[Cryptography] Quantum Computers for Shor's Algorithm (was Re: Perfection versus Forward Secrecy)

Perry E. Metzger perry at piermont.com
Sat Sep 14 15:55:33 EDT 2013


On Sat, 14 Sep 2013 12:42:22 -0700 Tony Arcieri <bascule at gmail.com>
wrote:
> Sure, I never said it could ;) I also said that conventional
> computers can still outpace it. I'm certainly NOT saying, that in
> their present capacity, that DWave computers are any sort of threat
> to modern cryptography.
> 
> But still, it goes to show that quantum computers are happening.

Given that the DWave design is totally unsuitable for Shor's
algorithm, it seems to have no real bearing on the situation in
either direction.

To break 1024 bit keys (a minimum capability for a useful Shor
machine, I'd say), you need several thousand qbits. I've not heard of
a demonstration of more than a half dozen, and I've seen no
progress on the topic in a while. It isn't like last year we could do
six and the year before five and this year someone announced fifteen
-- there have been no incremental improvements.

It is of course possible that there's been secret research on this at
NSA which has gotten far further, but I would expect that the
manufacturing technology needed to do that would require a huge
number of people to pull off, too many to keep quiet indefinitely.

Perry
-- 
Perry E. Metzger		perry at piermont.com


More information about the cryptography mailing list