Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
newpavlov a day ago

>The underlying scaling needed to go to 32 bit requires only linear progress to get to 256

Nope. Firstly, for RSA you need to scale from 32 to 4096. Secondly, Shor requires N^2*log(N) quantum gates where N is number of bits in the integer, so the scaling is superquadratic. And it's very much an open question whether QEC protocols will continue to work with the same efficiency on the required scales.

spr-alex a day ago | parent | next [-]

We are talking to different things. There is linear engineering progress for getting from 32 bits to 256 bits being factored is my claim.

If we want to talk RSA the engineering journey from factoring 21 to 35 is big, because it requires creating logical qubits with error rates that we are only now seeing companies report. But the engineering journey from 32 bits that are tolerant enough to run a factoring algorithm to doing the same with 4096 appears linear in engineering cost is what I am claiming.

For RSA specifically the resource have come down. I am not yet up to date on this round of papers however the 2024 result https://eprint.iacr.org/2024/222 had it down to n/2 + O(N) logical qubits.

newpavlov a day ago | parent [-]

>it requires creating logical qubits with error rates that we are only now seeing companies report

And yet 21 was not factored on a real hardware.

>There is linear engineering progress for getting from 32 bits to 256 bits being factored is my claim.

IMO it's a very bold claim until linear progress is demonstrated between 8, 16, and 32 bits. Not in theoretical papers. On a real hardware. With honest experiments using arbitrary integers.

It's easy to claim "QC will repeat Moore's law!" especially when your salary depends on it, but the practical evidence is quite lacking at the moment.

spr-alex a day ago | parent | next [-]

So once again since I think I am not explaining it well, it might take a long time to go from factoring 21 to 35, and a long time from 35 to anything bigger, but from that point on the engineering has scaled up to the point that progress is very sudden. So if the canary in the coal mine is a 32-bit integer being factored, then the runway for deploying fixes is terminally short for defenders

pseudohadamard 9 hours ago | parent | prev [-]

  And yet 21 was not factored on a real hardware.
Yes it was, they used a VIC-20. Also an abacus. Not to mention a barking dog. https://eprint.iacr.org/2025/1237
12 hours ago | parent | prev [-]
[deleted]