Proceedings 35th Annual Symposium on Foundations of Computer Science (1994)
Santa Fe, NM, USA
Nov. 20, 1994 to Nov. 22, 1994
P.W. Shor , AT&T Bell Labs., Murray Hill, NJ, USA
A computer is generally considered to be a universal computational device; i.e., it is believed able to simulate any physical computational device with a cost in computation time of at most a polynomial factor: It is not clear whether this is still true when quantum mechanics is taken into consideration. Several researchers, starting with David Deutsch, have developed models for quantum mechanical computers and have investigated their computational properties. This paper gives Las Vegas algorithms for finding discrete logarithms and factoring integers on a quantum computer that take a number of steps which is polynomial in the input size, e.g., the number of digits of the integer to be factored. These two problems are generally considered hard on a classical computer and have been used as the basis of several proposed cryptosystems. We thus give the first examples of quantum cryptanalysis.
cryptosystems, quantum computation algorithms, discrete logarithms, factoring, physical computational device, polynomial factor, Las Vegas algorithms, quantum computer
P. Shor, "Algorithms for quantum computation: discrete logarithms and factoring," Proceedings 35th Annual Symposium on Foundations of Computer Science(FOCS), Santa Fe, NM, USA, 1994, pp. 124-134.