Making Shor's algo scalable (Starting with preexisiting hard coded Shors from textbook)


### Goal
Refactor the Qiskit textbook implementation of Shor’s algorithm into a **scalable, parameterized architecture**.
“Scalable” means the algorithm and code structure scale with `log(N)` and are not hardcoded for small demo values, even if large `N` cannot yet run on current quantum hardware.
## TODO Roadmap
---
### Task 1 (DONE) — Remove fixed / hardcoded N
**What to do**
- Remove any assumptions that `N` is a specific value (e.g., `N = 15`).
- Make `N` an explicit input to the algorithm.
- Compute the bit-length `n = ceil(log2(N))`.
- Size all quantum registers based on `n`.

**Why**
Hardcoding `N` makes the algorithm non-scalable. Shor’s resource usage must scale with the number of bits, not a fixed demo value.

---

### Task 2 (DONE) — Replace hardcoded U with general modular exponentiation
**What to do**
- Identify where the modular multiplication unitary `U` is manually constructed.
- Remove the hardcoded implementation.
- Replace it with a general **modular exponentiation structure** using:
  - repeated squaring
  - controlled modular multiplication (placeholders acceptable)

**Why**
Hardcoded `U` gates only work for tiny values of `N`. Modular exponentiation must be parameterized by `N` and `n` for scalability.

---

### Task 3 (DONE) — Implement reversible arithmetic primitives
**What to do**
- Implement reusable reversible circuits for:
  - addition
  - modular addition
  - modular multiplication
- Ensure all ancilla qubits are uncomputed.

**Why**
Modular exponentiation depends entirely on reversible arithmetic. This is the main depth and qubit bottleneck in Shor’s algorithm.

---

### Task 4 (DONE) — Use qubit-efficient phase estimation
**What to do**
- Replace the full Quantum Fourier Transform (QFT) with an iterative or semiclassical phase estimation approach.

**Why**
Reduces qubit count and improves compatibility with near-term hardware while preserving correctness.

---

### Task 5 (DONE) — Separate circuit construction from execution
**What to do**
- Isolate circuit-building logic from execution logic.
- Ensure circuits can be:
  - simulated (small `N`)
  - executed on hardware (very small `N`)
  - analyzed without execution (large `N`)

**Why**
Scalable algorithms must survive changes in hardware without rewrites.

---

### Task 6 (DONE) — Add hardware-aware transpilation
**What to do**
- Transpile circuits for a chosen IBM backend.
- Track circuit depth, two-qubit gate count, and layout changes.

**Why**
Real quantum hardware has connectivity and gate constraints that strongly affect feasibility.

---

### Task 7 (DONE) 
— Enable hardware execution for small N
**What to do**
- Run the scalable Shor circuit for very small `N` on real IBM hardware.
- Collect and post-process measurement results.

**Why**
Demonstrates correctness and hardware compatibility without claiming cryptographic relevance.

---

### Task 8 (DONE) — Add resource analysis and scaling metrics
**What to do**
- Measure and report:
  - number of qubits
  - circuit depth
  - two-qubit gate count
- Analyze how these scale with `log(N)`.

**Why**
For large `N`, scalability is demonstrated via resource growth, not execution.

---

### Task 9 — Document scaling behavior and limitations
**What to do**
- Clearly document:
  - what works today
  - what does not scale yet
  - what improves with future hardware

**Why**
Prevents confusion between theoretical scalability and practical feasibility.


In [11]:
%pip install pandas

Collecting pandas
  Downloading pandas-3.0.0-cp314-cp314-macosx_11_0_arm64.whl.metadata (79 kB)
Downloading pandas-3.0.0-cp314-cp314-macosx_11_0_arm64.whl (9.9 MB)
[2K   [90m━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━[0m [32m9.9/9.9 MB[0m [31m39.4 MB/s[0m  [33m0:00:00[0m eta [36m0:00:01[0m
[?25hInstalling collected packages: pandas
Successfully installed pandas-3.0.0
Note: you may need to restart the kernel to use updated packages.


In [None]:

import matplotlib.pyplot as plt
import numpy as np
from qiskit import QuantumCircuit, transpile, QuantumRegister
from qiskit_aer import AerSimulator
from qiskit.visualization import plot_histogram
from math import gcd
from numpy.random import randint
import pandas as pd
from fractions import Fraction

In [4]:
def ripple_carry_adder(n):
    """Simple reversible ripple-carry adder.

    Adds register a into b (b := a + b). a is unchanged.
    Uses an (n+1)-qubit carry register.

    Reversible arithmetic is required in quantum algorithms because
    unitary operations must preserve information (no irreversible
    overwrites).
    """
    a = QuantumRegister(n, 'a')
    b = QuantumRegister(n, 'b')
    c = QuantumRegister(n + 1, 'c')
    qc = QuantumCircuit(a, b, c, name='ADD')
    for i in range(n):
        # Full-adder: carry-out in c[i+1], sum in b[i]
        qc.ccx(a[i], b[i], c[i + 1])
        qc.cx(a[i], b[i])
        qc.ccx(c[i], b[i], c[i + 1])
        qc.cx(c[i], b[i])
    return qc.to_gate()


def add_const_gate(k, n):
    """In-place add constant k to n-qubit register x using a work register.

    This is reversible but not optimized; internal carries are cleaned
    when the gate is inverted inside higher-level routines.
    """
    x = QuantumRegister(n, 'x')
    kreg = QuantumRegister(n, 'k')
    c = QuantumRegister(n + 1, 'c')
    qc = QuantumCircuit(x, kreg, c, name=f'ADD_{k}')
    # Prepare |k> in kreg (classical constant)
    for i in range(n):
        if (k >> i) & 1:
            qc.x(kreg[i])
    qc.append(ripple_carry_adder(n), list(kreg) + list(x) + list(c))
    # Unprepare kreg
    for i in range(n):
        if (k >> i) & 1:
            qc.x(kreg[i])
    return qc.to_gate()


def modular_add_const_gate(k, N, n):
    """Add constant k modulo N to an n-qubit register (reversible, not optimized).

    Modular addition is a building block for modular multiplication,
    which in turn dominates the depth of Shor's algorithm.
    """
    x = QuantumRegister(n, 'x')
    kreg = QuantumRegister(n, 'k')
    c = QuantumRegister(n + 1, 'c')
    flag = QuantumRegister(1, 'flag')
    qc = QuantumCircuit(x, kreg, c, flag, name=f'ADD_{k}_MOD_{N}')

    # 1) x = x + k
    qc.append(add_const_gate(k, n), list(x) + list(kreg) + list(c))

    # 2) x = x - N (by adding 2^n - N), capture carry-out in flag
    two_pow_n = 1 << n
    qc.append(add_const_gate(two_pow_n - N, n), list(x) + list(kreg) + list(c))
    qc.cx(c[n], flag[0])

    # 3) If we underflowed (flag == 0), add N back
    qc.x(flag[0])
    qc.append(add_const_gate(N, n).control(), [flag[0]] + list(x) + list(kreg) + list(c))
    qc.x(flag[0])

    return qc.to_gate()


def modinv(a, N):
    """Classical modular inverse for use in reversible uncomputation.
    Returns a^{-1} mod N if it exists.
    """
    try:
        return pow(a, -1, N)
    except TypeError:
        # Fallback for older Python versions
        t, new_t = 0, 1
        r, new_r = N, a
        while new_r != 0:
            q = r // new_r
            t, new_t = new_t, t - q * new_t
            r, new_r = new_r, r - q * new_r
        if r > 1:
            raise ValueError('a has no modular inverse')
        if t < 0:
            t += N
        return t


def modular_multiply_const(a, N, n):
    """In-place modular multiplication by a (correct but not optimized).

    This uses reversible modular addition and a clean uncompute step
    based on the modular inverse of a. The structure is scalable
    (polynomial in n = log2(N)) but not hardware-efficient yet.
    """
    x = QuantumRegister(n, 'x')
    acc = QuantumRegister(n, 'acc')
    kreg = QuantumRegister(n, 'k')
    c = QuantumRegister(n + 1, 'c')
    flag = QuantumRegister(1, 'flag')
    qc = QuantumCircuit(x, acc, kreg, c, flag, name=f'MUL_{a}_MOD_{N}')

    # Compute acc = a * x (mod N) using repeated squaring additions
    for i in range(n):
        k = (a * (2 ** i)) % N
        qc.append(modular_add_const_gate(k, N, n).control(),
                  [x[i]] + list(acc) + list(kreg) + list(c) + list(flag))

    # Swap acc into x to make the operation in-place on x
    for i in range(n):
        qc.swap(x[i], acc[i])

    # Uncompute acc using a^{-1} so all ancillas return to |0>
    a_inv = modinv(a, N)
    for i in reversed(range(n)):
        k_inv = (a_inv * (2 ** i)) % N
        qc.append(modular_add_const_gate(k_inv, N, n).inverse().control(),
                  [x[i]] + list(acc) + list(kreg) + list(c) + list(flag))

    return qc.to_gate()


def controlled_modular_multiply(a, N, n):
    """Controlled modular multiplication by a mod N.
    The control qubit comes from the phase estimation register.
    """
    return modular_multiply_const(a, N, n).control()


def a2jmodN(a, j, N):
    """Compute a^(2^j) (mod N) by repeated squaring (classical helper).

    This mirrors the structure used in the quantum circuit: each counting
    qubit controls a multiplication by a^(2^j) mod N.
    """
    for _ in range(j):
        a = (a * a) % N
    return a


def c_amodN(a, power, N, n):
    """Controlled multiplication by a^(2^power) mod N.

    Modular exponentiation is the heart of Shor's algorithm. The
    repeated-squaring structure (powers of two) is what makes the
    circuit scale with log(N) instead of being hardcoded for a
    particular small N.
    """
    a_power = a2jmodN(a, power, N)
    return controlled_modular_multiply(a_power, N, n)


# Specify variables
# Explicit input for the composite N to factor
N = int(input("Enter composite N to factor: ") )
n = int(np.ceil(np.log2(N)))  # register size scales with log2(N)
N_COUNT = 2 * n  # typical choice for phase estimation
a = 7


def qft_dagger(n):
    """n-qubit QFTdagger the first n qubits in circ
    """
    qc = QuantumCircuit(n)
    # Don't forget the Swaps!
    for qubit in range(n//2):
        qc.swap(qubit, n-qubit-1)
    for j in range(n):
        for m in range(j):
            qc.cp(-np.pi/float(2**(j-m)), m, j)
        qc.h(j)
    qc.name = "QFTdagger"
    return qc


In [5]:
# Create QuantumCircuit with N_COUNT counting qubits
# plus work + ancilla qubits for modular multiplication
# Work register: n qubits
# Ancillas: acc (n), k (n), carry (n+1), flag (1)
qc = QuantumCircuit(N_COUNT + 4 * n + 2, N_COUNT)

# Initialize counting qubits
# in state |+>
for q in range(N_COUNT):
    qc.h(q)

# And work register in state |1>
qc.x(N_COUNT)

# Modular exponentiation: build |x>|1> -> |x>|a^x mod N>
# using repeated squaring. Each counting qubit controls
# multiplication by a^(2^q) mod N.
# This replaces hardcoded small-N gates and scales with log(N).
for q in range(N_COUNT):
    x = [N_COUNT + i for i in range(n)]
    acc = [N_COUNT + n + i for i in range(n)]
    kreg = [N_COUNT + 2 * n + i for i in range(n)]
    carry = [N_COUNT + 3 * n + i for i in range(n + 1)]
    flag = N_COUNT + 4 * n + 1
    qc.append(c_amodN(a, q, N, n),
             [q] + x + acc + kreg + carry + [flag])

# Do inverse-QFT
qc.append(qft_dagger(N_COUNT), range(N_COUNT))

# Measure circuit
qc.measure(range(N_COUNT), range(N_COUNT))
qc.draw(fold=-1)  # -1 means 'do not fold'


QiskitError: 'One or more instructions cannot be converted to a gate. "barrier" is not a gate instruction'

In [6]:

aer_sim = Aer.get_backend('aer_simulator')
t_qc = transpile(qc, aer_sim)
counts = aer_sim.run(t_qc).result().get_counts()
plot_histogram(counts)
rows, measured_phases = [], []
for output in counts:
    decimal = int(output, 2)  # Convert (base 2) string to decimal
    phase = decimal/(2**N_COUNT)  # Find corresponding eigenvalue
    measured_phases.append(phase)
    # Add these values to the rows in our table:
    rows.append([f"{output}(bin) = {decimal:>3}(dec)",
                 f"{decimal}/{2**N_COUNT} = {phase:.2f}"])
# Print the rows in a table
headers=["Register Output", "Phase"]
df = pd.DataFrame(rows, columns=headers)
print(df)


NameError: name 'Aer' is not defined

In [7]:
Fraction(0.666)

# Get fraction that most closely resembles 0.666
# with denominator < N
Fraction(0.666).limit_denominator(N)
rows = []
for phase in measured_phases:
    frac = Fraction(phase).limit_denominator(N)
    rows.append([phase,
                 f"{frac.numerator}/{frac.denominator}",
                 frac.denominator])
# Print as a table
headers=["Phase", "Fraction", "Guess for r"]
df = pd.DataFrame(rows, columns=headers)
print(df)


NameError: name 'Fraction' is not defined

In [8]:
a2jmodN(7, 2049, 53)

n = int(np.ceil(np.log2(N)))

np.random.seed(1) # This is to make sure we get reproduceable results
a = randint(2, N)
print(a)

from math import gcd # greatest common divisor
gcd(a, N)
def qpe_amodN(a, N):
    """Performs quantum phase estimation on the operation a*r mod N.
    Args:
        a (int): This is 'a' in a*r mod N
        N (int): Composite to factor
    Returns:
        float: Estimate of the phase
    """
    n = int(np.ceil(np.log2(N)))
    N_COUNT = 2 * n
    qc = QuantumCircuit(N_COUNT + 4 * n + 2, N_COUNT)
    for q in range(N_COUNT):
        qc.h(q)     # Initialize counting qubits in state |+>
    qc.x(N_COUNT) # And work register in state |1>
    for q in range(N_COUNT): # Do controlled-U operations
        x = [N_COUNT + i for i in range(n)]
        acc = [N_COUNT + n + i for i in range(n)]
        kreg = [N_COUNT + 2 * n + i for i in range(n)]
        carry = [N_COUNT + 3 * n + i for i in range(n + 1)]
        flag = N_COUNT + 4 * n + 1
        qc.append(c_amodN(a, q, N, n),
                 [q] + x + acc + kreg + carry + [flag])
    qc.append(qft_dagger(N_COUNT), range(N_COUNT)) # Do inverse-QFT
    qc.measure(range(N_COUNT), range(N_COUNT))
    # Simulate Results
    aer_sim = Aer.get_backend('aer_simulator')
    # `memory=True` tells the backend to save each measurement in a list
    job = aer_sim.run(transpile(qc, aer_sim), shots=1, memory=True)
    readings = job.result().get_memory()
    print("Register Reading: " + readings[0])
    phase = int(readings[0],2)/(2**N_COUNT)
    print(f"Corresponding Phase: {phase}")
    return phase

phase = qpe_amodN(a, N) # Phase = s/r
Fraction(phase).limit_denominator(N)

frac = Fraction(phase).limit_denominator(N)
s, r = frac.numerator, frac.denominator
print(r)
guesses = [gcd(a**(r//2)-1, N), gcd(a**(r//2)+1, N)]
print(guesses)


7


QiskitError: 'One or more instructions cannot be converted to a gate. "barrier" is not a gate instruction'

In [9]:
a = 7
FACTOR_FOUND = False
ATTEMPT = 0
while not FACTOR_FOUND:
    ATTEMPT += 1
    print(f"\nATTEMPT {ATTEMPT}:")
    phase = qpe_amodN(a, N) # Phase = s/r
    frac = Fraction(phase).limit_denominator(N)
    r = frac.denominator
    print(f"Result: r = {r}")
    if phase != 0:
        # Guesses for factors are gcd(x^{r/2} +- 1 , N)
        guesses = [gcd(a**(r//2)-1, N), gcd(a**(r//2)+1, N)]
        print(f"Guessed Factors: {guesses[0]} and {guesses[1]}")
        for guess in guesses:
            if guess not in [1,N] and (N % guess) == 0:
                # Guess is a factor!
                print(f"*** Non-trivial factor found: {guess} ***")
                FACTOR_FOUND = True


# Loop terminates when a non-trivial factor is found
assert FACTOR_FOUND



ATTEMPT 1:


QiskitError: 'One or more instructions cannot be converted to a gate. "barrier" is not a gate instruction'