| Let's say the optimistic projections about quantum computing eventually pan out
and it can someday be used to break strong encryption. Is that any reason to
not use strong encryption in the here and now? It just seems like another
excuse to be lazy.
We really don't know if there is a hard limit to the size
of problems that can be solved with quantum computing which would prevent them
for being used to break strong encryption. There is also tremendous controversy
over whether the D-Wave computer you refer to really is a quantum computer or
not. Please don't confuse hype and sales brochures with an actual scientific
breakthrough.
The fundamental problem in breaking hard encryption is that
the difficulty of the problem increases exponentially with a linear increase in
key size (and worst-case quadratic increase in encryption/decryption
requirements). A non-quantum brute force attack against a reasonably large key
size would require you to make more guesses than then number of atoms in the
Universe. A quantum approach would require a number of qubits equal to the
number of bits in the key. While increasing the number of bits used by a
conventional computer is straightforward, increasing the number of qubits in a
quantum computer is the fundamental challenge. The problem is keeping all the
noise out. Unsurprisingly, the difficulty in providing an adequate noise floor
increase exponentially with the number of qubits, so from an engineering
perspective, you are still up against an exponentially hard problem as the key
size increases linearly.
No one knows how to build a quantum computer that
will be able to break strong encryption. We don't even know if it is physically
possible. At best it is an extremely hard problem that is currently way outside
of our technical know-how.
---
Our job is to remind ourselves that
there are more contexts
than the one we’re in now — the one that we think is reality.
-- Alan Kay [ Reply to This | Parent | # ]
| 
