> There's some confusion or disconnect between the _title_ of the
> thread and the _content_ of the thread. "Quantum cryptography" of the
> Brassard/et. al. sort, which reveals that intercepts have occurred,
> is not the same thing as a "quantum computer," of the
> Grover/Deutsch/et. al. sort.
My reason for bringing up the thread was the Altavista article. Chuang
reportedly states in an interview [ref. to in the article] that he found the
period of a function in one step. I'm not well-versed in cryptography, but
this highlights the fact that cryptanalysis will become sufficiently easier
with the advent of quantum computers. The fact that IBM has developed a
working model leads me to believe the technology may be available much more
recently than previously thought. Since cryptanalysis will become easier,
my question was simply put - will cryptography become sufficiently more
secure using principles inherent in quantum computing? I'm aware of most of
the basics of what makes a cryptosystem secure, but how do the principles in
quantum computing make cryptosystems more secure, and are there any
references to secure cryptosystems theorized with the advent of quantum
computing blah blah blah, you get the idea.
Honig states:
> Simple. Use bigger keys. Bigger by the work-factor that quantum
> computation gives you (see Grover's algorithm). E.g., a 512-bit symmetric
> block cipher should be good for a few more years, quantum computers
> or not. 3-AES anyone?
dmolnar says:
> public-key crypto : factoring and discrete log become "easy."
> Thus RSA and Diffie-Hellman and all their cousins become broken.
> Search begins in earnest for alternative one-way functions and public-key
> cryptosystems. As far as I know, NTRU doesn't have a quantum algorithm
> for breaking it; there may be others.
>
> Actually, this brings up a point - what weird public-key cryptosystems
> not based on factoring or discrete log are there? I can think of
> Arithmetica's system and NTRU off the top of my head, but not much more.
This is essentially the crux of my question. Does quantum computing not
make factoring very easy, at least in terms of available power? If I create
a cryptosystem using quantum computing and you cryptanalyze it using quantum
computing, is the make/break ratio equal? I assume so, so my question
becomes, are there different ways to make a cryptosystem using quantum
computing theory... and are there any good books or research material or web
pointers available on the subject (outside of the brief discussion at
www.qubit.org)?
Thanks, folks -
T
