Voland.V


December 28, 2019, 12:45:11 PM Merited by Welsh (4), Cnut237 (3) 

from an attack with quantum computing, it is enough to simply increase the length of the key.
No, it's not. QC processing power increases exponentially with each new qubit. This is why scaling up a QC can produce such phenomenal power. Where a classical computer with 'n' bits can represent 'n' states, a quantum computer can represent (2 ^{n}) states. So as we increase complexity, the number of states that can be represented are as follows: Classical: 1,2,3,4,5,6,7,8 etc Quantum: 1,2,4,8,16,32,64,128 etc. So there's something wrong with ECC?
Yes, there is. A QC can use Shor's algorithm to break ECC. There is a lot of good work being done in postquantum cryptography, as we've covered previously:  Modify the PoW system such that QCs don’t have any advantage over classical computers. Defending PoW is not as important as defending signatures (as above), because PoW is less vulnerable. However various approaches that can protect PoW against QCs are under development, such as Cuckoo Cycle, Momentum and Equihash.
 Modify the signature system to prevent easy derivation of private keys. Again, various approaches are under development, which use some pretty esoteric maths. There are hashbased approaches such as XMSS and SPHINCS, but more promising (as far as I can tell) are the latticebased approaches such as Dilithium, which I think is already used by Komodo.
... and I do think that many of these approaches look promising. My main concern is that postquantumcryptography solutions are based merely on being very difficult to hack, whereas quantumcryptography is in theory fundamentally unhackable due to the immutable physical laws of quantum mechanics.  In my opinion, post quantum cryptography should not be confused with cryptography based on the mutual relation of quantum states of photons. Postquantum cryptography uses mathematical coding methods. Physical laws of the quantum world are used in quantum cryptography. Post quantum systems, most of them, were developed 1020 years ago. Some of them are new, developed recently. But they're all based on mathematics. They should not be confused with related quantum states, it's a completely different approach to the problem. We are not interested in quantum cryptography, it is not our level, it is not intended for ordinary users. And it's not even planned for us. It's post quantum mathematical cryptography that we are planning. You are very mistaken about the length of the key if you think that a quantum computer can solve the problem of a complete search for a key only 256 bits long. No quantum computer can do that. That's why the AES256 remains a post quantum system. If cryptography on elliptical curves, as well as any other cryptography with a public and private key was reliable, and everything depended only on the length of the key, then no search for post quantum systems would be done by mankind. Moreover, a large number of cryptographic systems that were candidates for post quantum encryption systems were not cracked by quantum computers, but by good old cryptanalysis, mathematical methods. The key which is not broken by full search in system AES length 256 bits  corresponds to a key 1530016400 bits in system RSA. If it were only for the speed of quantum computing, you could use an RSA with a key length of 16400 bits or more, or cryptography on elliptical curves (ECC) with a length of 512 bits. Instead, AES256 with only 256 bits of key is definitely left (it's a symmetric system), but all our asymmetric systems (including RSA and ECC) are not. Moreover, for serious secrets 5 years ago they were forbidden to use, this is only what has already leaked to the press. Neither ECC, nor RSA have ever been used in serious cases 10 years ago. Details here, post dated December 04, see: https://bitcointalk.org/index.php?topic=5204368.0. Therefore, there is only one conclusion  all modern asymmetric systems with a pair of public and private keys  do not fit with any length of the key precisely because they are weak, but the details of this circumstance are not specified and few people know.





Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.




Cnut237
Legendary
Online
Activity: 1526
Merit: 1072


December 28, 2019, 04:06:26 PM Last edit: December 28, 2019, 05:15:57 PM by Cnut237 Merited by LoyceV (5), vapourminer (1) 

In my opinion, post quantum cryptography should not be confused with cryptography based on the mutual relation of quantum states of photons. Postquantum cryptography uses mathematical coding methods. Physical laws of the quantum world are used in quantum cryptography.
Post quantum systems, most of them, were developed 1020 years ago. Some of them are new, developed recently. But they're all based on mathematics.
They should not be confused with related quantum states, it's a completely different approach to the problem.
I agree, and I'm well aware of the distinction. Postquantum cryptography and quantum cryptography are completely different things. It's unfortunate that they have such similar names! We are not interested in quantum cryptography, it is not our level, it is not intended for ordinary users. And it's not even planned for us.
It's post quantum mathematical cryptography that we are planning.
Not sure I agree with this point. I would contend, as I have previously, that work in quantum cryptography is progressing at pace and whilst there are technical issues to overcome, it does potentially offer a fundamentally unhackable solution to quantum attacks, and one which can be used in the mainstream. Having said that, of course postquantum cryptography is hugely important as well, and work is progressing there, too. There's no need to focus on just the one approach, though, and dismiss the other. You are very mistaken about the length of the key if you think that a quantum computer can solve the problem of a complete search for a key only 256 bits long. No quantum computer can do that. That's why the AES256 remains a post quantum system.
I think we agree, but are coming at this from different angles. An increase in key length is trivial to overcome if we're talking about asymmetric cryptography, where a quantum computer can apply Shor's algorithm. But as you state below, AES256 is symmetric. AES256 with only 256 bits of key is definitely left (it's a symmetric system), but all our asymmetric systems (including RSA and ECC) are not.
AES256 security may be fine currently, it may be resistant to the best current attack (Grover search), but that's my point. Quantum cryptography uses the laws of quantum mechanics to make a system absolutely unhackable for all time, whereas postquantum cryptography makes a system secure against current attacks, with no guarantee of security against future technology or future algorithms. If AES256 can beat Grover, what about other approaches? Quantum Square Attacks? Biclique Attacks? How about all mathematical attacks that haven't yet been devised? I'm being flippant, and I do agree that there is certainly a chance that a postquantum cryptography solution will remain forever secure, but we can't know for certain. My point is merely that we should investigate both quantum cryptography and postquantum cryptography. It seems wasteful to focus solely on one approach. I value the discussion immensely, by the way  thank you




Voland.V


December 28, 2019, 08:34:03 PM 

In my opinion, post quantum cryptography should not be confused with cryptography based on the mutual relation of quantum states of photons. Postquantum cryptography uses mathematical coding methods. Physical laws of the quantum world are used in quantum cryptography.
Post quantum systems, most of them, were developed 1020 years ago. Some of them are new, developed recently. But they're all based on mathematics.
They should not be confused with related quantum states, it's a completely different approach to the problem.
I agree, and I'm well aware of the distinction. Postquantum cryptography and quantum cryptography are completely different things. It's unfortunate that they have such similar names! We are not interested in quantum cryptography, it is not our level, it is not intended for ordinary users. And it's not even planned for us.
It's post quantum mathematical cryptography that we are planning.
Not sure I agree with this point. I would contend, as I have previously, that work in quantum cryptography is progressing at pace and whilst there are technical issues to overcome, it does potentially offer a fundamentally unhackable solution to quantum attacks, and one which can be used in the mainstream. Having said that, of course postquantum cryptography is hugely important as well, and work is progressing there, too. There's no need to focus on just the one approach, though, and dismiss the other. You are very mistaken about the length of the key if you think that a quantum computer can solve the problem of a complete search for a key only 256 bits long. No quantum computer can do that. That's why the AES256 remains a post quantum system.
I think we agree, but are coming at this from different angles. An increase in key length is trivial to overcome if we're talking about asymmetric cryptography, where a quantum computer can apply Shor's algorithm. But as you state below, AES256 is symmetric. AES256 with only 256 bits of key is definitely left (it's a symmetric system), but all our asymmetric systems (including RSA and ECC) are not.
AES256 security may be fine currently, it may be resistant to the best current attack (Grover search), but that's my point. Quantum cryptography uses the laws of quantum mechanics to make a system absolutely unhackable for all time, whereas postquantum cryptography makes a system secure against current attacks, with no guarantee of security against future technology or future algorithms. If AES256 can beat Grover, what about other approaches? Quantum Square Attacks? Biclique Attacks? How about all mathematical attacks that haven't yet been devised? I'm being flippant, and I do agree that there is certainly a chance that a postquantum cryptography solution will remain forever secure, but we can't know for certain. My point is merely that we should investigate both quantum cryptography and postquantum cryptography. It seems wasteful to focus solely on one approach. I value the discussion immensely, by the way  thank you  Dear opponent! This is the first qualitative version of the discussion with my participation. I am very pleased that there are interesting interlocutors on this business cryptographic platform. When I wrote my posts on this topic, I thought that superficial knowledge was more successful than deeper knowledge. But after reading your post, I realized that I was wrong. But you know, I read a lot of opinions on "what cryptography we will need". Of course, quantum cryptography is a technical, scientific, technological step forward. Although, in fact, nothing new is observed from the knowledge that we had 40 years ago. Let me tell you something else. Quantum cryptography, not only in my opinion, is it a big, powerful mechanism that needs to lift a big load. Simple, not tricky, the engineer's reasoning is this:  if the load is 10 times heavier, then you need a crane 10 times more powerful. Scrap against scrap. It works. It's convincing. But it's not exactly an engineering approach, I think. It's force versus force. I'm a supporter of beautiful engineering, I'm a supporter of ingenuity and cunning, intelligence and innovation  and against brute force. For this reason, I don't like the solution of the problem with quantum cryptography, but I'd really like the solution with post quantum mathematical, logical, unusual solutions. No matter how actively quantum encryption methods are developed, if a solution is found in the direction of post quantum (mathematical) cryptography, this solution will be cheaper, simpler, more elegant, more attractive, and will have a much greater commercial success than physical quantum cryptography. Especially since quantum methods (actually old photonic systems, but words are always ahead of the curve, it's the golden law of advertising) plan to be used as a transport protocol, not as encryption itself. Or as an encryption key exchange system for reliable mathematical symmetric encryption systems. As a replacement for cryptography with a pair of open and private keys. No more than that. Especially since quantum cryptography is ABSOLUTELY not protected from information theft. It simply informs the recipient how much information is lost, but does not protect against theft!!! Unlike some post quantum (mathematical) encryption systems. Weighing all of the above, I am in favor of a future dominated by post quantum cryptographic systems, not quantum cryptography. Otherwise, it is the surrender of progressive human thought to brute physical force. And if you look even deeper, I am a supporter of new geometric principles of encryption, without a key, and principles of new authentication without a password. It's my theme: https://bitcointalk.org/index.php?topic=5204368.0. и https://bitcointalk.org/index.php?topic=5209297.0




Cnut237
Legendary
Online
Activity: 1526
Merit: 1072


January 02, 2020, 01:40:40 PM Last edit: January 03, 2020, 09:51:07 AM by Cnut237 

23 December: The first demonstration of chiptochip quantum teleportation has been achieved.A team at Bristol University have been able to use quantum entanglement to transmit information (4 qubits) between two silicon computer chips, and they have achieved fidelity of 91%, which is very encouraging. Even more encouraging, the functionality that was demonstrated included entanglement swapping and fourphoton GreenbergerHorneZeilinger entanglement, which are important requirements for the establishment of future quantum networks. This is the instant, fundamentally unhackable data transfer that I've mentioned in previous posts (see here for a very simple overview of how entanglement works). There is no reliance on the esoteric cryptographic protocols of PQC that may or may not be broken in future, but rather a simpler dependency on the basic laws of quantum mechanics. Admittedly the experiment was done with expensive specialised equipment, but it is early days, and there is no reason in theory why in future quantum cryptography using entanglement can't become a secure communications standard used by everyday users on cheap, massproduced hardware.




Voland.V


January 08, 2020, 10:47:11 PM 

23 December: The first demonstration of chiptochip quantum teleportation has been achieved.A team at Bristol University have been able to use quantum entanglement to transmit information (4 qubits) between two silicon computer chips, and they have achieved fidelity of 91%, which is very encouraging. Even more encouraging, the functionality that was demonstrated included entanglement swapping and fourphoton GreenbergerHorneZeilinger entanglement, which are important requirements for the establishment of future quantum networks. This is the instant, fundamentally unhackable data transfer that I've mentioned in previous posts (see here for a very simple overview of how entanglement works). There is no reliance on the esoteric cryptographic protocols of PQC that may or may not be broken in future, but rather a simpler dependency on the basic laws of quantum mechanics. Admittedly the experiment was done with expensive specialised equipment, but it is early days, and there is no reason in theory why in future quantum cryptography using entanglement can't become a secure communications standard used by everyday users on cheap, massproduced hardware.  Transmission from one chip to another is quantum entanglement, it's always the transmission of photons. They transfer photons between chips. At a very, very short distance, it seems to be within a centimeter. It's a normal waveguide. That's it. It's a path to the photonic Internet, not quantum networks. No one's dealing with quanta networks. It's a mixup. They're dealing with quantum states of photons. It's technology of the future, but not ours. Hardly anyone would make you give up your favorite smartphone with a wifi or 3.4.5.6G internet and sit behind a stationary device. Without post quantum mathematical (not quantum) cryptography, which encrypts on an ordinary smartphone, computer (not a quantum computer), no one will do. No ordinary user, no VIP. It's just science. It won't make the world safe, even if it works tomorrow. We're being given another illusion. These successful experiments are needed for secure communication between government and large corporations. What do you and I need it for? A network based on ordinary light rays, photons of light? It's a mistaken and commercial distortion of reality to call it "quantum networks". It sounds beautiful, but it's not true, it's expensive and stupid.




tromp


January 09, 2020, 11:53:41 AM 

> I know how to calculate the genesis private key
Sign the message "i no money" with said key as proof of knowledge, or take your scam elsewhere.




Cnut237
Legendary
Online
Activity: 1526
Merit: 1072


January 09, 2020, 02:29:09 PM 

It's a path to the photonic Internet, not quantum networks. No one's dealing with quanta networks. It's a mixup. They're dealing with quantum states of photons. It's technology of the future, but not ours. Hardly anyone would make you give up your favorite smartphone with a wifi or 3.4.5.6G internet and sit behind a stationary device.
What do you and I need it for? A network based on ordinary light rays, photons of light?
It's a mistaken and commercial distortion of reality to call it "quantum networks". It sounds beautiful, but it's not true, it's expensive and stupid.
A quantum internet (with its unhackable absolute security) isn't a complete replacement for the internet we have now, in the same way that quantum computers aren't a replacement for classical computers. The team at Delft whom I've referenced before have devised a sixstage roadmap (below). A quantum internet can be built incrementally on top of what we already have, with different levels of functionality at each stage. SIX STEPS TO A QUANTUM INTERNET
0 Trustednode network: Users can receive quantumgenerated codes but cannot send or receive quantum states. Any two end users can share an encryption key (but the service provider will know it, too).
1 Prepare and measure: End users receive and measure quantum states (but the quantum phenomenon of entanglement is not necessarily involved). Two end users can share a private key only they know. Also, users can have their password verified without revealing it.
2 Entanglement distribution networks: Any two end users can obtain entangled states (but not to store them). These provide the strongest quantum encryption possible.
3 Quantum memory networks: Any two end users to obtain and store entangled qubits (the quantum unit of information), and can teleport quantum information to each other. The networks enable cloud quantum computing.
4 & 5 Quantum computing networks: The devices on the network are fullfledged quantum computers (able to do error correction on data transfers). These stages would enable various degrees of distributed quantum computing and quantum sensors, with applications to science experiments.
So stage 0 is kind of a precursor to a quantum internet, where the only quantum activity is undertaken by the ISP. The quantum cryptographic key is created, but the ISP is like a trusted node. This stage is already live in parts of China. In stage 1 the quantum key is generated by the sender, so it is truly encrypted, with no middleman. This has already been tested successfully as I mentioned above with Micius (China again). I am happy to concede that there is a huge amount of work required to progress to the end of the roadmap, quantum repeaters being just one example, but the direction of travel is encouraging. A functioning and useful quantum internet won't need a massive expensive multiqubit quantum computer in every home at all, but simply a means of transmitting and receiving quantum information. IBM has already had a simple quantum computer in the cloud since 2016.





Voland.V


January 09, 2020, 07:40:01 PM 

SIX STEPS TO A QUANTUM INTERNET
0 Trustednode network: Users can receive quantumgenerated codes but cannot send or receive quantum states. Any two end users can share an encryption key (but the service provider will know it, too).
1 Prepare and measure: End users receive and measure quantum states (but the quantum phenomenon of entanglement is not necessarily involved). Two end users can share a private key only they know. Also, users can have their password verified without revealing it.
2 Entanglement distribution networks: Any two end users can obtain entangled states (but not to store them). These provide the strongest quantum encryption possible.
3 Quantum memory networks: Any two end users to obtain and store entangled qubits (the quantum unit of information), and can teleport quantum information to each other. The networks enable cloud quantum computing.
4 & 5 Quantum computing networks: The devices on the network are fullfledged quantum computers (able to do error correction on data transfers). These stages would enable various degrees of distributed quantum computing and quantum sensors, with applications to science experiments.
So stage 0 is kind of a precursor to a quantum internet, where the only quantum activity is undertaken by the ISP. The quantum cryptographic key is created, but the ISP is like a trusted node. This stage is already live in parts of China. In stage 1 the quantum key is generated by the sender, so it is truly encrypted, with no middleman. This has already been tested successfully as I mentioned above with Micius (China again). I am happy to concede that there is a huge amount of work required to progress to the end of the roadmap, quantum repeaters being just one example, but the direction of travel is encouraging. A functioning and useful quantum internet won't need a massive expensive multiqubit quantum computer in every home at all, but simply a means of transmitting and receiving quantum information. IBM has already had a simple quantum computer in the cloud since 2016. [/quote]  Yes, I agree with your conclusions, it's all true. But this is good for the part of the network that is far from the end user, the backbone part of the network. In this part of the network, indeed, any change in information will be impossible. I am for progress, for everything technological, especially when the laws of physics are the basis of these innovations. But I draw conclusions, I watch intentions diverge from reality. How loud promises actually turn into advertising tricks. Let's find out where we are most often attacked? As of today. Among other things, I am talking about the most dangerous attack  the "man in the middle" technology. Most often it is not carried out on a segment of the network remote from us. I think that from what I have learned, the most common places to attack are those that are close to the user: routers, other network access points, the end devices themselves. None of these threats aimed at the end user, at the specified attack points, the quantum (photon) Internet offered to us  does not solve anything. Modern protocols, based on modern cryptography, provide everything you expect from the "quantum Internet", except one thing  discreet copying of information, eavesdropping on your channel. But this danger is solved by reliable cryptography, methods that are simpler and smarter than the mass of new equipment for the transmission of linked photons (quantum Internet). If you are subject to a competent attack, information, any, before the Internet, before encryption, will be stolen invisibly directly from your devices, not from the backbone networks of the Internet. All scammers and criminals working for governments are looking for easy ways to get information. For example, fresh information, all Samsung devices are secretly spying on their users, on the government of China, not the government of South Korea. You see what a serious approach to espionage is. How will the quantum internet save you? I think that all such technologies, except the quantum computer, are of scientific interest and will only be prepared for commercial success. We need a good secret communication channel, which should be protected by post quantum cryptography. Cheap, reliable, affordable way.




Voland.V


January 09, 2020, 08:05:17 PM 

 How cryptanalysis works, especially against asymmetric encryption systems, will not be written to you on the Internet, let alone on Wikipedia. It's a mystery that cryptanalysis is all about. The life and work of cryptoanalysts is classified. Even their family doesn't know what they do, the results of their work are so important. If they did not work well, asymmetric cryptography would be solved for serious questions. But it's not allowed. Why is that? Because it's used by those in power, and it's not written on public bulletin boards.




Cnut237
Legendary
Online
Activity: 1526
Merit: 1072


February 12, 2020, 08:29:41 AM Last edit: February 12, 2020, 10:15:04 AM by Cnut237 

There has been a potentially important advance in qubit stability, published yesterday in Nature. Anyone with a passing interest knows that maintaining the qubit state is a big problem in quantum computing. The quantum system is quite fragile, and any interaction with the wider environment can cause the state to decohere ( decoherence meaning not actual wave function collapse, but rather the leaking of information across the boundary between the quantum system and its surroundings). There have been various attempts in the past to increase stability, some (such as magnetic containment) being more successful than others. The new experiment from the University of New South Wales uses quantum dots rather than normal silicon atoms, and they've built artificial atoms around these quantum dots  it's this approach that has increased the stability hugely. The problem with 'traditional' (I say traditional, but really QC is all quite new!) devices built on silicon atoms is that there are always atomic imperfections, which disrupt the qubits and lead to a high chance of decoherence. This new experiment removes the atomic nucleus entirely, and instead applies a voltage to pull in spare electrons to orbit the dot. This is then repeated until the inner electron shells have formed. So instead of a normal atom, with a nucleus surrounded by spherical electron shells, you end up with a quantum dot surrounded by flat 2D circular electron shells. So they are mimicking the atomic structure but doing away with the messy nuclear stuff so it's essentially just clean shells around the dot. This done, the key step is to build up the complete inner shells and then add one more electron to the next outer shell. This is a bit like painting multiple coats on a wall, you build up the thickness to smooth everything out. Complete shells always sum to zero, but the added electron in the incomplete outer shell can be used for the spin measurement for the qubit. Basically it's a variant of the standard approach that removes the problem of atomic imperfections, and then improves stability further by building complete orbital electron shells beneath the final electron. Apologies if this is either too technical or not technical enough, it's difficult to strike a balance, and as always with QC it can be a challenge to make sure you've understood everything correctly  I think I have, but please let me know if I've made some false connections here. Anyway, it's an interesting approach and could end up being quite an important marker on the road towards stable largescale QC production.




2ndGENQC
Newbie
Offline
Activity: 2
Merit: 0


February 13, 2020, 03:59:50 PM 

And for the "second generation quantum computers" people are already developing post SHAhash signature systems. So we would then change to post SHAhash signature systems before "second generation quantum computers" exist.
The development of "second generation quantum computers" will bring the most exciting times, hashing will be history. We will make all "lost" coins active.




Cnut237
Legendary
Online
Activity: 1526
Merit: 1072


February 24, 2020, 09:54:39 AM 

the most exciting times, hashing will be history. We will make all "lost" coins active.
"Exciting times" brings to mind the Chinese curse of living in interesting times. Lost coins on the chain will indeed be vulnerable to QCs as these are the ones that won't be moved to quantumsafe addresses following a bitcoin upgrade. Making these coins available for theft by QCs could be terrible for bitcoin's price, but more so for faith in crypto as a whole, similarly if anything not moved was burned to prevent theft by QCs. There's no easy answer here.




qubitasic
Newbie
Offline
Activity: 48
Merit: 0


February 27, 2020, 03:06:14 PM 

Re: I don't believe Quantum Computing will ever threaten Bitcoin McAfee’s chief technology officer: Start protecting against quantum computing hacks now https://venturebeat.com/2020/02/25/mcafeestartprotectingagainstquantumcomputinghacksnow/ McAfee’s chief technology officer warned that it’s time for companies to start worrying about quantum computing attacks that can break common forms of encryption available today, even if quantum computing isn’t going to be practical for a while. Grobman said. “Now I know what you are thinking: Quantum is not coming anytime soon. But we can’t think of quantum in terms of eventually or tomorrow." “We need quantumresistant algorithms as soon as possible,” Grobman said.




Voland.V


March 10, 2020, 05:31:25 AM 

Re: I don't believe Quantum Computing will ever threaten Bitcoin McAfee’s chief technology officer: Start protecting against quantum computing hacks now https://venturebeat.com/2020/02/25/mcafeestartprotectingagainstquantumcomputinghacksnow/ McAfee’s chief technology officer warned that it’s time for companies to start worrying about quantum computing attacks that can break common forms of encryption available today, even if quantum computing isn’t going to be practical for a while. Grobman said. “Now I know what you are thinking: Quantum is not coming anytime soon. But we can’t think of quantum in terms of eventually or tomorrow." “We need quantumresistant algorithms as soon as possible,” Grobman said.  What exactly are the dangers of quantum computing? It's very simple. I'm talking about the global, the danger to a lot of people, not to private cases. All protection protocols, I'm talking about cryptographic methods of protection, built on a principle: 1. Asymmetric cryptography is the first step in any protocol to agree on a common session key for symmetric cryptography. 2. The second step is symmetric cryptography encryption, where secrets are encrypted securely (AES). Why is a quantum computer dangerous today that will work far tomorrow? Because all of our encrypted messages are stored. Details:  those encryptions that are very interesting  stored many times, it's communication between interesting and big people of our time;  all other messages are also stored, just in case, they can be interesting, probably. Now how quantum cheaters will work: 1) they will only crack the first stage of the encryption protocol  only asymmetric cryptography, where the shared session encryption key was encrypted. That's it. 2) They use the resulting key to quietly read the AES cipher, the second step of the encryption protocol. And now, everything falls into place: AES256, the symmetric system, is not cracked, and RSA (with any length of key) or ECC (with any length of key), the asymmetric system is cracked without a doubt, even by very weak, first quantum computers. That's why everyone is so concerned, that's why post quantum asymmetric encryption systems are already needed. Yes, not all people encrypt good messages, there are so many that lead two lives at once and one of those lives is very bad. But the bad thing is to read and decide what's bad and what's good will be guys with the same questionable reputation as the first ones. Here is the real vulnerability of all the key encryption methods: everything secret, sooner or later, becomes known and not secret. This vulnerability is completely devoid of new keyless encryption systems.




fabiorem


March 10, 2020, 07:37:39 PM 

I don't believe anymore that quantum computing exists. It looks more like a fancy showdown to scare people.




Ryutaro
Full Member
Offline
Activity: 202
Merit: 175
It's precious, protect it!


March 10, 2020, 08:39:49 PM Merited by Welsh (3), Cnut237 (1) 

I don't believe anymore that quantum computing exists. It looks more like a fancy showdown to scare people.
there already exist several working ones ( google sycamore, Dwave, IBM Q...) and they are continuously being improved. Companies like Dwave succeeded in using quantum computing to solves realworld problems such as minimizing error in a voice recognition system, controlling risk in a financial portfolio, or reducing energy loss in an electrical grid. sourcealso, leading countries from all over the world are investing insane amounts of money in quantum computing research for obvious reasons to get their hands on this new monster. IBM is already offering free limited access to their systems, you can now create an account and try your quantum circuits and run them on their quantum computers plus they are offering step by step guides and tutorials.




Cnut237
Legendary
Online
Activity: 1526
Merit: 1072


March 13, 2020, 02:55:03 PM 

I don't believe anymore that quantum computing exists. It looks more like a fancy showdown to scare people.
there already exist several working ones ( google sycamore, Dwave, IBM Q...) and they are continuously being improved. Companies like Dwave succeeded in using quantum computing to solves realworld problems such as minimizing error in a voice recognition system, controlling risk in a financial portfolio, or reducing energy loss in an electrical grid. You are absolutely correct that QCs exist and that they are being improved all the time. However, you mentioned DWave, so we do need to be mindful of the distinction between quantum annealers (such as DWave) and universal gate quantum computers (true quantum computers). Annealers are more like quantum simulators than actual quantum computers, and they will never be a threat to bitcoin because they can't run Shor's algorithm, which is what a QC would use to break elliptic curve cryptography. The annealing approach exploits the phenomenon of quantum tunnelling  this is a lowenergy shortcut, analagous to moving between adjacent valleys by cutting straight through the hill rather than going up one side and down the other. Annealing is more for problems where there are a huge number of possible solutions, and we're just looking for one that is sufficient out of that multitude of possibilities, a 'local minimum'. So annealers are good for problems that fit into the 'travelling salesman' category, or materials science where we just want to develop a material that has sufficient strength or malleability or heatresistance. Universal gate quantum computers on the other hand are the ones that can threaten bitcoin. News reports often focus on the number of qubits these machines have, as if this is the only important criterion. It's not. As (universal gate) QCs scale up, the main problem is decoherence  the difficulty of maintaining that entangled quantum state (and its information) by preventing variables from the outside environment leaking in (e.g., physical vibrations, EM radiation, temperature changes). There is work underway on a variety of solutions to the decoherence problem, but it remains very much the primary obstacle  you can have a QC with a million qubits, but it would be useless without sufficient coherence.




Voland.V


March 15, 2020, 09:35:12 AM 

I don't believe anymore that quantum computing exists. It looks more like a fancy showdown to scare people.
 It is possible not to believe, it is possible to close eyes and to bury all head deep in sand  it is a way of an ostrich. On the contrary, you can open your eyes and explore the world around you. Then there is a chance, if you have enough intelligence, to come to the conclusion that quantum computing is a reality to accept. That's why post quantum encryption methods and new Blockchain technology have already been developed.




Cnut237
Legendary
Online
Activity: 1526
Merit: 1072


March 25, 2020, 08:52:27 AM 

I don't believe anymore that quantum computing exists. It looks more like a fancy showdown to scare people.
It certainly exists, and work is progressing rapidly on a number of fronts. There has been a recent discovery that may pave the way for standard computer chips to perform quantum operations... We have talked at length about what a qubit 'is' in an informational sense, but comparatively little about what it is in a physical sense. There are a huge variety of approaches, from miniature superconducting circuits (as in Google's 53qubit machine last year) to optical lattices and BoseEinstein condensates. But the holy grail is to be able to use magneticallycontrollable nuclei embedded in silicon, a combination of magnetic resonance and quantum dot... a Kane quantum computer. A Kane QC as theorised uses preciselyspaced phosphorous atoms beneath the surface. As well as being manipulable through magnetic control, there is a benefit of a huge decoherence time (at low temperatures), estimated at 10 ^{18} seconds  decoherence is one of the biggest problems in QC. The theory is over 20 years old, and has not so far been properly implemented in practice because it is hugely difficult to control a single nucleus magnetically without the field affecting neighbouring nuclei too. ... which brings me to the new paper. They have used antimony rather than phosphorous  antimony crucially has a nonuniform charge distribution, and they have demonstrated that because of this it can be moved comparatively easily between spin states through the application of an oscillating electric field. This is kind of a big deal, as this possibility was first predicted more than 60 years ago, but has not been observed until now. Antimony is bigger than phosphorous, and has 8 spin states rather than the 2 of phosphorous, but this isn't a problem as it just means that each antimony nucleus is analagous to a 3qubit system. There is still a lot of work to be done, it's very early on, but if in the end a QC can be built in silicon, then this really is a huge advancement.




