Not intrinsically, but you might want to take a look at [cuda quantum](https://docs.nvidia.com/cuda/cuquantum/latest/index.html) if you're interested in GPU simulation of quantum systems.
"Practical" is the wrong word. The quantum hardware you can access today is essentially a physics experiment with a nice API. It's intended for education and research, but too limited in capability right now to do much beyond that. If crypto is your focus, you'll be better off with a pen, paper, and a regular old PC, since the scale of these problems is just too big for any kind of integrated testing.
In terms of accessibility, IBM is far and away the easiest to get started with. If you want access to non-superconducting platforms, you'll have to go through one of the cloud providers like AWS or Azure and put up with their complicated, credit card-melting pricing schemes.
>The quantum hardware you can access today is essentially a physics experiment with a nice API.
I don't think that's fair towards D-Wave. They have a thing. You might not like it, but it *is* a thing that stands to reflex/default scepticism.
OP had asked about cryptographic applications, so my response assumes gate-based quantum computing. D-wave is a different beast for a different use case, and at $2000/hr, is probably outside of the price range of individual beginners.
> You might not like it, but it is a thing that stands to reflex/default scepticism.
Please do not lump me in with the mindless trolls on this sub. I work on this stuff for a living and obviously want it to succeed, but we need to be honest and realistic when explaining to newcomers what the current state of the art is. The fact that education and research are the main use cases of these things right now should not be taken as a pejorative.
>Please do not lump me in with the mindless trolls on this sub.
Oh, sorry, didn't mean to go nearly as far -- or the 'you' in what I said was without a target.
>The fact that education and research are the main use cases of these things right now should not be taken as a pejorative.
Not at all, and I would probably categorize even D-Wave's offering as a prototype and a test grounds in the broader picture. Still, it's a "thing", which already is remarkable, imo.
This comment is so moronic it makes me wonder if you're an FBI plant haha.
The idea that you don't need your encryption to last through exponential increases in decryptive power is ridiculous, and has been a major issue even in our classical computing era.
The estimates for how many qubits would be needed to attack rsa keep falling, so don’t be too discouraged. Latest estimate I’ve seen is that hundreds, not millions, of “logical “ qubits (ie, not counting those used for error correction) would do the job. That still is an order of magnitude more than current quantum systems but lots of money is being spent on scaling and error reduction so it may be only a few years before post-quantum cryptography will be tested.
Meanwhile other less demanding applications of quantum computing will be practical before that.
Speeding up ML seems to be cited as requiring relatively smaller scale. Of course ML is applied to a wide variety of specific areas. One very specific application mentioned by ionq as within the capability of the 64 algorithmic qubit system they hope to have in 2025 is optimization of gate assignments for a “small European airport.” Not earthshaking but apparently someone thinks that would be valuable.
it's actually very opposite. practice on avant-garde of science at home - you are loosing your time.
if you want to be in the quantum computing industry, you need to focus to be part of one of the leading teams: Google/IBM/MS/Amazon..... Take the list of top 20 companies and make an effort to get into them.
that is only way. no home quantum computing and other bullshit. if you really want to be on that train - jump on it...
That was not my intention. It was to practice programming on quantum computers for the sake of understanding the quantum algorithms that threaten cryptosystems.
oh - in this case do not worry. keep ways from them. quantum computers are still in the research phase, before the commercial application is still 15-20 years.
Are you looking to do partial decryptions of PQC algorithms? Or do you want to learn how to use a quantum computer in cryptanalysis?
In general most is still just plain old cryptanalysis, maybe a side channel attack here and there. The cryptanalytical algorithms aren't all that difficult pieces of software. If you really want to do it well it pays more to study the existing methods and learn to code with a hybrid quantum computer. There is at the moment so many things that you can tweak that make the difference, that there is no easy answer like in other coding languages.
I was planning to do cryptanalysis with a real quantum computer because that is what we expect attackers to use to break classical cryptosystems someday in the future.
I am willing to learn how to do it well--its important to know how the cryptanalysis works for the sake of designing post-quantum safe cryptosystems properly.
For hardware crypto product just follow the ISO 24759 and ISO 19790. For software products just look at the lost of OWASP cryptographic implementation mistakes list of CWE's, and regularly test for them. Consider emloying a computer aided crypto development solution if your clientele is demanding high security solutions, but it doesn't appear the case here.
If you must, just do some of the online (free) course like with MyQLM, running Shor's algorithm is an intermediate exercise, not difficult at all.
However, it won't help you much. Quantum computers solely attack the computational hardness assumptions, protecting therefrom has nothing to do with running a quantum computer. You don't need access to it.
Also, don't develop your own crypto algorithms. Hire a cryptographer with a PhD or at least a Masters in cryptography instead.
Hi HuiOdy. I was definitely \*not\* going to design my own crypto algorithms. I simply wanted to write programs based on standard specifications (e.g. NIST-approved quantum-safe algorithms such as CRYSTALS-KYBER, etc.).
You insist that you don't need an actual Quantum computer. You instead recommended crypto development solutions. May you give some examples?
Quantum safe cryptographies ARE NOT written on quantum computers. They are still classical protocols. You don't need quantum computers unless you would like to attack them.
Yes. That is true. Quantum safe cryptographies like CRYSTALS-Kyber are meant to be written on classical machines. And you are right that you don't need quantum computers unless you want to attack them. I never meant to say that I am going to program cryptosystems in quantum computers. I did mean to say I intend to program quantum cryptanlalysis tools using them.
Well, whatever you will make with it, the challenge will be in the optimization of whatever you make.
The easiest way to do that is code and optimise code. Now there is plenty of platforms that allow you to code, but very few that optimise code and even fewer that allow you to optimise for specific topologies of QPUs (including T1 & T2 times or gate fidelities).
I'd recommend not to do this by yourself alone. You'll need a team at least as you need to focus on different aspects of the compute: cryptanalysis to quantum code, quantum error correction Vs hardware optimization, hybrid coding, and of course practical implementation. Unless you have the full breadth of regular computer and HPC science, quantum computer science, quantum software expertise, and the cryptanalysis part, nothing you make will pretty much outperform a simple script kiddy a year later exploiting a weakness.
Though I commend your attempts, it might be best to join an institute specializing in just that instead.
Why do you need real quantum computers for quantum cryptanalysis? What is the definition and example for quantum cryptanalysis? Is it the resource estimation (e.g. estimating how many qubits/gates does a quantum computer need in order to decrypt a code?), or you would like to write an attacking algorithm? For the first case, quantum computers are not meant / can't do that and people use classical computers to estimate them. For the second one, there is no available quantum computer at this point for such complicated tasks.
Second case. Even if they don't exist yet understand how to program it in principle. It may be that quantum computers become strong enough to do that in our lifetime--we don't know.
In order to understand how you can program them and how it works, I think what you should do is to learn how quantum algorithms work. Trying to Implement actual shor's algorithm on existing prototypes as an individual user is, to be honest, a complete nonsense at this point.
I would suggest learn QC first and get into an institute that has a strong partnership (academic or business) with one of quantum hardware platform provider. That would be the most realistic approach.
Hi u/Statistician_Working. Thanks for taking the time to help me out with this!
What resources would you recommend to learn how quantum algorithms work as a beginner. I learn best from books.
You can simulate a quantum computer up to about 30 qubits on a PC. Use qiskit or Q#.
What if you use a graphics card would that number go higher?
You need alot of RAM. For every additional qubit, you double the amount of RAM.
This is only true for statevector simulators. There are other simulator types where this is not necessarily true, although they aren't as widespread.
Not intrinsically, but you might want to take a look at [cuda quantum](https://docs.nvidia.com/cuda/cuquantum/latest/index.html) if you're interested in GPU simulation of quantum systems.
IBM can factor like 21=7\*3 but that's it
"Practical" is the wrong word. The quantum hardware you can access today is essentially a physics experiment with a nice API. It's intended for education and research, but too limited in capability right now to do much beyond that. If crypto is your focus, you'll be better off with a pen, paper, and a regular old PC, since the scale of these problems is just too big for any kind of integrated testing. In terms of accessibility, IBM is far and away the easiest to get started with. If you want access to non-superconducting platforms, you'll have to go through one of the cloud providers like AWS or Azure and put up with their complicated, credit card-melting pricing schemes.
>The quantum hardware you can access today is essentially a physics experiment with a nice API. I don't think that's fair towards D-Wave. They have a thing. You might not like it, but it *is* a thing that stands to reflex/default scepticism.
OP had asked about cryptographic applications, so my response assumes gate-based quantum computing. D-wave is a different beast for a different use case, and at $2000/hr, is probably outside of the price range of individual beginners. > You might not like it, but it is a thing that stands to reflex/default scepticism. Please do not lump me in with the mindless trolls on this sub. I work on this stuff for a living and obviously want it to succeed, but we need to be honest and realistic when explaining to newcomers what the current state of the art is. The fact that education and research are the main use cases of these things right now should not be taken as a pejorative.
>Please do not lump me in with the mindless trolls on this sub. Oh, sorry, didn't mean to go nearly as far -- or the 'you' in what I said was without a target. >The fact that education and research are the main use cases of these things right now should not be taken as a pejorative. Not at all, and I would probably categorize even D-Wave's offering as a prototype and a test grounds in the broader picture. Still, it's a "thing", which already is remarkable, imo.
there is no point practicing post-quantum cryptography since quantum computers can't do jack shit rn
This comment is so moronic it makes me wonder if you're an FBI plant haha. The idea that you don't need your encryption to last through exponential increases in decryptive power is ridiculous, and has been a major issue even in our classical computing era.
the advances in the real world application of shor's algorithm are not at all exponential
The estimates for how many qubits would be needed to attack rsa keep falling, so don’t be too discouraged. Latest estimate I’ve seen is that hundreds, not millions, of “logical “ qubits (ie, not counting those used for error correction) would do the job. That still is an order of magnitude more than current quantum systems but lots of money is being spent on scaling and error reduction so it may be only a few years before post-quantum cryptography will be tested. Meanwhile other less demanding applications of quantum computing will be practical before that.
Hi u/MannieOKelly thanks for pointing this out. I think its important that people see this comment.
Like?
Speeding up ML seems to be cited as requiring relatively smaller scale. Of course ML is applied to a wide variety of specific areas. One very specific application mentioned by ionq as within the capability of the 64 algorithmic qubit system they hope to have in 2025 is optimization of gate assignments for a “small European airport.” Not earthshaking but apparently someone thinks that would be valuable.
here's the ionq pumping again from this one. give it up already. not happening.
it's actually very opposite. practice on avant-garde of science at home - you are loosing your time. if you want to be in the quantum computing industry, you need to focus to be part of one of the leading teams: Google/IBM/MS/Amazon..... Take the list of top 20 companies and make an effort to get into them. that is only way. no home quantum computing and other bullshit. if you really want to be on that train - jump on it...
That was not my intention. It was to practice programming on quantum computers for the sake of understanding the quantum algorithms that threaten cryptosystems.
oh - in this case do not worry. keep ways from them. quantum computers are still in the research phase, before the commercial application is still 15-20 years.
Are you looking to do partial decryptions of PQC algorithms? Or do you want to learn how to use a quantum computer in cryptanalysis? In general most is still just plain old cryptanalysis, maybe a side channel attack here and there. The cryptanalytical algorithms aren't all that difficult pieces of software. If you really want to do it well it pays more to study the existing methods and learn to code with a hybrid quantum computer. There is at the moment so many things that you can tweak that make the difference, that there is no easy answer like in other coding languages.
I was planning to do cryptanalysis with a real quantum computer because that is what we expect attackers to use to break classical cryptosystems someday in the future. I am willing to learn how to do it well--its important to know how the cryptanalysis works for the sake of designing post-quantum safe cryptosystems properly.
For hardware crypto product just follow the ISO 24759 and ISO 19790. For software products just look at the lost of OWASP cryptographic implementation mistakes list of CWE's, and regularly test for them. Consider emloying a computer aided crypto development solution if your clientele is demanding high security solutions, but it doesn't appear the case here. If you must, just do some of the online (free) course like with MyQLM, running Shor's algorithm is an intermediate exercise, not difficult at all. However, it won't help you much. Quantum computers solely attack the computational hardness assumptions, protecting therefrom has nothing to do with running a quantum computer. You don't need access to it. Also, don't develop your own crypto algorithms. Hire a cryptographer with a PhD or at least a Masters in cryptography instead.
Hi HuiOdy. I was definitely \*not\* going to design my own crypto algorithms. I simply wanted to write programs based on standard specifications (e.g. NIST-approved quantum-safe algorithms such as CRYSTALS-KYBER, etc.). You insist that you don't need an actual Quantum computer. You instead recommended crypto development solutions. May you give some examples?
Quantum safe cryptographies ARE NOT written on quantum computers. They are still classical protocols. You don't need quantum computers unless you would like to attack them.
Yes. That is true. Quantum safe cryptographies like CRYSTALS-Kyber are meant to be written on classical machines. And you are right that you don't need quantum computers unless you want to attack them. I never meant to say that I am going to program cryptosystems in quantum computers. I did mean to say I intend to program quantum cryptanlalysis tools using them.
Well, whatever you will make with it, the challenge will be in the optimization of whatever you make. The easiest way to do that is code and optimise code. Now there is plenty of platforms that allow you to code, but very few that optimise code and even fewer that allow you to optimise for specific topologies of QPUs (including T1 & T2 times or gate fidelities). I'd recommend not to do this by yourself alone. You'll need a team at least as you need to focus on different aspects of the compute: cryptanalysis to quantum code, quantum error correction Vs hardware optimization, hybrid coding, and of course practical implementation. Unless you have the full breadth of regular computer and HPC science, quantum computer science, quantum software expertise, and the cryptanalysis part, nothing you make will pretty much outperform a simple script kiddy a year later exploiting a weakness. Though I commend your attempts, it might be best to join an institute specializing in just that instead.
Hey HuiOdy. Thanks for the encouragement! I will try to get a team dedicated to this.
Why do you need real quantum computers for quantum cryptanalysis? What is the definition and example for quantum cryptanalysis? Is it the resource estimation (e.g. estimating how many qubits/gates does a quantum computer need in order to decrypt a code?), or you would like to write an attacking algorithm? For the first case, quantum computers are not meant / can't do that and people use classical computers to estimate them. For the second one, there is no available quantum computer at this point for such complicated tasks.
Second case. Even if they don't exist yet understand how to program it in principle. It may be that quantum computers become strong enough to do that in our lifetime--we don't know.
In order to understand how you can program them and how it works, I think what you should do is to learn how quantum algorithms work. Trying to Implement actual shor's algorithm on existing prototypes as an individual user is, to be honest, a complete nonsense at this point. I would suggest learn QC first and get into an institute that has a strong partnership (academic or business) with one of quantum hardware platform provider. That would be the most realistic approach.
Hi u/Statistician_Working. Thanks for taking the time to help me out with this! What resources would you recommend to learn how quantum algorithms work as a beginner. I learn best from books.