The Fear of Quantum Computing

In summary: Email, for example, was originally designed as a way to send readable messages between people who were in the same physical space. Today, that's mostly used for spamming.If a more powerful computer exists, isn't it available to anyone? And if it can solve problems faster, shouldn't it be able to create harder problems to solve?The computer I own now can solve problems that would've been considered impossible to solve (in a reasonable time frame) decades ago.
Computer science news on Phys.org
  • #2
Or, can a quantum computer solve p vs np?
 
  • #4
Still, AFAIK, an actual realization of a quantum computer is decades away.
 
  • #5
WWGD said:
Still, AFAIK, an actual realization of a quantum computer is decades away.
if you are talking about QC that can break RSA then I would agree. However, if you are talking about QC that can "do something useful" we are probably talking about much less time than that. IBM is saying that their latest processor("Eagle") might be able to solve small "real world" problems, but that will of course depend on how well it actually works once it is fully up and running.
The quantum computers we have now do work, but they are too small to be useful for real-world problems.
 
  • Like
Likes Klystron, WWGD, jedishrfu and 1 other person
  • #6
I never understood that type of fear. If a more powerful computer exists, isn't it available to anyone? And if it can solve problems faster, shouldn't it be able to create harder problems to solve? The computer I own now can solve problems that would've been considered impossible to solve (in a reasonable time frame) decades ago.

Furthermore, what is it with this need for all these unbreakable encryptions for our daily business? People used to (and still do) send readable messages, only protected by a paper envelope, sealed with cheap glue, going through at least a dozen pairs of hands, sitting pretty in mailboxes outside our homes. Bank statements, checks, actual credit cards, medical info, nobody expected more privacy than that and the world still went on. Same thing with phone conversations. Not that long ago, people could still share phone lines with total strangers: Just pick up the phone and you could listen to their conversations!

And today it is apparently the worst thing that could happen to you.
 
  • Love
  • Like
Likes Baluncore and anorlunda
  • #7
Imagine how much further along IBM would be if they had kept their Dinobabies.
 
  • Like
Likes anorlunda
  • #8
jack action said:
Furthermore, what is it with this need for all these unbreakable encryptions for our daily business?
I think you are severely under-valuating how many things require strong encryption these days. I personally like my bank account unstolen, my online accounts (this includes medical, etc) unhighjacked, my computers/smartphones unhacked, etc.

Also consider banks, the power grid, pipelines, hospitals, goverments, etc.
 
  • Like
Likes valenumr, WWGD and sysprog
  • #9
Modern state of the art cryptographic methods are already considered quantum computer proof. And quantum computers that can crack RSA aren't going to be in stores overnight once they've been engineered. It will only be outdated systems that would be vulnerable. So I think that the risk is kind of over-hyped, like a Y2K kind of thing. Outdated systems are already full of security holes that give hackers easy access anyways.

I think the main interesting thing would be that many old communications that were intercepted and archived would be now readable. So we could potentially learn a lot about historical events.
 
Last edited:
  • Skeptical
Likes valenumr
  • #10
jack action said:
I never understood that type of fear. If a more powerful computer exists, isn't it available to anyone? And if it can solve problems faster, shouldn't it be able to create harder problems to solve? The computer I own now can solve problems that would've been considered impossible to solve (in a reasonable time frame) decades ago.

Not necessarily. Yes, eventually the technology will probably become widely available, but the cloud access model could allow IBM, Google, AWS etc to make money out of QC without having to give very many people physical access to their hardware, meaning they wouldn't need to tell anyone exactly how it is made.

This is already the case with e.g. IBM; we know quite a lot about how it is made (IBM has published plenty of articles) but for the past few years they have become increasingly careful about what they reveal; there are some hugely important details about the design and engineering that they won't reveal even to the people who have full cloud access to their HW.
One reason conventional computers (and similar technologies) became so widely available so quickly is that once you are selling a physical product it is very hard to prevent someone from reverse engineering it; and you can only protect the IP for so long.
jack action said:
Furthermore, what is it with this need for all these unbreakable encryptions for our daily business? People used to (and still do) send readable messages, only protected by a paper envelope, sealed with cheap glue, going through at least a dozen pairs of hands, sitting pretty in mailboxes outside our homes. Bank statements, checks, actual credit cards, medical info, nobody expected more privacy than that and the world still went on. Same thing with phone conversations. Not that long ago, people could still share phone lines with total strangers: Just pick up the phone and you could listen to their conversations!

And today it is apparently the worst thing that could happen to you.
As has already been mentioned a LOT of information that would just a few years ago would only have existed on paper (or on e.g. minicomputers not connected to internet) is now being encrypted and transferred over the internet. It is very, very hard to prevent someone from recording that information (and if you are talking about state actors probably impossible) and the only way to prevent someone from reading it is the encryption.

Note also that this means even information that is transferred TODAY is vulnerable to quantum computers; someone could (and in some cases probably is) record information and then store it for say 10-20 years until a large QC becomes available that can break the code. There is plenty of information that we want to keep secret for times much longer than that (medical information. a lot of military information etc)

Note, that we are already moving away from RSA, and e..g. elliptic crypto (which as far as we know can't be broken using QC) is becoming more popular, many (most?) browers actually already support this, although it is a bit too resource intensive to be used routinely
 
Last edited by a moderator:
  • Like
Likes DrClaude and WWGD
  • #11
Jarvis323 said:
I think the main interesting thing would be that many old communications that were intercepted and archived would be now readable. So we could potentially learn a lot about historical events.
That's an interesting thought. I wonder how much unbroken cryptographic text has been archived.
 
  • Like
Likes hutchphd
  • #12
f95toli said:
As has already been mentioned a LOT of information that would just a few years ago would only have existed on paper (or on e.g. minicomputers not connected to internet) is now being encrypted and transferred over the internet. It is very, very hard to prevent someone from recording that information (and if you are talking about state actors probably impossible) and the only way to prevent someone from reading it is the encryption.
Exactly, it only existed on paper. And even when, say, an insurance company asked your doctor for your medical record (which was probably stored in an unlocked file cabinet behind the receptionist desk), the information was just put in an envelope and sent through the mail without any encryption whatsoever. Anyone intercepting the package could copy the information without anyone else ever knowing about it. Or the letter could just be "lost in the mail". And if someone learned that the information was intercepted, nobody would have sued either party implicated for being irresponsible or negligent. Trust seemed to be very important at that time.

What has changed now?
 
  • #13
jack action said:
Or the letter could just be "lost in the mail".
There was a report of a bankrupt hospital in Phoenix, that failed to pay rent on the warehouse where it stored patient records. That left the landlord free to do whatever he wanted with the records.

The landlord is not a health care provider so none of the HIPPA rules apply to him. The records are just ordinary property, with no special legal value attached to what's written on them.
 
  • Informative
Likes jack action
  • #14
https://www.lawfareblog.com/cyberlaw-podcast-how-much-quantum-tech-boom-just-welfare-physicists
That’s the question [Stewart Baker] had after reading Law and Policy for the Quantum Age, by Chris Hoofnagle and Simson Garfinkel. It’s a gracefully written and deeply informative look at the commercial and policy prospects of quantum computing and several other (often more promising) quantum technologies, including sensing, communications, and networking. And it left me with the question that heads this post. So, I invited Chris Hoofnagle to an interview and came away thinking the answer is “close to half – and for sure all the quantum projects grounded in fear and envy of the presumed capabilities of the National Security Agency of the United States.”
 
  • #15
jack action said:
What has changed now?
Almost everything.
 
  • #16
Jarvis323 said:
I think the main interesting thing would be that many old communications that were intercepted and archived would be now readable. So we could potentially learn a lot about historical events.
I enjoy cracking the encryption and reading old documents for a historian. The documents were written between 1914 and 1950, so the authors are no longer here to complain.

I hope there will be someone around in 70 years, to learn lessons about our current situation, from our archived data.
 
  • Like
Likes Oldman too, anorlunda and Jarvis323
  • #17
WWGD said:
Still, AFAIK, an actual realization of a quantum computer is decades away.
That's what the NSA wants you to think...
 
  • #18
jack action said:
I never understood that type of fear. If a more powerful computer exists, isn't it available to anyone? And if it can solve problems faster, shouldn't it be able to create harder problems to solve? The computer I own now can solve problems that would've been considered impossible to solve (in a reasonable time frame) decades ago.

Furthermore, what is it with this need for all these unbreakable encryptions for our daily business? People used to (and still do) send readable messages, only protected by a paper envelope, sealed with cheap glue, going through at least a dozen pairs of hands, sitting pretty in mailboxes outside our homes. Bank statements, checks, actual credit cards, medical info, nobody expected more privacy than that and the world still went on. Same thing with phone conversations. Not that long ago, people could still share phone lines with total strangers: Just pick up the phone and you could listen to their conversations!

And today it is apparently the worst thing that could happen to you.
Unfortunately the electronic world is much more accessible to many more bad actors, and they actively exploit that fact. I can log into my bank account and mail a check to anyone. If someone steals my password or enough PII to reset it, they can mail a check to anyone they want.
 
  • #19
Jarvis323 said:
Modern state of the art cryptographic methods are already considered quantum computer proof. And quantum computers that can crack RSA aren't going to be in stores overnight once they've been engineered. It will only be outdated systems that would be vulnerable. So I think that the risk is kind of over-hyped, like a Y2K kind of thing. Outdated systems are already full of security holes that give hackers easy access anyways.

I think the main interesting thing would be that many old communications that were intercepted and archived would be now readable. So we could potentially learn a lot about historical events.
I'm pretty sure rsa, dsa, and ecc are not quantum proof, sha based algorithms too. Essentially all of suite b.

Also, see "perfect forward secrecy". "Perfect" might not be accurate, but it makes decrypting massive amounts of information logistically challenging.
 
  • #20
edmund cavendish said:
Or, can a quantum computer solve p vs np?
For no good reason, I feel this has a connection to the continuum hypothesis. And I also think, for no good reason, it will ultimately be shown that p /= np.
 
  • #21
jack action said:
Anyone intercepting the package could copy the information without anyone else ever knowing about it. Or the letter could just be "lost in the mail". And if someone learned that the information was intercepted, nobody would have sued either party implicated for being irresponsible or negligent. Trust seemed to be very important at that time.

What has changed now?

What has changed is the number of envelopes someone could reasonably open before being caught. For paper mail, it could be as low as ten. Such a thief would not be likely to intercept much useful information before being detected. And they would need to be in physical proximity to people who care about the security of mail.
By comparison, a hacker getting into a mail server could scan hundreds of thousands of e-mails, and automate a search for credit card numbers, SS numbers or whatever. And such a hacker might be half a world away from their victim, with a complex, untraceable trail.
 
  • Like
Likes PeroK, anorlunda and jedishrfu
  • #22
Algr said:
What has changed is the number of envelopes someone could reasonably open before being caught. For paper mail, it could be as low as ten. Such a thief would not be likely to intercept much useful information before being detected. And they would need to be in physical proximity to people who care about the security of mail.
By comparison, a hacker getting into a mail server could scan hundreds of thousands of e-mails, and automate a search for credit card numbers, SS numbers or whatever. And such a hacker might be half a world away from their victim, with a complex, untraceable trail.
But this brings us back to what initiated my comment: Yes, it is easier for the thief to steal because he has better tools, but I also have access to the same tools and I can as easily make it harder for him to steal me.

And your system doesn't need to be infallible, it just needs to be as strong as necessary to make it hard for the thief without costing you more than what could be stolen.

True, a thief doesn't need to be near the mail to access it, but I don't know a lot of people who have the skills to access remote information without being caught easily either. And that's because it's not so easily done. It was a lot easier for my grandmother to steal her neighbor's mail, unseal the envelope, read the content, seal it again, and put it back in the mailbox without anyone being the wiser than for someone today intercepting an email and reading its content without anyone catching you. Because it's easier for us to watch the information that we store and send - and identify who access it.

Note that the best way to steal the identity or money of someone is still by asking the person directly to give it to you by using social engineering or extortion (cryptovirology, for example).

The point is when the power to do great things escalates on one side, it automatically escalates on the other side as well. When QC that can break RSA will exist, QC that can create harder encryptions to break will also exist. And it will still be wasteful for most of us to use super-duper encryptions to simply wish happy birthday to someone.
 
  • #23
jack action said:
The point is when the power to do great things escalates on one side, it automatically escalates on the other side as well. When QC that can break RSA will exist, QC that can create harder encryptions to break will also exist. And it will still be wasteful for most of us to use super-duper encryptions to simply wish happy birthday to someone.
Well said. That's often forgotten. I would be curious to hear if adoption of multi-factor-authorization in recent years has cut back on crime. I think MFA is one of those defensive advances.

In such discussions we may also forget to distinguish the difference between being targeted, and being swept up in a mass gathering.
 
  • Like
Likes jack action
  • #24
anorlunda said:
I would be curious to hear if adoption of multi-factor-authorization in recent years has cut back on crime.
I still don't use this (identifying the device) because I'm still not convinced of the advantages compared to using a well-chosen password (i.e. truly randomly generated) and a password manager (on my device, not online).

The complexity of the process can be difficult to follow such that you don't know what is really going on, and it makes it almost impossible to not use a recovery method in case of failure, which basically bypasses the process in any case.

But I also have trust issues when there is a third party in the mixed (usually one of the GAFAM) that knows exactly where and when I log in all the time. Not sure what they do with that information.
 
  • #25
jack action said:
The point is when the power to do great things escalates on one side, it automatically escalates on the other side as well. When QC that can break RSA will exist, QC that can create harder encryptions to break will also exist. And it will still be wasteful for most of us to use super-duper encryptions to simply wish happy birthday to someone.
As far as I am aware this is not correct. I am not familiar with any QC algorithm that can be used for encryption.
Elliptical crypto and other "quantum safe" algorithms only requires a classical computer. The main problem is that it will take years before the safer crypto is widely adopted, and in the meantime any information that can be recorded is potentially at risk,
 
  • #26
In some other PF forums, we have labels B, I and A for difficulty level of the discussion. In the case of cyber security, it would be nice to have B, I, and A, where B is the Aunt Millie level, I is the technically proficient amateur user, and A is the security professional level.

In my opinion, encryption/decryption can only be discussed at the A level. Ditto for quantum computing. It causes unnecessary anxiety to allow B users to believe that quantum security should concern them.
 
  • #27
f95toli said:
As far as I am aware this is not correct. I am not familiar with any QC algorithm that can be used for encryption.
You don't think that more powerful computers will be able to create problems that will be hard to solve for that same computer? (I know I said encryption, but it may be some other method still unknown because there is no need - or no mean - for it.)
 
  • #29
jack action said:
I still don't use this (identifying the device) because I'm still not convinced of the advantages compared to using a well-chosen password (i.e. truly randomly generated) and a password manager (on my device, not online).
I've been operating under the opposite assumption. The brute force "try every password" attack was completely solved decades ago. (Just disallow more than one attempt per second.). All these giant untypeable unmemorizable O0Il| sensitive passwords are just bad security experts passive aggressively punishing users, and finding ways to blame users for bad product design. Two factor security at least makes some kind of sense.
============================

Getting back to the thread topic. My primary Fear of Quantum Computing is receiving e-mails from a horrific alternate universe.
 
  • Like
Likes Jodo
  • #30
jack action said:
You don't think that more powerful computers will be able to create problems that will be hard to solve for that same computer? (I know I said encryption, but it may be some other method still unknown because there is no need - or no mean - for it.)
Quantum computers are NOT "more powerful computers". For most problems they are -and always will be- slower than conventional computers. There is only a small set of problems where quantum computers are potentially faster than conventional computers. However, it turns out that some of these problems are very important (some problems in quantum chemistry, materials science, a range of optimisation problems and of course factorisation) but for most problems a QC wouldn't give you any speedup (meaning in practice it would probably be much, much slower than a conventional computer).
In order for a quantum computer to be faster than a conventional computer you need to come up with an algorithm that somehow uses the extra "resources" of quantum computers (typically superposition of states and entanglement) to give you as speedup. Finding such algorithms is far from easy and despite over 30 years of work we only know of a few that are potentially useful.
It is of course possible that someone in the future will come up with an algorithm for efficient encryption using a QC, but right now that is just speculation. And, as has already been pointed out, we already know of such "quantum safe" algorithms that run reasonably well on a conventional computers (most modern browsers already have some support for such encryption) so it is not obvious that this would even be very useful.
 
  • Like
  • Informative
Likes DrClaude, PeroK and jack action
  • #31
Algr said:
The brute force "try every password" attack was completely solved decades ago. (Just disallow more than one attempt per second.). All these giant untypeable unmemorizable O0Il| sensitive passwords are just bad security experts passive aggressively punishing users, and finding ways to blame users for bad product design.
Yes, I have for years thought those big passwords are silly. You have to record them somewhere, and that record is then a security risk.

Realize though that the true goal isn't to make the the user safe. The goals are to make the user feel safe and make sure someone else gets the blame if something goes wrong. There is also a big pressure for conformity. If everyone else goes to big passwords and you don't then in court you can be accused of laxity. An effective defense is to show you did what everyone else was doing.
 
  • #32
jack action said:
You don't think that more powerful computers will be able to create problems that will be hard to solve for that same computer? (I know I said encryption, but it may be some other method still unknown because there is no need - or no mean - for it.)
"Computers are useless. They can only give you answers."" -- Pablo Picasso
 
  • #33
jack action said:
What has changed now?
It's more difficult to steal a million physical credit cards, than the electronic details of a million cards from one computer hack.
 
  • #34
PeroK said:
It's more difficult to steal a million physical credit cards, than the electronic details of a million cards from one computer hack.
Without getting caught and being able to use this information? Are you sure about that? Why aren't there more people doing it then?
 
  • #35
jack action said:
Without getting caught and being able to use this information? Are you sure about that? Why aren't there more people doing it then?
Lots of people are! This literally happens on on a daily basis. Of course it is not always credit card information; usually it is just stolen password files that are then decrypted and the information used to access peoples e-mail and social media accounts (because people tend to re-use usernames and passwords). This is how many targeted phishing attacks are done.
 

Suggested for: The Fear of Quantum Computing

Replies
1
Views
893
Replies
6
Views
1K
Replies
1
Views
962
Replies
4
Views
1K
Replies
1
Views
1K
Replies
8
Views
783
Back
Top