undefined | Better HN

0 pointsspywaregorilla3y ago0 comments

quantum is used for problems like finding the factorization of the number 4.

Jumping is also real, but we need not worry about people jumping out of the atmosphere.

0 comments

I'm not a believer (I'm not qualified to have an opinion but neither is almost anyone else here) in PQC, but to be clear, the logic behind moving forward on PQC is straightforward: everybody acknowledges that there are no known useful QC attacks on cryptography, nor really any on the horizon, but adversaries can easily stockpile terabytes of recorded network conversations today and keep them around to break when QC attacks do work.

If you think QC attacks are 20 years away from real-world demonstrations, then conventional cryptography has a 20-year ceiling, which would be a hair-on-fire analysis in any other context. How long are you willing to bet conventional cryptography will hold out? 50 years is also too short by cryptographic standards. And 50 years is a long time. You willing to bet 100 years? I am, but, like, nobody should listen to me on this.

This is also why KEMs are a priority over signatures for PQC deployment.

jabbany3y ago

> Jumping is also real, but we need not worry about people jumping out of the atmosphere.

If people are jumping twice as high this year than last, we would ;) https://www.researchgate.net/figure/A-chart-shows-the-progre...

(BTW this reply is not meant to make a point about the state of quantum -- it's complicated -- but merely as a response to the analogy)

spywaregorillaOP3y ago

I'm not much of a believer. It's worth pointing out that as the number of qubits goes up, so too does the error rate.

luc43y ago

A larger number of qubits allows us to do effective quantum error correction. The idea is to group multiple physical qubits into one logical qubit, think of it as redundancy.

spywaregorillaOP3y ago

So what's the number of logical qubits we have achieved working practically then? Is this scalable, or is it just going to exponentially require physical qubits for each additional logical qubit?

Genuine question. I've no idea.

1 more reply

j / k navigate · click thread line to collapse

0 comments

tptacek3y ago

This is also why KEMs are a priority over signatures for PQC deployment.

jabbany3y ago

> Jumping is also real, but we need not worry about people jumping out of the atmosphere.

If people are jumping twice as high this year than last, we would ;) https://www.researchgate.net/figure/A-chart-shows-the-progre...

(BTW this reply is not meant to make a point about the state of quantum -- it's complicated -- but merely as a response to the analogy)

spywaregorillaOP3y ago

I'm not much of a believer. It's worth pointing out that as the number of qubits goes up, so too does the error rate.

luc43y ago

A larger number of qubits allows us to do effective quantum error correction. The idea is to group multiple physical qubits into one logical qubit, think of it as redundancy.

spywaregorillaOP3y ago

So what's the number of logical qubits we have achieved working practically then? Is this scalable, or is it just going to exponentially require physical qubits for each additional logical qubit?

Genuine question. I've no idea.

1 more reply

j / k navigate · click thread line to collapse