Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Cryptography & the Hype Over Quantum Computing
Newest First  |  Oldest First  |  Threaded View
azhuk
100%
0%
azhuk,
User Rank: Apprentice
8/29/2019 | 5:03:14 PM
Effects on Quantum Computing on Cryptography
Since several commentators suggested that the article and its readers could benefit from further research references, I invite everyone to look at a recent report published by the National Academy of Sciences "Quantum Computing Progress and Prospects." There is a dedicated section on Cryptography: https://www.nap.edu/catalog/25196/quantum-computing-progress-and-prospects Thank you for the article!
tdsan
50%
50%
tdsan,
User Rank: Ninja
8/27/2019 | 10:47:33 AM
Re: Good for the public, but not for nation-states
Sir,

It is funny that someone who is considered a writer or journalist provides information that they have not done their research or provide opinions but they only look at one source of information to try and make an argument about QC and its various use cases.

But I think you see the facts in front of you, have a great day.

T
yehudalindell
50%
50%
yehudalindell,
User Rank: Author
8/27/2019 | 10:43:12 AM
Re: Good for the public, but not for nation-states
@tdsan - I will not dignify your response with any further comments. I will let the readers decide what they wish.
tdsan
50%
50%
tdsan,
User Rank: Ninja
8/27/2019 | 10:37:35 AM
Re: Good for the public, but not for nation-states
This is funny.

Ok, lets address your points:
  • I have provided evidence that they have numerous patents and historical knowledge that their solution is actually a working model, again, this was an example and based on your opinion, you stated that this was not a real Quantum Computer (by all accounts, it is and based on evidence, this is the case). Instead of just offering statements of opinion, there needs to be evidence that this is not a QC, I am not sure if you provided any evidence to support assertion, so again, your statements are based on opinion and not fact (Patents and copyrights that I provided, are based on fact, next point).
  • No, I have not missed the point, earlier I gave an example, you stated that this does not address all the use cases associated with Quantum computing or to your point, the argument was not based on "Quantum Computers Breaking Classical Cryptography", this was nothing more but an example given of what organizations or nation-states are doing in regards to Quantum technology (negating the fact that it is just hype), you felt (your opinion) that this was not a valid use case. I was only giving you an idea of what other countries are in the process of doing, thus the whole point to the "Cryptography & the Hype over Quantum Computing", basically saying that there are other organizations who have catapulted beyond what we have accomplished (now it may be more than just hype, my opinion).

So the point does apply because "Quantum Cryptography" was nothing more than an example and QKD was a use case of how to do this but it is not the only method for doing this and someone (other than the US) is looking to implement this in their satellite communication program.

Seems to me that your emotions have gotten involved instead of fact (opinion as you state it), but again, we are just chatting.

Have a great day.

T
yehudalindell
100%
0%
yehudalindell,
User Rank: Author
8/27/2019 | 10:27:50 AM
Re: Getting Quantum Ready
I fully agree; thanks. In these cases, as you point out, I suggest using a cominbation of classical and post-quantum schemes, as described in the article. In most cases, it isn't needed, but satellite is a good example of where one may consider working differently.
yehudalindell
50%
50%
yehudalindell,
User Rank: Author
8/27/2019 | 10:00:29 AM
Re: Good for the public, but not for nation-states
Saying "period" doesn't make what you are saying facts. The fact that D-wave is being used means that it is a good and powerful computer. It doesn't mean that it's a "real quantum computer" in the sense that it can run Shor's algorithm or Grover's algorithm. Were this the case, I would have expected a proof by factoring a large number faster than conventional computing, or something to that affect. This has not been done. You can believe what you want; that is fine.

Regarding QKD, you have completely missed the main point. Whether or not QKD is useful is a question, and I made it very clear that my statement regarding usefulness is an opinion and not fact. However, what is fact is that QKD has nothing to do with quantum computers that can break classical cryptography. This is the main point that is relevant to my article, since my article talks about classical cryptographic schemes and whether or not quantum computing is an imminent risk. So, all of this discussion about QKD is really just not relevant.

I hope that this clarifies my arguments.
IBM_Research
100%
0%
IBM_Research,
User Rank: Apprentice
8/27/2019 | 9:15:21 AM
Getting Quantum Ready
Many good points. IBM Research believes a system larger enough to break encryption is 10-30 years out.

But there is one point you should also point out to hedge your bets.

If your company is making a product which has a lifespan of 20,30+ years you need to start thinking about quantum safe cryptography today. Why? Well, if you are launching a satellite into space or building a new powerplant you will want them to be quantum safe today, for tomorrow, because updating the crypto on anything which has been in the field for a few decades will be challenging. So why not prepare today?

The same applies to secrets. If you have secrets which need to remain secret decades from now, you'll want to look at quantum safe crpyto today. This is also why we recently demonstrated that we are making tape drives quantum safe since they store data for many decades https://www.ibm.com/blogs/research/2019/08/crystals/

We have also donated our quantum safe cryptography called CRYSTALS to open source.
tdsan
50%
50%
tdsan,
User Rank: Ninja
8/27/2019 | 9:12:18 AM
Re: Good for the public, but not for nation-states
Interesting points, let me address your points one at a time:
    • D-Wave is not a real-quantum computer
  • "D-Wave's systems are being used by some of the world's most advanced organizations, including Lockheed Martin, Google, NASA Ames, Volkswagen, DENSO, USRA, USC, Los Alamos National Laboratory, and Oak Ridge National Laboratory. D-Wave has been granted over 160 U.S. patents and has published over 100 peer-reviewed papers in leading scientific journals."
  • D-Wave's Patent  - Qubit junction between S-Wave and D-Wave Superconductors
  • Systems and Methods for Achieving Orthogonol Control

 Ok, I think enough said and the patents can be reviewed for clarity to validate that D-Wave is a Quantum computer (period).

 Quantum Key Distribution
  • In my opinion, it's solving the wrong problem for the vast majority of use cases
  • "From this standpoint, we are not looking at all the use cases, this was an example that our news reporters presented (not theirs, ours). In the statement, I brought up earlier today, this was one example of what they are doing with Quantum computing, because in order to develop a "Quantum Key Distribution" System (one must have a Quantum Computer or "QC" for short) in order to perform the calculations necessary to ensure communication across vast distances, from 2012, the chinese were able to communicate across short distances (12-15 Kilometers), now they have developed in 2016 a way to communicate with a satellite that is traveling in space (to your point, you don't have to agree, but they have a working use case that involves space flight and travel) - Enough said"
  •  Article - QKD - Does not address large parts of the security problem
    • I think you may be looking into this more than what was mentioned earlier, they are not looking to address all security issues, they are looking to address a communication encryption problem using their own form of cryptographic communication methods in which we don't have a working model and they have one going to outer space
  • QKD has a number of practical limitations
    • They expressed distance, from a distance standpoint, it seems going to outer-space, seems to address the issue
  • QKD with classical network devices
    • Nowhere in their design does it say "Classical Network Devices"
  • QKD is extremely expensive
    • In order to push the envelope, the technology will be expensive
  •  QKD must not introduce new vulnerabilities (systems using old hardware)
    • Again, who says they are using old hardware or methods that we are currently using now
  • QKD - "the best practical approach to quantum security is to evolve current security applications and packet-based communication protocols towards adopting post-quantum public-key cryptography."
    • Currently, they are testing out this solution for communication purposes but they have a working use case where they have been using this from 2016 with a satellite that is orbiting the world (you might want to repeat that just to make sure you take it all in), by the way, who said they are not using this method or have invented a method of communication that is beyond the scope of this article

Seems to me there are a lot of assumptions made about Quantum computing, remember this is a use case, however, you slice and dice it, this is one use case, they are not trying to save the world but what they are doing is taking concepts and ideas from around the world to create a solution that could change the way communication across the Internet and even in out-space to another level, and now they are making it a reality (they are game-changers to me, again, that is just me).

 And this has all to do with Quantum Computing because this involves one use case. From the statements you made earlier you said D-wave was not a real QC, ok, that has been broken down. Then you say, QKD is not a real-use case, well if communication is not, then your whole argument just fell to the ground.

T

 
yehudalindell
50%
50%
yehudalindell,
User Rank: Author
8/26/2019 | 4:41:41 PM
Re: Good for the public, but not for nation-states
D-wave is not a real quantum computer. In any case, what you are referring to is quantum cryptography and not quantum computation to break (standard) cryptography. Quantum key distribution (QKD) can be done, but in my opinion it's solving the wrong problem for the vast majority of use cases. This is not just my opinion, and I recommend reading GCHQ's report on QKD; see https://www.ncsc.gov.uk/whitepaper/quantum-key-distribution. Even if you don't agree with this (and that's your prerogative of course), this has nothing to do with where quantum computing is today, which was the focus of my article.
tdsan
50%
50%
tdsan,
User Rank: Ninja
8/26/2019 | 11:11:28 AM
Good for the public, but not for nation-states

"What about those who tell us that quantum supremacy is around the corner and all cryptography is about to be broken? I think they're fearmongers. First, quantum supremacy doesn't mean that computers will be strong enough to break cryptography. Second, reliable researchers that I have listened to and spoken with say that there are still very significant problems to be solved in quantum computing. But if they continue to use the word "possible" when describing quantum computing, I can't actually say that they're wrong."

 I do think the Chinese are the leaders in quantum supremacy, I use to think D-wave was in the forefront (along with the help of Google and NASA) but now it seems they have working applications:

Micius, formally named the QUantum Experiments at Space Scale (QUESS) project, will have three initial stages of research. As the satellite is being calibrated, it will begin to implement a Quantum Key Distribution (QKD) scheme, the means by which secure communication can be established. It also has the potential for testing Bell entanglement (when two photons are linked together) and photonic teleportation (when a photon is transferred from one place to another).

 What this says to me, is that they have a working production use case where they have a repeatable solution that is functioning and they have been using this since 2016.

Not sure about you, but the future of QC is now.

T


Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19642
PUBLISHED: 2019-12-08
On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02.68, the Virtual Media feature allows OS Command Injection by authenticated attackers who can send HTTP requests to the IPMI IP address. This requires a POST to /rpc/setvmdrive.asp with shell metacharacters in ShareHost or ShareNa...
CVE-2019-19637
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.
CVE-2019-19638
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.
CVE-2019-19635
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function sixel_decode_raw_impl at fromsixel.c.
CVE-2019-19636
PUBLISHED: 2019-12-08
An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.