Re: [Cfrg] likelihood that someone has a quantum computer

David Jacobson <dmjacobson@sbcglobal.net> Sun, 12 January 2014 15:38 UTC

Return-Path: <dmjacobson@sbcglobal.net>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A40061ADF78 for <cfrg@ietfa.amsl.com>; Sun, 12 Jan 2014 07:38:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 13lzMwoQcMyb for <cfrg@ietfa.amsl.com>; Sun, 12 Jan 2014 07:38:48 -0800 (PST)
Received: from nm22-vm1.access.bullet.mail.gq1.yahoo.com (nm22-vm1.access.bullet.mail.gq1.yahoo.com [216.39.63.20]) by ietfa.amsl.com (Postfix) with ESMTP id B9D281ADF24 for <cfrg@irtf.org>; Sun, 12 Jan 2014 07:38:48 -0800 (PST)
Received: from [216.39.60.176] by nm22.access.bullet.mail.gq1.yahoo.com with NNFMP; 12 Jan 2014 15:38:37 -0000
Received: from [98.138.104.98] by tm12.access.bullet.mail.gq1.yahoo.com with NNFMP; 12 Jan 2014 15:38:37 -0000
Received: from [127.0.0.1] by smtp118.sbc.mail.ne1.yahoo.com with NNFMP; 12 Jan 2014 15:38:37 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sbcglobal.net; s=s1024; t=1389541117; bh=wEQnjiIOYocUf32U+a5rBQPGcQxwfCOowp5VKjMR2l4=; h=X-Yahoo-Newman-Id:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:X-Rocket-Received:Message-ID:Date:From:User-Agent:MIME-Version:To:CC:Subject:References:In-Reply-To:Content-Type; b=xPrVfyVIMxLjxtbk6UvoA6kJ8cDJmj6LK0vbLlI5wsFFS0z29bVUQ5efFwbucvqIc4ngj5hCfX64gmMOiQJgxRTaxuXSmzOUwkdOgJ8f/FYgtOUwaAMyk10peE+XcPEiPho3foxjm24dG8pRy2oHVBu5noeffP8XZS608yFMZhg=
X-Yahoo-Newman-Id: 483542.55325.bm@smtp118.sbc.mail.ne1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: vWzxFRYVM1liSKju7AnQhUpDR0ATtyeokn0wpNBr3v1mN18 ipcomZP60ozDbVrceNx1Tp8a8gHaImfK61P09plxAaEka40RDgCOB1MI_yo4 zXzVgMHl_fcKeMZutwLqac9cdJHOtjDB7VRZFdqm4iMnic.ApF30r3Q9UY5t mdbEkbnc6a4nDIlUp777Rj22Oylun8uqBdsQVUlPKrXNyqoryZifgqE._gpu OkXb4uJxn_BJ2InARm4BaHDtjYjjiGh9BWMVMFKtZlsWyhIre.NhaLg0IuX5 szFHrBG8jp9oFCi2DEVWoKuWZj5Oqcqv8GpXqCqmo3N3EXDl_a9GW7XC.Os5 62GCUg3VaEbozWtlnHHIDd5u3qmtv97mCL1LnasuGjArMgBxZCSI_LlJsoy_ 9qXIehnhHpzIR8eqnw337ZozA2liDlIZX9pdOt3AQEB.VaJNoHrW6iLY.X3g QrQDzxN7eXFkAxAEShs_EQ8ADBihDo.5_8oNXkTkzRwZfFiW0EhSlhLA41ox Lr6GoE1eJsXcViKh3KSxAmta3wdqHY1hgO3mwam1OZEX8ZK_rXo40Zy4Woi1 Bk3oozO0BJODHdoVcC_Q56hsmyWw4p495Kv9ofy2ip.y7en7Rqv2FRvPfKQK IaVr_H7Z4652xk12utNuc8TDFSHyqz8fCaxZhqCYHpyrViJU1AZoRiXTy494 otXp1
X-Yahoo-SMTP: nOrmCa6swBAE50FabWnlVFUpgFVJ9Gbi__8U5mpvhtQq7tTV1g--
X-Rocket-Received: from [192.168.1.64] (dmjacobson@99.120.97.155 with plain [98.138.84.52]) by smtp118.sbc.mail.ne1.yahoo.com with SMTP; 12 Jan 2014 15:38:37 +0000 UTC
Message-ID: <52D2B6FB.9000409@sbcglobal.net>
Date: Sun, 12 Jan 2014 07:38:35 -0800
From: David Jacobson <dmjacobson@sbcglobal.net>
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: David McGrew <mcgrew@cisco.com>, Dan Brown <dbrown@certicom.com>, "'cfrg@irtf.org'" <cfrg@irtf.org>
References: <52C755AA.70200@cisco.com> <33E0BF53-A331-4646-B080-FD4F6E13916E@ieca.com> <810C31990B57ED40B2062BA10D43FBF5C1BF54@XMB116CNC.rim.net> <52D29B10.4030401@cisco.com>
In-Reply-To: <52D29B10.4030401@cisco.com>
Content-Type: multipart/alternative; boundary="------------070407000600020002020400"
Cc: "'TurnerS@ieca.com'" <TurnerS@ieca.com>
Subject: Re: [Cfrg] likelihood that someone has a quantum computer
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Jan 2014 15:38:50 -0000

On 1/12/14 5:39 AM, David McGrew wrote:
> Hi Dan,
>
> some further thoughts on things quantum:
>
> On 01/08/2014 12:32 PM, Dan Brown wrote:
>>
>>> 2) Is QKD something we need to start considering:
>>> http://tools.ietf.org/id/draft-nagayama-ipsecme-ipsec-with-qkd-00.txt
>>> http://tools.ietf.org/id/draft-ghernaouti-sfaxi-ppp-qkd-00.txt
>> I am more interested in the issue of whether quantum computing (for Shor's
>> algorithm) will, or even has, become feasible? I am not an expert in the
>> area, but am interested.
>
> this is not an area that I actively follow, but I think the following 
> description is accurate: quantum computing is an active area of 
> research, and those working in the area believe that it can become a 
> viable technology in the not-to-distant future, though there are also 
> skeptics who feel that quantum decoherence may make it impossible to 
> ever build a quantum computer that would be able to solve problems of 
> cryptographic interest.   (An important side note: the D-Wave computer 
> is not a real quantum computer in the Peter Shor sense; it does 
> something more like simulated annealing).
>
>> Of course, we can just go ahead and get prepared with proposals for
>> postquantum algs.  That's great to do, but still doesn't address the
>> question. I expect some may argue that asking this whole question just begs
>> pointless speculation, on the grounds that if your adversary (soon) has a
>> QC, then you should have spent your time switching to PQ rather than
>> thinking about whether the adversary had a QC.  In other words, I'm
>> expecting some may say that consideration of postquantum crypto is perfectly
>> reasonable, but asking about the existence of a quantum computer is
>> pointless.
>
> This is my thinking, more or less.   I would put it more positively 
> as: let's figure out how to use post-quantum cryptography in practice, 
> because if there is a breakthrough in quantum computing, the mad rush 
> will be ugly, and besides, we don't really know what capabilities our 
> adversaries have now, or will have in a decade.

[snip]

This is a volunteer group, and the energy that can be summoned depends 
on interest, excitement, fear, etc.  (Just note how CFRG has gone from a 
sleepy group with 2 or 3 messages per month to many messages a day since 
last summer.)  So, if we want to study post quantum computing, find 
promising algorithms, and evaluate them, we can do that if we have a 
sufficient set people with interest and expertise.  And I think we do.  
It is not like we are at a big company and we have to get some executive 
to give us a budget.

    --David Jacobson