[Cryptography] OS and encryption for quantum computing machines

Natanael natanael.l at gmail.com
Fri May 3 05:01:06 EDT 2019


Den fre 3 maj 2019 03:42Tom Mitchell <mitch at niftyegg.com> skrev:

> There a number of security assumptions in *nix and WindowZ
> operating systems with regard to passwords, encryption and more.  Do these
> assumptions fail on a Quantum computer (that we have yet to see)?
>

(First of all, disclaimer: I'm not an expert on this. The information below
is a summary of what I've read about quantum computers so for.)

The typical quantum computer won't run an OS in the quantum components.
They'll just repeat the same algorithm over and over.

Every construction proposed so far uses classical computers, qubit hardware
(superconductors, suspended electrons, etc), something that link together
the qubits, and control hardware. From an algorithmic perspective, the
quantum setup is treated as a blackbox function. They don't really have an
equivalent for continous threads/processes (yet, if ever). The internal
state loses the quantum properties when you read it out.

The classical computer programs the qubits via the control hardware, then
performs a readout, checks the results, starts over if the result isn't
correct.

>
I have not yet seen a discussion of an OS that is crypto strong to deploy
> on quantum hardware that is well capable of cracking oldschool encryption
> mind set assumptions.
> I am not sure Quantum hardware qualifies as a primary CPU for the OS but
> it might.
>

I can note that in the case of actual networked quantum computers and
quantum information networks (communicating by entangled photons, etc),
there are indeed classical algorithms otherwise assumed secure that fail,
because the act of linking two quantum computers expose more private
information than classical communications would expose.

Quantum key recovery on AEZ: https://eprint.iacr.org/2017/767.pdf

Is it sufficient to toss any older encryption method that is not quantum
> resistant and replace with resistant methods?   Even as an IO channel slave
> device they are potentially able to amplify a modest exploit (as are GPU
> devices today) but more so.
>

As seen above, if you have quantum communications, then no.

Otherwise, if you're only communicating the results of symmetric algorithms
and other quantum resistant algorithms with classical communications, then
yes.


> Are people thinking about the OS side of this?
>
> Thanks,
> Tom
>
>
>
> --
>    T o m    M i t c h e l l
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20190503/2f35120a/attachment.html>


More information about the cryptography mailing list