[Cryptography] Has quantum cryptanalysis actually achieved anything?

[Peter Gutmann]

Jon Callas <jon at callas.org> writes:

>No, it's just that those factorings did not pick an arbitrary number, they
>picked one that would be easier to solve. I'm not criticizing the feat, nor,
>I think is Peter. We're just noting that it was a subset of Shor's algorithm
>that only factors numbers of that form.

No criticism intended, it's a clever piece of physics.  It's not, however, a
threat to cryptography, it's a physics experiment, something like a diamond
anvil is cool experiment in (almost) room-temperature superconductivity.  It's
not experimenting with superconductors, it's experimenting with diamond
anvils.

Speaking of which, how would you state this succinctly?  How would you say
"quantum cryptanalysis has never factored a single non-chosen-in-advance-with-
known-factors number" without the long string of words and dashes?

Peter.