PRISM && Excited Guardianista
zenadsl6186 at zen.co.uk
Wed Jun 12 18:19:49 BST 2013
On 12/06/13 17:20, James Firth wrote:
> Peter Fairbrother wrote:
>> A D-Wave machine wouldn't help though, it's the wrong kind of Quantum
>> Computer (if it is a QC - it seems to be, but I'm not entirely sure) and
>> doesn't seem to give much if any speedup over classical computers anyway.
> I was using a commercial example that we know about as an indicator as to
> what we might not know about.
> But, from a very naive perspective at least, surely what some seem to now
> refer to as an "adiabatic QC", as distinct from a quantum implementation of
> gated logic, is actually a better starting point for cryptanalysis, assuming
> it is possible to map the mathematical boundary conditions of an algorithm
> into something the D-wave can "anneal".
The problem as I see it is the lack of local minima - there is only one
minimum, the correct solution, and the value of the rest of the search
space is constant (with random fluctuations). The trial key X-1 has no
lower value than the key X-2, or X+1, where X is the correct key.
So the state would have to go pretty much immediately from the beginning
random state to the final solution state, and no intermediate annealing
action would be possible (or useful).
If it worked it would solve the problem in essentially zero time - but I
don't think the D-Wave, or any other machine, could do that.
At least that's my opinion, but I claim no great expertise here.
-- Peter Fairbrother
> Nature ran a reasonable blog on speed comparisons and limitations of D-Wave:
> James Firth
More information about the ukcrypto