skip to main content
article

Quantum lower bounds for the collision and the element distinctness problems

Published: 01 July 2004 Publication History

Abstract

Given a function f as an oracle, the collision problem is to find two distinct indexes i and j such that f(i) = f(j), under the promise that such indexes exist. Since the security of many fundamental cryptographic primitives depends on the hardness of finding collisions, our lower bounds provide evidence for the existence of cryptographic primitives that are immune to quantum cryptanalysis. We prove that any quantum algorithm for finding a collision in an r-to-one function must evaluate the function Ω((n/r)1/3) times, where n is the size of the domain and r|n. This matches an upper bound of Brassard, Høyer, and Tapp. No lower bound better than constant was previously known. Our result also implies a quantum lower bound of Ω(n2/3) queries for the element distinctness problem, which is to determine whether n integers are all distinct. The best previous lower bound was Ω(√n) queries.

References

[1]
Aaronson, S. 2002. Quantum lower bound for the collision problem. In Proceedings of the 34th Annual ACM Symposium on Theory of Computing (STOC-02). ACM, New York, 635--642.
[2]
Ambainis, A. 2000. Quantum lower bounds by quantum arguments. In Proceedings of the 32nd Annual ACM Symposium on the Theory of Computing (Portland, Ore.), ACM, New York, 636--643.
[3]
Ambainis, A. 2003a. Quantum lower bounds for collision and element distinctness with small range. Pre-print: quant-ph/0305179.
[4]
Ambainis, A. 2003b. Quantum walk algorithm for element distinctness. Pre-print: quant-ph/0311001.
[5]
Beals, R., Buhrman, H., Cleve, R., Mosca, M., and de Wolf, R. 1998. Quantum lower bounds by polynomials. In Proceedings of the 39th Annual Symposium on Foundations of Computer Science. IEEE Computer Society Press, Los Alamitos, Calif., 352--361.
[6]
Ben-Or, M. 1983. Lower bounds for algebraic computation trees. In Proceedings of the 15th Annual ACM Symposium on the Theory of Computing (Boston, Mass.), ACM, New York, 80--86.
[7]
Bennett, C. H., Bernstein, E., Brassard, G., and Vazirani, U. 1997. Strengths and weaknesses of quantum computing. SIAM J. Comput. 26, 5 (Oct.), 1510--1523.
[8]
Brassard, G., Høyer, P., and Tapp, A. 1998. Quantum cryptanalysis of hash and claw-free functions. In Lecture Notes in Computer Science, vol. 1380. Springer-Verlag, New York, 163--169.
[9]
Buhrman, H., Dürr, C., Heiligman, M., Høyer, P., Magniez, F., Santha, M., and de Wolf, R. 2001. Quantum algorithms for element distinctness. In Proceedings of 16th IEEE Conference on Computational Complexity. IEEE Computer Society Press, Los Alamitos, Calif.,
[10]
DeVore, R. A., and Lorentz, G. G. 1993. Constructive approximation. Springer-Verlag, Berlin, Germany.
[11]
Dobkin, D., and Lipton, R. 1978. A lower bound of 1/2n2 on linear search programs for the knapsack problem. J. Comput. Syst. Sci. 16, 413--417.
[12]
Grigni, M., Schulman, L., Vazirani, M., and Vazirani, U. 2001. Quantum mechanical algorithms for the non-Abelian hidden subgroup problem. In Proceedings of 33rd Annual ACM Symposium on Theory of Computing. ACM, New York.
[13]
Grigoriev, D., Karpinski, M., Meyer auf der Heide, F., and Smolensky, R. 1996. A lower bound for randomized algebraic decision trees. In Proceedings of the 28th Annual ACM Symposium on the Theory of Computing (Philadelphia, pa.), ACM, New York, 612--619.
[14]
Grover, L. K. 1996. A fast quantum mechanical algorithm for database search. In Proceedings of the 28th Annual ACM, Symposium on the Theory of Computing (Philadelphia, pa.), ACM, New York, 212--219.
[15]
Høyer, P., Neerbek, J., and Shi, Y. 2002. Quantum complexities of ordered searching, sorting, and element distinctness. Algorithmica 34, 4, 429--448.
[16]
Klauck, H. 2003. Quantum time-space tradeoffs for sorting. In Proceedings of the 35th ACM Symposium on Theory of Computing. ACM, New York, 69--76.
[17]
Kutin, S. 2003. A quantum lower bound for the collision problem. Pre-print: quant-ph/0304162.
[18]
Minsky, M., and Papert, S. 1969. Perceptrons. MIT Press, Cambridge, Mass.
[19]
Nisan, N., and Szegedy, M. 1992. On the degree of Boolean functions as real polynomials. In Proceedings of the 24th Annual ACM Symposium on the Theory of Computing (Victoria, British Columbia, Canada). ACM, New York, 462--467.
[20]
Paturi, R. 1992. On the degree of polynomials that approximate symmetric Boolean functions (preliminary version). In Proceedings of the 24th Annual ACM Symposium on the Theory of Computing (Victoria, British Columbia, Canada). ACM, New York, 468--474.
[21]
Shi, Y. 2002. Quantum lower bounds on the collision and the element distinctness problems. In Proceedings of the 43st Symposium on Foundations of Computer Science (FOCS) (Vancouver, B.C., Canada). IEEE Computer Society Press, Los Alamitos, Calif., 513--519.
[22]
Shi, Y. 2004. Approximating linear restrictions of Boolean functions. Manuscript.
[23]
Shor, P. W. 1997. Polynomial-time algorithms for prime factorization and discrete logarithms on a quantum computer. SIAM J. Comput. 26, 5 (Oct.), 1484--1509.
[24]
Simon, D. R. 1997. On the power of quantum computation. SIAM J. Comput. 26, 5 (Oct.), 1474--1483.
[25]
Steele, J. M., and Yao, A. C. 1982. Lower bounds for algebraic decision trees. J. Algorithms 3, 1, 1--8.
[26]
Watrous, J. 2000. Succinct quantum proofs for properties of finite groups. In Proceedings of the 41st Symposium on Foundations of Computer Science (FOCS) (Redondo Beach, Calif.). IEEE Computer Society Press, Los Alamitos, Calif., 537--546.

Cited By

View all
  • (2024)Quantum Speed-Ups for String Synchronizing Sets, Longest Common Substring, and k-mismatch MatchingACM Transactions on Algorithms10.1145/367239520:4(1-36)Online publication date: 5-Aug-2024
  • (2024)Verifiable Quantum Advantage without StructureJournal of the ACM10.1145/365866571:3(1-50)Online publication date: 22-Apr-2024
  • (2024)Symmetries, Graph Properties, and Quantum SpeedupsSIAM Journal on Computing10.1137/23M157397553:6(FOCS20-368-FOCS20-415)Online publication date: 13-Dec-2024
  • Show More Cited By

Index Terms

  1. Quantum lower bounds for the collision and the element distinctness problems

        Recommendations

        Comments

        Information & Contributors

        Information

        Published In

        cover image Journal of the ACM
        Journal of the ACM  Volume 51, Issue 4
        July 2004
        181 pages
        ISSN:0004-5411
        EISSN:1557-735X
        DOI:10.1145/1008731
        Issue’s Table of Contents

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        Published: 01 July 2004
        Published in JACM Volume 51, Issue 4

        Permissions

        Request permissions for this article.

        Check for updates

        Author Tags

        1. Collision
        2. element distinctness
        3. polynomial method
        4. quantum computing
        5. quantum lower bounds

        Qualifiers

        • Article

        Contributors

        Other Metrics

        Bibliometrics & Citations

        Bibliometrics

        Article Metrics

        • Downloads (Last 12 months)72
        • Downloads (Last 6 weeks)6
        Reflects downloads up to 13 Jan 2025

        Other Metrics

        Citations

        Cited By

        View all
        • (2024)Quantum Speed-Ups for String Synchronizing Sets, Longest Common Substring, and k-mismatch MatchingACM Transactions on Algorithms10.1145/367239520:4(1-36)Online publication date: 5-Aug-2024
        • (2024)Verifiable Quantum Advantage without StructureJournal of the ACM10.1145/365866571:3(1-50)Online publication date: 22-Apr-2024
        • (2024)Symmetries, Graph Properties, and Quantum SpeedupsSIAM Journal on Computing10.1137/23M157397553:6(FOCS20-368-FOCS20-415)Online publication date: 13-Dec-2024
        • (2024)Succinct Quantum Testers for Closeness and k-Wise Uniformity of Probability DistributionsIEEE Transactions on Information Theory10.1109/TIT.2024.339375670:7(5092-5103)Online publication date: 25-Apr-2024
        • (2024)Efficient Unitary Designs from Random Sums and Permutations2024 IEEE 65th Annual Symposium on Foundations of Computer Science (FOCS)10.1109/FOCS61266.2024.00037(476-484)Online publication date: 27-Oct-2024
        • (2024)On Pigeonhole Principles and Ramsey in TFNP2024 IEEE 65th Annual Symposium on Foundations of Computer Science (FOCS)10.1109/FOCS61266.2024.00033(406-428)Online publication date: 27-Oct-2024
        • (2024)Optimal deterministic quantum algorithm for the promised element distinctness problemTheoretical Computer Science10.1016/j.tcs.2024.114551999(114551)Online publication date: Jun-2024
        • (2024)Robustness of different modifications of Grover’s algorithm based on generalized Householder reflections with different phasesResults in Physics10.1016/j.rinp.2024.10759559(107595)Online publication date: Apr-2024
        • (2024)The NISQ Complexity of Collision FindingAdvances in Cryptology – EUROCRYPT 202410.1007/978-3-031-58737-5_1(3-32)Online publication date: 26-May-2024
        • (2023)An Exponential Separation between Quantum Query Complexity and the Polynomial DegreeProceedings of the conference on Proceedings of the 38th Computational Complexity Conference10.4230/LIPIcs.CCC.2023.24(1-13)Online publication date: 17-Jul-2023
        • Show More Cited By

        View Options

        Login options

        Full Access

        View options

        PDF

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader

        Media

        Figures

        Other

        Tables

        Share

        Share

        Share this Publication link

        Share on social media