Whereas I want a working US government by 2027.
Shouldn’t the goals be the other way round?
They want to use the quantum computer for 3 years first before anybody else has one, and then plug the hole after they’re done.
Well they’re in luck; the US already has working quantum computers, and quantum-resistant encryption.
For a given definition of working, yes.
Can you elaborate? Just curious what you are referring to.
There are many quantum resistant encryption algorithms - https://en.wikipedia.org/wiki/Post-quantum_cryptography#Algorithms
As for quantum computers, there is some debate, but a number of companies have “quantum computers” but it’s arguable if they work correctly and they have limited Q-bits meaning they can’t do anything of significance yet.
I don’t know what he’s talking about, but maybe he’s saying that the US already has quantum computers capable of breaking modern cryptography, and that it’s time to move to Post Quantum Cryptography (PGC). The process is pretty far along:
- https://postquantum.com/industry-news/microsoft-pqc-windows/
- https://www.redhat.com/en/blog/whats-new-post-quantum-cryptography-rhel-101
Both sites mention “harvest now, decrypt later.” That’s an attack where someone could scoop up all the encrypted traffic/files/whatever, and just store it until quantum computers are effective at breaking it. Because of the nature of the topic nobody who knows for sure is going to say, but it’s not going to be cheap to replace all the crypto out there with PGC so there’s a reason to think there’s a need even if nobody will confirm anything. I personally think just the possibility of the attack is enough reason to move if the algorithms are already in place. If you’ve got encrypted data and you expected it to stay unreadable for hundreds of years, then there’s reason to think that’s not achievable right now.
Is any of these algorithms somewhat battle tested? Otherwise there is the risk of adopting an insecure algorithm. So I guess there is some risk both ways.
They’ve been beaten on enough that industry is moving forward. The advantage of knowing and being able to prove that the algorithms are insecure would be incalcuable, so groups who want to be able to break into systems aren’t going to volunteer the information. It’s to the benefit of everyone else that the algorithms be secure. The third section of that paper I linked does a pretty good job explaining the why and why now.
tl;dr: Smart people have dug into it, and we know what we’re going to know for now.
https://en.wikipedia.org/wiki/ML-KEM
The original standards developed by NIST were literally called Dilithium and Kyber.
We already have the second and the first is based on the idea that qbits can be stabilized enough to actually accomplish any of the algorithms that would make quantum computers useful.
In 2001, Shor’s algorithm was demonstrated by a group at IBM, who factored 15  into 3 × 5 , using an NMR implementation of a quantum computer with seven qubits.[10] After IBM’s implementation, two independent groups implemented Shor’s algorithm using photonic qubits, emphasizing that multi-qubit entanglement was observed when running Shor’s algorithm circuits.[11][12] In 2012, the factorization of 15  was performed with solid-state qubits.[13] Later, in 2012, the factorization of 21  was achieved.[14] In 2016, the factorization of 15  was performed again using trapped-ion qubits.[15] However, none of these demonstrations fulfill the requirements of Shor’s algorithm: they compile the circuit using prior knowledge of the solution, and some have even oversimplified the algorithm in a way that makes it equivalent to coin flipping.[16]
Unless the US MIC has evidence that Quantum computing is reaching viability, this is just them hedging their bets in case some research actually leads to something, which means it’s currently just a pre-emptive hype train.
There already is quantum-resistant encryption. Currently, only a few categories of encryption are vulnerable to quantum-based attacks. There may be more in the future, but that’s only speculation.
