Cake
  • Log In
  • Sign Up
    • Computer giants are racing to build the first quantum computer, a device with millions of times more processing strength than all the computers currently on Earth combined.

      Credit: Vice trailer

      Quantum computing will be an evolutionary leap in technology. It will open new doors in science and medicine.

      But is the cryptography that the web is built on vulnerable? Quantum computers use the superposition of atoms to create bits that can be both a 0 and 1 at the same time. Which means quantum computers could do a crazy number of tasks sequentially, like factoring large primes: the keys of cryptography used to protect our communications and bank accounts.

      China is pouring billions into developing quantum computers. It's believed to be an arms race. And companies like Google and Microsoft are racing for quantum supremacy. Should we be worried?

      πŸ“·: IMB Q quantum computer

    • What I want to know is, how does a quantum debugger work? (joke for geeks, but not entirely joking).

      More seriously, I don't think it's a threat to humanity. Some country (or corporation) might enjoy a short-term advantage, but the others will likely catch up soon enough. While existing encryption standards will need to be changed, it's also true that quantum techniques offer the possibility of provably secure communications, which is a big step up from today. Even if a serious imbalance in capability emerges for a time, there are many geopolitical factors that would mitigate the chances of weaponizing the technology, mainly the economic interdependence of the world's major powers.

    • As you said, the specific danger to cryptography posed by quantum computers is that they're capable of factoring large primes much more quickly than current processors.

      The reason this is a problem is that the most widely used cryptographic protocols today (including the one protecting your connection to Cake as you read this sentence) are public key protocols, in which each party possesses a secret private key and a non-secret public key that's safe to share. So Alice can give her non-secret public key to Bob and that allows Bob to encrypt his messages so that only someone who has Alice's private key can decrypt them.

      The ability to quickly share a public key like this in order to establish secure communication is really convenient, since it means Alice and Bob don't actually have to share any secrets with each other before they can start encrypting messages. The actual secrets β€” their private keys β€” never get transmitted anywhere.

      This relies on algorithms that make it easy to calculate a public key if you know the private key, but virtually impossible to calculate the private key if you only know the public key. But quantum computers are very good at exactly the kind of math necessary to calculate private keys from public keys, so eventually it will no longer be safe for Alice and Bob to exchange public keys since anyone with a fast enough quantum computer would then be able to compute their private keys and snoop on their messages.

      But don't worry! All hope is not lost.

      Quantum computers are very good at certain kinds of algorithms, but they're not good at everything. There are forms of encryption that don't rely on prime factoring or public key exchanges. In fact, one of the very oldest and simplest forms of cryptography β€” secret key cryptography, in which both Alice and Bob know the secret key they use to encrypt their messages β€” is no more vulnerable to attack by quantum computers than by any other computer.

      The problem is that secret key cryptography is inconvenient (it requires both parties having a shared secret ahead of time), and other quantum-safe cryptographic techniques haven't gotten much attention yet, so they'll need a lot of work and refinement before we'll be able to rely on them.

      But that work is happening, and these problems will eventually be solved, and then we'll have brand new problems to worry about. πŸ˜„

    • Quantum computers in the early days could still be very dangerous though, right? Because until we move away from public-private key cryptography, we're venerable to quantum computer attacks. A high qbit quantum computer would be an excellent tool in say a state-sponsored hacking campaign. Could this be the motive fueling the quantum arms race? China is pouring $10 billion into building a quantum research facility. That's a lot of money. I speculate political dominance is a motive.

    • How long did the Allied forces sit on their enigma code break? As long as it took for them to exact what they needed to secure victory. I guarantee you whomever taps into this tech productively won't reveal the progress until whatever "victory" it seeks has been secured.

    • In these very early days, quantum computers aren't yet fast enough to be dangerous. But yes, eventually they will be fast enough, and then things get scary.

      One good aspect of some modern public key crypto schemes is the use of ephemeral keys to enable what's called "forward secrecy".

      The idea is that if you generate short-term private keys as needed, sign those keys with your long-term keys, and then only use the short-term keys to encrypt messages, then even if someone eventually manages to steal your long-term private key they can't decrypt any of your old messages because those messages were encrypted with ephemeral keys that have long since been discarded.

      In theory this is a great defense against quantum attacks, since the attacker would still need to be able to at least get their hands on the public key that was generated from the ephemeral private key in order to then derive the private key and decrypt messages. But since that public key was only transmitted once (or a very small number of times) and then permanently discarded, the chance of it being intercepted is much smaller. And without it, even a quantum computer won't be able to decrypt the data.

      But if someone could somehow capture all the ephemeral public keys that are transmitted in the clear along with all the encrypted data that they can't yet decrypt, and if they had an absolutely massive amount of storage, then they could simply store everything and then, in five or ten or twenty years when quantum computers are finally fast enough, they can break all those keys and decrypt all the encrypted data they've stored.

      And it looks like the NSA may already be doing exactly this. 🀫

      Here's a great blog post on the subject if you want to read more about this.

    • It's interesting how similar the situation today might be to the breaking of the enigma. These are my concerns that provoked this conversation originally. Quantum computers are already getting pretty powerful. Google has a 72-qbit machine out there. Is that useful for anything, or still too slow or inaccurate? Is it reasonable to believe there could be a secret powerful quantum computer out there now breaking encryption?

    You've been invited!