Quantum Computers vs. Computers Security presented at Defcon 2015

by Jean-Philippe Aumasson,

Summary : We've heard about hypothetical quantum computers breaking most of the public-key crypto in use—RSA, elliptic curves, etc.—and we've heard about "post-quantum" systems that resist quantum computers. We also heard about quantum computers' potential to solve other problems considerably faster than classical computers, such as discrete optimization, machine learning, or code verification problems. And we heard about a commercial quantum computer, and we heard vendors of quantum key distribution or quantum random number generators promise us security as solid as the laws of physics. Still, most of us are clueless regarding:
How quantum computers work and why they could solve certain problems faster than classical computers?
What are the actual facts and what is FUD, hype, or journalistic exaggeration?
Could quantum computers help in defending classical computers and networks against intrusions?
Is it worth spending money in post-quantum systems, quantum key distribution, or in purchasing or developing of a quantum computer?
Will usable quantum computers be built in the foreseeable future?
This talk gives honest answers to those questions, based on the latest research, on analyses of the researchers' and vendors' claims, and on a cost-benefit-risk analyses. We'll expose the fundamental principles of quantum computing in a way comprehensible by anyone, and we'll skip the technical details that require math and physics knowledge. Yet after this talk you'll best be able to assess the risk of quantum computers, to debunk misleading claims, and to ask the right questions.