What On Earth Is Quantum Computing? (And will it break all my encryption?)

Transcript

1. QUANTUM
   COMPUTING?
   WHAT ON EARTH IS
   AND WILL IT BREAK ALL MY ENCRYPTION?
   CRAIG STUNTZ ∈ IMPROVING
   https://speakerdeck.com/craigstuntz
   

   View Slide

2. THE PROMISE
   https://commons.wikimedia.org/wiki/File:Quantum-computer-Chalmers_2017.jpg
   

   View Slide

3. RSA
   

   View Slide

4. ECDSA RSA DSA
   https://arxiv.org/pdf/1804.00200.pdf
   

   View Slide

5. ”
   “
   — Richard Feynman
   …nature isn’t classical, dammit, and if you
   want to make a simulation of nature, you’d
   better make it quantum mechanical, and by
   golly it’s a wonderful problem, because it
   doesn’t look so easy.
   https://people.eecs.berkeley.edu/~christos/classics/Feynman.pdf
   

   View Slide

6. https://github.com/krishnakumarsekar/awesome-quantum-machine-learning
   

   View Slide

7. HOWEVER!
   • TLS does not seem to be broken
   • Cryptographically relevant quantum computers don’t exist (yet)
   • Quantum supremacy not (yet) shown
   • Classical algorithms keep getting better!
   • No “universal” speedup
   • Theoretical advantages of quantum computers are not well understood
   • Many popular articles on quantum computing are mostly marketing
   

   View Slide

8. YOU SHOULD CARE ANYWAY
   • Advantages are potentially huge
   • New cryptosystems take years to vet and implement; need to start now
   • Whether or not they’re implementable, there is at least some potential for new
   physics, which is cool
   

   View Slide

9. “CLASSICAL” COMPUTING
   https://commons.wikimedia.org/wiki/File:Vax_11-780_(2).jpg
   

   View Slide

10. CAST OF CHARACTERS
    

    View Slide

11. PROGRAMMER
    CC-A by https://www.wocintechchat.com/
    

    View Slide

12. LIBRARY AUTHOR
    — OR —
    CRYPTOGRAPHER
    https://www.flickr.com/photos/ibm_research_zurich/16138523887/
    

    View Slide

13. HARDWARE
    DESIGNER
    https://commons.wikimedia.org/wiki/File:Quantum_Computing;_Ion_Trapping_(5941055642).jpg
    

    View Slide

14. COPROCESSORS
    CPU
    GPU
    TPU
    DSP
    Quantum
    

    View Slide

15. ”
    “
    — Neil C. Thompson & Svenja Spanuth
    The migration of computing from a general
    purpose technology to a fragmented one
    will fundamentally alter it… In particular, we
    expect the gains from computing
    improvement to be become much more
    unequal, to the detriment of many.
    https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3287769
    

    View Slide

16. NUTS AND BOLTS
    https://www.flickr.com/photos/63059536@N06/5941039382
    

    View Slide

17. HOW CLASSICAL COMPUTERS WORK
    https://commons.wikimedia.org/wiki/File:ABasicComputer.gif
    LDR EAX, ADR_VAR1
    LDR EBX, ADR_VAR2
    ADD EAX, EBX
    STR EAX, [ECX]
    

    View Slide

18. CLASSICAL COMPUTER OPERATION ARGUMENTS
    REGISTERS
    https://commons.wikimedia.org/wiki/File:RF-remote-control-dip-switch-calculator.png
    

    View Slide

19. HOW QUANTUM COMPUTERS WORK
    https://commons.wikimedia.org/wiki/File:H_CNOTGate.png
    Qubits
    Quantum
    Gates
    

    View Slide

20. QUANTUM COMPUTER OPERATION ARGUMENTS
    QUBITS
    

    View Slide

21. QUANTUM OPERATIONS
    QUANTUM
    OPERATION
    

    View Slide

22. QUANTUM OPERATIONS
    QUANTUM
    OPERATION
    1
    2
    |0⟩ +
    1
    2
    |1⟩
    |0⟩
    |1⟩
    MEASURE
    

    View Slide

23. ENTANGLEMENT
    / INTERFERENCE
    http://www.smbc-comics.com/comic/the-talk-3
    

    View Slide

24. ”
    “
    — Holly Cummins
    "Mixing together waves so that wrong answers
    cancel themselves out is very different from how
    classical computers work, but it is something
    many of us have experienced in the macroscopic
    world. For example, noise cancelling headphones
    work by adding extra noise to existing noise."
    

    View Slide

25. INTERFERENCE
    https://www.flickr.com/photos/brewbooks/309494512
    ✅
    ❌
    

    View Slide

26. NOISE
    

    View Slide

27. COMPUTATIONAL COMPLEXITY
    Detail from image by Dr. Gabriel Robins, http://www.cs.virginia.edu/~robins/cs3102/
    

    View Slide

28. SOME PROBLEMS SEEM HARD; SOME WE KNOW ARE HARD
    WHAT IS A HARD PROBLEM, ACTUALLY?
    • General solution impossible
    • Entscheidungsproblem — think Turing
    • Solution exists but is exponentially hard
    • Traveling salesman problem
    • Efficient solutions exist
    • Greatest common divisor
    • “Hmm, actually, we’re not sure!”
    • Finding factors of products of large prime numbers
    

    View Slide

29. https://www.quantamagazine.org/teenager-finds-classical-alternative-to-quantum-recommendation-algorithm-20180731/
    

    View Slide

30. SOME PROBLEMS SEEM HARD; SOME WE KNOW ARE HARD
    WHAT IS A HARD PROBLEM, ACTUALLY?
    https://commons.wikimedia.org/wiki/File:BQP_complexity_class_diagram.svg
    

    View Slide

31. UNDER THE HOOD
    BUILDING AND PROGRAMMING A QUANTUM COMPUTER
    https://www.wpafb.af.mil/News/Article-Display/Article/1250638/
    

    View Slide

32. ”
    “
    — Lance Fortnow
    The basic ability to do Fourier
    transformation, that’s at the heart of the
    power of quantum, at least most of the
    algorithms we know.
    

    View Slide

33. NISQ
    

    View Slide

34. ION TRAPS
    https://jqi.umd.edu/news/future-ion-traps
    

    View Slide

35. SUPER-
    CONDUCTING
    QUBITS
    https://www.flickr.com/photos/ibm_research_zurich/26093923343
    

    View Slide

36. QUANTUM
    ANNEALING
    https://commons.wikimedia.org/wiki/File:DWave_128chip.jpg
    

    View Slide

37. TOPOLOGICAL
    QUBITS
    Ester Dalvit / Nature
    

    View Slide

38. PROGRAMMING A
    QUANTUM COMPUTER
    

    View Slide

39. Q#
    using (qubits = Qubit[2])
    {
    for (test in 1..count)
    {
    Set (initial, qubits[0]);
    Set (Zero, qubits[1]);
    H(qubits[0]);
    CNOT(qubits[0], qubits[1]);
    let res = M (qubits[0]);
    if (M (qubits[1]) == res)
    {
    set agree = agree + 1;
    }
    #$ Count the number of ones we saw:
    if (res == One)
    {
    set numOnes = numOnes + 1;
    }
    }
    Set(Zero, qubits[0]);
    Set(Zero, qubits[1]);
    }
    https://docs.microsoft.com/en-us/quantum/quickstart?view=qsharp-preview&tabs=tabid-vs2017
    

    View Slide

40. ABOUT THAT CRYPTO THING
    https://www.flickr.com/photos/usnistgov/5941059262/
    

    View Slide

41. ”
    “
    — Scott Aaronson
    If you take just one piece of information
    from this blog:
    Quantum computers would not solve hard
    search problems instantaneously by simply
    trying all the possible solutions at once.
    

    View Slide

42. ONE WAY FUNCTIONS
    HOW DOES RSA WORK?
    • Given two numbers, it’s easy to find their product
    • But given a product, it’s much harder to find its prime factorization
    • If the factors are two prime numbers, then the factorization is unique, so this is even
    harder, and harder still if the prime numbers are very large (thousands of bits)
    

    View Slide

43. THE PERIOD OF A FUNCTION
    https://commons.wikimedia.org/wiki/File:Sine.svg
    

    View Slide

44. FIND THE PRIME FACTORS OF A PRODUCT EFFICIENTLY
    SHOR’S ALGORITHM
    • Classical part: Do some fairly simple arithmetic (finding the greatest common
    denominator of a couple of numbers)
    • Quantum part: Find the period of a function
    • Classical part: Do some more fairly simple arithmetic
    • Because we have small quantum computers, we can currently use Shor’s algorithm
    only to factor small numbers, like 15
    • Despite these small numbers, Shor’s algorithm clearly works!
    

    View Slide

45. GROVER’S ALGORITHM
    SEARCH PROBLEMS, REVISITED
    • Unlike Shor’s algorithm, works with general functions, not just finding products of
    primes
    • Slower than Shor’s algorithm, but much faster than classical search
    • Aaronson quote is still correct; we are not searching “instantaneously” by “trying all
    the possible solutions at once”
    [O( N)]
    

    View Slide

46. QUANTUM RESISTANT CRYPTO
    • It may take 10-15 years to gain confidence in a novel cryptosystem
    • Many symmetric algorithms like AES are believed to be quantum resistant
    • A number of possibly quantum resistant asymmetric cryptosystems are under
    development and analysis
    • Some experiments have failed!
    

    View Slide

47. SO HOW CLOSE ARE WE?
    https://www.flickr.com/photos/ellenm1/7847402208
    

    View Slide

48. USEFUL QUANTUM COMPUTING
    • “Quantum supremacy”
    • Faster than a classical computer
    • A moving target, since classical hardware and algorithms keep improving
    • Perhaps 50+ entangled qubits?
    • “Goodbye, RSA”
    • Thousands of entangled, logical qubits
    

    View Slide

49. FURTHER READING
    CC-A by https://www.wocintechchat.com/
    

    View Slide

50. • Surveys
    • A Beginner’s Guide to Quantum Computing and Q#, blog post by Frances Tibble
    • Quantum Computing in the NISQ era and beyond, report by John Preskill
    • Quantum Computing since Democritus, book by Scott Aaronson
    • Quantum Computing: Progress and Prospects, report by the National Academies of
    Sciences, Engineering, and Medicine
    • Specific areas
    • CECPQ2, blog post by Adam Langley on post-quantum experiments in Chrome
    • “Major Quantum Computing Advance Made Obsolete by Teenager,” Quanta article
    • “Graduate Student Solves Quantum Verification Problem,” Quanta article
    

    View Slide

51. C O N T A C T
    [email protected]
    @craigstuntz
    http://paperswelove.org/chapter/columbus/
    https://speakerdeck.com/craigstuntz
    

    View Slide