## Code-Breaking Quantum Algorithm On a Silicon Chip 133

Posted
by
Soulskill

from the one-small-chip-for-man dept.

from the one-small-chip-for-man dept.

Urchin writes

*"Shor's quantum algorithm, which offers a way to crack the commonly-used RSA encryption algorithm, has been demonstrated on a silicon chip for the first time. The algorithm was first demonstrated on large tabletop arrays 3 years ago, but the photonic quantum circuit can now be printed relatively easily onto a silicon chip just 26 mm long. You can see the abstract from the team's academic paper in the journal**Science*; the full text requires a subscription."
## Interesting and a qustion (Score:5, Interesting)

Side question: Which asymmetrical encryption algorithms are safe(er) against quantum algorithms (Some algorithms do not benefit from a tremendous quantum speedup, only a large one)?

## Re:Interesting and a qustion (Score:5, Informative)

Currently, they and the traditional techniques can each manipulate 4 non-error-checking qubits. =]

The article argues that their approach is more promising for scaling up, though, and has fewer inherent limits to doing so. That of course is still to be demonstrated, but the result still seems interesting--- basically, here's proof-of-concept of a new method that at least works as well as previous methods, along with some reasons to believe it might scale up better.

## Re:Interesting and a qustion (Score:5, Insightful)

My guess is that miniaturizing a optical processor into silicon is probably going to be less powerful than normal optical processors. They should be factoring numbers larger than 15 before trying to fit it on a chip.

Quantum computing is extraordinarily difficult though, even just in theory, so I guess I understand why its development is so slow.

I wonder what the curve is for how much education you need to be terrified of the Shor's algorithm article rather than just mystified, and then how much more you need to master it. I'm deep into nightmare territory.

## Re:Interesting and a qustion (Score:5, Interesting)

I'm a bit of a crypto nerd (more of a fan, not exactly up to sratch on designing the algorithms, but I've read EXTENSIVELY on their proper use) and if you get a large quantum computer working, things go titsup for any of our currently viable public key crypto schemes. The short of it is this: you can no longer trust any key exchange system that relies on public keys. SSH is no longer secure, SSL is trash, the list goes on. Any time you need to exchange secure data without having previously encountered the far end securely first, game over.

That's frightening. I know that there are some proposed algorithms that only allow for a polynomial speedup in quantum computers, but I couldn't find them between when I posted initially and now.

So yeah, fear it, but in terms of cracking larger numbers this is not even a proverbial "smoke in the building" scenario. It looks like their technique does not employ error checking, making large numbers of qbits near impossible to work with.

## Re:Interesting and a qustion (Score:5, Insightful)

It's only frightening when operating a quantum computer becomes trivial. Until then, it really isn't that big a deal to send your credit card details to Amazon.com. So when there are 5 powerful quantum computers running, there will probably still be a year or two to fix things. Even then, I'm not sure people will be running quantum computers against the vast majority of communication (so it really only sucks for the people who are trying to secure something worth getting at, us gmail https users aren't out much).

## Re:Interesting and a qustion (Score:5, Informative)

This is why government agencies want secure quantum links now. As even though there is no way for someone to decrypt their plans right now there's still a chance of the plans getting out once quantum computers do come about.

I have a feeling a lot of criminals will find themselves being arrested for past crimes once quantum computers do come about as all their past recorded conversations, no matter how encrypted, suddenly become decryptable.

## Re: (Score:2)

It's a certainty that various large nation's defense/intelligence agencies have been pushing the boundaries of QC as applied to breaking crypto, far far beyond what's been published (and not just from accelerated science, but from effective censorship/buying research.) It's also a safe assumption for each of these countries that other nations have similar programs. I don't have any insider knowledge, it's just human nature that such things are inevitable.

## Re: (Score:2)

Fixed that for you.

It's frightening how corporations and governments seem to be in a race to see who can cause the most harm in the least amount of time. Breaking secure communications at this point in history is a very wo

## Re: (Score:3, Interesting)

So not anytime soon... the refrigeration units required to produce the temperatures at which quantum computing is viable are not likely to be within a typical consumer's budget (or likely to fit in their apartment, for that matter) for the forseeable future.

## Harder than it seems (Score:5, Funny)

It's only frightening when operating a quantum computer becomes trivial."Congratulations on your purchase. To begin using your quantum computer, set the power switch to both off and on simultaneously."

## Re: (Score:2)

"Congratulations on your purchase. To begin using your quantum computer, set the power switch to both off and on simultaneously."

More like, "Your computer may appear to be both on and off at the same time. Don't worry, this is normal. To turn the computer off, you don't have to do anything. Likewise, to turn it on, you don't have to do anything."

## Re: (Score:2)

So does quantum computing get us discrete logs too?

## Re: (Score:2)

Yes, also using Shor's algorithm.

## Re: (Score:3, Informative)

In short, yes: Wiki [wikipedia.org] see also (with more math than I can handle) Berkley article [74.125.95.132]

So, yeah. Quantum computers of reasonable size get us discrete logarithms. This means that the Diffie Hellman key exchange can be reversed after the exchange if the attacker has a powerful enough quantum computer. The computer to break DH key exchanges would be powerful enough to also break the encapsulating RSA or similar exchange (even assuming RSA encryption AND signatures was

## fight fire with fire (Score:1)

If quantum physics will be the undoing of public key cryptography, perhaps quantum physics can give us a means to communicate securely with our bank.

Imagine it's maybe 10 years from now and every major city has a "quantum wire" to other major cities within a few hundred kilometers. This means if I'm in New York I can send a secure message to Washington, D. C. or Chicago.

Granted, at first sending such secure messages won't be cheap, and sending them long distances will require relays by trusted intermediari

## Re: (Score:2)

The wiki article has really good information, but please research this in depth (learn the lingo, do some google searches if you want to know more) [wikipedia.org] http://en.wikipedia.org/wiki/Quantum_cryptography [wikipedia.org] .

Good insights Davidwr, but I hope we can come up with

## Re: (Score:2)

All you need is a link fast enough to transmit the key for bulk encryption, then dump the rest of the data via a normal pipe encrypted via either AES, or a cascade [1]. Quantum computers are not useful against symmetric encryption such as DES, AES, Serpent, or IDEA.

[1]: If you have two algorithms each 256 bit, cascading them only gives you 257 bit security (256 + 256), but the reason one would do this is to deal with a possible algorithm breakage of either algorithm. Say some algorithm that is 256 bits i

## Re: (Score:2)

I think this is wrong. If you use the same key for both then it's still just 256 bit. If you use different keys then that's 2^256 * 2^256 giving you 512 bit. Right?

## Re: (Score:2)

In a perfect world, you would have 512 bit security provided you used different keys for both cyphers. However, there are a number of attacks like birthday and meet in the middle attacks which would reduce the effective amount of bits from 512 down, such as how double-DES is pointless instead of triple DES. They may not be as effective because of the use of two different algorithms, but they may be possible.

If the attacker knows anything about the text between the two algorithms, the 512 bits drops to 257

## Re:Interesting and a qustion (Score:4, Interesting)

As far as I know, the "only" crypto applications of QC that would give an exponential speed-up are for factoring (Shor's algorithm). I realize that that's essentially all currently used asymmetric (public/private key) encryption, but afaik elliptical encryption, which is also usable for asymmetric encryption, isn't impacted.

Of course, no one knows if elliptical encryption will fall to some quantum algorithm, and you can always get a O^0.5 speed up using Grover's algorithm, but O^0.5 just requires double the key length rather than making encryption impractical.

Scott Aaronson [scottaaronson.com], a quantum algorithm complexity researcher at MIT, believes that quantum computing does not in general give an exponential speed-up to algorithms, and I believe him...

## Re: (Score:1)

afaik elliptical encryption, which is also usable for asymmetric encryption, isn't impacted.

It is impacted. There are also quantum algorithms to break elliptic curve cryptography.

See, e.g., http://arxiv.org/abs/quant-ph/0301141 [arxiv.org]

## Re: (Score:2)

Bummer. Thanks for the info!

This is the danger of QC to crypto - it's still so new. No one knows if factoring can be done in polynomial time using classical algorithms, but we know people have been trying forever and failing. I don't think we even have a good handle on what is hard with QC and what's not. There are lots of other asymmetric algorithms (unfortunately none that I know of that have anywhere near the kind of analysis that's been applied to factoring), but who knows if QC will make inverting

## Re: (Score:2)

I wasn't talking about being terrified of the ramifications of QC. I was talking about being terrified of the math.

## Re: (Score:2, Informative)

My guess is that miniaturizing a optical processor into silicon is probably going to be less powerful than normal optical processors.

The power of a quantum computer, at this early stage, is limited by the number of qbits. The point of putting it onto silicon is that silicon fabrication is the easiest way, right now, to make large numbers of interesting small structures. (in this case qbits and controlling infrastructure)

## Re: (Score:2)

They have two directions to go in; (1) make the hardware smaller and more compact, and (2) make the hardware support huge integers. Getting a quantum processing unit into a single chip proves that it can be done. They will follow the path of CPU's and GPU's: move all the way from 4-bit computing to 64-bits and beyond.

## Re: (Score:2)

So, though we jump to higher per operati

## Re: (Score:2)

Hate to point out to you, but doubling every year is *not* quadratic growth ;)

## Re:Interesting and a qustion (Score:5, Informative)

## Re:Interesting and a qustion (Score:5, Funny)

## Re:Interesting and a qustion (Score:5, Interesting)

I think the real question is whether or not quantum computing can solve the Travelling Salesman problem.

It can not.

There is no reason to believe QBP contains NP. (We might be wrong, but then we might be wrong about P != NP!)

Any approach along the lines of "do everything quantumly in parallel and somehow select the interesting results" will do no better than a Grover search, which is a quadratic speedup.

## Re: (Score:2)

I agree with the sentiment, but this bold statement is just not true. The Deutch-Jozsa algorithm [wikipedia.org] solves a problem which is provably O(e^n) using the best classical algorithm in O(1) with a quantum algorithm (in fact, in one step).

## Re: (Score:2)

Normal computers can solve it, just not efficiently!

## Re: (Score:2, Interesting)

Problems like factoring products of primes (This is a big deal in crypto, but the explanation of why is hard if you haven't taken a university number theory course) and the above-mentioned Traveling Salesman Problem (The question of how I can most efficiently reach each of a given set of points, after given fix

## Is factoring np-complete? (Score:1)

I read something recently that claimed that factoring the products of primes is non-polynomial but it may or may not be NP-complete. In other words, it might be slightly easier than the traveling salesman problem. By "slightly" I mean only that just because you can factor products of primes doesn't mean you can do the traveling salesman problem.

## Re:Is factoring np-complete? (Score:5, Informative)

You're right, it isn't currently known either way.

To review briefly,

Pproblems are those solvable in polynomial time on a regular computer.NPproblems are (one definition) thoseverifiablein polynomial time on regular computers. That is, if you gave the answer to the problem, in polynomial time I could tell you if it was the correct one.QBPproblems are those solvable in polynomial time on a quantum computer.It is not known whether any of these classes are equivalent. However, the possibilities are constrained by,

NP-complete, which are problems in NP to whichall otherNP problems can be reduced (provably!) in polynomial time.Traveling salesman is NP-complete. Therefore, if we found a polynomial-time algorithm on regular computers, P = NP. If we found a polynomial-time algorithm on quantum computers, QBP = NP.

Integer factorization is in NP, but not known to be either NP-complete or in P. Therefore, a polynomial-time algorithm on regular computers could exist without P = NP--- but we don't know of one. Shor's algorithm (the subject of this article) is a polynomial-time algorithm for quantum computers, so integer factorization is in QBP. However, since integer factorization isn't NP-complete, this doesn't have any implications for whether QBP = NP or not.

So it's not provably known that integer factorization is easier than traveling salesman on any kind of computer. But on quantum computers, the fastest known integer factorization algorithm is polynomial, while the only way we could do that for traveling salesman is if QBP = NP. On regular computers, no polynomial algorithm is known for either problem. But in a sense it'd be more surprising if one were found for traveling salesman, because that would imply P = NP... while finding one for integer factorization wouldn't have such wide-ranging implications on other problems (though it might have implications for other not-yet-known-to-be-in-P problems, if the technique were transferable).

## Re: (Score:1)

## Re: (Score:2)

Assuming that quantum computer is Turing complete, of course it can: simply enumerate every route and keep track of which is the shortest this far, and at the end of the enumeration you have the shortest one. Now, whether a quantum computer (or a normal computer, for that matter) can do this in a faster time than O(n!), that's the question.

## Re: (Score:2)

That link was exactly what I was looking for.

Really thank you.

## RSA may sleep well... (Score:3, Funny)

## How many qubits? (Score:3, Informative)

## Re:How many qubits? (Score:5, Insightful)

That's their claim. The full version of the article says of previous implementations, "these approaches cannot be scaled to a large number of qubits because of purity, size, and stability limitations of these systems". And of theirs: "Although it currently uses an inefficient single photon source and modest efficiency detectors, ongoing progress to address heralded gates and efficient sources and detectors combined with the results presented here will allow large-scale quantum circuits on many qubits to be implemented".

## MIM day (Score:5, Funny)

shortly after, secret service agencies worldwide have decided to make the day a holiday and call it man in the middle day (MIM)

## changing of the guard (Score:3, Funny)

## Re:changing of the guard (Score:5, Funny)

Unless you're using 3 and 5 for your factors, I think you're safe for now...

## Re: (Score:2)

## Re:changing of the guard (Score:5, Funny)

That's the kinda factors an idiot would have on his luggage.

## Re: (Score:2)

That's the kinda factors an idiot would have on his luggage.

What kind of asshole would set his RSA factors to 1, 3, 5???

## Re: (Score:1, Funny)

> What kind of asshole would set his RSA factors to 1, 3, 5???

I'll get back to you once I changed my RSA factors...

## Re:changing of the guard (Score:5, Funny)

my darknet effectively utilities rsa/blowfish. not for long apparently.

No worries. We'll change it for you, Steve O'Connel from 42 Elmwood Ave., Chicago. You should take the night off - you're girlfriend will be ordering out for burritos. Bad news though, she's renting a chick flick.

Thanks,

NSA

## Re: (Score:1)

He's a girlfriend named Steve? That is really bad news... ;P

## Re: (Score:2)

There is no Elmwood Ave. in Chicago, and anyway, all Chicago addresses need a directional prefix. There are Elmwood Aves. in Evanston and Oak Park; for the latter you'll also need a directional prefix.

Thanks,

Richard M. Daley, Mayor

## Re: (Score:3, Funny)

That's the problem with these quantum computers - you can't be certain which universe they're decrypting data from.

## My darknet (Score:1)

My darknet is truly dark. It's also very energy efficient, drawing zero watts from the mains. Unfortunately, it's hard to use since it's so dark. But it is quiet, and it runs cool.

I must admit though, it is of limited practical value. It's utility seems limited to providing a flat surface for me to rest books on. Books I can't read because it's so dark.

## Can someone explain this... (Score:1, Interesting)

...in more human-understandable terms?

Here's my understanding of it, which is probably wrong but I'd love some clarification-- basically one benefit of a quantum computer is that it allows you to factor gigantic numbers into component primes super-fast. So for example, those distributed computing contests where you'd crack RSA keys by searching a keyspace in 10 years or 50 or 50 million years or whatever goes out the window, because a quantum computer can find all possible primes

simultaneouslyrather than## Re: (Score:1, Insightful)

Quantum Entanglement isn't some esoteric, exotic process we can only observe in a laboratory, it pervades the universe continuously. Most of the particles in your body are probably entangled with most of the particles in your keyboard right now.

We don't need rare materials and expensive equipment, entanglement sortof just

happenson its own. The tricky part is shielding them from what's called decoherence: The qubits we're trying to do computations with tend to want to become entangled with particles that a## Re: (Score:2)

But.. if you're right, then that would imply that there are a zillion different "clones" of myself running around in different "branches" of the universe.

I don't want to believe that, so I'm going to invent a spontaneous collapse of the wavefunction that prevents it. Maybe caused by humans observing it.. yeah, that's the ticket.

## What about ECC? (Score:2)

They're still pretty far from being able to do this at a scale practical for breaking RSA... ...but when scientists have reached the scale for breaking RSA, are there quantum algorithms that would work for breaking ECC? What about D-H? Are there any public key schemes that will still work when quantum computing is available?

It doesn't really matter to me whether it'll only ever be practical for labs to break - the government can afford that kind of muscle. If it's physically possible, they'll be able to

## Re:What about ECC? (Score:4, Informative)

All Discrete-Logarithm and Factoring based public key algorithms are vulnerable.

THe current known safe alternatives are hash-based (Merkle), code based (e.g. McEliece), lattice based (NTRU) or multivariate equation based (HFE). All of them have quite the disadvantages and comparatively less research on them.

## Re: (Score:3, Insightful)

Sweet, thanks for the awesome pointers. You've given me a whole lot of stuff to look over as a research starting point.

## Re: (Score:1)

For all we know, they've already done it, have an army of massive fully operational quantum computers, and are laughing real hard right now at private researchers trying to catch up.

## Re: (Score:1)

ECC's hardness is based upon a generalization of discrete log to elliptic curves.

The same algorithm that breaks discrete log on integers mod N breaks the elliptic curve generalization.

## I, for one.... (Score:2)

....welcome our new all-sharing open society based on freely sharing information, technology, knowledge, and of course funding. The complete dissolution of the banking, monetary, privacy, security, and authentication systems forced on us by our repressive secret society will finally be over! -- or they'll just have to move to some prime numbers other than 3 and 5. Whichever.

## Is there any safe encryption? (Score:2)

Does anyone know if there is any practical and non-quantum

ENCRYPTION method that is potentially safe from quantum

cryptanalysis?

Are one-time pads (assuming they could be copied around safely)

proof against these techniques?

## 1-time pads are inherently unbreakable (Score:2, Informative)

Well, a truly random 1-time pad that is used properly and never compromised is mathematically unbreakable.

PRACTICAL one-time pads suffer two vulnerabilities: 1) If stored in the clear or encrypted with a defeatable algorithm, they can be compromised, and 2) if re-used they can be compromised. They are useful for sharing small amounts of data, such as passphrases.

One way to make one-time pads more practical for

certainapplications is to use shortcuts to describe the pads. For example, if you and I both c## Re: (Score:2)

Well, that's just a book cypher, though, and is plausibly crackable (I'd maybe gzip it first and then work from that, but it's still not random); it's only a 1-time pad if your pad is *RANDOM*. And really, really random, not pseudo-random, or randomish.

## "looking random" (Score:1)

How about an gzip'ed ISO xor'd with the output of a fast halfway-decent pseudorandom-number generator. By "pseudorandom" I mean it won't show an easily discernible pattern until after you've done xor'ing - if the ISO is 4.3GB, the pattern shouldn't be discernable until after 4.4GB of output.

## Depends on What Features You Want (Score:3, Informative)

The short answer is "It depends". It depends on what features you want. (Some crypto systems provide security but not authentication. Others do the opposite. Still others provide neither but give plausible deny-ability or even it's opposite, non-reputability.) It depends on what resources you have. (Do you have couriers to hand deliver your new keys?)

The reason quantum is scary is because it breaks a large number of public key systems. Public-key systems have been the most economical systems developed

## Re: (Score:2)

There is research going on in that area. I haven't been following it, but I know about one article that touches the subject. I haven't read the article, but if you are interested in that kind of stuff, you could read it and tell us what you think. http://eprint.iacr.org/2009/391.pdf [iacr.org]

They

## Re: (Score:2)

## 1-time pad can't be brute forced (Score:1)

If the 1-time pad is truly random and the pad itself is never compromised, it's mathematically unbreakable. In my examples with Linux distros above, I forgot to mention a flaw: the distros do not contain random data. In some situations this can make an attack easier.

## Amazing (Score:1, Funny)

15=3*5, just like 8 years ago when it was last factored on a quantum computer. Maybe in a few years someone will factor 21. I wonder what its factors are.

## Re: (Score:1)

Well, it's always valuable to re-test basic truths. After all, imagine the equation 15=3*5 would stop to be true. It would completely change our world view!

## Re: (Score:2)

Maybe in a few years someone will factor 21. I wonder what its factors are.

I think a few years ago someone proved that 21's factors are between 1 and 20... Can't find the article, though.

## Re: (Score:1)

## Re: (Score:2)

## Re: (Score:1)

## ...full text requires a subscription (Score:2)

I'm so glad these research publications are made widely available to all... err...

## The crypto race (Score:2)

It's not the end of the world: Public key cryptography has been around for only a few decades. Before then (even after the invention of the somewhat impractical one-time pad) the winner (cryptographer or cryptanalyst) was determined by who had more computing power and the more ingenuous ideas.

Basic statistics were death to the ROT13 and the Caesar shift, digital computers were death to Enigma, and now quantum computing will be death to assymetric keys that depend on non-polynomial prime factorization. We'll

## 2048 bits?? (Score:1)

## So god is a Quantum computer (Score:1)

## Sneakers (1992) (Score:1)

This is the theme for the movie Sneakers: http://www.imdb.com/title/tt0105435/ [imdb.com]

## Re:Is this really a big deal? (Score:5, Informative)

They only factored the number 15 here as well--- in fact what they implemented was a version of the algorithm compiled to a specialized implementation for the input "15". Their claim from why it's an improvement is (from the full article):

Essentially they claim that, while their demonstration here is as small-scale as the previous ones, it's at least plausible that it might scale up, while the previous demonstrations have inherent limitations that prevent them from scaling up.

## Version 2 (Score:5, Funny)

int a = 0, b = 0;

if (x == 14) { a = 2; b = 7; }

else

if (x == 15) { a = 3; b = 5; }

if (a == 0)

printf ("%s\n", "more funds required");

else

printf ("%d, %d\n", a, b);

## Re: (Score:1)

## Re: (Score:1)

It's more something like this :

int a = 0..65535

int b = 0..65535

a*b = 15

printf("a = %d, b = %d", a, b);

(btw, this is not how it -currently- works, it's something that might, theoretically, someday be possible. You cannot just say a*b is 15, but you must find a way to amplify the a and b registers based on the desired outcome)

(oh, and you'll have to repeat the execution a few thousand times, since the chance for a wrong answer will be nonzero. Small, but nonzero. Also there might be multiple distinct answers)

## Re:Is this really a big deal? (Score:4, Funny)

## Re: (Score:1, Offtopic)

## Re:Is this really a big deal? (Score:5, Informative)

## Re: (Score:3, Insightful)

Outside of science fiction novels, where did it do that? If you're thinking of WWII, the Allies had a gigantically larger industrial base than the Axis could ever summon, and basically won by throwing enough men and materiel at the problem. At most, crypto might have shortened that war, but even that's not crystal clear.

## Re:Is this really a big deal? (Score:5, Insightful)

Breaking Enigma helped get those men and materiel past the U-boats. If they hadn't D-day wouldn't have happened (and it was almost a failure even with the resource there) and the Germans wouldn't have been caught in a pincer between the allies and the soviets. I wouldn't discount its influence.

## Re: (Score:2)

Please to recall that the Manhattan Project was originally intended to be used in Europe, and that would have, sooner or later, ended the war. Nothing you've put out here makes me think the Axis might have won in the absence of the crypto stuff.

## Re: (Score:2)

## Re: (Score:2)

Please to recall that the Manhattan Project was originally intended to be used in Europe, and that would have, sooner or later, ended the war. Nothing you've put out here makes me think the Axis might have won in the absence of the crypto stuff.

Huh, I had actually never heard that, I just assumed that due to the mores of the times it was easier to bomb "yellow" people than europeans. Strategically it doesn't make a lot of sense to me though. It's hard to image post WW2 being a cold war after bombing the russian backyard with WMD and sentiment in occupied europe might have swung more pro-german after a couple of mushroom clouds. Of course (luckily) we'll never know any of this for sure.

## Re: (Score:3, Interesting)

http://en.wikipedia.org/wiki/Ultra#Battle_of_the_Atlantic [wikipedia.org]

It is commonly claimed that breaking of German Naval Enigma shortened the war by a year, but given its effects on the Second Battle of the Atlantic alone, that might be an underestimate.

An exhibit in 2003 on "Secret War" at the Imperial War Museum, in London, quoted British Prime Minister Winston Churchill telling King George VI, "It was thanks to Ultra that we won the war." Churchill's greatest fear, even after Hitler had suspended Operation Sealion and invaded the Soviet Union, was that the German submarine wolf packs would succeed in strangling sea-locked Britain. He would later write, in Their Finest Hour (1949), "The only thing that ever really frightened me during the war was the U-boat peril." A major factor that averted Britain's defeat in the Battle of the Atlantic was her regained mastery of Naval Enigma decryption.

## Re: (Score:1)

Outside of science fiction novels, where did it do that? If you're thinking of WWII, the Allies had a gigantically larger industrial base than the Axis could ever summon, and basically won by throwing enough men and materiel at the problem. At most, crypto might have shortened that war, but even that's not crystal clear.

Part of the importance of keeping Enigma secret after WWII (up until the late seventies) was that the British circulated Type-X coding machines widely into colonial countries (and the US may have done similar things, I don't know). That enabled GCHQ to run decrypts against a very large number of governments, presumably including those in the post-colonial wars, Suez, etc, although this is (unsurprisingly) not publically well documented. That's a fair number of wars right there.

Even during the earlier stag

## Re: (Score:1)

## man - this is QUANTUM computing (Score:2)

It won't run Crysis and Download generic porn. It will run whatever game you had in mind -- the one that most closely matches your mood -- and it will download porn that exactly fits your personal fetish tastes. Hell, all that's missing is some carbon nanotubes and "free hydrogen" and this could save the world!

## Is that quantum computing (Score:1)

It won't run Crysis and Download generic porn. It will run whatever game you had in mind -- the one that most closely matches your mood -- and it will download porn that exactly fits your personal fetish tastes. Hell, all that's missing is some carbon nanotubes and "free hydrogen" and this could save the world!

Is that quantum computing or my latest acid trip? Sorry, I can't tell the difference.

For any future employer who sees this: The above is a joke post. I've never done LSD and unless a doctor prescribes it, I never will. If taking mind-altering drugs stronger than caffine or Microsoft products is a job requirement please disregard my resume.## Re: (Score:2)

To put things into perspective, you can factor RSA-384 in a few hours on a decent desktop computer. That's a number like 165375296535705386155571228848957419 6982006687461869497532793906938608837243 5801577531013884898737786797134855942291 (whose factors are 1845911360880639167287667999134101328853184774154263277561 and 8959005293559105489286020014804938358380924734239385853931, by the way). So although the algorithm is much more efficient in theory, they still have quite a ways to go before being an improv

## Re: (Score:2)

If arbitary sized integers are capable of being factorized, then it will be "All your primes are belong to us"