The primary goal of quantum computing is to perform certain computations faster (or “better” by some other metric) than classical computers, a notion which has been termed “quantum advantage.” The pursuit of this goal has been complicated by two main challenges. The first is that individual, precise, and coherent control of individual atoms (or other quantum objects) is extremely difficult. The second is that, as we saw in the previous Part, modern classical computers are extremely powerful, and can simulate quantum systems of nontrivial size. This begs the question: what is the simplest computation one can do on a quantum computer, that is hard or impossible for today’s best classical computers? While a seemingly simple question, it is steeped in subtlety. For example, if a noisy quantum computer produces some output that would be infeasible for a classical computer to reproduce, how do we reliably check that that output is actually correct? On the other hand, how do we ensure that the supposedly hard computational problem is actually hard for classical computers, rather than just sufficiently obscure that nobody had yet come up with a fast classical algorithm for it?
In this Part, we pursue these questions, with a focus on the verifiability of tests of quantum computational power, and how ideas from cryptography can be used to achieve these goals. In Chapter 4, we examine an efficiently classically verifiable test based on quantum sampling, which was first proposed in 2008, and break the underlying cryptography, showing that there is actually an algorithm by which a classical impostor can “forge” the results and impersonate a quantum device. This invalidates the test. In Chapter 5, we propose a new efficiently-verifiable test of quantumness whose classical hardness is provably as hard as factoring numbers. Factoring is arguably the computational problem which has received the most research effort of any to try to find an efficient classical algorithm, giving good confidence that the problem truly is classically hard. Furthermore, this new protocol can be implemented with fewer quantum resources than Shor’s algorithm (the obvious way to use factoring to demonstrate quantum power), making it more amenable to near-term devices. In Chapter 6 we present a “proof-of-concept” experimental implementation of that new protocol, and another related one, in a trapped-ion quantum computer. From a technical perspective, the main innovation is the implementation of quantum measurements in the middle of a quantum circuit, followed by further quantum gates, while maintaining high fidelity. Such mid-circuit measurements have been a long-standing goal of experimental quantum computing, and are important not only for cryptographic protocols like the ones implemented here, but also a number of other applications such as feed-forward error correction. Finally, in Chapter 7, we present a novel method for performing coherent integer multiplication on quantum computers, which is a crucial operation for the both cryptographic protocols described earlier, and also the implementation of Shor’s algorithm. Our method both improves on the asymptotic cost (in terms of gate count) of implementing multiplication, and simultaneously reduces practical overheads.