RSA Key Size & QP

[James A. Donald]

catalyst-remailer at netcom.com writes
> 
> A wild card here is the recent work in quantum computing,  done
> at AT&T and reported in a recent post by Pal Vitanyi.
> With a specialized quantum computer (not clear yet whether one could
> economically built it, but it's theoretically possible) one
> can factor in polynomial time (computational class "QP", or
> something like that).  If cycles on such a computer would be,
> say, 1,000 times more expensive than on your PC,

The limit will not be cost per cycle, but the problem of maintaining
quantum coherence over a large area for a long time.

My guess would be that some time in the next thirty odd years
we will see quantum computers that can maintain quantum coherence
over a few hundred bits of memory for a few hundred CPU cycles.

This will make possible many useful and interesting tasks that
classical computers cannot do, but I doubt that cracking thousand
bit keys will be one of those tasks.

If cracking big keys using quantum computers does become feasible
in the near future, we will have several years of advance warning,
during which we will switch to some alternative, less convenient
cryptography system.



-- 
 ---------------------------------------------------------------------
We have the right to defend ourselves and our    |
property, because of the kind of animals that we |         James A. Donald
are.  True law derives from this right, not from |
the arbitrary power of the omnipotent state.     |         jamesd at netcom.com