Upgrade to Pro — share decks privately, control downloads, hide ads and more …

What On Earth Is Quantum Computing (And will it break all my encryption?)

Craig Stuntz
September 04, 2020

What On Earth Is Quantum Computing (And will it break all my encryption?)

You might have heard that quantum computers can break public key encryption. You might also have heard that you can buy a quantum computer today, or run programs on one via a cloud service. Yet TLS does not seem to be broken! What is going on? It’s hard to tell, because most “explanations” of quantum computing are either marketing brochures or written for an audience of physics postdocs. This talk will clearly explain what we know about quantum computing today, and how it is relevant to software professionals now and in the near future. We’ll focus on the security space in particular and discuss what quantum computers can do besides factor large integers. Come with questions, leave with a clear vision for how new computing technologies may change your work in the decades to come!

Craig Stuntz

September 04, 2020

More Decks by Craig Stuntz

Other Decks in Technology


  1. Quantum Computing? What on Earth is And will it break

    all my encryption? Craig Stuntz ∈ Improving https://speakerdeck.com/craigstuntz
  2. RSA

  3. ” “ — Richard Feynman …nature isn’t classical, dammit, and

    if you want to make a simulation of nature, you’d better make it quantum mechanical, and by golly it’s a wonderful problem, because it doesn’t look so easy. https://people.eecs.berkeley.edu/~christos/classics/Feynman.pdf
  4. What Can Quantum Computers Do? • Simulate quantum physics •

    Breaking public key cryptography • Combinatorial search & optimization (Grover’s algorithm) • Machine learning (maybe!) • Using as a prover to prove beyond classical capabilities • Maybe more in the future?
  5. However! • TLS does not seem to be broken •

    Cryptographically relevant quantum computers don’t exist (yet) • Quantum supremacy (maybe) not (yet) shown • Classical algorithms and hardware keep getting better! • No “universal” speedup • Theoretical advantages of quantum computers are not well understood • Many popular articles on quantum computing are mostly marketing
  6. You Should Care Anyway • Advantages are potentially huge •

    New cryptosystems take years to vet and implement; need to start now • Whether or not they’re implementable, there is at least some potential for new physics, which is cool
  7. ” “ — Neil C. Thompson & Svenja Spanuth The

    migration of computing from a general purpose technology to a fragmented one will fundamentally alter it… In particular, we expect the gains from computing improvement to be become much more unequal, to the detriment of many. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3287769
  8. ” “ — Holly Cummins "Mixing together waves so that

    wrong answers cancel themselves out is very different from how classical computers work, but it is something many of us have experienced in the macroscopic world. For example, noise cancelling headphones work by adding extra noise to existing noise." https://www.infoq.com/articles/quantum-computing-algoritms-two/
  9. Some Problems Seem Hard; Some We Know Are Hard What

    is a Hard Problem, Actually? • General solution impossible • Entscheidungsproblem — think Turing • Solution exists but is exponentially hard • Traveling salesman problem • Efficient solutions exist • Greatest common divisor • “Hmm, actually, we’re not sure!” • Finding factors of products of large prime numbers
  10. Some Problems Seem Hard; Some We Know Are Hard What

    is a Hard Problem, Actually? https://commons.wikimedia.org/wiki/File:BQP_complexity_class_diagram.svg
  11. ” “ — Lance Fortnow The basic ability to do

    Fourier transformation, that’s at the heart of the power of quantum, at least most of the algorithms we know.
  12. Q# using (qubits = Qubit[2]) { for (test in 1..count)

    { Set (initial, qubits[0]); Set (Zero, qubits[1]); H(qubits[0]); CNOT(qubits[0], qubits[1]); let res = M (qubits[0]); if (M (qubits[1]) == res) { set agree = agree + 1; } %& Count the number of ones we saw: if (res == One) { set numOnes = numOnes + 1; } } Set(Zero, qubits[0]); Set(Zero, qubits[1]); } https://docs.microsoft.com/en-us/quantum/quickstart?view=qsharp-preview&tabs=tabid-vs2017
  13. ” “ — Scott Aaronson If you take just one

    piece of information from this blog: Quantum computers would not solve hard search problems instantaneously by simply trying all the possible solutions at once.
  14. One Way Functions How Does RSA Work? • Given two

    numbers, it’s easy to find their product • But given a product, it’s much harder to find its prime factorization • If the factors are two prime numbers, then the factorization is unique, so this is even harder, and harder still if the prime numbers are very large (thousands of bits)
  15. Find the Prime Factors of a Product Efficiently Shor’s Algorithm

    • Classical part: Do some fairly simple arithmetic (finding the greatest common denominator of a couple of numbers) • Quantum part: Find the period of a function • Classical part: Do some more fairly simple arithmetic • Because we have small quantum computers, we can currently use Shor’s algorithm only to factor small numbers, like 15 • Despite these small numbers, Shor’s algorithm clearly works!
  16. Grover’s Algorithm Search Problems, Revisited • Unlike Shor’s algorithm, works

    with general functions, not just finding products of primes • Slower than Shor’s algorithm, but much faster than classical search • Aaronson quote is still correct; we are not searching “instantaneously” by “trying all the possible solutions at once” [O( N)]
  17. Quantum Resistant Crypto • It may take 10-15 years to

    gain confidence in a novel cryptosystem • Many symmetric algorithms like AES are believed to be quantum resistant • A number of possibly quantum resistant asymmetric cryptosystems are under development and analysis • Some experiments have failed!
  18. NIST Post-Quantum Cryptography Standardization project Quantum Resistant Crypto • Call

    for proposals yielded 82 submissions • 69 were accepted • All but 26 were broken or withdrawn by 2019 • On 22 July, 15 entered the third round, with 7 “finalists” • Initial NIST standard due in 2022
  19. Useful Quantum Computing • “Quantum supremacy” • Faster than a

    classical computer • A moving target, since classical hardware and algorithms keep improving • Perhaps 50+ entangled qubits? • Google claimed this in 2019; IBM disagreed • First useful tasks • Combinatorial / search problems • Simulating quantum physics • Proving • “Goodbye, RSA” • Thousands of entangled, logical qubits
  20. • Surveys • A Beginner’s Guide to Quantum Computing and

    Q#, blog post by Frances Tibble • Quantum Computing in the NISQ era and beyond, report by John Preskill • Quantum Computing since Democritus, book by Scott Aaronson • Quantum Computing: Progress and Prospects, report by the National Academies of Sciences, Engineering, and Medicine • Specific areas • CECPQ2, blog post by Adam Langley on post-quantum experiments in Chrome • “Major Quantum Computing Advance Made Obsolete by Teenager,” Quanta article • “Graduate Student Solves Quantum Verification Problem,” Quanta article