Title: Quantum computING
1Quantum computING CRYPTOLOGY
- S. Aras Kubilay
- CS 532 Network Security
2Roadmap
- Introduction
- Quantum Computers
- Quantum Computers Cryptology
- Closing Comments
3Introduction
- What is quantum computing?
- Collective name for storing, representing and
manipulating data in a quantum computer.. - .. which is essentially still a hypothetical
device on par with teleportation and laser beam
weapons.
4Introduction
- With one crucial difference
- Various scientific, governmental and military
institutions worldwide are actually funding
billions of dollars for making quantum computers
a reality. - But why?
5Quantum Computers
- Research suggests that quantum computers are
likely to be much faster than any other
computational model put forth so far. - That includes, besides traditional
transistor-based Von Neumann architecture,
experimental designs such as optical and
biological computers. - Exponentially faster in some cases.
6Quantum Computers
- Quantum computers work on an atomic level
- That is roughly 200 times smaller than Intels
brand new 45nm architecture. - Furthermore, quantum computers are based on
quantum binary digits (qubits) just as
traditional computers are based on bits. - Qubits have some fundementally unique properties.
7Quantum Computers
- A qubit is essentially an atom showing
quantum-mechanical behaviour. - Just as a regular bit, qubits are also used to
represent 1 / 0 values, usually denominated by
the up-spin or down-spin of the atom. - Spin An integral quality of all elemental
particles and related to orbital angular
momentum. - Lets suffice to say that it exists and is either
up or down )
8Quantum Computers
- However unlike bits, qubits benefit from quantum
superposition. - A bit in classical mechanics has some exact
probability (usually 0.5) to have either 0 or 1
value. - A qubit in quantum mechanics has a probability
distribution function of having any of those
values at any given time. - Thus a pair of qubits can have 4 superpositional
states while three qubits can have 8 states and
so on.
9Quantum Computers
- The fundamental difference about all this is
- At any given time
- n bits can be in one of the 2n states.
- n qubits can be in up to 2n states
simultaneously. - Suggests an incredible potential in parallel
computing power.
10Quantum Computers
- As if all that werent enough, there is yet
another advantage of qubits over bits. - Some qubit pairs may be in quantum entanglement,
which is a phenomenon that links the quantum
states of two spatially seperated particles. - Which is to say that we can modify or read two
qubits in a single action without ever touching
the second one.
11Quantum Computers
- So in the end we have computers that are smaller,
inherently parallel and distributed. - Due to size of atoms, quantum superpositional
states and quantum entanglement, respectively. - However there are still limits to the
capabilities of quantum computers, thankfully for
us computer security people ) - Lets see them.
12Quantum Computers Cryptology
- One famous idea about quantum computers
cryptology - If realized, a quantum computer can simply try
all possible key combinations in parallel and
crack any key of infinite size in one single
stroke through brute-force. - True or false?
13Quantum Computers Cryptology
- Lets see what quantum computers can do.
- Shors Algorithm
- While the exact specifications are way out of
scope, we will see a simplified overview. - Problem definition For a non-prime positive
integer N, find an integer p that divides N and 1
lt p lt N. - Sounds familiar?
14Quantum Computers Cryptology
- Shors Algoritm (contd)
- Pick a random number i lt N.
- Compute gcd(i, N) through traditional methods.
- Euclidean Algorithm etc.
- If gcd(i, N) 1 stop, otherwise
- Use quantum computing to find period r such that
- f(x) ax mod N, and f(x r) f(x)
- Quantum superposition for efficient calculation.
- gcd(i(r/2) /- 1, N) is a factor of N.
- If r is odd or i(r/2) -1 (mod N), restart with
different i.
15Quantum Computers Cryptology
- Shors Algorithm, although still mostly
academical, was later improved by other
researchers. - Up to 8 times faster (David M., Queensland)
- The profound meaning of this algorithm is that
quantum computers are exponentially better at the
factorization problem, rendering brute-force
solutions feasible. - O((log N)3) vs classical O(2((log N)1/3)).
- So what if factorization can be done in
polynomial time?
16Quantum Computers Cryptology
- The security of public-key cryptograhpy methods
(most notably RSA) depend on the infeasibilty of
the factorization problem. - In RSA, it is impractically difficult to try and
find the prime factors p and q for N. - However, a powerful enough quantum computer can
factorize and thereby crack any RSA
implementation. - Would increasing key size solve this problem?
17Quantum Computers Cryptology
- What about good old symmetric key cryptography?
- We have established that quantum computers cannot
instantly try infinite key possibilities, but can
they exhaust practical key-size spaces in a
reasonable time? - A classical brute-force attack against a
symmetric crypto key is O(2N) for N-bit keys. - So a 256-bit key is reasonable secure while
1024-bit is pretty solid.
18Quantum Computers Cryptology
- However, if quantum computers can somehow do it
in polynomial time, it again becomes a futile
race of key size vs. computer power like in PKC. - This was a major concern for the industry, so
researchers from IBM and Microsoft together with
Berkeley and Montreal Universities have conducted
an in-depth research based on quantum Turing
machines. - You may remember from some other courses that
Turing machines are equivalents of any computer
in terms of computational capabilities.
Bennett, Bernstein, Brassard, Vazirani.
Strength and Weaknesses of Quantum Computing.
(1996)
19Quantum Computers Cryptology
- This joint research revealed that..
- .. a brute force quantum attack against symmetric
cryptosystems is bound by O(2(N/2)). - Later work on Grovers search algorithm, which is
proven to be optimal, has confirmed this finding,
with some very specific cases showing quadratic
performance gain. - Since there is no exponential gain, keys can be
easily guarded against quantum brute-force
attacks by simply doubling the key size.
20Closing Comments
- Quantum computing is not the panacea its
sometimes made to look like. - However, it possesses unique properties and
therefore challanges some of the established
security measures, PKC chief among them. - Symmetric key systems are likely to hold their
own agaisnt quantum cryptanalytic attacks.
21Closing Comments
- Although practicle quantum computers are probably
decades away, especially short-term precautions
must be taken while long-term methodologies
develop. - Studies show promise with one-time algortihms
with doubled key sizes. - Such as Lamport digital signatures.
22Closing Comments
- Any questions?
- (No theoretical physics, please ) )
- References
- Bennett, Bernstein, Brassard, Vazirani. Strength
and Weaknesses of Quantum Computing. (1996) - David McMahon. Quantum Computing Explained.
(2007) - Nakahara, Ohmi. Quantum Computing From Linear
Algebra to Physical Realizations. (2008) - And of course, Wikipedia.