PRISM && Excited Guardianista

Peter Fairbrother zenadsl6186 at
Wed Jun 12 18:19:49 BST 2013

On 12/06/13 17:20, James Firth wrote:
> Peter Fairbrother wrote:
>> A D-Wave machine wouldn't help though, it's the wrong kind of Quantum
>> Computer (if it is a QC - it seems to be, but I'm not entirely sure) and
>> doesn't seem to give much if any speedup over classical computers anyway.
> I was using a commercial example that we know about as an indicator as to
> what we might not know about.
> But, from a very naive perspective at least, surely what some seem to now
> refer to as an "adiabatic QC", as distinct from a quantum implementation of
> gated logic, is actually a better starting point for cryptanalysis, assuming
> it is possible to map the mathematical boundary conditions of an algorithm
> into something the D-wave can "anneal".

The problem as I see it is the lack of local minima - there is only one 
minimum, the correct solution, and the value of the rest of the search 
space is constant (with random fluctuations). The trial key X-1 has no 
lower value than the key X-2, or X+1, where X is the correct key.

So the state would have to go pretty much immediately from the beginning 
random state to the final solution state, and no intermediate annealing 
action would be possible (or useful).

If it worked it would solve the problem in essentially zero time - but I 
don't think the D-Wave, or any other machine, could do that.

At least that's my opinion, but I claim no great expertise here.

-- Peter Fairbrother

> Nature ran a reasonable blog on speed comparisons and limitations of D-Wave:
> James Firth

More information about the ukcrypto mailing list