[Cryptography] The race to Quantum machines.

jamesd at echeque.com jamesd at echeque.com
Wed May 29 05:39:59 EDT 2019

On 2019-05-29 10:33, Jon Callas wrote:
> If we start with some basics, like IBM releasing 20 qubits this year, and assume a Moore's-Law like doubling of bits, we need ~20 generations of doubling to get to the needed ~20M qubits. If that doubling is every year-and-a-half, then we get there around 2050. If it's every two years, around 2060.

It is a good deal worse than that.

To get large numbers of qbits in the straightforward way requires 
exponentially high Q and accuracy, which is obviously physically impossible.

So, you need some kind of quantum error correction, which means you need 
large number of qubits with reasonable precision and Q to give the 
functional equivalent of a much smaller number of qubits with 
unreasonable precision and unreasonably high Q.

Probably we can find a way to do this without an exponentially large 
number of reasonable precision and reasonable Q qubits, but even that is 
not clear, and chances are it is going to be polynomially large.

It is also probably going to be hierarchically multilayered, with a huge 
number of physically reasonable very fast qubits giving rise to the 
functional equivalent of a large number of slower qubits with 
unreasonably high Q, which in turn give rise to the functional 
equivalent of a depressingly small number of qbits with effectively 
infinite Q but depressingly low speed.

More information about the cryptography mailing list