I have recently been wondering if quantum computing should be regarded as a major concern for mankind’s safety. Perhaps not as an existential risk. But perhaps as a major catastrophic risk.
In particular, there might be a non-negligible risk that, within a few years, quantum computing might lead to an escalation that might turn into civil or global war. Since I have never read any major concern regarding this risk, I am quite skeptical of my own concerns. Thus I’d be very curious to have feedback from you.
Projections for Quantum Computing
It all started a few weeks ago, as I prepared a science popularization video (in French) on quantum computing, and in particular on Shor’s algorithm. In brief, this is a quantum algorithm that efficiently breaks current asymmetric cryptography protocols, which are widely used throughout Internet, industries and governments. In particular, it seems that the security of banking systems heavily relies on asymmetric cryptography. They would be breakable by Shor’s quantum algorithm.
As often in popularization of this topic, I first wrote a reassuring conclusion that basically said that quantum computers were not yet powerful enough to run Shor’s quantum algorithm. And thus that viewers could sleep in peace.
But I wanted to be quantitative, so I looked up the number of qubits of latest quantum computers. I got shocked. While I was expecting this number to be of ~50 qubits, it turns out that “in December 2018, IonQ reported that its machine could be built as large as 160 qubits”. While I actually am skeptical of this claim, it nevertheless seems worrying.
This number of (entangled) qubits is critical to the capabilities of quantum computers. In particular, a n-bit cryptographic asymmetric key could roughly be broken by a n-qubit quantum computer. Today’s (RSA) keys often are kilobytes long. This means that they might be broken by, say, a quantum computer with 4,000 qubits.
(Note that even symmetric cryptography often relies on Diffie-Hellman secret sharing protocol, which is vulnerable to quantum attacks. In particular, all systems currently protected by such a cryptography can be broken by quantum algorithms. It thus seems that any private content you share can potentially be made public by 4,000-qubit computers.)
So, according to Wikipedia, it seems that the number of qubits might have tripled within the last year. At this rate, it would take three years for quantum computing to be powerful enough to upset most of our current cryptographic systems.
Evidently, I may be overestimating this rate. At Moore’s law rate (doubling every 18 months), it would take 7.5 years. And it’s not unlikely that quantum entanglement of thousands of qubits will never be doable.
But it seems that there is also a lot of secrecy in this industry. Thus we may not be aware of what is really going on in industry’s labs. Also, it seems that we should not discard the possibility of a major breakthrough. Thus, though I may be completely wrong, it seems to me that we should regard 4,000-qubit quantum computing as a plausible scenario within the next few years.
Consequences of 4,000-qubit Computing
While there are proposals for secure cryptography in a quantum world, like quantum cryptography or post-quantum cryptography, such quantum-resilient systems have not been deployed so far. They might not have been deployed by the time a 4,000-qubit quantum computer will have been built. Thus, it seems that we cannot exclude the possibility that quantum computers will become efficient in a world where classical asymmetric cryptography is still very widely used.
Yet it seems to me that if this occurs, then there is a huge risk of major economical disturbance, accompanied with fears and possible supply shortages, which might then lead to a civil or global wars. In fact, a mere fear of quantum hacking may suffice to trigger such disasters.
Indeed, as I said, banking systems (among many other industries) heavily rely on asymmetric cryptography. Thus, any suspicion of possible quantum hack might motivate banks to freeze all accounts. This may cause payment failures, which would break trusts between different parties. Supply chains might be interrupted. And there might be no foreseeable solutions in short to medium term, while huge information systems are being updated and verified to be secure.
If this situation lasts for a day, we probably would be fine. But given how hard it is to safely update information systems, the chaos caused by the interruption of information systems might last for days, weeks, and perhaps months. And given how reliant we are on information systems, this might cause disruptions in electricity or food supply, which might lead to panic and conflicts.
Conclusion
Our modern world strongly relies on information systems, whose security too often relies on asymmetric cryptography. This cryptography is well-known to be vulnerable to quantum algorithms like Shor’s. So far, no quantum computer is powerful enough to implement Shor’s algorithm to break actual asymmetric cryptographic keys. However, given the current rate of progress, perhaps we should consider the possibility that they will be powerful enough within a few years.
What do you think? Are these concerns justified? If not, what am I missing? And if they are, what can be done to anticipate the advent of quantum computing?
Quantum computing concerns?
Hi all,
I have recently been wondering if quantum computing should be regarded as a major concern for mankind’s safety. Perhaps not as an existential risk. But perhaps as a major catastrophic risk.
In particular, there might be a non-negligible risk that, within a few years, quantum computing might lead to an escalation that might turn into civil or global war. Since I have never read any major concern regarding this risk, I am quite skeptical of my own concerns. Thus I’d be very curious to have feedback from you.
Projections for Quantum Computing
It all started a few weeks ago, as I prepared a science popularization video (in French) on quantum computing, and in particular on Shor’s algorithm. In brief, this is a quantum algorithm that efficiently breaks current asymmetric cryptography protocols, which are widely used throughout Internet, industries and governments. In particular, it seems that the security of banking systems heavily relies on asymmetric cryptography. They would be breakable by Shor’s quantum algorithm.
As often in popularization of this topic, I first wrote a reassuring conclusion that basically said that quantum computers were not yet powerful enough to run Shor’s quantum algorithm. And thus that viewers could sleep in peace.
But I wanted to be quantitative, so I looked up the number of qubits of latest quantum computers. I got shocked. While I was expecting this number to be of ~50 qubits, it turns out that “in December 2018, IonQ reported that its machine could be built as large as 160 qubits”. While I actually am skeptical of this claim, it nevertheless seems worrying.
This number of (entangled) qubits is critical to the capabilities of quantum computers. In particular, a n-bit cryptographic asymmetric key could roughly be broken by a n-qubit quantum computer. Today’s (RSA) keys often are kilobytes long. This means that they might be broken by, say, a quantum computer with 4,000 qubits.
(Note that even symmetric cryptography often relies on Diffie-Hellman secret sharing protocol, which is vulnerable to quantum attacks. In particular, all systems currently protected by such a cryptography can be broken by quantum algorithms. It thus seems that any private content you share can potentially be made public by 4,000-qubit computers.)
So, according to Wikipedia, it seems that the number of qubits might have tripled within the last year. At this rate, it would take three years for quantum computing to be powerful enough to upset most of our current cryptographic systems.
Evidently, I may be overestimating this rate. At Moore’s law rate (doubling every 18 months), it would take 7.5 years. And it’s not unlikely that quantum entanglement of thousands of qubits will never be doable.
But it seems that there is also a lot of secrecy in this industry. Thus we may not be aware of what is really going on in industry’s labs. Also, it seems that we should not discard the possibility of a major breakthrough. Thus, though I may be completely wrong, it seems to me that we should regard 4,000-qubit quantum computing as a plausible scenario within the next few years.
Consequences of 4,000-qubit Computing
While there are proposals for secure cryptography in a quantum world, like quantum cryptography or post-quantum cryptography, such quantum-resilient systems have not been deployed so far. They might not have been deployed by the time a 4,000-qubit quantum computer will have been built. Thus, it seems that we cannot exclude the possibility that quantum computers will become efficient in a world where classical asymmetric cryptography is still very widely used.
Yet it seems to me that if this occurs, then there is a huge risk of major economical disturbance, accompanied with fears and possible supply shortages, which might then lead to a civil or global wars. In fact, a mere fear of quantum hacking may suffice to trigger such disasters.
Indeed, as I said, banking systems (among many other industries) heavily rely on asymmetric cryptography. Thus, any suspicion of possible quantum hack might motivate banks to freeze all accounts. This may cause payment failures, which would break trusts between different parties. Supply chains might be interrupted. And there might be no foreseeable solutions in short to medium term, while huge information systems are being updated and verified to be secure.
If this situation lasts for a day, we probably would be fine. But given how hard it is to safely update information systems, the chaos caused by the interruption of information systems might last for days, weeks, and perhaps months. And given how reliant we are on information systems, this might cause disruptions in electricity or food supply, which might lead to panic and conflicts.
Conclusion
Our modern world strongly relies on information systems, whose security too often relies on asymmetric cryptography. This cryptography is well-known to be vulnerable to quantum algorithms like Shor’s. So far, no quantum computer is powerful enough to implement Shor’s algorithm to break actual asymmetric cryptographic keys. However, given the current rate of progress, perhaps we should consider the possibility that they will be powerful enough within a few years.
What do you think? Are these concerns justified? If not, what am I missing? And if they are, what can be done to anticipate the advent of quantum computing?