Questions tagged [quantum-computing]
A computation model which relies on quantum-mechanic phenomena, such as entanglement and superposition. This generalizes the probabilistic model of computation.
47 questions
5
votes
1
answer
246
views
Logical Qubits vs Toffoli gates
Craig Gidney's recent preprint How to factor 2048 bit RSA integers with less than a million noisy qubits has this graph
Figure 2: Pareto frontiers achieved by this paper for the Toffoli and logical ...
- 151k
2
votes
0
answers
107
views
One Shot Signatures Equivocal Hash Security Proof
I was studying the paper "One Shot Signatures and Applications to Hybrid Quantum/Classical Authentication." In it, the authors define "equivocal hashing" and provide a construction ...
- 89
-1
votes
1
answer
127
views
Could there not be a practical half step to Quantum?
While I have read a number of articles/papers etc on Quantum, I wonder if the only answer is 10 or if 3 or 5 will be a practical way forward as an interim measure?
While most advocate a transition ...
- 1
0
votes
1
answer
153
views
Do quantum computers break hashcash?
Hashcash is a mechanism to prove that the sender of a message is really intending to send that message instead of just performing a denial of service attack. It makes denial of service attacks harder ...
- 1,643
3
votes
0
answers
145
views
A highly space-efficient embedding of prime factorization problem using the Ising model
I hope this is not off-topic for this SE, as it directly relates to the RSA problem. My background is in quantum information and computation, so please excuse me if my notation doesn't match your ...
3
votes
2
answers
1k
views
Why is discrete logarithm not quantum proof?
I don't understand why discrete logarithm is not quantum proof. I understand that quantum computer can quickly compute the exponent, but there is a modulo in the equation. Doesn't it mean, that there ...
- 31
4
votes
0
answers
142
views
Comparing quantum computing resources to break the DLP on elliptic curve group vs Schnorr group
Take an elliptic curve group of 256-bit prime order $n$ over a 256-bit prime field in which the Discrete Logarithm Problem is believed hard, e.g. secp256r1. Build an isomorphic Schnorr group by taking ...
- 151k
11
votes
4
answers
8k
views
How will the world learn that Q-Day has arrived?
I wonder how the world will come to know that scalable, fully fault-tolerant quantum computers capable of running Shor's algorithm have arrived. The day when this happens has been referred to as "...
- 288
0
votes
2
answers
2k
views
Are there any full alternatives to RSA that are quantum-resistant
By full alternatives I mean things that can do everything RSA can, namely establish secure security without privately sharing information prior. Something which AES can't do.
In other words, I'm ...
- 101
2
votes
1
answer
553
views
Does triple ChaCha20 have 256-bit post-quantum security?
Experts suggested 3DES when AES wasn't developed yet, since meet-in-the-middle attack, they suggested triple DES. Grover's algorithm, a quantum algorithm, weakens symmetric encryptions, how about ...
- 391
6
votes
3
answers
12k
views
Can Quantum Computers crack RSA and AES?
Im trying to learn more about cryptography and ran into a post, Is AES-128 quantum safe?, which asks if AES-128 is safe. From the articles and replies it seems that AES-128 (symmetric key) is safe ...
1
vote
0
answers
73
views
Is Proof-of-Authority (PoA) protocol a post quantum consensus?
Is PoA persistent against quantum attacks? If not, How can we make it post quantum?
I mean the PoA used with blockchains that delivers comparatively fast transactions through a consensus mechanism ...
- 109
0
votes
1
answer
249
views
Do multiple keys mitigate Grover algorithm?
Grover, a quantum algorithm, weakens AES and ChaCha20. Is it possible to use multiple symmetric keys to encrypt a message multiple times to achieve 256-bit security for quantum computers?
- 391
4
votes
1
answer
206
views
Difficulty of Shor's algorithm in a Schnorr group as a function of the modulus
Consider a Schnorr group with order a prime $q$ sized for security against current computers (like $q$ of 256 bit); modulus a prime $p=q\,r+1$ large enough (e.g. 3072 to 32768-bit) that the algorithms ...
- 151k
0
votes
1
answer
364
views
Solve discrete logarithm with new chinese research
Does this research also work for breaking bitcoin ECDSA? If so, how many qubit will be needed for 256-bit elliptic curve key?
user106244