Quantum Computers vs. Computers Security
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 109 | |
| Author | ||
| License | CC Attribution 3.0 Unported: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/36377 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
DEF CON 2353 / 109
12
19
20
23
24
29
32
33
36
51
58
60
62
66
67
68
69
70
71
77
82
84
85
88
89
92
98
99
103
104
107
00:00
ComputerInformation securityQuantum computerQuantum computerQuantum mechanicsInformation securityMultiplication signTheory of relativityGoodness of fitComputer animation
00:32
Quantum computerCumulative distribution functionQuantum computerComplex numberSpacetimeCartesian coordinate systemNichtlineares GleichungssystemState of matterMixed realityIntrusion detection systemPhysicistQuantum mechanicsComputer font
01:30
Quantum computerComputer hardwareQuantum mechanicsComputerQuantum computerSoftware frameworkPhysical systemNatural numberTheoryMathematicsGravitationSpektrum <Mathematik>Nuclear spaceOperating systemForcing (mathematics)Thermal expansionSlide ruleComputer animation
02:06
Quantum computerNegative numberUniverse (mathematics)PredictabilityParameter (computer programming)Universe (mathematics)Particle systemRandomizationNumberMechanism designComplex numberComputer
02:42
Dirac equationQuantum computerNegative numberUniverse (mathematics)QubitClassical physicsQuantum computerPositional notationMultiplication signCoefficientPoisson-KlammerBeta functionAlpha (investment)Negative numberQubitLine (geometry)NumberSpacetimeState of matterPhysicistObject (grammar)BitSuperposition principleCone penetration test
04:05
Quantum computerWordBitSequenceQuantum computer32-bitObject (grammar)Number
04:33
Matrix (mathematics)Quantum computerMeasurementState of matterQuantum computerInformationMatrix (mathematics)Single-precision floating-point formatBitOperator (mathematics)MultiplicationComputerCodierung <Programmierung>FeldrechnerResultantQubitSet (mathematics)Object (grammar)Multiplication signData storage deviceAlgebraic functionLinear algebraCanonical ensembleNormal distributionTime zoneSummierbarkeitJSON
06:55
QubitSimulationQuantum computerPhysicsComputer simulationComputerClassical physicsSemiconductor memoryComputer simulationQuantum computerQubitQuantum mechanicsComputerNatural numberPhysicalismComputer animation
07:40
NP-hardScheduling (computing)SatelliteScaling (geometry)Quantum computerData structureElectronic mailing listInheritance (object-oriented programming)RoutingSupercomputerComputerNP-completeTravelling salesman problemMathematical optimizationScheduling (computing)
08:30
IntegerCode refactoringRSA (algorithm)Quantum computerParallel portCartesian coordinate systemMereologyCASE <Informatik>ComputerNumberMultiplication signRSA (algorithm)Normal distributionSuperposition principleWordQuantum computerFreewareResultantCondition numberFactorizationLatent heatTheoryMultilateration
09:51
Quantum computerQubitAlgorithmCode refactoringNumberMultiplication signQuantum computerDivisorMathematicianCartesian coordinate systemAdditionComputer animation
10:38
System programmingQubitMixed realityIntegrated development environmentQuantum computerBuildingComputerQubitFlow separationQuantum computerNoise (electronics)Integrated development environmentPhysical systemField (computer science)Object (grammar)ComputerFehlererkennungTheoryReal-time operating systemParticle systemClosed setError messageAbsolute valueRSA (algorithm)Resultant
11:41
System programmingQubitIntegrated development environmentMixed realityOrbitQuantum computerComputerBuildingError messageParity (mathematics)CryptographyRSA (algorithm)QubitSet (mathematics)2 (number)Control flowQuantum computerIntegrated development environmentMeasurementError message
12:12
CryptographyRSA (algorithm)CurveEllipseComputerDeterminismQuantum computerElliptic curveRevision controlComputer animation
12:39
RSA (algorithm)Code refactoringComputerQuantum computerBitVorwärtsfehlerkorrekturFunction (mathematics)Buffer solutionType theoryMathematicianDiskreter LogarithmusElliptic curveRSA (algorithm)Social classComputerNP-hardDivisorSubgroupAlgorithmQuantum computerGroup actionProof theoryFourier transformNumberKey (cryptography)Complete metric spacePower (physics)FrequencyResultantNP-completeMathematics
14:05
Quantum computerInformation securityKey (cryptography)Quantum computerField (computer science)Information securityTable (information)Element (mathematics)Key (cryptography)Symmetric-key algorithmBitHash functionMathematicsRevision controlRootEncryptionComplex (psychology)Square numberMultiplication signSymmetric matrixComputer animation
15:03
CryptographyQuantum computerRSA (algorithm)VorwärtsfehlerkorrekturExterior algebraQuantum cryptographyCryptographyQuantum computerSpring (hydrology)National Institute of Standards and TechnologyComputer
15:38
Key (cryptography)Hash functionFunction (mathematics)Quantum computerNumbering schemeElectronic signatureProof theoryField (computer science)FamilyComputerKey (cryptography)BitHash functionLimit (category theory)Public-key cryptography2 (number)State of matterQuantum computer
16:49
Quantum computerAdditionElectronic signatureData structureNumbering schemeGaussian eliminationVariable (mathematics)Field (computer science)MultiplicationStochastic processNichtlineares GleichungssystemPhysical systemTrigonometric functionsMultiplication signFamily
17:38
EncryptionQuantum computerKey (cryptography)Codierung <Programmierung>Electronic signatureType theoryQuantum computerLine (geometry)Intrusion detection systemAuthenticationCodeKey (cryptography)Hard disk driveEncryptionIteration1 (number)Physical systemCryptography
19:00
Function (mathematics)EncryptionError messageQuantum computerCumulative distribution functionCryptographyLattice (group)Noise (electronics)Function (mathematics)MassMereologyCumulative distribution functionQuantum cryptographyQuantum computerKey (cryptography)
19:32
Quantum computerCausalityKey (cryptography)Cumulative distribution functionPhysicsInformation securityPhysical lawQuantum computerParameter (computer programming)PhysicalismQuantum mechanicsPhysical lawBitKey (cryptography)Metropolitan area networkQubit
20:12
Quantum computerCumulative distribution functionBitRandomizationVertex (graph theory)Open setNumbering schemeWritingDiagonalPolarization (waves)Standard deviationCodierung <Programmierung>QubitKey (cryptography)
21:33
Quantum computerInformation securityImplementationCryptographyHacker (term)Vulnerability (computing)Physical systemService-oriented architectureCryptographyClassical physicsKey (cryptography)Hacker (term)FehlererkennungCone penetration testMereologySicMetadataGroup actionQuantum computerImplementationLimit (category theory)
22:29
Quantum computerCumulative distribution functionFiber (mathematics)Link (knot theory)InternetworkingLink (knot theory)Limit (category theory)DistancePoint (geometry)Data miningComputer animation
22:58
Quantum computerCloningQuantum computerCartesian coordinate systemObject (grammar)Cache (computing)Shooting methodMomentumBitPosition operatorTheoremTheory of relativityMultiplication signPhysicalismQubit
23:55
Codierung <Programmierung>Classical physicsQuantum computer1 (number)TheoryReal number2 (number)Codierung <Programmierung>Qubit
24:42
Quantum computerSoftwareComputer programmingQuantum computerHash functionRight anglePasswordSoftwareQubitCodeFunction (mathematics)Cache (computing)Reverse engineeringTheoryElectronic mailing listFormal verificationMereology
26:00
Machine learningQuantum computerSystem programmingVirtual machineMereologyMachine learningComputerSimilarity (geometry)Latent heatSoftware bugPattern languageSlide ruleField (computer science)Physical systemDirected graphComputer animation
27:03
Quantum computerMeasurementComputer networkInformation securityMachine learningSquare numberVirtual machineElectronic mailing listBitRootMachine learningInformation securityFunctional (mathematics)Quantum computerSoftware bugPosition operatorLatent heatAlgorithmIntrusion detection systemSoftwareSupport vector machineCASE <Informatik>Square numberComputerArtificial neural networkExponential distributionPhysical system
28:50
Quantum computerSuperposition principleInclusion mapQuantum computerAddress spaceSuperposition principleSemiconductor memoryAlgorithmVirtual machineUltraviolet photoelectron spectroscopyComputerMultiplication signPhysicist
29:43
Quantum computerComputerQuantum computerInheritance (object-oriented programming)ComputerNP-completeUniverse (mathematics)PhysicistAtomic numberProof theoryMedical imagingPhysicalismNumberOperator (mathematics)MathematicianSlide ruleType theoryArithmetic meanNatural numberElectronic mailing list1 (number)DivisorControl flowComputer clusterState of matterEncryptionGoodness of fitTuring-Maschine
32:06
Computer animation
Transcript: English(auto-generated)
00:03
I'm very happy to be here. They asked me if it was my first time speaking at DEF CON. I said yes and no. I spoke at sky talks last year. It was a much smaller room. So happy to see so many people. So I've been talking about quantum computing and its relation with security. How many of you know
00:23
how quantum computer works? Quite a few. How many of you know quantum physics? Oh, good. You need to know about Schrodinger equation. The basic, the very basics that you need to
00:42
know to get to talk. Complex number and spaces obviously. If you don't know any of those, leave the room. I'm kidding. The problem is you don't need to get all this stuff to understand
01:01
quantum computing. If you want to understand quantum mechanics, then obviously you need these notions but not for quantum computing. So I'll try to convince you that's true. So the outline, it will be a talk very broad, not very deep. There might be some deep ideas but I won't go into the
01:23
technical details or how things work in details. I'll give you the ideas and the applications. Very brief about quantum computing. So quantum mechanics, it's based on quantum mechanics and you can see this as the operating system of nature. It's
01:44
like the framework on top of which the theories like gravity, electromagnetism and nuclear forces are running. So you get those theories in blue, the expansion of nature and you try to adapt them to do quantum mechanics operating system. And this is all relying on some mathematical notions. So that's
02:04
where we stand. This is my only slide about quantum mechanics. So that's the most important thing for us. What it says is that the particles in the universe like photons, electrons and so on, they behave randomly. So not randomly in the sense unpredictable because we don't
02:21
know all the parameters but it's really randomly. You have no way to predict what's going to happen. But what's different compared to what the randomness you know is that the probability can be negative. Not only negative, negative and complex numbers. So you see the numbers with the i there. So that seems to be kind of intuitive but you have
02:44
to trust me and to trust the physicists that it does make sense mathematically to have negative probabilities like negative amount of money. All right. So you know what is a classical bit? It's either 1 or 0. A quantum bit can be 1
03:03
and 0 at the same time. We call this a superposition. So when you have not looked at the qubit, it's in the state where you know that if you observe the qubit, if you ask him what's his value, it will be 0 with some probability and
03:21
1 with some other probability. The notation space is used, you have this for example alpha and beta as coefficients and the strange notation of the straight line and the bracket. It's called the bracket notation. You don't need to remember this but what you need to know is that the alpha and beta values, they are called amplitudes. They can be
03:42
negative, they can be complex and the actual probability, so you take this value, you square it and that's the actual probability that you get. So number between 0 and 1. And when you observe the qubit, it stays 0, 1 forever. So it's no longer a quantum object, it's like a classical object. It's
04:02
0 or it's 1. So you can generalize this idea to quantum bytes. Instead of having just 1 bit, you have 8 bits and you have different probabilities for each byte. So you have this sequence of 8 quantum bytes and if you look at it, maybe it will be 0xFF with some probability, maybe it will be
04:22
0x01 with some other, maybe it will never be 0x00 and so on. So that's it. You can generalize to quantum words, 30 to 64 bit, whatever number. And using these objects, you build a quantum computer. So it's like a normal computer, you have registers, it's going to be bytes or words, anything you
04:45
want and you will transform the state, so that's how you will compute. You have kind of quantum assembly but you have just different instructions than the classic instructions that you know. The important thing to remember is that the
05:01
operation will all be reversible. You go from one state to the next state but you can also go back in the past. So you don't destroy information. You don't really have like if you take classical assembly, you have the end operation, you register 1 and register 2 and you write it in register 1. You can't go back in the past, you
05:22
can't, not the previous value. And here you have what you will modify, so it's these quantum objects and actually you will just change the probabilities doing very simple operations, what you learned in high school in algebra. So like matrix multiplications, you will just do matrix multiplications transform the probabilities and obviously
05:43
what you want is that when all your probabilities sum to 1 because you want something to happen obviously, you want the new vector of probabilities to sum to 1 as well. I won't go much more technical but that's the idea. You just remember that quantum computing is just multiplying together some
06:02
probabilities that can be negative or complex and that's it. So you have this set of registers that can be both 0 at the same time and then you observe 1 bit or 1 byte or more and that's the result. And the important thing is that you cannot simulate this using classical computer. Why?
06:23
Because let's say you have quantum byte, so this single quantum byte encodes 256 different probabilities. So you might be able to store this on your normal computer. But now let's say you have a quantum world of 32 bits. How do you store this classically? It's a few gigabytes of information.
06:45
Might be doable but now if you have a 64 bit world, obviously you cannot store this on your classical computer. Well on the quantum one it's just 64 qubits. So you can try this online. There's a few simulators, quantum computing
07:01
playground. You cannot go too far because like I just said, you need gigabytes, terabytes, petabytes of memory but this one goes up to 22 qubits. Actually the motivation for all this was to simulate quantum physics and for some reason that you cannot simulate a quantum computer using a classical one, you cannot simulate quantum physics using
07:22
classical computer. So Richard Feynman said okay so to simulate this we need to invent a quantum computer and that's what's the motivation to understand how physics works, how nature works by simulating all the quantum phenomenon. Okay
07:42
I will just go through two common misunderstandings about all this. So people sometimes say quantum computer is a super super computer that's way faster and solves all the problems. So sorry it doesn't solve all the hardest problems
08:00
especially the problems. So I don't know if it's familiar to you like the problem where you have a list of cities and you must find the optimal route. Scaling problems, scanning, all those half problems have some structure that makes them difficult and practically impossible to solve on
08:22
normal computer. You won't solve these problems with a quantum computer. So that was the first bad news. The good news is that you do have some what is called quantum speedup for some specific cases. In other words making the impossible
08:42
possible on a quantum computer. So the post-soci is the factoring problem you have a number N which is equal to P times Q and going from N to P times Q is difficult on a computer but it is on quantum one. So obviously the application that the interesting application is
09:02
breaking RSA. I'll talk about this later. Okay so the last caveat is quantum parallelism. Some people say you have this super position notion so it's like trying everything in parallel so parallelism for free. The idea is that in some
09:22
sense you compute several values at the same time but you can only look at one result. You cannot look at all the results. So it's like all this is useless. You cannot condition, you cannot say okay I want to look at the result that gives this value. You look at the random result. There's
09:45
nothing wrong with that. So that was it for the theory. Let's move to the practical part. So like I said, the most common addition is factoring numbers so I'm happy to tell you that we know how to factor 15. It's 3 times 5. We
10:05
also know how to factor 153 and 56,153 but there's a caveat here. They don't use a special number and in some sense they had
10:20
to know in advance what was the solution before searching for the solution. The actual quantum factorization it was only done for 15. So I just want to say that we are very far from a useful application of quantum computer. And the reason is that it's amazingly difficult to build. First of
10:43
all, you have to find an object to simulate your qubit. So typically you will take some physical particles, sometimes take photons, molecules and superconducting phenomenon. I want to explain the details of this. But the main problems they're facing in quantum computers is what we call
11:04
decoherence. That qubit gets mixed up with the environment. They will interact with the rest of the world, the rest of the system and this will completely perturb the system. So we know that in theory there's this whole field of quantum error correction where in theory you can correct all
11:20
the errors in real time but in practice it's much more difficult. You also have to have the computer at very low temperature, close to the absolute zero, technical detail. And we don't know how to scale to several hundred or thousands of qubits. So we had this result with four or five qubits that I showed before. But if you want to break RSA
11:43
to break all the crypto in the world, you need a thousand qubits. And we're far from this. 9 qubits this year. It's better than 4. It's not even an actual quantum computer. It's just a set of 9 qubits that could live together for a few seconds while correcting the errors in
12:04
the environment. And I have no idea what it is but it's probably interesting. Okay. Breaking cryptography. No, the NSA doesn't have a quantum computer. I don't think they do. They probably don't. So like I said, we're doomed. If
12:27
tomorrow the quantum computer comes up, RSA broken, even the elliptic version of the Hellman. So I'll briefly explain why. So RSA, like I said, is based on the harness of
12:42
factoring numbers. If you can factor numbers, then you can break RSA. If you can break RSA, you can probably factor numbers. So it's hard on classical computer. We don't have an actual mathematical proof of this. But we, cryptographers, mathematicians, pretty much convinced that it's
13:02
a problem. It's not an NP complete problem. Factoring is not NP complete. But it's easy on a quantum computer. It's because of an algorithm by a guy called Peter Shaw. It's called Shaw's algorithm. And it's doing a quantum Fourier transform and finding a period in some function and it gives
13:21
you the result. What's nice with this algorithm is it's not specific for factoring. It's actually for a whole class of problems that we call the hidden subgroup problems, finding a subgroup in some bigger group. And it turns out that the discrete algorithm is another type of this problem. So the
13:41
problem behind the Hellman, the elliptic curves, essentially you have a number G and you know G to the power of Y and you don't know Y. So you look for Y. Sounds pretty easy like this. But you can try it. It's not easy if you do it on
14:01
big numbers. And again it's easy on a quantum computer. So what about symmetric ciphers? Things like AS or even hash functions. It's a little bit faster if you have a quantum computer but not that faster. It's just that the search for
14:20
the key would be much faster. So instead of having a security of 128 bits with a key of 128 bits, you would get half of that, 64 bits of security. Now if you do some advanced mathematics, okay, if I want 120 bit security, I just need a key of 256. And we have an AS version of 256. And we can
14:42
have even ciphers with a key of 512 bits. The reason behind this is that with Grover's algorithm you can search in a variable of N elements in time square root of N instead of N. So if you have 2 to the N values, it's complexity of 2 to the N over 2. So there's a field called post-quantum
15:07
cryptography or quantum safe. The goal is to find alternatives to RSA and any CC. Otherwise that would be resistant to quantum computing. So it's not a joke. It's a thing
15:24
people have been working on it for years. Even NIST is caring about this. It was a workshop this year. I don't see the date here but it was in spring 2015. And it's a workshop next year in Japan. So I'll show you four of those, not
15:42
the schemes but the family of schemes. The first one is based on hash functions. So things like sha-1, sha-2, sha-3. And it's based on the problem of inverting hash functions. And it's a problem that we don't know how to solve easily even on a quantum computer. And we're pretty confident that
16:01
it will remain difficult. Maybe the state of the art if you're interested in this can look up what is called Sphinx designed by Dan Burstein, Zuko and other guys. It's pretty secure. They have some proofs. Very nice paper. But the only limitation is that you have
16:21
pretty large signatures. So instead of being 256 bits it's 40 kilobytes. It's better than 40 megabytes but still not as small. And the keys instead of being short while they are one kilobyte to private key is pretty slow.
16:41
Instead of doing thousands or hundreds of thousands per second, it's more like a hundred. But it works. Another field is multivariate signatures. So multivariate just means equations with many variables. And just means that you, the variables are combined in such a way that you
17:01
do not only additions but also multiplications. And once you have multiplications it becomes much, much, much harder to solve. If it's just additions it's what we call linear so we can solve it efficiently using Gaussian elimination. If you do multiplications and if you take a random system of equations it's NP harder. So it's
17:21
harder. Impossible. But if you want to use it, you need to have a much shorter system. You need to use some structure and that's the reason why some schemes were broken. I don't have much on this. Something important to understand is if
17:42
there's a quantum computer that's created it might break your signatures but you can still salvage signatures by issuing new ones with a quantum safe system. So you can still sign your document and get this notion of
18:01
authenticity. But if you encrypt something with a non-quantum safe cipher then it's too late. It's going to be decrypted. It's of no use to re-encrypt again. So the bottom line here is that it's more important to have post-quantum encryption
18:20
as soon as possible than post-quantum signatures. You can still wait until the quantum computer is created. So very briefly was about two types of post-quantum encryption techniques. One based on codes. So it's nothing new. It's from the 70s, 80s. Again, you have very large
18:44
keys, kilobytes but today we have a terabyte hard drive. So maybe a few kilobytes is not such a big deal. It's not very fast but it's not like it takes hours, it's more milliseconds. And the other one is latest best crypto which
19:02
uses latest. It's very simple to understand. You have a function and you don't know the function. You know roughly how it looks like and you want to learn the function. But the adversary is putting some noise on the function so you cannot guess how it works. Okay. So the fifth part is
19:26
quantum key distribution. What we also hear as quantum cryptography and here the problem is like it's like a quantum man but instead of using the normal man you just use physical phenomena. It's not quantum computing it's just
19:44
using quantum mechanics. And the argument is that it's as strong as the law of physics. The argument is that if you're in the middle you can't do a man in the middle because it will be detected by the adversary. By the laws of physics if you observe a photon it will be modified. So when
20:04
you receive it you will see the modification. You cannot copy quantum bits. And also the keys are truly random. So this one is the standard, the simplest scheme BB84 by two
20:20
Canadian guys in 1984. I'll explain very quickly it's pretty simple. Just Alice and Bob they want to show a key. So Alice selects a few bits, random bits. Here 1, 0, 1, 1, 0, 1, 0, 0, 1. And she has to select an encoding. Here it means just a polarization of the photon but you can see
20:43
just simple encoding. So either the blue one, orthogonal vertical, or the green one with diagonals. So she selects blue, blue, green, blue, green, green, green, blue. And she will send this to Bob. And Bob he doesn't know the encoding. So he'll pick a random encoding as well. And the thing is if you have the same encoding you will observe the
21:02
right value. If you don't have the right encoding you will see a random value. And it will be too late to correct because once you observe it it's no longer a quantum bit. So Bob he observes the bits that he receives and then he publishes the encoding. And Alice says okay here you get the
21:20
right one, you get the wrong one. And it just pick the bits where they have the same encoding. So the actual scheme is a bit more complicated but that's the general ID. Okay but of course it's not as secure as it pretends to be. You always have unexpected vulnerabilities in this kind of
21:42
system. The first one is you know it's a quantum but it's not a quantum because when you encrypt the stuff when you use your keys you use things like AES. When you store it in your system you also use classical crypto. So you just use the quantum part for the key agreement. So the people will tell you yeah but classical crypto might be
22:01
broken you should use QKD. Well yes but then what do you do? You have to eventually use classical crypto. And even if you ignore this thing some implementation has been broken because in practice you have to send some metadata, some error correction and so on. So there's people in Norway that
22:23
was into what they call quantum hacking and actually broke some of the first QKD systems. There's a practical limitation too. You can't do this over the internet. You need dedicated optical fiber links and it's point to point. So there's one party to another party and it's limited in
22:42
distance less than 100 kilometers. I don't know 80 miles. So what do you do if you have to connect with someone a thousand kilometers away? You can put repeaters or make mine in the middle but no it's a bit annoying. So the
23:02
application is quantum copy protection. If you wonder why I put this back note here and if you recognize this guy, Schrodinger. Here the idea is to leverage the no-cloning principle. The idea is extremely simple, the details are not simple but the idea is when you have a quantum bit you can
23:25
know its momentum or its position but you can't know both at the same time. More generally you cannot know everything about a quantum object. So if you don't know everything obviously you cannot copy it. You can't copy what you don't know. In physics you have this theorem that is
23:44
called non-cloning theorem that you cannot clone a physical object to an exact copy. So you see the relation with quantum cache. You leverage this to make bits that cannot be counterfeited. You will put some qubits on your bank note
24:05
and they will have some encoding and only the bank knows so only the bank can authenticate the built in and authenticate the real ones. And there is also a variant decentralized where everyone can verify this. So obviously
24:20
that's just a theory or experiment. It's not practical because it could be way too difficult to just put qubits on a bank note to have them leave for years instead of seconds and to deal with the current problem. So you will never see this for real but you can imagine. You can also
24:42
imagine quantum software production. So using this idea of quantum non-cloning you obfuscate so you have a function here in green the verification of a password. What
25:02
you can do let's say you find you get the code of this function you reverse engineer it. Maybe it might be obfuscated but you can always reverse engineer the code. Maybe there is a hash function. Maybe you don't check the quality of the password but you check the hash. If it's strong hash you cannot find the password easily. But you
25:21
can still verify if it works. And if you have a binary you can copy the bytes. So here the idea of quantum software protection is that first of all you cannot copy the program. You have the program which is a list of qubits and you cannot copy the qubits. And you have no idea about what
25:41
the program is doing except if you give the right password and you will get one but that's it. So like quantum cache it's not something that will happen for real but that's something that in theory might be possible if you have the right tools and the right technology. So my last part
26:03
is about machine learning. I've seen a few talks about machine learning. It seems to be pretty hard these days. I've seen very good talks and not so nice talks. Anyway machine learning on one slide it's pretty difficult to summarize
26:22
but you can see the science of getting computer to act without being programmed. It's either learning patterns or finding patterns. Notion of supervised machine learning or unsupervised which is more like discovering patterns. So it's been quite a success in fields like figuring spam for
26:46
detection. You know from people for example is using something similar to machine learning or CR and recommendation systems. It's usually better at finding similarities than anomalies. For example we want to find anomalies for a specific
27:05
notion of anomaly. But the problem with security with machine learning is that there tend to be lots of false positive with machine learning. So if Netflix or Amazon recommends you something that you don't want to see
27:22
it's not a big deal but if your detection system doesn't detect something or detects too much non-attacks then you have a problem. And some companies claim to use it but sometimes they just say we use machine learning just to say that they
27:42
use machine learning but maybe they don't. I've never seen any detail about the performance of this. So I conjecture that it doesn't work as a claim. Anyways some people have been trying to quantumize machine learning but
28:02
it's a bit boring actually because it's not a brand new algorithm that is completely different. It's just you know take the classical machine learning algorithms and run them on your quantum computer. Things like clustering or neural networks or SVMs and others. There are two
28:26
search in a big list of data. So you can use what we've seen before to speed up the search. So you have the square root improvement and there are some cases from very specific functions where you do get an exponential speed up. Which
28:42
means that you can do something that you could not do on a classical computer. But there's a quite big caveat here that you need a quantum. The idea is awesome here. You give an address and you get the value at this address. So you
29:02
give an address in super position. And you receive the values at this address in super position. I have no idea how to implement this and apparently the physicists have no idea how to realize this. And the thing is that if you have
29:23
the quantum machine learning algorithms that give the speed ups they use quantum. So even if you have a quantum computer you probably won't have a quantum so it would be useless. All right. So are we done to conclude? I'm sorry
29:43
maybe you are enthusiastic about quantum computing and now you will be leaving the room not saying it sucks. It's not the super fast quantum computers I expected. It doesn't even solve any problems and they may never be built anyway. This is a real article. If you are more of an optimistic person
30:04
you will see it differently. You should start collecting all the RSC cypher that you see and maybe later you can break them. And if you are a mathematician it gives a
30:22
completely new meaning for computing. Instead of seeing it as a list of instructions of mathematical operations it's transforming a physical state. You can take this microphone it's a bunch of atoms. You can image an operation to transform it and if you generalize it you can see
30:41
that the world is a big quantum computer that is evolving to another state. And what is the universe computing? So what some physicists say we don't even know if it's physically possible to be a quantum computer but if we have a proof a physical proof that it's impossible that it will
31:04
tell us a lot about how nature works and physics so even if we fail we will win something. So I hope you like this if you have questions I will put the slides online. I am not a pure physicist I've just been interested in this
31:21
stuff for years and years about quantum computing. If you want to build a quantum computer don't talk to me. I don't know if it's a good idea. I have a few minutes left. When I practice this talk some people ask me why don't you
31:41
talk about the company that is selling a quantum computer. I won't cite the company because this is recorded and I don't know. But this company that is selling big quantum computers it's not actual quantum computers it's a different type and it cannot factorize big numbers. It may
32:06
be a problem. So that's it. Thank you for your attention and happy to take questions.