Quantum computING

1
Quantum computING CRYPTOLOGY

• S. Aras Kubilay
• CS 532 Network Security

2
Roadmap

• Introduction
• Quantum Computers
• Quantum Computers Cryptology
• Closing Comments

3
Introduction

• What is quantum computing?
• Collective name for storing, representing and
  manipulating data in a quantum computer..
• .. which is essentially still a hypothetical
  device on par with teleportation and laser beam
  weapons.

4
Introduction

• With one crucial difference
• Various scientific, governmental and military
  institutions worldwide are actually funding
  billions of dollars for making quantum computers
  a reality.
• But why?

5
Quantum Computers

• Research suggests that quantum computers are
  likely to be much faster than any other
  computational model put forth so far.
• That includes, besides traditional
  transistor-based Von Neumann architecture,
  experimental designs such as optical and
  biological computers.
• Exponentially faster in some cases.

6
Quantum Computers

• Quantum computers work on an atomic level
• That is roughly 200 times smaller than Intels
  brand new 45nm architecture.
• Furthermore, quantum computers are based on
  quantum binary digits (qubits) just as
  traditional computers are based on bits.
• Qubits have some fundementally unique properties.

7
Quantum Computers

• A qubit is essentially an atom showing
  quantum-mechanical behaviour.
• Just as a regular bit, qubits are also used to
  represent 1 / 0 values, usually denominated by
  the up-spin or down-spin of the atom.
• Spin An integral quality of all elemental
  particles and related to orbital angular
  momentum.
• Lets suffice to say that it exists and is either
  up or down )

8
Quantum Computers

• However unlike bits, qubits benefit from quantum
  superposition.
• A bit in classical mechanics has some exact
  probability (usually 0.5) to have either 0 or 1
  value.
• A qubit in quantum mechanics has a probability
  distribution function of having any of those
  values at any given time.
• Thus a pair of qubits can have 4 superpositional
  states while three qubits can have 8 states and
  so on.

9
Quantum Computers

• The fundamental difference about all this is
• At any given time
• n bits can be in one of the 2n states.
• n qubits can be in up to 2n states
  simultaneously.
• Suggests an incredible potential in parallel
  computing power.

10
Quantum Computers

• As if all that werent enough, there is yet
  another advantage of qubits over bits.
• Some qubit pairs may be in quantum entanglement,
  which is a phenomenon that links the quantum
  states of two spatially seperated particles.
• Which is to say that we can modify or read two
  qubits in a single action without ever touching
  the second one.

11
Quantum Computers

• So in the end we have computers that are smaller,
  inherently parallel and distributed.
• Due to size of atoms, quantum superpositional
  states and quantum entanglement, respectively.
• However there are still limits to the
  capabilities of quantum computers, thankfully for
  us computer security people )
• Lets see them.

12
Quantum Computers Cryptology

• One famous idea about quantum computers
  cryptology
• If realized, a quantum computer can simply try
  all possible key combinations in parallel and
  crack any key of infinite size in one single
  stroke through brute-force.
• True or false?

13
Quantum Computers Cryptology

• Lets see what quantum computers can do.
• Shors Algorithm
• While the exact specifications are way out of
  scope, we will see a simplified overview.
• Problem definition For a non-prime positive
  integer N, find an integer p that divides N and 1
  lt p lt N.
• Sounds familiar?

14
Quantum Computers Cryptology

• Shors Algoritm (contd)
• Pick a random number i lt N.
• Compute gcd(i, N) through traditional methods.
• Euclidean Algorithm etc.
• If gcd(i, N) 1 stop, otherwise
• Use quantum computing to find period r such that
• f(x) ax mod N, and f(x r) f(x)
• Quantum superposition for efficient calculation.
• gcd(i(r/2) /- 1, N) is a factor of N.
• If r is odd or i(r/2) -1 (mod N), restart with
  different i.

15
Quantum Computers Cryptology

• Shors Algorithm, although still mostly
  academical, was later improved by other
  researchers.
• Up to 8 times faster (David M., Queensland)
• The profound meaning of this algorithm is that
  quantum computers are exponentially better at the
  factorization problem, rendering brute-force
  solutions feasible.
• O((log N)3) vs classical O(2((log N)1/3)).
• So what if factorization can be done in
  polynomial time?

16
Quantum Computers Cryptology

• The security of public-key cryptograhpy methods
  (most notably RSA) depend on the infeasibilty of
  the factorization problem.
• In RSA, it is impractically difficult to try and
  find the prime factors p and q for N.
• However, a powerful enough quantum computer can
  factorize and thereby crack any RSA
  implementation.
• Would increasing key size solve this problem?

17
Quantum Computers Cryptology

• What about good old symmetric key cryptography?
• We have established that quantum computers cannot
  instantly try infinite key possibilities, but can
  they exhaust practical key-size spaces in a
  reasonable time?
• A classical brute-force attack against a
  symmetric crypto key is O(2N) for N-bit keys.
• So a 256-bit key is reasonable secure while
  1024-bit is pretty solid.

18
Quantum Computers Cryptology

• However, if quantum computers can somehow do it
  in polynomial time, it again becomes a futile
  race of key size vs. computer power like in PKC.
• This was a major concern for the industry, so
  researchers from IBM and Microsoft together with
  Berkeley and Montreal Universities have conducted
  an in-depth research based on quantum Turing
  machines.
• You may remember from some other courses that
  Turing machines are equivalents of any computer
  in terms of computational capabilities.

Bennett, Bernstein, Brassard, Vazirani.
Strength and Weaknesses of Quantum Computing.
(1996)
19
Quantum Computers Cryptology

• This joint research revealed that..
• .. a brute force quantum attack against symmetric
  cryptosystems is bound by O(2(N/2)).
• Later work on Grovers search algorithm, which is
  proven to be optimal, has confirmed this finding,
  with some very specific cases showing quadratic
  performance gain.
• Since there is no exponential gain, keys can be
  easily guarded against quantum brute-force
  attacks by simply doubling the key size.

20
Closing Comments

• Quantum computing is not the panacea its
  sometimes made to look like.
• However, it possesses unique properties and
  therefore challanges some of the established
  security measures, PKC chief among them.
• Symmetric key systems are likely to hold their
  own agaisnt quantum cryptanalytic attacks.

21
Closing Comments

• Although practicle quantum computers are probably
  decades away, especially short-term precautions
  must be taken while long-term methodologies
  develop.
• Studies show promise with one-time algortihms
  with doubled key sizes.
• Such as Lamport digital signatures.

22
Closing Comments

• Any questions?
• (No theoretical physics, please ) )
• References
• Bennett, Bernstein, Brassard, Vazirani. Strength
  and Weaknesses of Quantum Computing. (1996)
• David McMahon. Quantum Computing Explained.
  (2007)
• Nakahara, Ohmi. Quantum Computing From Linear
  Algebra to Physical Realizations. (2008)
• And of course, Wikipedia.