Vlad Shor + Grover (#81)

* Shor's algorithm added

* groovers algo init

* shor, added link

* Grover fixed formulas

* added links for interaction

Author: Cosmodude

content/Basic Cryptography/Basic Cryptography.md

@@ -12,6 +12,8 @@
 - [[ElGamal]]
 - [[ECDSA]]
 - [[Post-Quantum Cryptography]]
+- [[Shor's Algorithm]]
+- [[Grover’s Algorithm]]
 - [[Learning with Errors(LWE)]]
 - [[Ring Learning with Errors(RLWE)]]
 - [[Module Learning with Errors(MLWE)]]

content/Basic Cryptography/Grover’s Algorithm.md

@@ -0,0 +1,142 @@
+# Grover’s Algorithm
+
+Grover’s Algorithm is a **quantum** algorithm discovered by Lov Grover in 1996. It provides a *quadratic speed-up* over classical methods for **unstructured search** problems. While this may not sound as dramatic as Shor’s *exponential* advantage in factoring (see [[Shor's Algorithm]]), Grover’s Algorithm is extremely important in scenarios where one must check each item in a large, unsorted list or database.
+
+---
+
+## 1. The Problem It Solves
+
+In the **unstructured search** setting, you have:
+- A “black box” or “oracle” function $ f(x) $ that returns:
+$$
+f(x) = \begin{cases}
+  1 & \text{if } x = x_\text{target}, \\
+  0 & \text{otherwise}.
+\end{cases}
+$$
+- A database of size $ N $ (which is unstructured or unsorted).
+
+**Classically**, finding $$ x_{\text{target}} $$ by querying the oracle could take $ O(N) $ tries (in the worst case). **Grover’s Algorithm**, running on a quantum computer, needs on the order of $ O(\sqrt{N}) $ queries—a quadratic improvement.
+
+---
+
+## 2. High-Level Overview
+
+1. **State Initialization**  
+   - You start with a register of $\log_2(N)$ qubits.  
+   - Apply the Hadamard transform to create a uniform superposition over all possible database indices.
+
+2. **Oracle Query (Phase Flip)**  
+   - The algorithm has access to an *oracle* (a quantum circuit) that flips the phase of the state 
+$$
+\lvert x_{\text{target}} \rangle.
+$$  
+   - If the register is in the state $\lvert x_{\text{target}} \rangle$, the oracle applies a phase of $-1$ to that amplitude.
+
+3. **Grover Diffusion (Amplitude Amplification)**  
+   - Another subroutine (often called the “Grover diffusion” or “inversion about the mean”) increases the amplitude of the “target” state while decreasing the amplitude of other states.
+
+4. **Repetition**  
+   - The **phase flip** + **diffusion** sequence is repeated approximately $\frac{\pi}{4}\sqrt{N}$ times.  
+   - This concentrates the probability amplitude onto the target state.
+
+5. **Measurement**  
+   - Finally, measuring the qubits collapses the state, yielding $ x_{\text{target}} $ with high probability.
+
+---
+
+## 3. Complexity and Performance
+
+- **Classical**: Searching an unsorted list of $N $ items requires on average $O(N) $ checks.  
+- **Quantum (Grover’s Algorithm)**: Finds the target in about **$ O(\sqrt{N}) $** oracle calls.  
+
+This quadratic speed-up, while not exponential, is still significant for large databases or multiple search passes.
+
+### Example
+
+- If $ N = 1{,}000{,}000 $ (a million items), **classical** approaches might need ~1,000,000 queries in the worst case.  
+- **Grover’s** approach would need on the order of ~1,000 queries—much faster, though still not polynomial vs. exponential.
+
+---
+
+## 4. Use Cases
+
+1. **Database or Pattern Search**  
+   - Any time you have an unstructured search problem (like searching through a cryptographic keyspace), Grover’s Algorithm offers a generic speed-up.
+
+2. **Cryptanalysis (Key Search)**  
+   - Brute-forcing an $n$-bit key classically takes $2^n $ steps.  
+   - With **Grover’s**, you need on the order of $2^{n/2} $ queries. This effectively *doubles* the key length required to maintain the same security against a quantum adversary.
+
+3. **Quantum Subroutine for Other Algorithms**  
+   - Grover’s “amplitude amplification” concept can be adapted in more complex quantum algorithms to boost the probability of finding a desired solution.
+
+---
+
+## 5. Oracle Construction
+
+Unlike [[Shor’s Algorithm]]—where the arithmetic is explicit—Grover’s Algorithm requires designing a **quantum oracle**:
+- The oracle identifies the target item $x_{\text{target}} $ by flipping its amplitude’s phase.
+- In practical applications, building such an oracle might itself be non-trivial.
+
+---
+
+## 6. Practical Considerations
+
+1. **Noise and Decoherence**  
+   - Like all quantum algorithms, Grover’s Algorithm requires *[coherence](https://en.wikipedia.org/wiki/Coherence_(physics))* over a sequence of operations.  
+   - In current “noisy intermediate-scale quantum” (NISQ) devices, the depth (number of gates in the circuit) must remain low to keep errors manageable.
+
+2. **Exact vs. Approximate Counting**  
+   - If the oracle flags **multiple** solutions, variants of Grover’s Algorithm can estimate the number of solutions or find one of them at random.
+
+3. **Scaling Up**  
+   - Realistically, implementing Grover’s Algorithm at large $N $ on near-term hardware is challenging due to qubit quality and error rates.  
+   - Nevertheless, small proofs of concept (like searching lists of size up to a few thousand) are feasible in emerging quantum systems.
+
+---
+
+## 7. Example Code Snippet (Pseudocode, Qiskit-Style)
+
+Below is a simplified look at how **Grover’s** might be implemented with [Qiskit](https://qiskit.org/).  
+*Note: This is just conceptual; actual code would be more detailed.*
+More info [here](https://github.com/Qiskit/textbook/blob/main/notebooks/ch-algorithms/grover.ipynb).
+
+```python
+from qiskit import QuantumCircuit, ClassicalRegister, QuantumRegister, Aer, execute
+import numpy as np
+
+def grover_circuit(num_qubits, oracle_circuit):
+    # num_qubits: log2(N)
+    # oracle_circuit: implements the phase flip for the target state
+    
+    # Initialize registers
+    qc = QuantumCircuit(num_qubits, num_qubits)
+
+    # 1. Create uniform superposition
+    qc.h(range(num_qubits))
+
+    # 2. Apply the oracle + diffuser multiple times
+    iterations = int(np.floor((np.pi/4)*np.sqrt(2**num_qubits)))
+
+    for _ in range(iterations):
+        # Oracle phase flip
+        qc.compose(oracle_circuit, inplace=True)
+        # Diffusion
+        qc.h(range(num_qubits))
+        qc.x(range(num_qubits))
+        qc.h(num_qubits - 1)
+        qc.mct(list(range(num_qubits-1)), num_qubits - 1)  # multi-controlled Toffoli
+        qc.h(num_qubits - 1)
+        qc.x(range(num_qubits))
+        qc.h(range(num_qubits))
+
+    # 3. Measure
+    qc.measure(range(num_qubits), range(num_qubits))
+
+    return qc
+```
+Example usage (very simplified):
+Suppose our 'oracle_circuit' flips the phase of a known target state |101>.
+
+In a real scenario, you build the oracle_circuit so that it knows which state(s) to flip. Then you run grover_circuit and measure.

content/Basic Cryptography/Post-Quantum Cryptography.md

@@ -15,15 +15,15 @@ The public key cryptosystems currently in widespread use, such as [[RSA]], **Ell
 - **Integer Factorization**: The basis for [[RSA]] encryption.
 - **Discrete Logarithm Problem**: Used in [[Diffie-Hellman]] and ECC.
 
-Quantum computers threaten these systems because of algorithms like **Shor's algorithm**, which can solve these problems in polynomial time, effectively breaking the security of these cryptosystems.
+Quantum computers threaten these systems because of algorithms like **[[Shor's algorithm]]**, which can solve these problems in polynomial time, effectively breaking the security of these cryptosystems.
 
-#### Shor's Algorithm
+#### [[Shor's Algorithm]]
 
 - **Developed by**: Peter Shor in 1994.
 - **Capability**: Efficiently factors large integers and computes discrete logarithms.
 - **Impact**: Can break [[RSA]], ECC, and other cryptosystems relying on these hard problems.
 
-#### Grover's Algorithm
+#### [[Grover's Algorithm]]
 
 - **Developed by**: Lov Grover in 1996.
 - **Capability**: Provides a quadratic speedup for unstructured search problems.
@@ -89,7 +89,7 @@ Post-quantum cryptographic algorithms are based on mathematical problems believe
 
 6. **Symmetric-Key Quantum Resistance**
 
-   - **Approach**: Doubling key sizes in symmetric algorithms to counteract Grover's algorithm.
+   - **Approach**: Doubling key sizes in symmetric algorithms to counteract [[Grover's algorithm]].
    - **Examples**: Using AES-256 instead of AES-128.
 
 ## NIST Post-Quantum Cryptography Standardization Program

content/Basic Cryptography/Shor's Algorithm.md

@@ -0,0 +1,122 @@
+# Shor's Algorithm
+
+## Definition
+
+**Shor's Algorithm** is a *quantum* algorithm discovered by Peter Shor in 1994, designed to factor large integers and solve discrete logarithms in **polynomial time** on a quantum computer. This capability poses a significant threat to **classical cryptography** schemes, such as [[RSA]] and [[Diffie-Hellman]], which rely on the infeasibility of factoring large numbers or computing discrete logarithms with classical computers.
+
+Shor’s Algorithm exploits the power of **quantum parallelism** and the **Quantum Fourier Transform (QFT)** to find the period of a function related to the integer in question. By determining this period, it becomes possible to derive non-trivial factors of large numbers—or solve discrete logs—exponentially faster compared to any known classical algorithm.
+
+## Use Cases
+
+Despite often being described in the context of *breaking* cryptography, Shor's Algorithm has broader implications:
+
+- **Cryptanalysis**: It is primarily famous for breaking [[RSA]], [[Elliptic Curves]] **Cryptography (ECC)**, and other discrete-log-based systems if (and when) large-scale quantum computers become practical.
+- [[Post-Quantum Cryptography]] **(PQC) Research**: Shor’s Algorithm directly motivates the field of **post-quantum** or **quantum-resistant** cryptography, prompting the design of new cryptographic schemes believed to be secure against quantum attacks.
+- **Scientific and Academic**: In quantum computing courses and research, Shor’s Algorithm is often used as a central illustration of how quantum algorithms can vastly outperform classical algorithms for certain problems.
+
+## Advantages
+
+1. **Exponential Speed-Up**  
+   - Classically, factoring an $n$-bit integer grows super-polynomially. Shor's Algorithm can factor an $n$-bit integer in roughly $O(n^3) $ steps (or better with optimizations), showcasing a significant theoretical advantage.
+
+2. **Demonstration of Quantum Superiority**  
+   - Alongside [[Grover’s Algorithm]] for unstructured search, Shor’s Algorithm remains a cornerstone example of how quantum computers can outperform classical systems for specific tasks.
+
+3. **Driving Innovation in Cryptography**  
+   - The cryptographic world now intensively researches **lattice-based**, **code-based**, or other **post-quantum** cryptosystems to stay ahead of the quantum threat.
+
+## Challenges
+
+1. **Quantum Hardware Requirements**  
+   - To factor large numbers (e.g., 2048-bit RSA moduli), you need **thousands to millions** of *logical* qubits with fault tolerance and low error rates—well beyond current quantum hardware capabilities.
+
+2. **Error Correction**  
+   - Real quantum systems suffer from *noise* and *decoherence*, necessitating robust quantum error correction schemes (e.g., the **surface code**). These in turn require many *physical* qubits to create a single *logical* qubit.
+
+3. **Implementation Complexity**  
+   - Designing, programming, and stabilizing a large-scale quantum circuit for Shor’s Algorithm is complex. Even with today’s quantum libraries, only small numbers (tens to hundreds of bits) can be factored reliably.
+
+## Applying Shor’s Algorithm to Cryptography
+
+### Challenges in Classical Cryptography
+
+Modern cryptosystems like [[RSA]], [[Diffie–Hellman]] **Key Exchange**, and[[Elliptic Curves]] Cryptography rely on the hardness of factoring large integers or computing discrete logarithms. A classical computer cannot feasibly solve these problems for properly chosen key sizes (e.g., 2048-bit or higher). However, with Shor’s Algorithm:
+
+- **Factoring RSA Moduli**: Breaking RSA requires factoring a large semi-prime $N = p \times q$. Shor’s Algorithm can do this in polynomial time, undermining RSA’s security assumptions.
+- **Discrete Log Problems**: Similar logic applies to discrete log variants (e.g., [[Diffie–Hellman]] and ECC), making them vulnerable to quantum attacks.
+
+### How Shor’s Algorithm Works (High-Level)
+
+1. **Choose a Random $a$**  
+   - Select an integer $a$ coprime to $N$ (the integer to be factored).
+2. **Quantum Period-Finding**  
+   - Construct and evaluate the function $f(x) = a^x $mod N$ within a *quantum* circuit.  
+   - Use the **Quantum Fourier Transform (QFT)** to find the *period* $r$ of this function in *superposition*.
+3. **Classical GCD**  
+   - Once the period $r$ is found, compute $\gcd(a^{r/2} \pm 1, N)$ to discover non-trivial factors of $N$.
+![[Shor's Algorithm.png]]
+
+## Example: Factoring a Small Number with Shor's Algorithm
+
+Below is a simplified Python-style pseudo-code using [Qiskit](https://qiskit.org/). This example can factor very small numbers (like 15, 21), illustrating core concepts rather than large-scale factorization. More info [here](https://github.com/Qiskit/textbook/blob/main/notebooks/ch-algorithms/shor.ipynb)
+
+```python
+from qiskit import QuantumCircuit, ClassicalRegister, QuantumRegister, Aer, execute
+from qiskit.circuit.library import QFT
+
+def shor_factor(N):
+    """
+    Pseudo-code function to demonstrate the structure
+    of a Shor's Algorithm circuit for a small integer N.
+    For large N, a significantly more complex circuit and
+    quantum resources are required.
+    """
+
+    # 1. Choose a random 'a' coprime to N
+    a = find_random_coprime(N)  # Placeholder function
+
+    # 2. Determine number of qubits needed for the range [0 .. 2^m-1] ~ N^2
+    m = 4  # For demonstration, a small circuit
+
+    # Quantum registers: 'x' for superposition, 'f' to store a^x mod N
+    x = QuantumRegister(m, name='x')
+    f = QuantumRegister(m, name='f')
+    c = ClassicalRegister(m, name='c')
+    circuit = QuantumCircuit(x, f, c)
+
+    # 3. Initialize x register to superposition (Hadamard transforms)
+    for qubit in x:
+        circuit.h(qubit)
+
+    # 4. Implement the modular exponentiation a^x mod N on the 'f' register
+    #    (Pseudo-code: in reality, this is done via repeated modular multiplications)
+    circuit = apply_mod_exp(circuit, x, f, a, N)
+
+    # 5. Apply Quantum Fourier Transform (QFT) to the x register
+    qft_dagger = QFT(num_qubits=m, do_swaps=False).inverse()
+    circuit.append(qft_dagger.to_instruction(), x[:])
+
+    # 6. Measure x register
+    circuit.measure(x, c)
+
+    # 7. Run on a simulator
+    simulator = Aer.get_backend('aer_simulator')
+    result = execute(circuit, simulator, shots=1024).result()
+    counts = result.get_counts()
+
+    # Use classical post-processing on the measurement result (period-finding)
+    # Try GCD steps with a^(r/2) ± 1 to find non-trivial factors of N
+    # ...
+    return possible_factors
+
+
+if __name__ == "__main__":
+    # Example usage:
+    N = 15  # For demonstration (factors: 3 and 5)
+    factors = shor_factor(N)
+    print("Candidate factors:", factors)
+```
+
+
+### Original Paper: 
+https://arxiv.org/abs/quant-ph/9508027