1University of Cincinnati, OH, USA
2Institute for Quantum Computing / Dept. of Combinatorics & Optimization, University of Waterloo, ON, Canada
3Institute for Quantum Information and Matter, Caltech, Pasadena CA, USA
4Department of Computer Science and Engineering, Pennsylvania State University, PA, USA

Find this paper interesting or want to discuss? Scite or leave a comment on SciRate.


Recently Chen and Gao [15] proposed a new quantum algorithm for Boolean polynomial system solving, motivated by the cryptanalysis of some post-quantum cryptosystems. The key idea of their approach is to apply a Quantum Linear System (QLS) algorithm to a Macaulay linear system over $\mathbb{C}$, which is derived from the Boolean polynomial system. The efficiency of their algorithm depends on the condition number of the Macaulay matrix. In this paper, we give a strong lower bound on the condition number as a function of the Hamming weight of the Boolean solution, and show that in many (if not all) cases a Grover-based exhaustive search algorithm outperforms their algorithm. Then, we improve upon Chen and Gao's algorithm by introducing the Boolean Macaulay linear system over $\mathbb{C}$ by reducing the original Macaulay linear system. This improved algorithm could potentially significantly outperform the brute-force algorithm, when the Hamming weight of the solution is logarithmic in the number of Boolean variables.
Furthermore, we provide a simple and more elementary proof of correctness for our improved algorithm using a reduction employing the Valiant-Vazirani affine hashing method, and also extend the result to polynomial systems over $\mathbb{F}_q$ improving on subsequent work by Chen, Gao and Yuan \citeChenGao2018. We also suggest a new approach for extracting the solution of the Boolean polynomial system via a generalization of the quantum coupon collector problem [2].

► BibTeX data

► References

[1] Scott Aaronson. Read the fine print. Nature Physics Nat. Phys. , 11(4):291–293, 2015.

[2] Srinivasan Arunachalam, Aleksandrs Belovs, Andrew M. Childs, Robin Kothari, Ansis Rosmanis, and Ronald de Wolf. Quantum coupon collector. In Proceedings of the 15th Conference on the Theory of Quantum Computation, Communication, and Cryptography (TQC) TQC , pages 10:1–10:17, 2020. arXiv: 2002.07688.

[3] Gwénolé Ars, Jean-Charles Faugere, Hideki Imai, Mitsuru Kawazoe, and Makoto Sugita. Comparison between XL and Gröbner basis algorithms. In International Conference on the Theory and Application of Cryptology and Information Security, pages 338–353. Springer, 2004.

[4] Andris Ambainis. Variable time amplitude amplification and quantum algorithms for linear algebra problems. In Proceedings of the 29th Symposium on Theoretical Aspects of Computer Science (STACS) STACS , pages 636–647, 2012. arXiv: 1010.4458.

[5] Eric R Anschuetz, Jonathan P Olson, Alán Aspuru-Guzik, and Yudong Cao. Variational quantum factoring. arXiv: 1808.08927, 2018.

[6] Bruno Buchberger et al. Gröbner bases computation by triangularizing Macaulay matrices. In The 50th Anniversary of Gröbner Bases, pages 25–33. Mathematical Society of Japan, 2018.

[7] Kim Batselier. A numerical linear algebra framework for solving problems with multivariate polynomials. PhD thesis, KU Leuven (Leuven, Belgium), 2013.

[8] Michel Boyer, Gilles Brassard, Peter Høyer, and Alain Tapp. Tight bounds on quantum searching. Fortschritte der Physik, 46(4–5):493–505, 1998. arXiv: quant-ph/​9605034.

[9] Magali Bardet, Jean-Charles Faugère, Bruno Salvy, and Pierre-Jean Spaenlehauer. On the complexity of solving quadratic boolean systems. Journal of Complexity, 29(1):53–75, 2013.

[10] Andreas Björklund, Petteri Kaski, and Ryan Williams. Solving systems of polynomial equations over GF(2) by a parity-counting self-reduction. In Proceedings of the 46th International Colloquium on Automata, Languages, and Programming (ICALP) ICALP, 2019.

[11] Christopher JC Burges. Factoring as optimization. Microsoft Research MSR-TR-200, 2002.

[12] Ethan Bernstein and Umesh Vazirani. Quantum complexity theory. SIAM Journal on computing, 26(5):1411–1473, 1997.

[13] Daniel J Bernstein and Bo-Yin Yang. Asymptotically faster quantum algorithms to solve multivariate quadratic equations. In International Conference on Post-Quantum Cryptography, pages 487–506. Springer, 2018.

[14] Alessio Caminata and Elisa Gorla. Solving multivariate polynomial systems and an invariant from commutative algebra. arXiv: 1706.06319, 2017.

[15] Yu-Ao Chen and Xiao-Shan Gao. Quantum algorithm for Boolean equation solving and quantum algebraic attack on cryptosystems. Journal of Systems Science and Complexity, 2021. arXiv: 1712.06239.

[16] Shantanav Chakraborty, András Gilyén, and Stacey Jeffery. The power of block-encoded matrix powers: Improved regression techniques via faster Hamiltonian simulation. In Proceedings of the 46th International Colloquium on Automata, Languages, and Programming (ICALP) ICALP, pages 33:1–33:14, 2019. arXiv: 1804.01973.

[17] Nai-Hui Chia, András Gilyén, Tongyang Li, Han-Hsuan Lin, Ewin Tang, and Chunhao Wang. Sampling-based sublinear low-rank matrix arithmetic framework for dequantizing quantum machine learning. In Proceedings of the 52nd ACM Symposium on the Theory of Computing (STOC) STOC , page 387–400, 2020. arXiv: 1910.06151.

[18] Yu-Ao Chen, Xiao-Shan Gao, and Chun-Ming Yuan. Quantum algorithm for optimization and polynomial system solving over finite field and application to cryptanalysis, 2018. arXiv: 1802.03856.

[19] B David Clader, Bryan C Jacobs, and Chad R Sprouse. Preconditioned quantum linear system algorithm. Physical review letters, 110(25):250504, 2013.

[20] Nicolas Courtois, Alexander Klimov, Jacques Patarin, and Adi Shamir. Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 392–407. Springer, 2000 (Extended version as of 24 Aug, 2004. http:/​/​​xlfull.pdf).

[21] Andrew M. Childs, Robin Kothari, and Rolando D. Somma. Quantum algorithm for systems of linear equations with exponentially improved dependence on precision. SIAM Journal on Computing SIAM J. Comp., 46(6):1920–1950, 2017. arXiv: 1511.02306.

[22] Claus Diem. The XL-algorithm and a conjecture from commutative algebra. In International Conference on the Theory and Application of Cryptology and Information Security, pages 323–337. Springer, 2004.

[23] Jintai Ding and Dieter Schmidt. Solving degree and degree of regularity for polynomial systems over a finite fields. In Number Theory and Cryptography, pages 34–49. Springer, 2013.

[24] Jean-Charles Faugere, Kelsey Horan, Delaram Kahrobaei, Marc Kaplan, Elham Kashefi, and Ludovic Perret. Fast quantum algorithm for solving multivariate quadratic equations. arXiv: 1712.07211, 2017.

[25] András Gilyén, Yuan Su, Guang Hao Low, and Nathan Wiebe. Quantum singular value transformation and beyond: Exponential improvements for quantum matrix arithmetics [full version], 2018. arXiv: 1806.01838.

[26] András Gilyén, Yuan Su, Guang Hao Low, and Nathan Wiebe. Quantum singular value transformation and beyond: Exponential improvements for quantum matrix arithmetics. In Proceedings of the 51st ACM Symposium on the Theory of Computing (STOC) STOC, pages 193–204, 2019. arXiv: 1806.01838.

[27] Aram W. Harrow, Avinatan Hassidim, and Seth Lloyd. Quantum algorithm for linear systems of equations. Physical Review Letters Phys. Rev. Lett., 103(15):150502, 2009. arXiv: 0811.3171.

[28] Stasys Jukna. Extremal Combinatorics - With Applications in Computer Science (2nd ed.). Texts in Theoretical Computer Science. Springer, 2011.

[29] Iordanis Kerenidis and Anupam Prakash. Quantum recommendation systems. In Proceedings of the 8th Innovations in Theoretical Computer Science Conference (ITCS) ITCS, pages 49:1–49:21, 2017. arXiv: 1603.08675.

[30] Lin Lin and Yu Tong. Optimal polynomial based quantum eigenstate filtering with application to solving quantum linear systems. Quantum Quant., 4:361, 2020. arXiv: 1910.14596.

[31] Ludovic Perret. Bases de Gröbner en Cryptographie Post-Quantique. PhD thesis, UPMC-Paris 6 Sorbonne Universités, 2016.

[32] Herbert Robbins. A remark on Stirling's formula. The American Mathematical Monthly, 62(1):26–29, 1955.

[33] The Mathematica source code is also available at the Woflram Notebook Archive: https:/​/​​2022-02-1ec5yyv, 2022.

[34] Yiğit Subaşı, Rolando D. Somma, and Davide Orsucci. Quantum algorithms for systems of linear equations inspired by adiabatic quantum computing. Physical Review Letters Phys. Rev. Lett., 122(6):060504, 2019. arXiv: 1805.10549.

[35] Changpeng Shao and Hua Xiang. Quantum circulant preconditioner for a linear system of equations. Physical Review A, 98(6):062321, 2018.

[36] Yu Tong, Dong An, Nathan Wiebe, and Lin Lin. Fast inversion, preconditioned quantum linear system solvers, and fast evaluation of matrix functions. arXiv: 2008.13295, 2020.

[37] Leslie G. Valiant and Vijay V. Vazirani. NP is as easy as detecting unique solutions. Theoretical Computer Science Theor. Comput. Sci., 47:85–93, 1986. Earlier version in STOC'85.

[38] Ronald de Wolf. Quantum computing: Lecture notes, 2019. arXiv: 1907.09415.

[39] Manuela Wiesinger-Widi. Gröbner bases and generalized sylvester matrices. PhD thesis, Johannes Kepler University Linz, Austria, 2015.

Cited by

[1] Debasish Roy, "A New Hybrid Algorithm for Multivariate Polynomial System Solving", SN Computer Science 5 4, 341 (2024).

[2] Yangru Zheng, Juntao Gao, Xuelian Li, and Baocang Wang, "A polynomial system for bit-based division property solving by quantum algorithm", Quantum Information Processing 22 12, 448 (2023).

The above citations are from Crossref's cited-by service (last updated successfully 2024-06-22 05:39:21) and SAO/NASA ADS (last updated successfully 2024-06-22 05:39:21). The list may be incomplete as not all publishers provide suitable and complete citation data.