2

It seems like all the worry about quantum computers breaking encryption is based on speculation that someday quantum computers will break modern encryption. I think we can all agree it will happen at some point, but I have yet to find any credible information that gives an accurate timeline for this. "Experts" say 30 years, but where do they come up with these time estimates? Do we even know how many qubits we would need to break RSA or similar algorithms? I haven't been able to find any credible information to answer these questions.

Let's say we will have a quantum computer in 30 years that can break RSA, what type of data is even worth grabbing now that will be relevant in 30 years? Are there any instances of a "harvest now, decrypt later" attack yet?

Thank you for your input.

Rydberg
  • 309
  • 2
  • 6
  • 2
    Try to Google article Breaking 2048 RSA in eight our with 20 million qubits by Craig Gidney – Martin Vesely Jun 12 '22 at 07:16
  • @MartinVesely I would argue that paper doesn't really answer the question. "Predicting such advances is beyond the scope of this paper" is right in the conclusion. They then go on to say " We hope that this paper informs the rate at which this work needs to proceed", but provide no guidance to suggest RSA will be broken anytime soon, or ever. – Rydberg Jun 12 '22 at 14:31
  • I agree that the paper answer you question only partially. You were asking about number of qubits needed and the paper says some rough estimate under ideal circumstances. As current QPU have maximally hundred qubits, you see how large is the gap we need to overcome. Sorry I was not able to provide better source. – Martin Vesely Jun 12 '22 at 20:48
  • One of the authors of the paper actually responded to a question I wrote on [crypto.se], explaining that the resource requirements even for that system are way beyond anything we have now. – forest Jun 14 '22 at 06:25

0 Answers0