Will you heed my warnings NOW?He co-authored a paper on the threat to Bitcoin.Holy crap … yesterday I was elected to the US National Academy of Sciences! ...
See, some of the most reputable people in quantum hardware and quantum error-correction — people whose judgment I trust more than my own on those topics — are now telling me that a fault-tolerant quantum computer able to break deployed cryptosystems ought to be possible by around 2029. ...
And I’d say that that makes my own moral duty right now ironically simple and clear: namely, to use my unique soapbox, as the writer of The Internet’s Most Trusted Quantum Computing Blog Since 2005TM, to sound the alarm.
So, here it is: if quantum computers start breaking cryptography a few years from now, don’t you dare come to this blog and tell me that I failed to warn you. This post is your warning. Please start switching to quantum-resistant encryption, and urge your company or organization or blockchain or standards body to do the same.
I say the opposite. There is no need to switch, and there is no chance of a break by 2029. [corrected] But I am not a member of NAS. You have been warned. Check back in four years to see who is right.
Update: I looked at the consensus white paper, to see if it endorses the idea that quantum supremacy is inevitable or has already been proved. It does not:
A few distinguished mathematicians, computer scientists, and physicists, including Gil Kalai, Leonid Levin, Michel Dyakonov, and Gerard ‘t Hooft, have taken the position that quantum computing is impossible in principle—that what seem to others like engineering difficulties will in fact never be surmounted for some inherent reason. This could be true, for example, if quantum mechanics itself were to fail as we tried to scale up QC, or if we were to discover some new principle on top of quantum mechanics, which guarantees the existence of noise that violates the assumptions of the Threshold Theorem and therefore can’t be corrected by FTQC.So believing in QC is the conservative option, but it might not be possible.It’s important to understand that this was never a mainstream view among experts, at least since the discovery of FTQC in 1996. The mainstream view could be summarized by saying that, if quantum mechanics were to fail, or some new principle were to be discovered that “screens off” or “censors” QC, that would constitute a once-per-century revolution in physics, and would be vastly more surprising and exciting than “mere success” in building a QC that worked as the theory has long predicted. From a physics perspective, QC working as predicted is the conservative option.
"...are now telling me that a fault-tolerant quantum computer able to break deployed cryptosystems ought to be possible by around 2029."
ReplyDeleteBased on what? How much money the government can be scammed into contributing to keep the lights on?
Nuclear Fusion has been 'fifty years away' since the 1940s. I'm not exactly gushing with optimism that such 'expert' pronouncements have anything behind them except a plea for continued funding...no matter what the field of study.
Also, notice that if government money wasn't poured into such quantum boondoggle projects there wouldn't even be a need to be worried about such concerns of 'quantum decryption' by the author's own logic, as no one else has the endless financial resources to burn on such self destructive lunacy.
Science has become a ridiculous 'Hail Mary' enterprise, build super duper very expensive really big Collider/Super AI/Quantum Computer/Super Virus ...and then all our hearts desires will be granted and everything will be wonderful.
No actual predictions or ROI of what any of these money pits will generate, only that we MUST KEEP THE MONEY FLOWING.. because reasons. Smart people said so. Send money. Now.
I have a better idea: Fewer scientists working on government money building monsters we don't need to fight if we don't create them.
Scientific research needs to return to useful lower cost highly specific directed objectives which don't result in creating more large problems at taxpayer expense. We don't need AI gods to think for us and solve all our problems we made by buidling it, we really don't need colliders to tell us how the universe was made as we can't even handle the threats of nuclear bomb technology spreading or remember what happened fifteen minutes ago. What we DO need intelligent people to start thinking and stop making expensive messes that are just disguised transfers of power and wealth to centralized authority.
That "paper on the threat to bitcoin" to me reads like "please switch to my broken unworkable cipher that is buggy, insecure and untested NOW!!!" Not that there really is much chance of actually DOING that, no matter how much Scotty throws a temper tantrum and stamps his feet like a toddler having a meltdown! Switching entire blockchains already in live production to some completely different cryptographic underpinning is about as realistic as engine swapping a corvette to a cold fusion engine while it's speeding down the highway!
ReplyDeleteDear Roger,
ReplyDeleteYou say: ``There is no need to switch, and there is chance of a break by 2029. ''
You mean: ``there is *not* a chance,'' right?
Best,
--Ajit