RSA<\/a> and its ilk have a security that is based upon the computational difficulty of problems that now have a long history of study (factoring, discrete logarithm, etc.)\u00a0 While it is completely possible that there is an efficient classical algorithm for factoring, a lot of our confidence in this not being true is based upon the large amount of effort that has been put into solving this problem.\u00a0 We could even define a quantity: the integrated number of theorist hours spent on the problem.\u00a0 This is certainly a very large number.\u00a0 How large?\u00a0 Well one probably has to know the size of the National Security Agency’s payroll to calculate it, but even in the public sphere this number is pretty high.\u00a0 So for the post quantum cryptography world, the new (or old, but now more relevant) cryptosystems that have been proposed, we could also calculate this number.\u00a0 More interestingly we could try to calculate this number for people working on quantum attacks on these problems.\u00a0 I think I could actually do this calculation myself, as I know most of these people (or at least the ones in the public sphere), and even something about their working habits \ud83d\ude42\u00a0 But this is certainly a very very small number.\u00a0 So it seems to me that if one really wants to study post quantum cryptography, one needs to invest heavily not just in people classically attacking the problems, but also in quantum theorists attacking the problem in order to insure confidence that this is truly “post quantum.<\/p>\nSo…um, it seems that there is a very strong need to establish a very large effort in quantum algorithms, not just because we’d like to know what else quantum computers are good at, but also because we need to make sure “Shor, part II” doesn’t occur and the post quantum cryptography systems that are deployed aren’t themselves vulnerable to quantum attack.\u00a0 I was at a program review recently where a speaker who funds quantum computing got up and said roughly “I got into quantum computing because it scared me.\u00a0 What I want to see today is more things that scare me.”\u00a0 Damn straight, but in practice I worry that the size of the effort directed this way in quantum computing is not nearly large enough.\u00a0 The U.S. in particular has a severe dearth of quantum computing theorists, or at least such theorists who advance beyond the graduate student \/ postdoc level.<\/p>\n
So post quantum cryptography is great, but it needs to be really “post quantum.”\u00a0 And that scares me, because I look around and just don’t see the basis for a concerted effort to insure the security of these new cryptosystems against quantum attacks.<\/p>\n","protected":false},"excerpt":{"rendered":"
Today I’m at the Joint Quantum Institute attending a workshop on quantum computing.\u00a0 This morning’s session is on “post quantum cryptography.”\u00a0 Post quantum cryptography is the study of classical (public key) cryptosystems which could replace the plethora of cryptosystems that quantum computers break (RSA, Diffie-Hellman, elliptic curves.)\u00a0 These new systems include lattice based cryptography, the … <\/p>\n
Continue reading “Post Quantum Cryptography”<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[65],"tags":[],"class_list":["post-4521","post","type-post","status-publish","format-standard","hentry","category-quantum-computing"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/posts\/4521","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/comments?post=4521"}],"version-history":[{"count":0,"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/posts\/4521\/revisions"}],"wp:attachment":[{"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/media?parent=4521"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/categories?post=4521"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dabacon.org\/pontiff\/wp-json\/wp\/v2\/tags?post=4521"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}