NSA Trying To Build Quantum Computer 221
New submitter sumoinsanity writes "The Washington Post has disclosed that the NSA is trying to build a quantum computer for use in cracking modern encryption. Their work is part of a research project into tackling the toughest equipment, which received $79.7 million in total funding. Another article makes the case that the NSA's quantum computing efforts are both disturbing and reassuring. The reassuring part is that public key infrastructure is still OK when done properly, since the NSA is still working so hard to defeat it. It's also highly unlikely that the NSA has achieved significant progress without outside awareness or help. More disturbing is that it may simply be a matter of time before it fails, and our private messages are out there for all to see."
One word (Score:5, Funny)
Bitcoin mining.
Ok, 2 words.
Re: (Score:2, Informative)
Quantum computing would only give you a modest square root speed up on computing the hash functions. You could however break the elliptic curve signature algorithm and sign all the coins to yourself.
Re: One word (Score:2, Informative)
You wouldn't use this to mine bitcoins (since that involves finding a hash with specific properties), but you might use it to steal them (the secret part of your wallet is a private key).
Re: (Score:2)
With a non-breakable space you can make that one word.
Re: (Score:2)
First, that doesn't in any way count as an unknown. You can actually step through the entire blockchain and see every single input and output that led to the acceptance of that particular block.
Second, BitCoin mining has the "goal" of coming up with the lowest hash. For the same reason it currently takes 10-20 times the total processing power of the entire
Re: (Score:2)
Neither do I but I don't see you talking to me.
'sup wit dat, dawg?
Actually... (Score:5, Funny)
It's a tool to help them justify congress how they can be spying on all Americans and not spying on any Americans at the same time.
Re:Actually... (Score:5, Funny)
The main joke of my post here is that congress actually cares.
Re: (Score:3, Funny)
This explains why there are cats on the internet.
Re: (Score:2)
Nope. That'll only work while Congress is not looking.
Re: (Score:3, Interesting)
No, see, I have just posted in a global warming thread. Someone went back and modded all my posts(just -1, no biggy), as a perfectly valid commentary on my opinions.
Re: (Score:2)
Well, no. I can see someone disagreeing with me, doing something irrational to attack me, and me still being wrong. That happens.
Re: (Score:2)
I get downbombmoded periodically, somebody comes in with 30-50 moderation points and mods down every single comment (multiple times, so multiple accounts)
So you believe that one or more individuals, who have personal issues with you, have enough active multiple accounts here to get mod points on 3-4 of them all at the same time and that this happens on a semi-regular basis?
REALLY?
Re:Comment is not flamebait, it's a physics pun (Score:4, Funny)
Not today. He was caught mass-modding people who disagree with him last night. All associated accounts were stripped of mod ability forever.
He will just make more, but he's dead in the water for a bit.
Re: (Score:2)
Re:Actually... (Score:4, Informative)
The elite at the top are actually temporary political positions that come and go with presidents. The worst of the NSA programs have been continuous programs lasting between administrations.
Re: (Score:3)
I think Hanlon's razor is a perfectly adequate tool for this assertion. Why would someone malevolently steer towards terrible waste, when they could be "just trying to do their job" and not doing a great job it?
Government of the peephole (Score:5, Funny)
Re: (Score:2)
Sometimes it feels like Government by the Glory Hole.
$79.7 million? (Score:4, Insightful)
That figure is so small vs total intelligence+defence budget that it'd be worth setting up a faux research effort just to give the misleading impression that they haven't yet developed something far better.
No shit? (Score:3)
Come on... what's next? "NSA attempts to listen to other nation's communications"? That *is* their job, you know.
They've broken the law in letter and spirit. Let's try to keep the focus on that.
Re:No shit? (Score:5, Insightful)
Agreed, breaking encryption systems is one of the two primary reasons the NSA was formed in the first place ... this is the NSA doing what they are supposed to do!
Re:No shit? (Score:5, Insightful)
And if the NSA could keep its hands off of domestic data, that wouldn't be an issue, but seeing as it uses existing tools to spy without warrant on US citizens on US territory, there is no reason to believe they won't apply new technologies in the same way.
Re: (Score:3)
You know what is sad-funny? If you look at the original leaked verizon order, it applies to 3 out 4 categories of phone calls:
1. those that start and end in the US
2. those that start in the US and end in a foreign country.
3. those that start in a foreign country and end in the US.
It expressly excludes calls that start and end in a foreign country. Good job focusing outward NSA.
http://www.theguardian.com/world/interactive/2013/jun/06/verizon-teleph [theguardian.com]
Re: (Score:2)
Not in the USA, but I think any NSA employee travelling to the EU should be arrested on the spot.
For what? Your response to all of this spying and monitoring nonsense is to eliminate legal process and just start rounding up people, is that really any better?
Re: (Score:2)
Re: (Score:2)
prioritary
I am not sure that is a word...but it should be.
Which part is most disturbing? (Score:5, Interesting)
Re:Which part is most disturbing? (Score:5, Interesting)
Worse than that - they are wasting that money on a possible task that will actually have little overall impact on security whatsoever.
Post-quantum cryptography has existed for the last 30 years, at least. And to get to the point where it's an issue, what you need is an entity to push towards quantum decryption that you DON'T want to have it (i.e. the NSA, for example).
Then all that happens is we adopt those other schemes faster, spot the holes faster, compensate for them faster, and by the time the NSA can buy a quantum machine of size enough to defeat today's encryption in a reasonable time, we'll have an established standard far beyond it's capabilities and tested for (potentially) decades.
All the NSA has done is forced the entire world to up its game. Compare and contrast to, say, GCHQ who formulated public-key-encryption several years before anyone else had done it, and KEPT IT QUIET (like spy-based agencies are supposed to). They enjoyed years of secure comms, and years of advantage decrypting other secure comms when someone else eventually discovered the exact same mathematics and got famous on it (Diffie and Helman).
Sadly, the modern GCHQ is but a shadow of its former self.
Re:Which part is most disturbing? (Score:5, Funny)
The NSA is but a misunderstood genius, boldly sending their agent Edward Snowden into the arms of the enemy. Their aim is to protect the Western world from the defeat that will come as a result of ignored security vulnerabilities, lousy cryptography, people who are willing to work with corrupt government entities and so on.
See, no one would have listened if they had simply held lectures on proper security. Some might even do the opposite out of suspicion that the NSA is betraying them. The only way to fulfill their duty of keeping America safe was to send out a "whistleblower" to say all the things that they themselves could not get through with. Only then would the mass media react and the story gather enough momentum to cause every software developer to improve their work, every customer to demand better and more open security, every person to think twice when being asked to do things that are not right.
I wish.
Re: (Score:3)
> Then all that happens is we adopt those other schemes faster
But what of all the encrypted old traffic that the NSA has stored?
Re: (Score:2)
Then all that happens is we adopt those other schemes faster, spot the holes faster[....]
I agree, and I'd argue we don't go far enough yet. We should adopt a few of these post-quantum schemes now alongside a trusted but quantum-vulnerable protocol such as RSA.
You ensure that communications are safe unless all schemes can be broken. Here's how. Most public key cryptography is used to send a roughly 128 to 256 bit long one-time use key for a symmetric cipher like AES. It would be possible to select, say, 5 different public key protocols: 4 new (and therefore perhaps flawed) post-quantum schem
Re: (Score:2)
What post-quantum assymetric crypto is there?
Anyway, crypto researchers don't like to increase their key-size without a clear need. Although I can understand why, I think they are too strict on that, and that we should start adopting multi-algorithm (composed) algorithms... but we just won't.
Re: (Score:3)
What post-quantum assymetric crypto is there?
Wikipedia to the rescue: https://en.wikipedia.org/wiki/Post-quantum_cryptography [wikipedia.org]. My personal favorite is the McEliece cryptosystem, based on error-correcting codes: https://en.wikipedia.org/wiki/McEliece_cryptosystem [wikipedia.org]. They key size is huge (well, under 1 MB still) but computation isn't too bad. I'd still recommend adding RSA plus several post-quantum schemes in an XOR chain as I described.
About increasing key size without a clear need, a lot of crypto algorithms take compute time that grows faster than
Re:Which part is most disturbing? (Score:5, Insightful)
Re: (Score:2)
$80 million isn't that enormous, as far as things go. That's like half of one F-22.
Exactly what I was thinking. It seems like a paltry sum for such an effort. Probably just a PR stunt of some kind.
Re: (Score:3)
They are not an engineering organization and they will not be at the forefront of qubit manufacturing.
How do you know this? The NSA purchased an old abandoned Sony chip fab in San Antonio and started to re-commission it back in 2006, who knows what they are doing with it for the last 6 years? One of the promising target architectures for a large scale qubit is a cryogenically-cooled silicon double quantum-dot scheme. They might have more going on in this area than you might guess...
Re: (Score:2)
Re: (Score:2)
Very little reassuring (Score:3)
NSA always will try to expand and it's stands to reason that the Chinese and their companies aren't under NSA sway, so the backdoors they build in are not under NSA control so the NSA has to try to crack them the hard way. In no way does it mean they don't have the US population under total surveillance.
'When done properly' (Score:3, Interesting)
"The reassuring part is that public key infrastructure is still OK when done properly, since the NSA is still working so hard to defeat it."
Unfortunately, 'when done properly' must include 'never using an American entity for key generation, storage, or distribution.' We have every reason to believe the NSA has muscled their way into possession of the master keys, Re: Lavabit. So if you're doing business with any type of PKI vendor who might be compelled to comply with a FISA court order, followed by a gag order, you might rethink it.
Remember when every browser in the world switched to the panic pages about a 'non-trusted' key?
Probably just a coincidence.
That's not reassuring (Score:3)
If I have a crack for a current cryptosystem, I'd still need to build a machine to address the next cryptosystem.
Remember the panic in Britain when the (WW2) German submarine service switched from 3-rotor to 4-rotor Enigma machines! They hadn't finished a "bombe" got 4-rotor machines, and only broke the 4-rotor code when they captured an undamaged 4-rotor machine.
That failure was one of the reasons behind building "Colossus", the first electromechanical computer. Colossus was eventually able to decrypt
Re: (Score:2)
Remember the panic in Britain when the (WW2) German submarine service switched from 3-rotor to 4-rotor Enigma machines! They hadn't finished a "bombe" got 4-rotor machines, and only broke the 4-rotor code when they captured an undamaged 4-rotor machine.
I think you are not getting the details right here at all. Britain was never capable of cracking an Enigma with four rotors from scratch. However, the daily settings for the four rotor machine were the same as for messages sent to three rotor enigmas, with an additional rotor added. And the rotor was taken from the existing set of eight rotors. So Bletchley Park broke the code for the 3 rotor enigma, end then tried 5 rotors with 26 different settings to crack the 4 rotors enigma.
Re: (Score:3)
Actually they only did that for a few individual messages where the operators messed up, although they did describe it as an approach, until it was safe to admit they'd captured a 4-rotor machine from a sub. It was just declassified last year that they were so very badly stuck that they laid on the Dieppe raid in hopes they could "pinch" at least one machine from either the naval headquarters building or one of all the trawlers and e-boats based there. They failed miserably.
My wife bought me the book on
Re: (Score:2)
'Maybe what SHOULD be done is allow two certificates...from the "trusted" certificate authority...and then a second that can be self-generated by that other end to actually encrypt'
Sounds like a good idea to me. Somebody mod the anonymous coward up. (Unless somebody sees a flaw in AC's arg and can point it out.)
Some background facts (Score:5, Informative)
These are hardly shocking revelations. The document mentions to achieve control over two semiconductor qubits, whereas factoring 2048 bit numbers requires at least that many qubits, and probably several orders of magnitude more. The current record stands at control of 14 qubits, achieved in 2010 in Rainer Blatt's group at the University of Innsbruck, Austria, using trapped ions.
Some time ago, I wrote something on the history and possible future of quantum computing [quantenblog.net]. Moreover, one also has to keep in mind that there are public key cryptosystems [wikipedia.org] that most likely cannot be cracked even with quantum computers.
Re: (Score:2)
Moreover, one also has to keep in mind that there are public key cryptosystems [wikipedia.org] that most likely cannot be cracked even with quantum computers.
The key words you used are "most likely" and at least you're honest enough to use them. There is no mathematical proof that any cipher (other than the one-time pad) is resistant to all as-yet-unknown quantum algorithms. That doesn't mean that they are actually vulnerable - only that we cannot know with certainty whether they are.
People seem to under-estimate the NSA's capabilities here when I talk to them. They employ a lot of really smart people, and they have the benefits of reading all the public lite
Re: (Score:3)
The key words you used are "most likely" and at least you're honest enough to use them. There is no mathematical proof that any cipher (other than the one-time pad) is resistant to all as-yet-unknown quantum algorithms. That doesn't mean that they are actually vulnerable - only that we cannot know with certainty whether they are.
That's the usual situation in complexity theory and it applies to classical algorithms as well. There is also no proof that quantum computers are actually superior to classical computers when it comes to cryptanalysis. Still, most people believe this to be true.
People seem to under-estimate the NSA's capabilities here when I talk to them. They employ a lot of really smart people, and they have the benefits of reading all the public literature as well as all the classified stuff that their academic peers cannot read.
Remember that we're talking about actual physical devices that need to be built and being really smart only helps you somewhat when you need to solder electronics or align a laser. And so far, the NSA employs hardly any physicists which you can also
Re: (Score:2)
There is no mathematical proof that any cipher (other than the one-time pad) is resistant to all as-yet-unknown quantum algorithms.
That doesn't mean anything; the same is true for classical algorithms.
That's hardly surprising if you understand what proving anything like that would entail. Hell, to prove you can't break ECC or RSA with a classical computer you'd have to prove P!=NP, since discrete log and factoring are in NP. (To see why, just note that fast factoring would break RSA, so to prove you can't break RSA you have to prove that fast factoring is impossible, which means that you have to prove that factoring is not in P -- but
Re: (Score:2)
Note, however, that proving that ECC or RSA are breakable does not require a proof of P=NP or P!=NP -- for example, you don't need fast factoring to break RSA.
I think Knuth showed that having a fast algorithm for breaking RSA could be used for fast factoring of numbers, therefore RSA and factoring have about the same degree of difficulty.
Re: (Score:2)
I'd be interested in a reference, if you find one.
As far as I know, this is an open question (see this [stackexchange.com] for a lot of references) -- so maybe I should have said:
It may be that proving that ECC or RSA are breakable does not require a proof of P=NP or P!=NP -- for example, it's not known that you need fast factoring to break RSA".
Still, the other point stands -- proving that breaking RSA is not in P (or that factoring is not in P) implies proving P!=NP.
Re: (Score:2)
This isn't quite correct- factoring isn't known to be NP-Hard (and so proving it's in P wouldn't necessarily prove P=NP).
I never said it was. What I said is that factoring is in NP (not NP-hard), so if it's not in P, then it must be the case that P!=NP.
On the other hand, as you said, if it turns out that factoring is in P, then it's still possible that P!=NP (i.e., there may be another problem that is in NP but not in P).
Re: (Score:2)
"The current publicly known record is only control over 14 qubits"
FTFY
If the nsa figures something important I don't think they'll tell anyone. They don't care about public scientific progress.
Quantum computers arn't magic (Score:5, Interesting)
In *theory* they can match the values of an N bit code in one go where N is the number of quantum bits. In practice it might be another matter but even if not - that simply means you use more bits in your key. Once a quantum computer has used up all its bits it has to revert to working like a standard computer and doing everything serially. So if the quantum computer is N bits and we have a key with N + 32 bits the machine will still have to try 2^32 matches. So as quantum computer registers get larger so will encryption keys. Someone builds a 256 bit quantum computer? Great! So just use a 512 bit key and it'll have to do 2^256 comparisons. ie - it'll be damn slow.
Re:Quantum computers arn't magic (Score:4, Informative)
Symmetric key encryption with sufficiently large keys is perfectly safe from a quantum computer.
But current public-key encryption (e.g. RSA) and key exchange (e.g. DHM) isn't.
Unbreakable symmetric key encryption isn't worth a damn if you have no secure means of exchanging keys.
Re: (Score:2)
Unbreakable symmetric key encryption isn't worth a damn if you have no secure means of exchanging keys.
"Hey, Alice"
"Hey, Bob"
"See anyone around, Alice?"
"Nope, you?"
"Nope"
"Here, take this thumb drive with my pictures, the 6th of which totally doens't hide my encryption key"
"Sure thing, Alice"
Re: (Score:2)
Re: (Score:3)
I guess the NSA is giving us a choice: user friendly or secure, choose one.
Re: (Score:2)
Re: (Score:2)
So as quantum computer registers get larger so will encryption keys. Someone builds a 256 bit quantum computer? Great! So just use a 512 bit key and it'll have to do 2^256 comparisons. ie - it'll be damn slow.
Well, nobody would even use a quantum computer to implement a non-quantum algorithm. Since we don't know how to build a practical quantum computer at all it is hard to tell whether it will be harder for the NSA to add more qubits to their designs than it will be for everybody else to use RSA with a 2 gigabit key and a 32-core system to serve an SSL website to 3 users at a time. Adding bits to an encryption algorithm has its costs as well. Quantum computing is remarkably efficient so the NSA might just ne
Re: (Score:2)
It's not at all clear to me that a quantum attack on encryption would *necessarily* have to proceed along the lines you propose, which is to use the quantum computer to remove N bits of entropy from the key, then to attack the rest of the key with brute force and conventional algorithms.
Why would you even *consider* such hopeless approach?
It seems to me that there are two other possible ways a quantum computer could be used. The first is to attack some other aspect of a cryptogrphic protocol that is hard
Re: (Score:2)
We have every reason to believe that cleartext is stored forever, too. I don't trust those fuckers at all anymore and just assume that anything sent in any medium will be stored for as long as they can afford the disk space to store it, legal or not.
-AndrewBuck
And they called me crazy (Score:4, Funny)
...and my colleagues called me crazy when I gave them 256GB USB drives full of true randomly generated one-time pads to use to decrypt my emails because I didn't trust public key.
Who's crazy now! Muhahaha! (posted from secret volcano lair)
Re:And they called me crazy (Score:4, Interesting)
I know this is a piece of humour but since this is Slashdot why not?
What a lot of people don't understand is that is much harder than it first appears. For example, doing cat /dev/random to a file on disk will not give you bytes suitable for use in a OTP.
The issue is that the many TRNGs hash their entropy pool with a cryptographically secure hash. When you use such a hash there is no guarantee that the input space would be uniformly mapped to the output space.
To illustrate this, suppose we had an entropy pool 1024-bits deep. Suppose before producing the output the pool is hashed with SHA-1. This is an output that 160-bits wide. There is no proof whatsoever that if we cycled a counter from 0 to 2**1024 that the hash of these would distribute evenly of 2**160 possible has outputs. If this were the case, each output hash value would appear exactly 2**864 times. It is highly unlikely that this is the case.
What this means is the the output is distinguishable from a true random source, which completely breaks the security proof for the OTP. Granted, the attacker would likely to have to do an infeasible amount of work to use this distinguisher. However, the OTPs proof gives you security from computationally unbound adversaries. It's the whole point of using the OTP!
So in short, you can't use /dev/random, you can't use pretty much any commercial random number generator. You'd have to roll your own and show that your bias is small enough for no attack to be practical. Like I said, it's harder than it looks.
Re: (Score:2)
Re: (Score:2)
So in short, you can't use /dev/random, you can't use pretty much any commercial random number generator. You'd have to roll your own and show that your bias is small enough for no attack to be practical. Like I said, it's harder than it looks.
Use a radioactive source and measure the decay. That is truly random.
Re: (Score:2)
There's plenty of places on earth with active volcanoes. Saying he's in a volcano narrows it down more then saying he's on planet earth, but it's still quite a large search area
http://en.wikipedia.org/wiki/File:Spreading_ridges_volcanoes_map-en.svg [wikipedia.org]
Assume that his volcano lair is in a dormant volcano (because let's face it who wants to be inside an active volcano) and a lot of other mountains that used to be active volcanos some millions of years ago also become possible locations.
huh? (Score:2)
Surely it wouldn't be so easy for the NSA to get people to trust current systems as to just say they're building a quantum computer to crack those (because they can't otherwise)? Come on, that's an old trick. CIA pulled it on the Soviets, stealing a cypher machine to cover an agent who'd already provided the means of decrypting their messages, hoping the Soviets would stop investigating the agent. So the Soviets appeared to stop investigating.
Maybe the NSA can't crack some current codes, and is building a q
Solution (Score:2)
Switch to ring learning-with-errors [iacr.org], which was proven by Regev to reduce in the average case to the hardness of some worst case integer lattice problems. Crypto systems built in this way are believed to not be affected by quantum computers and research is proceeding fast as a result. The fact that the NSA is no further ahead than anyone else is reassuring - we know how to build post-quantum crypto systems, the work that remains is largely in the "maturing" phase rather than the "wtf do we do now" phase.
Re: (Score:2)
Has it actually been proven that it is mathematically impossible for a quantum algorithm to exist capable of defeating this system? I'm sure you could prove that any particular known algorithm wouldn't work, but the only system resistant to unknown algorithms that I'm aware of is the one-time pad.
If this has been proven I'm genuinely interested. I will confess I'm not a cryptographer.
Re: (Score:3)
Has it actually been proven that it is mathematically impossible for a quantum algorithm to exist capable of defeating this system? I'm sure you could prove that any particular known algorithm wouldn't work, but the only system resistant to unknown algorithms that I'm aware of is the one-time pad.
If this has been proven I'm genuinely interested. I will confess I'm not a cryptographer.
I don't know about ring-learning-with-errors, but if it indeed reduces to an integer lattice problem, I suspect it would eventually prove to be vulnerable to some sort of attack that could be executed by a quantum computer.
As a silly example, here's a proposed attack on lattices that employs a quantum computer implementing a partial Grover's algorithm to speed up looking for solutions...
http://www.cdc.informatik.tu-darmstadt.de/reports/TR/TI-03-03.QSamplingPaper.pdf [tu-darmstadt.de]
As with many things, I doubt there is a ne
Re: (Score:2)
One-time pads aside, there's no proof that any cryptosystem cannot be cracked in polynomial time. After all, known-plaintext cryptanalysis is solving a problem in NP, since it has to be easy to get the plaintext given ciphertext and key. Without a proof that P != NP, it's possible that P == NP, meaning there may be a polynomial-time solution.
Whether there's an efficient solution is another matter. Normally, problems solvable in polynomial time are feasible to solve, but it's possible that reducing a p
They'll botch it. (Score:2)
Ha ha. I wouldn't worry too much... (Score:2)
More disturbing is that it may simply be a matter of time before it fails, and our private messages are out there for all to see.
There is quite a bit of fearmongering here...
Given that they couldn't even secure their internal network properly, it would seem highly unlikely that the NSA has the commitment, expertise, or efficiency to secretly develop cutting edge technology far in excess of what the best academics in the world can do.
That said, instead of everyone standing around and wringing their hands, maybe now would be a good time to start developing more secure encryption algorithms that are more robust to brute force attacks. The encryption community has been resting on their laurels for quite a while now.
This is what they should be working on (Score:5, Insightful)
The NSA deserves a lot of criticism for some of the things they've been doing. However, this is the kind of thing they should be working on. It's not the tools they have that bothers me. It is how they use them that is the problem.
Re: (Score:2)
Remember, rockets were used to kill people before they were used to take people to space. Lots of inventions are created for the wrong purpose and then later used for good.
Good (Score:2)
The NSA is supposed to be working on cryptography technology.
The NSA needs to get back to doing its job, and stop spying on Americans. We already have several branches of government that are responsible for domestic criminal investigations, and they're subject (in theory anyway) to the robust safeguards in the Constitution.
The NSA helps everyone with robust cryptography. It's in nobody's best interest when one government can decipher everyone else's communications, except maybe for that handful of codebreak
this reminds me of a horrible dan brown book (Score:2)
Don't worry because (spoiler) the "enigma" or whatever melted down when a virus caused it to something something, not even the fat IT guy named Jabba was able to stop the awesome power of something something. I am not even jok
Don't worry (Score:2)
It's a government project. Eventually the contractors involved will screw the project up and they'll have to announce it in a secret meeting on the black budget. They'll then ask for billions more to develop a solution to a so-called quantum computer gap that exists with the Chinese and Russians. The Cold War with the Soviets may be over but we're in a new Cold War with BRIC [wikipedia.org] and the stakes are more along the lines of economic vs. military.
Re: (Score:2)
Re: (Score:2)
You have that wrong, it'll be an ex-congressman on the board not a family member.
Re: (Score:2)
Re: (Score:2)
LOL, Cronyism at its best!
How far away is it? (Score:2)
Has anything practical actually been demonstrated in the field of quantum computing yet? I understand that a lot of exciting and complex (if you're into that) math has gone into describing a model for how quantum computing should function, but as far as I'm aware nobody has actually managed to build any prototype devices yet.
When I first heard the term "quantum computing", I believed it to be a meaningless buzzword. I think at that time it may have been so. Now it is obviously a real concept, but unless I m
Don't hold your breath (Score:2)
It's anything but a buzzword; it's a big research area with many academics working on it from all angles. However, you're right that it's nowhere near ready. As of a couple years ago, people had managed to factor 15 using a quantum computer; there are probably better records now, but it's tricky business.
The issue is that it's hard to make things both act quantum (being in controlled superpositions of more than one state) and be connected to other things. For example, atoms floating in a vacuum can act quan
Re: (Score:2)
I appreciate you making me aware of the fact that there have been some working quantum computers now. They may be small, but even the first one was a huge step. I'm somewhat surprised to learn that the first real steps were quite a
Great (Score:2)
And when they drag me into court for some conspiracy, I'll just cite Heisenberg's Uncertainty Principle and SchrÃdinger's cat as basis for reasonable doubt and get off scott free.
Are there no terrorists (Score:2)
out there to save us from the NSA?
Best headline on this... (Score:2)
"The NSA May Or May Not Be Building A Quantum Computer That Can Decrypt Basically Anything" // www.seattlepi.com/technology/businessinsider/article/The-NSA-May-Or-May-Not-Be-Building-A-Quantum-5111156.php
- http:
mark
NSA has a long history in this area (Score:3)
One NSA director in the 1960s said "I want a thousand-megacycle machine. I'll get you the money!" There's a book, "IBM's Early Computers", which shows much of NSA's exotic hardware from the 1950s through the early 1970s. High-density tape drives, the first automatic-changing tape library (TRACTOR), the first superscalar machine (STRETCH, which, for NSA, had a special crypto processor instead of an FPU), and a number of cyrogenic machines.
NSA tried hard to get cyrogenic computing to work, from the 1960s onward. They had some successes with getting devices to work fast in the 1960s, but the early superconducting devices were gated magnetically, which meant coils and discrite devices, not ICs. So they could be made fast, but not small, which means speed of light lag within the processor becomes a bottleneck. Mainstream CMOS IC technology eventually beat out the superconducting Josephson junction stuff on both price and speed. Some time in the 1980s, IBM and NSA gave up on that. It just wasn't a win over Moore's Law.
Quantum computing, though... Just maybe.
not the only one (Score:2)
No shit, this has been going on for ages (Score:2)
Government intelligence agencies have been involved in quantum computing research for ages. Just look at the funding agencies listed at the end of a typical research paper:
This research was funded by the Office of the Director of National Intelligence (ODNI), Intelligence Advanced Research (ODNI), Intelligence Advanced Research Projects Activity (IARPA), through Army Research grant...
http://web.physics.ucsb.edu/~martinisgroup/papers/Wenner2013.pdf [ucsb.edu]
Is it a surprise that they're doing work in house as well?
Hell even, Northrop Grumman (and possibly other big defense contractors) is trying to build quantum computers too, and it's not because they need quantum computers to design airplanes...
Re: (Score:2)
Errrr...
This research was funded by the Office of the Director of National Intelligence (ODNI), Intelligence Advanced Research Projects Activity (IARPA), through Army Research grant...
(I couldn't copy and paste from the pdf, and apparently I can't type either. FWIW, IARPA is the intelligence agencies' equivalent to DARPA, which is probably better known around here.)
The sky is ever falling (Score:2)
The quantum computing fear is really nothing new. [wavewatching.net]
It makes the current encryption scheme more valuable but there are post-quantum schemes [wikipedia.org] as well as quantum cryptography as alternatives.
Good I hope they do it (Score:2)
Let's not get lost here. We need and want the NSA to do it's legitimate job in protecting the nation against terrorists and people to whom the idea of "mass extinction" is just a shorter way to get their god to sort us all into our respective eternal bins.
The whole issue with the NSA eavesdropping is the potential for , as Snowden admirably put it, "turnkey tyranny". That's not nothing, that's not such an unlikely result of this kind of power being applied to the world's population that we don't have to wor
Re: (Score:2)
It was no secret that the NSA was working on quantum computer technology then as well.
Speaking of it being "no secret," here is the public website for the quantum computing initiative at the Los Alamos National Laboratory:
http://quantum.lanl.gov/ [lanl.gov]
That page says:
Quantum information science and technology research is conducted at several outstanding universities and laboratories around the world, including LANL. At Los Alamos, however, even the most basic quantum research often has national security implications or connections.
Although the Quantum Initiative's national security mission at Los Alamos is manifest in many areas, it is perhaps most evident in two of the Laboratory's most successful quantum technology initiatives— quantum cryptography and the race for a quantum computer.
Los Alamos National Laboratory, of course, is owned and operated by the U.S. Federal Government. The fact that the Government has been working on this for some time (since the 90s) has not been a secret.
The Laboratory also revealed recently, as was reported on /. [slashdot.org] that it has been operating a quantum network for 2 1/2 years. Though I
Re: (Score:2)
Other than making for breathless headlines, is ANYONE surprised that they have a quantum computing program?
Well, evidently the person who modded me Flamebait was surprised, so I stand corrected. :P
Re: (Score:2)
They did crack the smallest possible RSA key, didn't they? The public key was n=15, the private key was p=3, q=5.
Or was it p=3 q=5? I guess it depends on how you look at it... ;)
Re: (Score:2)
Then take *that* output and encrypt it, right?
Manual cipher on paper -> airgapped computer -> whatever heavy duty digital encryption
I admit I don't know a lot about how encryption works. Could someone who does, explain why this would or would not be effective?
Re: (Score:2)
Classic* public-key crypto (SSL, TLS, GPG, PGP) would be dead except, and this is quite interesting, except the one based on elliptic curves, which NSA has been advocating for for a long time.
Actually... [wikipedia.org]