There is some cognitive dissonance in associating what after more than 30 years is currently, for all purposes still a Sci-Fi concept and Cryptography.
After billions spent and decades of no progress, this is the same repeated article that has been rewritten every other year hyping about the promisses of what, for all purposes, is currently expensive vaporware.
You are judging an endeavor by how the media reports on it and not how the actual community's estimate of the progress. You are certainly right that a quantum computer big enough to solve a practical computational problem has not been built [1]. The quantum computing community certainly thought a 20 year timeline to QC was viable in the late 90s and early 2000s. However, after the failures of early experimental efforts, the consensus stance at conferences and such is always that QCs will come when they will come. The challenges are big but the path through them is straightforward - keep improving manufacturing capabilities till we can scale [2].
If you follow the literature, you will realize everyone is busy optimizing their manufacturing capabilities instead of going for short term goals of factoring ever larger numbers. We have to go from a regime where grad students spend months/years carefully crafting a handful of small parts to mini-industrial processes which can be used to manufacture thousands or millions of identical parts. It takes time and effort to do build such setups, but progress has been consistent over the last decade or so, and will only get better in the next decade.
I think many are seriously underestimating the engineering breakthroughs needed for a computer that can break 2048 bit RSA. Hopefully I'm proven wrong.
Successfully developing functional fusion power is considerably more plausible than practical quantum computers in the near term. The problem with fusion research is that it is and has been massively, chronically underfunded.
I've heard a similar sentiment from a researcher that's specialized in fusion. How do you know that money is the main hindrance? Could we say the same thing for other areas of research, like room temperature super conductors or the unification of quantum theory with gravity? In any area more money may or may not lead to a significant progress, but how do you know that's definitely the case for fusion?
It's likely the case for fusion, in that fusion is an extremely high energy research area. Room temp superconductor research is several orders of magnitude lower in energy usage. Energy has a intrinsic cost, and the more energy involved, the more infrastructure required to manage it. There is no data here, but I imagine the total cost is logarithmic, with several hockey stick bends where certain materials are no longer viable in those energy levels.
An example: casting
You can cast wax nearly for free, given that you salvage the mold materials and carve them by hand, sunlight can be used to melt the wax (~70C), and almost no materials are needed to control heat. Casting pewter is a bit more difficult, as a wooden mold will burn a bit, and you'll need some type of heat control tech, such as an oven or microwave or solar forge (~200C). The temperature has only tripled, but already materials no longer work and costs are significantly higher. I've worked in a titanium foundry and the cost is enormous compared to low energy areas.
What's the guarantee of payoff for that level of investment? LFTR always seemed much more likely to produce such a payoff if given sufficient investment.
But I doubt either can beat what solar and wind are poised to produce. They are cheaper than installed coal now, and are targeting installed natural gas.
Battery will handle the rest of storage/load needs.
Quantum computers that can do fast factorisation have been demonstrated, they just haven't yet been able to factor large enough numbers to be dangerous.
> they just haven't yet been able to factor large enough numbers to be dangerous.
According to [1], the current highest factorization using Schor's algorithm is 21=3 * 7 published in 2012, up from the 15=3 * 5 that was demonstrated in 2001. This pace is not all that promising.
Sure, there are other quantum factorizations, but they are either stunts (work only for very narrow classes), or are based on a different algorithm than Schor, which does not show hope to scale up.
Your 3 * 7 and 3 * 5 got interpreted as a highlighting of the text surrounded by the asterisks. You can edit your comment to fix it. Here are the complete HN markup rules:
Blank lines separate paragraphs.
Text surrounded by asterisks is italicized, if the character after the first asterisk isn't whitespace.
Text after a blank line that is indented by two or more spaces is reproduced verbatim. (This is intended for code.)
Urls become links, except in the text field of a submission.
Factoring by Quantum computers able to implement Shor's algorithm (which is the proposed apocalypse for the family of public key algorithms used today) so far isn't just short of "dangerous" it's short of what you'd expect school children to achieve. 21 is 7 times 3. Really, I'm not exagerrating, that's what they've achieved.
As with the work done to try to figure out how we should handle a big rock coming our way, work on post-quantum cryptography is justifiable because it's something we would really regret not working on if it suddenly becomes necessary and it's not _that_ expensive. But just because the threat justifies relatively modest research expenditure doesn't make it worth a newspaper article that will invariably distort the facts and confuse more than it illuminates.
Agreed. Consider that we don't even know if one-way functions exist, and all public-key cryptography depends on the assumption that they do. Maybe some classical attack will break all the commonly used systems before a big enough quantum computer is built.
After billions spent and decades of no progress, this is the same repeated article that has been rewritten every other year hyping about the promisses of what, for all purposes, is currently expensive vaporware.