”
“
— Richard Feynman
…nature isn’t classical, dammit, and if you
want to make a simulation of nature, you’d
better make it quantum mechanical, and by
golly it’s a wonderful problem, because it
doesn’t look so easy.
https://people.eecs.berkeley.edu/~christos/classics/Feynman.pdf
What Can Quantum Computers Do?
• Simulate quantum physics
• Breaking public key cryptography
• Combinatorial search & optimization (Grover’s algorithm)
• Machine learning (maybe!)
• Using as a prover to prove beyond classical capabilities
• Maybe more in the future?
Slide 15
Slide 15 text
However!
• TLS does not seem to be broken
• Cryptographically relevant quantum computers don’t exist (yet)
• Quantum supremacy (maybe) not (yet) shown
• Classical algorithms and hardware keep getting better!
• No “universal” speedup
• Theoretical advantages of quantum computers are not well understood
• Many popular articles on quantum computing are mostly marketing
Slide 16
Slide 16 text
You Should Care Anyway
• Advantages are potentially huge
• New cryptosystems take years to vet and implement; need to start now
• Whether or not they’re implementable, there is at least some potential for new
physics, which is cool
Library Author
— or —
Cryptographer
https://www.flickr.com/photos/ibm_research_zurich/16138523887/
Slide 21
Slide 21 text
Programmer
CC-A by https://www.wocintechchat.com/
Slide 22
Slide 22 text
Coprocessors
CPU
GPU
TPU
DSP
Quantum
Slide 23
Slide 23 text
”
“
— Neil C. Thompson & Svenja Spanuth
The migration of computing from a general
purpose technology to a fragmented one
will fundamentally alter it… In particular, we
expect the gains from computing
improvement to be become much more
unequal, to the detriment of many.
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3287769
Slide 24
Slide 24 text
Nuts and Bolts
https://www.flickr.com/photos/63059536@N06/5941039382
Slide 25
Slide 25 text
How Classical Computers Work
https://commons.wikimedia.org/wiki/File:ABasicComputer.gif
LDR EAX, ADR_VAR1
LDR EBX, ADR_VAR2
ADD EAX, EBX
STR EAX, [ECX]
”
“
— Holly Cummins
"Mixing together waves so that wrong answers
cancel themselves out is very different from how
classical computers work, but it is something
many of us have experienced in the macroscopic
world. For example, noise cancelling headphones
work by adding extra noise to existing noise."
https://www.infoq.com/articles/quantum-computing-algoritms-two/
Computational Complexity
Detail from image by Dr. Gabriel Robins, http://www.cs.virginia.edu/~robins/cs3102/
Slide 36
Slide 36 text
Some Problems Seem Hard; Some We Know Are Hard
What is a Hard Problem, Actually?
• General solution impossible
• Entscheidungsproblem — think Turing
• Solution exists but is exponentially hard
• Traveling salesman problem
• Efficient solutions exist
• Greatest common divisor
• “Hmm, actually, we’re not sure!”
• Finding factors of products of large prime numbers
Some Problems Seem Hard; Some We Know Are Hard
What is a Hard Problem, Actually?
https://commons.wikimedia.org/wiki/File:BQP_complexity_class_diagram.svg
Slide 39
Slide 39 text
Under the Hood
Building and Programming a Quantum Computer
https://www.wpafb.af.mil/News/Article-Display/Article/1250638/
Slide 40
Slide 40 text
”
“
— Lance Fortnow
The basic ability to do Fourier
transformation, that’s at the heart of the
power of quantum, at least most of the
algorithms we know.
Slide 41
Slide 41 text
NISQ
Honeywell
Slide 42
Slide 42 text
Ion Traps
https://jqi.umd.edu/news/future-ion-traps
Q#
using (qubits = Qubit[2])
{
for (test in 1..count)
{
Set (initial, qubits[0]);
Set (Zero, qubits[1]);
H(qubits[0]);
CNOT(qubits[0], qubits[1]);
let res = M (qubits[0]);
if (M (qubits[1]) == res)
{
set agree = agree + 1;
}
%& Count the number of ones we saw:
if (res == One)
{
set numOnes = numOnes + 1;
}
}
Set(Zero, qubits[0]);
Set(Zero, qubits[1]);
}
https://docs.microsoft.com/en-us/quantum/quickstart?view=qsharp-preview&tabs=tabid-vs2017
Slide 48
Slide 48 text
About That Crypto Thing
https://www.flickr.com/photos/usnistgov/5941059262/
Slide 49
Slide 49 text
”
“
— Scott Aaronson
If you take just one piece of information
from this blog:
Quantum computers would not solve hard
search problems instantaneously by simply
trying all the possible solutions at once.
Slide 50
Slide 50 text
One Way Functions
How Does RSA Work?
• Given two numbers, it’s easy to find their product
• But given a product, it’s much harder to find its prime factorization
• If the factors are two prime numbers, then the factorization is unique, so this is even
harder, and harder still if the prime numbers are very large (thousands of bits)
Slide 51
Slide 51 text
The Period of a Function
https://commons.wikimedia.org/wiki/File:Sine.svg
Slide 52
Slide 52 text
Find the Prime Factors of a Product Efficiently
Shor’s Algorithm
• Classical part: Do some fairly simple arithmetic (finding the greatest common
denominator of a couple of numbers)
• Quantum part: Find the period of a function
• Classical part: Do some more fairly simple arithmetic
• Because we have small quantum computers, we can currently use Shor’s algorithm
only to factor small numbers, like 15
• Despite these small numbers, Shor’s algorithm clearly works!
Slide 53
Slide 53 text
Grover’s Algorithm
Search Problems, Revisited
• Unlike Shor’s algorithm, works with general functions, not just finding products of
primes
• Slower than Shor’s algorithm, but much faster than classical search
• Aaronson quote is still correct; we are not searching “instantaneously” by “trying all
the possible solutions at once”
[O( N)]
Slide 54
Slide 54 text
Quantum Resistant Crypto
• It may take 10-15 years to gain confidence in a novel cryptosystem
• Many symmetric algorithms like AES are believed to be quantum resistant
• A number of possibly quantum resistant asymmetric cryptosystems are under
development and analysis
• Some experiments have failed!
Slide 55
Slide 55 text
NIST Post-Quantum Cryptography Standardization project
Quantum Resistant Crypto
• Call for proposals yielded 82 submissions
• 69 were accepted
• All but 26 were broken or withdrawn by 2019
• On 22 July, 15 entered the third round, with 7 “finalists”
• Initial NIST standard due in 2022
Slide 56
Slide 56 text
So How Close Are We?
https://www.flickr.com/photos/ellenm1/7847402208
Slide 57
Slide 57 text
Useful Quantum Computing
• “Quantum supremacy”
• Faster than a classical computer
• A moving target, since classical hardware and algorithms keep improving
• Perhaps 50+ entangled qubits?
• Google claimed this in 2019; IBM disagreed
• First useful tasks
• Combinatorial / search problems
• Simulating quantum physics
• Proving
• “Goodbye, RSA”
• Thousands of entangled, logical qubits
Slide 58
Slide 58 text
Further Reading
CC-A by https://www.wocintechchat.com/
Slide 59
Slide 59 text
• Surveys
• A Beginner’s Guide to Quantum Computing and Q#, blog post by Frances Tibble
• Quantum Computing in the NISQ era and beyond, report by John Preskill
• Quantum Computing since Democritus, book by Scott Aaronson
• Quantum Computing: Progress and Prospects, report by the National Academies of
Sciences, Engineering, and Medicine
• Specific areas
• CECPQ2, blog post by Adam Langley on post-quantum experiments in Chrome
• “Major Quantum Computing Advance Made Obsolete by Teenager,” Quanta article
• “Graduate Student Solves Quantum Verification Problem,” Quanta article
Slide 60
Slide 60 text
C o n t a c t
[email protected]
@craigstuntz
http://paperswelove.org/chapter/columbus/
https://speakerdeck.com/craigstuntz