|
|
Log in / Subscribe / Register

Premature

Premature

Posted Mar 11, 2026 20:54 UTC (Wed) by stevie-oh (subscriber, #130795)
In reply to: Premature by ikm
Parent article: HTTPS certificates in the age of quantum computing

Peter Gutmann's short story "On the Heffalump Threat" is a rather poignant allegory for this whole thing.

to post comments

Premature

Posted Mar 11, 2026 23:30 UTC (Wed) by PeeWee (subscriber, #175777) [Link] (7 responses)

Funny you should mention Gutmann, as I keep being reminded of his "Bollocks" talk at any mention of "post-quantum". I've written a comment on my take on the whole quantum "computing" bubble on the Phoronix forum. At this point I am almost certain the stakeholders involved all but know that it cannot be done; Schrödinger's Cat cannot be alive and dead at the same time. As soon as that box is opened, it is either dead or alive, not both, but "quantum computing" scientists are trying to make us believe that it can be made so. I believe that in some future physics text books "quantum computers" will have their place right next to Perpetuum Mobiles, or perpetual motion machines.

Premature

Posted Mar 12, 2026 9:49 UTC (Thu) by ballombe (subscriber, #9523) [Link] (2 responses)

The real problem with QC is the economic: so far there are very few quantum algorithms that are faster than classical and so very few applications outside breaking crypto, so this is not get you money especially once post quantum crypto is deployed.

So there is little economic incentive to continue to pursue QC when LLM is getting all the money.

Premature

Posted Mar 12, 2026 11:47 UTC (Thu) by anselm (subscriber, #2796) [Link] (1 responses)

So there is little economic incentive to continue to pursue QC when LLM is getting all the money.

The QC guys are trying to hang around in the hope that the VCs will eventually figure out that LLMs are so much hot air, so QC can be the focus of the next big hype cycle. Much like a few years ago when the VCs eventually figured out that blockchains were so much hot air, so LLMs became the focus of the next big hype cycle. (The only problem is that once the LLM bubble has popped, the VCs may not have any money left for QC.)

QC, like generative AI, certainly sits in an enticing hotspot that combines “looks like innovative hot-shit guru-level stuff”, “seems maybe a bit lame today but will be totally, unbelievably, mind-blowingly great and absolutely indispensable in 5 years' time according to the people hyping it now”, and “fiendishly expensive” in a way that is hard to pass over if you have money to burn.

QC's hype cycle

Posted Mar 12, 2026 13:48 UTC (Thu) by farnz (subscriber, #17727) [Link]

The thing that could kill the QC hype cycle early is if quantum complexity theory can determine the relationship between BQP and NP.

The reason there's room for the sleight of hand merchants to hype QC is that we don't know how NP and BQP relate; the best we can do is to say that there are some problems (such as integer factorization) in both NP and BQP, that all problems in P are in both NP and BQP, and that we believe that some NP problems (like travelling salesman) are in NP but not BQP. But the hype merchants can argue that until Shor's algorithm was discovered, integer factorization was in NP only, and that there might be similar algorithms for a NP-complete problem.

Quantum Computers do work in principle

Posted Mar 12, 2026 12:12 UTC (Thu) by chris_se (subscriber, #99706) [Link] (2 responses)

> At this point I am almost certain the stakeholders involved all but know that it cannot be done

As someone with a background in theoretical condensed matter physics I disagree here.

If your claim is just "the commercial quantum computing companies are vastly overselling what they can achieve" - sure, I think that's trivially true. If you say "we're at least 10, more likely at least 20 years away from a quantum computer that'll be even remotely useful" - I'd tend to agree. But I do think that people working on this genuinely believe that this will be possible eventually.

There _are_ macroscopic quantum states (e.g. Bose-Einstein-Condensates). There _are_ experiments that show that quantum coherence can survive in really weird conditions (back in 1999 people have demonstrated double-slit interference with C60 molecules, that was quite a famous paper in Nature back then). These things, while not intrinsically useful for quantum computers, indicate that if you can manage the corresponding interactions well enough you can keep a quite large quantum state around.

The main issues with current quantum computer designs are 1) scaling, 2) coherence times, and 3) control. While it is easily possible to optimize for one of these quantities, nobody has managed to optimize for all 3 of these quantities at the same time as of yet. But there's no intrinsic limit given by the known laws of physics why that should be impossible - it's just a _really_, _really_ hard problem to solve.

There have been improvements over the last years though. And in contrast to Schrödinger's cat, we're talking about the coherence of a couple of million of qubits that's needed for useful computations, i.e. 10^6 - 10^7, and at very low temperatures near absolute zero, not the coherence of all ~10^26 atoms in a cat at room temperature. We're still ways off from that, but the comparison to Schrödinger's cat is really misleading in my eyes.

As for post-quantum cryptography: I'm very sympathetic to the argument that we don't need to deploy signatures as of right now, because key exchange is the only thing we need to worry about _at this moment_, since signatures will only be needed once a quantum computer exists. But I do think that implementing a hybrid EC + PQC scheme for key exchange is a sensible precaution to take right now. Sure, most of my traffic is probably completely irrelevant when we look at the time in 20 years or so. But I can easily imagine a changed political landscape by then where something I do right now might get me in trouble in 20 years.

Quantum Computers do work in principle

Posted Mar 12, 2026 18:01 UTC (Thu) by nbecker (subscriber, #35200) [Link] (1 responses)

But this still leaves that there have so far been very few algorithms that show quantum advantage, and even fewer that have practical important applications. So while you argue that someday QC should be feasible, and I don't disagree, we still have made limited progress on finding actual applications that show advantage.

Quantum Computers do work in principle

Posted Mar 12, 2026 19:40 UTC (Thu) by chris_se (subscriber, #99706) [Link]

I don't disagree with you there, but the prospect of breaking RSA and similar things will cause at least certain people to continue at least some investment into this technology.

Premature

Posted Mar 12, 2026 17:41 UTC (Thu) by smitty_one_each (subscriber, #28989) [Link]

You really need to get onboard with Quantum AI Room-Temperature Super-Conductive (QAIRTSC) Computing.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds