Ah, ok. That's making a lot more sense. It really didn't come across in the Nature article that way to me. But I guess that's scientific reporting for ya, :P

Ok, I must be missing how exactly you're controlling Bob's basis then. I guess that's what your blinding trick is supposed to be doing, but my physics is too weak to understand why. (I studied QC from a computer engineer standpoint, not a physics standpoint). My impression from the Nature article was that you could force Bob to see a 0 or a 1. If that's all you could do, then Eve's interference would have been detectable since she would have passed on bad bits when Alice and Bob's bases agreed but Eve's didn't.

The article is either missing massive details or these researchers are vastly overstating the power of their technique. The entire _point_ of quantum key exchange is that if Eve intercepts the signal she cannot tell if she read a 0 or a 1 because she does not know which basis the 0 or 1 was generated in. Even IF Eve passed a 1 along every time she read a 1, when Alice and Bob go to do the basis comparison over the standard channel they will notice errors because Eve read the signal in the wrong basis and passed along an incorrect value.

I've tried reading the actual journal paper, but unfortunately they just seem to handwave this problem away. Maybe there's a reason they can, but its sure as hell not explained as far as I can see unless they're assuming Eve has also compromised the classical channel as well as the quantum channel.

Or Cowbell Hero

They do. This is a known phenomenon which has been measured. But the difference between, say, Denver and NYC isn't substantial enough that you would notice a difference with your personal electronics.

Yes. Yes they do receive more radiation at higher altitudes. This is a known, measurable effect. That being said, the difference between sea level and ~5000 feet is not substantial enough that you would notice with personal electronics.

Insulating the ROM would be much more expensive than just adding error correcting codes or having multiple copies of the ROM and comparing the contents periodically. The problem is no matter what you do, it's going to add cost and complexity, so unless you can show that single event upsets are indeed causing a problem there's no reason to prevent them.

There's a reason that our entire modern world doesn't come crashing to a halt around us every 30 seconds. If every CPU was vulnerable to bit flips from random radiation, every part of your house would be on fire and arcing electricity. Times Square would look like the bridge of the 60s enterprise under attack.

Actually, every CPU _IS_ vulnerable to bit-flips from radiation. That part of it is not speculation. It does occur in commodity processors, and with probabilities large enough that we have ECC ram, and ECC and/or parity in caches. Some servers actually come with built in hardware fault tolerance methods, because when you run hundreds of servers non-stop for years, the probability that a particle strike screws up a register on chip is non-negligible. Now, still, the probability isn't _huge_. Definitely not high enough to be causing these specific problems, especially when the failure is always in the same manner. _That_ part of it is pretty much bullshit.

This is one of the most common methods of error tolerance, actually, N-modular redundancy (typically either dual-modular or triple-modular). It's used in airliners and space shuttles, as well as a number of other critical applications. IBM actually sells servers (the system z series) which automatically runs two copies of everything and compares instruction results, so that failing processors can be detected and avoided.

The proposal by the GP poster is actually much more difficult that it would seem at first glance. About the only place "checksum" style error detection is used is in memories/registers. The reason is that if I do a floating point addition, for example, the only way I know whether the addition gave me the right answer is to do the addition again and check.

"The internet is DOWN!!"

Which one?

Any private-key encryption, of which OTPs are an example, don't have much to worry about from quantum computing at this time. The problem is that private-key exchange is hard to do between two entities who are unknown to each other.

Flickr: DC stole the cookie from the cookie jar issued the takedown notice *Flickr has been kicked by DC(fuck you, i didn't touch the mother fucking cookie, bitch)

Wow, a decent summary of quantum computing on the internet. It's so weird not having to pull out the baseball bat and perform some facial readjustment in a qc thread. Just a little added information. When we refer to qubits as being "both" 0 and 1 at the same time, it's not necessarily a 50/50 split. It is in the form (a+bi)|0> + (c + di)|1>, where |0> refers to the 0 state and |1> to the 1 state. |a+bi| = sqrt(a*a + b*b) is the probability that, if measured in the 0/1 basis, it will result in 0, and |c + di| the probability it will result in 1.

The presence of i (the imaginary number, in case that wasn't clear), is important. Also, you can measure a qubit in any basis, not just 0/1, which is actually vital to the way some quantum algorithms work. (Notably quantum key exchange, which relies on the fact that a potential eavesdropper doesn't know what basis he should be measuring the qubit in.) A good way to imagine a single qubit is a bloch sphere. Imagine a sphere, where straight up is 0, and straight down is 1. Anything on the equator is a 50/50 superposition of 0 and 1.
Also, to say that quantum computers are more "efficient" than classical computers isn't quite precise enough for my tastes. It's not that they're capable of doing the same things as a classical computer can, just faster. It's that they're able to do things classical computers simply cannot do due to the way superposition works. And those things allow it to solve a number of problems more efficiently.

To clarify, quantum cryptography (which _should_ be called quantum key exchange) is just a method of exchanging a private key securely. This private key can then be used on an insecure channel. It is also ridiculously overhyped, particularly by people who don't fully understand it. Current implementations require a direct fiber-optic line between Alice and Bob, and is still vulnerable to man-in-the-middle attacks, presuming that the man in the middle is able to compromise both the direct quantum line as well as the insecure channel over which the measurement orientations are exchanged and later communication is established.

How exactly does Grover's Algorithm help in this situation? With Grover's, you have an unsorted list and want to look up the position of an arbitrary element in the list. This takes O(n) sequentially, but O(sqrt(n)) with Grover's. It has absolutely nothing to do with guessing. In brute-forcing a block cipher, you have a large number of keys and you need to try each one sequentially. There's no lookup involved at all. I'm afraid I'm gonna have to call bullshit, something I need to do all too much in QC related topics.