Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Australia Supercomputing Science

Quantum Researchers Achieve 10-Fold Boost In Superposition Stability (thestack.com) 89

An anonymous reader quotes The Stack: A team of Australian researchers has developed a qubit offering ten times the stability of existing technologies. The computer scientists claim that the new innovation could significantly increase the reliability of quantum computing calculations... The new technology, developed at the University of New South Wales, has been named a 'dressed' quantum bit as it combines a single atom with an electromagnetic field. This process allows the qubit to remain in a superposition state for ten times longer than has previously been achieved. The researchers argue that this extra time in superposition could boost the performance stability of quantum computing calculations... Previously fragile and short-lived, retaining a state of superposition has been one of the major barriers to the development of quantum computing. The ability to remain in two states simultaneously is the key to scaling and strengthening the technology further.
Do you ever wonder what the world will look like when everyone has their own personal quantum computer?
This discussion has been archived. No new comments can be posted.

Quantum Researchers Achieve 10-Fold Boost In Superposition Stability

Comments Filter:
  • by TheRealMindChild ( 743925 ) on Saturday October 22, 2016 @08:46PM (#53132339) Homepage Journal
    Do you ever wonder what the world will look like when everyone has their own personal quantum computer?

    It will happen around the same time I can run an economical fusion reactor
    • Do you ever wonder what the world will look like when everyone has their own personal quantum computer? It will happen around the same time I can run an economical fusion reactor

      ... mediated by an AI, through virtual reality. i wonder what the world will look like when people stop masturabting to diegetic prototypes like they were the real thing.

      • by Hylandr ( 813770 )

        Well if we don't get a handle on basic Internet security it will be one giant quantum-botnet cluster-fuck.

    • what will it look look like when everyone has a beowulf cluster of these? FTFY
    • Do you ever wonder what the world will look like when everyone has their own personal quantum computer?

      What, you mean not everyone has a brain?

  • by Shane_Optima ( 4414539 ) on Saturday October 22, 2016 @08:53PM (#53132349) Journal
    Could we please get to work on getting everything on the web compatible with a stateful encryption scheme (out of band preshared keys and signing schemes that aren't entirely reliant on any form[1] of asymmetric cryptography) now ? Instead of waiting 10-20 years and then suddenly finding out, oh crap, some government has finally has built a quantum computer powerful enough to crack RSA/ECC?

    No? Oh well. I tried.


    1. Yes yes, there are some asymmetric schemes that aren't known to be vulnerable to efficient quantum algorithms, but there will always be a buttload of lingering question marks over any scheme that doesn't involve shared secrets.
    • Preemptive clarification: There are a lot of ways to do this (and I don't claim to be an expert on this sort of thing), but one obvious way to accomplish this in a relatively painless fashion would be through heavy use of purpose-built hashing algorithms combined with symmetric encryption. Each session key would be built using material received over an encrypted connection (utilizing preshared keys abd hashing and challenge-response stuff only; no RSA) from multiple trusted key servers hashed together. In
      • from multiple trusted key servers hashed together

        If you are relying on trust for encryption, then you simply can never trust it
        • No no, material would be provided from multiple servers and combined together with a well designed hash. You could have one server in the EU, one in the USA, one in Russia, one in Cuba and one in China if you were feeling paranoid. You would have a separate preshared key for each, and your browser settings could specify minimum number of keyservers you require to consider a connection secure. The point is all off the servers would have to be compromised bad things to happen. Such a scheme could be made to
    • Could we please get to work on getting everything on the web compatible with a stateful encryption scheme (out of band preshared keys and signing schemes that aren't entirely reliant on any form[1] of asymmetric cryptography) now ?

      Asymmetric schemes are as a practical matter absolutely necessary.

      Instead of waiting 10-20 years and then suddenly finding out, oh crap, some government has finally has built a quantum computer powerful enough to crack RSA/ECC?

      Are you sure it isn't 3-4 years or 15-73 years or perhaps 153 to 739 years? If your going to ask others you have no control over to "get to work" on something you kind of have to provide compelling evidence to support your position if you expect anyone to pay attention to you or spend their time on it.

      • Asymmetric schemes are as a practical matter absolutely necessary.

        No they aren't, as I've explained at length in other posts. Web of trust approaches combined with intelligent hashing can be used to automatically generate session keys known only to the two parties without any single point of failure (all of the trusted servers would need to be compromised) and without any need for manual intervention.

        The only thing asymmetric buys you, in terms of hassle for the end user, is the ability to not to have to worry about a transferring around a (fairly small) master keyfil

        • No they aren't, as I've explained at length in other posts.

          Yes they are.

          The only thing asymmetric buys you, in terms of hassle for the end user, is the ability to not to have to worry about a transferring around a (fairly small) master keyfile or passphrase.

          It allows anyone to encipher messages without any possession of secret information.

          It allows anyone to verify source and integrity of information without any possession of secret information.

          It allows this to occur in a completely untethered, unlimited and untraceable manner.

          Nothing you offer does that when you remove the shell game of punting of responsibility and convenient ignoring of underlying reality.

          We know a quantum RSA break is simply a matter of time.

          We know nothing of the sort. There is ZERO evidence in existence to support this assumpt

          • It allows anyone to encipher messages without any possession of secret information.

            Yes, but it's worth noting this doesn't allow you to encipher information without preshared information. You require CAs and such to be pre-loaded and trusted ahead of time.

            If you've made that leap of trust, why not make a much easier leap of trust of using a friend's connection get your initial set of symmetric keys? Why not use an automated telephone service, and a little slip of paper that came with your new computer?

            The "secret information" is, in fact, very easy to come by and only needs to be d

    • by Anonymous Coward

      If "Superimposition" was real Feyman style Superimposition (all possible states simultaneously), then it wouldn't matter how long it was in superimposition, it would pass through the key at some point in that state. You wouldn't need to make it last 10x longer, you could make it last 10x shorter and it would still find the solution.

      This is 'fake superimposition', quantum mechanics as marketing angle for analogue computers (D-Wave as example). This computers don't go through every possible state, rather its

      • If "Superimposition" was real Feyman style Superimposition (all possible states simultaneously), then it wouldn't matter how long it was in superimposition, it would pass through the key at some point in that state. You wouldn't need to make it last 10x longer, you could make it last 10x shorter and it would still find the solution.

        Is that true? I never sat down and digested the implications of the algorithm [wikipedia.org] but it's listed in Wikipedia as having O((log N)2(log log N)(log log log N)) complexity, which doesn't quite look like "instantaneous" to me.

      • by Zeroko ( 880939 )

        The problem is that while quantum superposition can be thought of as "all possible states simultaneously," it is not in general possible to choose properties of the state you get at the end (called "postselection" in the quantum computing literature). All you can do is adjust the probabilities of the different states, & for some problems, we do not know a way to make the desired state likely enough to do any better than a square root improvement in running time over a classical computer. So for that sor

    • by gweihir ( 88907 )

      There is absolutely no need to do that. Quantum Computing has failed to scale in any way for the last 30 years. It will continue to do so. Now, if we could get everybody to change the damn default passwords, that would be something that would help with very serious problem.

      • Changing the default passwords accomplishes nothing as long as lazy jackasses (like you, as it happens) refuse to transmit, store and verify them properly.
        • by gweihir ( 88907 )

          You seem to be on drugs, as your perception of reality has no relation to actual reality.

          • The "actual reality" is that companies cannot be trusted to perform the hash properly on their end and several have openly admitted to losing plaintext passwords. The actual reality is hashing is not all that computationally expensive in today's world, and many modern processors have specialized instruction sets that could be exploited for this purpose. The actual reality is that hashing, in the general sense of the term, does not need to significantly decrease entropy (though obviously improperly implemen
            • Just to preempt the peanut gallery here, I am using "hash" in a very loose sense here to encompass any "one-way" destructive transform that is highly resistant to chosen collision attacks. Note that, for this particular application, the input field can be restricted and the output field expanded to make such attacks infeasible or even impossible (probabilistically impossible, in an asymptotically approaching zero percent chance of a collision even existing sense of the word).

              I once had someone try to "
            • For the record: none of this is offtopic. Gweihir interjected some nonsense to tweak me, and then he played dumb because he's too lazy and beaten down to trot out his old non-arguments. The above mini-rant is relevant to that prior argument we had, and that he brought up.

              My thesis statements here: He is a fraud who knows nothing about cryptography, whereas I'm a self-professed layman who knows enough to realize how messed up the status quo is. The biggest easily-solved problem regarding passwords right
              • by gweihir ( 88907 )

                My thesis statements here: He is a fraud who knows nothing about cryptography, whereas I'm a self-professed layman who knows enough to realize how messed up the status quo is.

                This amuses me no end. Actually, I have a PhD in the IT security field and about a decade of relevant experience after that. Oh, and I have been following Quantum "Computing" research for about 20 years now. Nice mathematics, does not really work in practice. The latter is unchanged from 20 years back. But keep kidding yourself. At least you are entertaining, which is far better than what most amateur crypto "experts" manage.

                Incidentally, thanks to you, I found a nice reference: https://www.happybearsoftwar [happybearsoftware.com]

                • This amuses me no end. Actually, I have a PhD in the IT security field and about a decade of relevant experience after that.

                  Then you should have no problem succinctly explaining the flaws in my proof of concept, back of napkin scheme, something that you hitherto have failed to even attempt. Quibbling over terminology doesn't count, as I readly and repeatedly admitted that some of my verbiage was probably off.

                  Or alternatively, you'd have no posting your credentials publicly so you can be verified; however, you seem to think that saying stuff like this aloud constitutes "stalking" you (despite the fact that you're the one who b

                  • by gweihir ( 88907 )

                    This amuses me no end. Actually, I have a PhD in the IT security field and about a decade of relevant experience after that.

                    Then you should have no problem succinctly explaining the flaws in my proof of concept, back of napkin scheme, something that you hitherto have failed to even attempt.

                    Oh, I could. I just do not care enough about yet another flawed crypto idea by an amateur. Amateur crypto universally sucks, no exceptions. After you have explained to the n-th person what they did wrong and why it cannot be fixed (and have dealt with all their denials and claims that only show even more how clueless they are), you realize at that there is absolutely no point. The Dunning-Kruger Effect seems to have a strongly amplified variant for amateurs doing crypto.

                    Incidentally, this is a universal exp

                    • Amateur crypto universally sucks, no exceptions.

                      Except I'm not trying to or claiming to be inventing anything new. I'm explaining how you're obviously using existing tools wrong. I am almost 100% certain that most of the properties I describe are already present in some existing authentication systems (one person claimed Kerberos had the properties I described, but I don't get paid to research or implement this stuff so I haven't confirmed this). Many local authentication systems have some of the properties I'm looking for, and there's no reason whatso

                • By the way, that site is aimed at someone I never claimed to be. I repeatedly, explicitly deferred the details and optimization of my scheme (or more precisely, the properties that I insist any competently designed authentication system must possess) to *actual* experts (i.e. not including yourself.)

                  For example, I never specify the password hashing algorithm, but I do insist that one needs to not be a complete dumbass about it (e.g. the output must be significantly larger than the input so that the chanc
    • by tlhIngan ( 30335 )

      Instead of waiting 10-20 years and then suddenly finding out, oh crap, some government has finally has built a quantum computer powerful enough to crack RSA/ECC? /blockquote

      While vulnerable to a quantum computer, practical quantum computers aren't even close. To break RSA-2048 for example would require a 2048-bit quantum computer. We're currently around... 5.

      The real issue is everything around the quantum computation - the set up and readouts limit number of bits because as we increase bits, the amount of

    • crypt it 3 times with 3 different ciphers and 3 different keys.

      • Cryptography does not work like that.
        You still only need one key tomdeciepher it: your message is 1, the keys are 2, 3 and 5. You encrypt it to 1 * 2 * 3 * 5 = 30. To decrypt you obly need to stumble over the key 30.
        Migth not work for every combination of encryption methods though.

        • He said different ciphers with different keys. Separate ciphers (algorithms) with separate keys for each would indeed offer you extra protection. I suppose a reasonable and more realistic compromise/stopgap would be to do this with an asymmetric algorithm that isn't known to be vulnerable to super-efficient quantum algorithm attacks and then use this on top of RSA or ECC (which are known to be vulnerable.)

          I still think a stateful solution with would be the best going forward, but I'm not realistically
          • You can always find one single "function" that transforms a result back to its origin, regardless how many intermediate functions you use to come to that result.

            Hence your idea would not work. It is actually a classic counter example in every book about encryption.

            • Hence your idea would not work. It is actually a classic counter example in every book about encryption.

              It absolutely would work and has been repeatedly implemented in existing products (most famously the Truecrypt derivatives, though I'm not personally a big fan of theirs.) I'm just not sure you understand the purpose of this approach, or indeed the context of this conversation.

              Re-reading your prior post, you said it would "only" add multiplicative security in a brute force situation. Well, uh, that's fine. That's not a "flaw" by any means. No one should expect it to magically guard against pure brute

              • The purpose in having more than one algorithm is to guard against vulnerabilities in one or more of the algorithms
                Ah, that part escaped me.

    • by chrish ( 4714 )

      Some people are already working on cryptosystems that won't be vulnerable to attacks by quantum computers; my company is one of them.

      If you're interested, look into hash-based signature schemes, lattice-based cryptography, error-correcting-code-based cryptography, isogenies, and multivariate cryptography.

      • I'm dimly aware of these projects and wasn't trying to pretend I was proposing anything radically new; I just wish we could see preemptive, precautionary widespread adoption (without abandoning the current system as a fallback / legacy option). I really fear that no one will take serious steps (re: adoption, not research) until after someone has a working machine able to crack almost everything currently in widespread use.
        • by chrish ( 4714 )

          Obviously we feel the same way. :-)

          Governments and financial institutions are definitely interested, but it's probably a 5-7 year project for big orgs, similar to the Y2K problem but without a definite goal post. Current best guesses are thinking we'll see a "useful" quantum computer by 2026, but that can't take into account any breakthroughs that might happen.

  • Do you ever wonder what the world will look like when everyone has their own personal quantum computer?

    I rather wonder what everyone would be doing with their own personal quantum computer. Cracking encryption?

    • Do you ever wonder what the world will look like when everyone has their own personal [insert any revolutionary technology created over the past several hundred years]?

      Sure, the human race has wondered this on many occasions. And we're still here. Let's hope it stays that way.

  • Stop! You are killing cats!

  • Potential dystopia (Score:4, Interesting)

    by Rick Schumann ( 4662797 ) on Saturday October 22, 2016 @09:53PM (#53132533) Journal

    Do you ever wonder what the world will look like when everyone has their own personal quantum computer?

    At the rate and direction we're going, it'll be a dystopian future world where you can't even take a dump in the privacy of your own home bathroom without some government spook having a terabyte of data collected from the 'event'. Of course, that being said, it's just as possible that while we'll have record amounts of surveillance and spying on everyone all the time, everyone will have access to continually morphing high-end encryption driven by their own quantum computers, creating a 'balance of power' on both sides of the equation.

    Or, just maybe, we, as a race, grow out of this anal-retentive, must-watch-everyone-all-the-time, anxiety-driven, infantile stage of our social development, into a New Age of 'Live and Let Live' on all sides of all equations. Yeah, yeah, I know. Let a guy dream, will you?

    • by Anonymous Coward

      This is why a properly regulated democracy is important. Go out and vote!

      • Oh, I am, believe me.

        I'm voting third-party across the board. I know none of them will win; I'm doing it to mock our broken, near-pointless electoral system. That, and I'm sick and tired of compromising my principles for the mere expedient of 'electing the least bad candidate'. I don't like or trust either one of them, and will not have my name associated with either one of them being elected -- even if she's the foregone conclusion at this point.
  • All my "sensitive" stuff is stored rot13 in a directory called "Nothing_to_see_here_move_Along. Am I still good? Hate to go to jail for those pix of my ex sticking her tongue out at me while I went for a downshirt photo.
  • by ad454 ( 325846 ) on Saturday October 22, 2016 @10:46PM (#53132699) Journal

    Although this appears to be a great achievement, pending independent peer-review of course...

    The fact is that that it is still a big unanswered question in physics as to how the number of qubits with superposition of their quantum states will scale in terms of time and energy. Many physicists think that this might scale scale exponentially.

    So yes, we can expect to make quantum computers with a several (maybe even a few dozen) qubits with superposition of their quantum states; but if we need to double the time and energy as we add more qubits, it becomes impractical. Even if one find 10x or 100x improvements in obtaining superposition, if one does this with the large number of qubits needs to break classical public key crypto, such as RSA (via factoring), or DH/ECDH & DSA/ECDSA (via discrete log), it may take more time than the projected heat death of the universe and/or more energy than in the universe, especially with large key sizes.

    Note that quantum computer systems such as those from D-Wave now have 2000 qubits, but these function without quantum superposition of their qubits, and hence cannot be used to break public key crypto. Mind you, even without superposition, D-Wave systems appear be to many times more efficient in computing some things compared to classical computers, such as for some types of simulations, so they are still useful in there own right.

    Physicist should would find out how qubits scale, long before anyone is able to build one capable of breaking public key crypto. By then, there are a number of usable but less efficient (bigger & slower) quantum resistant public key alternatives which we can switch to, such as lattice based crypto, long before there is any quantum computer risk to Internet security.

    In terms of science fiction risks to crypto, I am much more concerned about super-intelligent AI (or really clever human mathematicians) figuring out some shortcut to undermine trapdoor functions which public key crypto is based on, than I am with quantum computers.

    And currently, the biggest risk to worry about are the countless security flaws and backdoors in modern hardware and software, such as Intel VPro/AMT, and organizations such as the NSA undermining crypto standards and protocols.

    • by gweihir ( 88907 )

      You probably mean "inverse exponentially with effort".

      I fully agree. It does not look like we are even going to ever get linear scaling, and what made digital computers great is that they did indeed get exponential scaling for a while (basically over now).

      Incidentally, the D-Wave performance completely sucks once the comparison is fair. It only outperforms a digital simulation of what it does, and since a simulation of something takes far more effort than the thing itself, that is no accomplishment at all.

  • by slazzy ( 864185 )
    I see a world market for maybe 5 Quantum computers.
  • It looks like we are zeroing on making the current standards useless ...

  • by gweihir ( 88907 ) on Sunday October 23, 2016 @03:03AM (#53133291)

    The states are still "fragile and short-lived". This is not relevant in any way, form or shape, except as a detail result form a failed research direction. Other directions for alternate computing circuits have been scrapped far before the mountain of failure that "quantum computing" has accumulated by now.

  • Do you ever wonder what the world will look like when everyone has their own personal quantum computer?
    The principle of quantum computers are that they use entangle qubits (when one switches state, the entangled qubit switch state too, wherever they are). Knowing that NSA puts backdoor in US fabricated routers ( link to admission by cisco), once the quatum computers are out, how long will it be, before the NSA has few qubit entagled with everyone of them ?
    No air gap would ever matter ...
    Most proba
  • Do you ever wonder what the world will look like when everyone has their own personal quantum computer?

    I do. And simultaneously I don't.

  • I won't dream of a single (or multiple) damn quantum thing until I see an equation that describes a real-world superposition scaling limit, species type "immovable object".

    I believed in Moore's law because it was on a collision course with the atom, right from day one. Even as a child, I didn't believe in a Laplacian universe, in the sense that the accumulated knowledge required to compute the deterministic outcome could exist in one place—a place smaller than the universe itself—for any value

  • ...has been named a 'dressed' quantum bit as it combines a single atom with an electromagnetic field."

    Warp fields for particles..

  • So they improved the decoherence by a factor of 10. This is nice, but no reason to abandon your RSA keys just yet. The real problem with quantum computing is not decoherence (i.e. the losing of superpositions due to uncontrolled entanglement with the environment) - its quantitative imperfections.

    A quantum computer is basically an analog device. As you cannot observe states, there also is no way to "refresh" slightly inaccurate states, as a normal digital computer does. A NOT has to be exactly 180 degrees an

Understanding is always the understanding of a smaller problem in relation to a bigger problem. -- P.D. Ouspensky

Working...