来源：ZDNet 2021-03-24 09:18:00
In particular, D-Wave Systems CEO Alan Baratz believes it can take at least another decade before factoring will be viable on quantum computing systems and used to undermine current cryptographic tools.
And this was likely the case whether the gate-based system, along with its volatile error correction, or D-Wave's annealing technology was tapped to factor the large code volumes used in cryptography tools, Baratz said in a video call with ZDNet.
That said, D-Wave had an internal security team that monitored activities on its systems, he revealed, whilst acknowledging that it was still too soon to determine the types of hacking tools that could or had been created on quantum computers.
The Canadian quantum computing vendor does not specifically focus on cryptography, but its technology has been used to power intrusion and threat detection applications. It also has presence in the US, UK, and Japan, where it has 20 paying customers in the Asian market. Its cloud-based Leap quantum computing application is available in Singapore.
A Deloitte Consulting report echoed Baratz's views, stating that quantum computers would not be breaking cryptography or run at computational speeds sufficient to do so anytime soon. However, it said quantum systems could pose a real threat in the long term and it was critical that preparations were carried out now to plan for such a future.
On its impact on Bitcoin and blockchain, for instance, the consulting firm estimated that 25% of Bitcoins in circulation were vulnerable to a quantum attack, pointing in particular to the cryptocurrency that currently were stored in P2PK (Pay to Public Key) and reused P2PKH (Pay to Public Key Hash) addresses. These potentially were at risk of attacks as their public keys could be directly obtained from the address or were made public when the Bitcoins were used.
Deloitte的报告估计，例如在量子计算机对比特币和区块链的影响方面，流通中的比特币里面25%容易受到量子攻击，报告特别指出，对于那些目前存储在P2PK（Pay to Public Key公钥支付）和重复使用的P2PKH（Pay to Public Key Hash公钥哈希支付）地址的加密货币尤其容易受到量子攻击。由于这些公钥可以直接从地址里获取或在使用比特币时被公开，因而带来潜在的攻击风险。
Deloitte suggested a way to plug such gaps was post-quantum cryptography, though, these algorithms could pose other challenges to the usability of blockchains. Adding that this new form of cryptography currently was assessed by experts, it said: "We anticipate that future research into post-quantum cryptography will eventually bring the necessary change to build robust and future-proof blockchain applications."
Mathematician Peter Shor in 1994 published a quantum formula that he said could break most common algorithms of asymmetric cryptography. It suggested that, given a large enough quantum computing system, the algorithm could be used to identify a private key that matched its corresponding public key to impersonate digital signatures.
A team of engineers and researchers in Singapore last year also announced plans to tap quantum cryptography technology to enhance network encryption tools, so these could be ready to mitigate security risks when quantum computing became mainstream. Specifically, they were looking to use "measurement-device-independent" quantum key distribution (MDI QKD) technology and hoped to their research could pave the way to a new class of "quantum-resilient encryptors".
去年，一个新加坡工程师和研究人员团队也宣布了利用量子加密技术增强网络加密工具的计划，计划的目的是在量子计算成为主流时，他们所研究的工具可以为降低安全风险做好准备。具体一点说，他们在研究利用 "独立于测量-设备"的量子密钥分配（MDI QKD）技术，他们希望团队的研究能够为新型 "抗压-量子-加密器 "铺平道路。
### Quantum ready for mainstream enterprise application
While the technology has yet to break cryptography, quantum computing is ready for mainstream adoption and already is tapped to address real-world enterprise challenges.
Pointing specifically to D-Wave's proprietary annealing technology, Baratz said this allowed quantum computing to scale more easily and be less sensitive to noise and computational errors, to which gate-based systems were prone. Currently in its fifth generation, D-Wave's quantum computers clock more than 5,000 qubits and capable of supporting commercial rollout "at commercial scale", he said.
Baratz特别提到D-Wave的专有退火技术，他表示，D-Wave的专有退火技术使得量子计算更容易扩展，该技术对噪声和计算错误的敏感度更低，而基于门的系统就容易出现这方面的问题。他表示，目前D-Wave的量子计算机已发展到了第五代，算力达5,000量子比特，能够支持 "商业规模 "的商业推广。
This, he added, was a stage that no other market players had been able to achieve thus far with the gate-based model. Commonly adopted in the industry today, the gate system made quantum computers tough to build and sensitive error. Its most stable state currently generated about 30 qubits, which was sufficient to power mostly research work and unlikely to be used to solve business problems at scale for another seven to 10 years, he said.
"Error rates on [gate-based systems] are so high you can't really do anything with them, even with small problems," he added, noting that a competitor last year said it was able to solve a specific optimisation problem on its quantum computer. However, this was possible once out of every 100,000 attempts, he said.
Quantum computing runs on principles of quantum mechanics that include probabilistic computation.
Baratz said annealing technology, designed specifically for optimisation purposes, had a higher influence on the probability of outcomes and, hence, was less sensitive to errors. It also learnt from where it ended with the previous computation to finetune future ones.
"When you lose coherence, you end up with garbage. With annealing, when you lose coherence, you settle into a [potential] solution and restart the computation to try and improve the solution," he said. Gate-based model, in comparison, could not do that since it would lose coherence after every computation rather than pick off from the previous run.
A grocery using D-Wave to enhance a portion of the customer's logistics system was able to solve an optimisation problem in two minutes per week per location, where previously it took 25 hours per week per location, he noted.
There currently are more than 20,000 developers worldwide that have signed up to access Leap, with some 1,000 regularly using the service each month. Paying customers fork out an estimated ,000 an hour to run computations on D-Wave computers.
Baratz noted, though, that its systems could not solve all quantum computing issues because annealing was designed specifically to solve optimisation problems, which were common challenges for businesses. Gate-based systems, on the other hand, would be able to solve any computation problems once the error rates were reduced -- something he said likely would not actualise for at least another seven years.
So while D-Wave's annealing-powered quantum computers were limited to solving optimisation problems, they were capable of addressing real-world business challenges today, he said. Its systems also were on a path towards building a universal error correction system by leveraging the technology it had, he added.
To date, more than 250 applications had been built with D-Wave systems, most of which used Leap and spanned various use cases including financial modelling, scheduling, protein folding, and manufacturing optimisation, the vendor said.