Solving Quantum Cryptography

As Nisha Tiwari pointed out, we did fact miss the 512 in our powers of 2 visualization at 5:35. So Let's all thank Nisha for offering the definitive proof that Matt is not in fact a quantum computer. A Correction GIF will be posted on the community tab later in the week.

It's one of those "wow" moments when I realize you're talking about the proliferation of powerful quantum computers as inevitable, when it feels like just yesterday it wasn't clear if they could even exist.

me, connecting to quantum internet:
*_Please wait. There is a 67.5±2.9% chance that the webpage is loading_*

I heard "lettuce-based cryptography" and I'm sticking to it.

Ah, Infinite Series. Still a fresh wound after all this time.

5:18 Ah "Infinite Series" - in a parallel universe, you're still making fun Math episodes that are the perfect complement to the fantastic PBS Space Time. Alas the yang has disappeared from our universe so we have to satisfied with yin alone. Please PBS consider reforming this quintessential duality.

You're one of those TH-camr's whose voice, accent, and narrative skills make you so pleasant to listen to one could listen to you narrate paint drying.
Add to that the fact that you actually talk about awesome and interesting and fascinating stuff, and have an outstanding ability to convey all this advanced and complex science to us, ordinary people, in more or less understandable ways, and the fact that your humor is the dryest ever, and you're by far one of my favorite TH-camrs to watch. BTW, don't mistake me calling you a TH-camr for me not acknowledging you're actually a professor in astrophysics at NY City University, and I also think it's awesome so many actual scientists have found their way to TH-cam, and if nothing else, we can actually thank Covid-19 and the Coronavirus for quite a few finding their way just this year. My favorite is Sean Carroll and the great questions podcast thingie he does. Not as soothing voice or accent as you but a truly great explainer of science and astronomy too.
Anyway, you're welcome for me watching all your videos, and thank you very much for making all your videos. They are very much appreciated.
Love from Norway.

4:16 - that’s a Diffie-Hellman key exchange, not RSA. Wikipedia entry on DH even has the exact same visualisation.

1:16 "A quantum computer that could factor a prime number in a human lifetime, or a human lunchbreak" -> I don't need a quantum computer for that. ;)

he missed the 512 in the powers of 2

Ah yes, RSA. I teach RSA encryption in my Discrete Math course.
Since I pointed out your error with the powers of 2, it seems fair for me to share an error I made my first time teaching RSA.
A Dumb Error I should have noticed:
I was showing an example using "blank space = 0" "A = 1" "B = 2" ...
"Y = 25" "Z = 26" and then RSA encrypting those numbers.
RSA encryption begins with two primes. I had decided to let the class decide what two primes we would use. The class chose 3 and 7.
If you are familiar with RSA then you like notice what I should have and asked for two different primes.
I could encrypt without a noticable problem. As for decryption, most numbers decrypted correctly, but those that should have decrypted to the last few letters in the alphabet did not decrypt correctly.
Then the obvious dawned on me.
3×7 = 21. The product is the mod for encryption & decryption. The mod MUST be at least 27 so we can have a all room for all 26 letters and the 0 for a space.

"Do you guys just put the word Quantum in front of everything?" -- Ant-Man.

I can already see quantum internet now:
"You may or may not have a new message!"

5:20 Ahh yes, twist that knife in my heart, thank you very much.

That color analogy is spot on. Wish my lecturers explained it that way back in college!

When trying to break a quantum encryption, this message will pop up:
“Your password is both correct, unknown, incorrect, blue, seven, yes, The Rock, and everything inbetween until it is set. Would you like to try again?”

"Every email ... is secured by the fact that it's a lot harder to factor out prime numbers". Uh, fun fact, email isn't typically encrypted. You can explicitly encrypt your emails, but that's not very commonplace, and it's something you have to opt into. You can use email services that will only enable you to access your inbox through an encrypted connection (such as Gmail), and emails between users of that same service would presumably not leave that service's servers unencrypted. But for anything else, who knows how many of the steps an email goes through from the sender to the receiver use an encrypted connection. It's probably few of them.

5:20 RIP Infinite Series 😥

At 7:23 you say: "guess the factors of a prime number", I think you meant to say guess the factors of the modulo N, as used in RSA, which is the product of two large primes (those are secret), we are trying to find. Guessing the factors of a prime number makes no sense, they’re just 1 and the prime number. :P

"Secret Brown" is my favorite electro-funk fusion band.

*screams in crypto nerd*
3:35 explains the idea behind the Diffie-Hellman key exchange which is based on discrete logarithms and NOT prime factoring.
Also not all public key crypto is based on large primes like RSA is, most notably Diffie-Hellman based systems. Elliptic curve cryptography is another system which uses multiplications on discrete elliptic curves. There are relations between these three which means that quantum computers breaks them all.
The shortest vector problem does not concern itself with what the shortest distance between two arbitrary points of a lattice is (which is a trivial problem as the metric is usually given), but what the shortest possible vector (aside from 0) produced using the lattice's base vectors is. Also given your explaination of lattice cryptography using noise, the more relevant problem is the closest vector problem: Given a point slightly off the lattice, find the closest next point on the lattice.
Also you should mention that symmetric cryptography is safe from quantum computers; doubling their key length is enough to reach pre-QC strength.

“Factor a prime number” (at about 1:20); factoring prime numbers is really easy! It just takes one step...

That bit about the hypothetical life inside stars being very ancient immediately made me think of the Doctor Who episode "Rings of Akhaten" (S07E07), search for the doctor's speech in that episode, it's amazing!

I did research in this using the McEliece crypto system, we are getting close but don’t have anything usable.

2:41 "Fortunately, there is another option, and one that will be a lot cheaper than building a quantum internet." Yep. It is called, "pay with cash."

That color mixing example 3:26 helped me understand public / private key crypto more than reading books on the subject has.

Public/private RSA key can be understood via this analogy I always give as an example: If a person wants to mail you, then they request a special cascet (public key) from you. Such cascet is initially open but once it's closed it became locked: only key (private key) owner can open it. Once the person is done with writing, they put the letter into the cascet and lock it; at this point it is safe to share such cascet with anyone because only you hold its key hence only you can unlock it (not even letter owner can do it - only you)

Finally a video that I can comment on!! So here it is: Today keys are 1.based on a 180 digit number. 2. The key is static, that is people don't change it. A simple solution to quantum comp. threats would be to 1. increase the digit number. 2. Estimate the minimum time it would take for the 'best' quantum computer to find the factors, lets call that 't". 3 Regularly change your key within that timeframe, 't'. The End. If this qualifies for the Nobel Prize, publish it for me: you can collect the 'tacky' award and we can split the $1 mil prize. Call me anytime except between 1Pm & 2pm EST (Jerry Springer show is on)

Really nice editing on this one, props to the team.

I'm very glad this topic was attempted and there was even some pretty good content in it. But the paint mixing example described an analogy for Diffie-Hellman key exchange which relies on the difficulty of discrete logarithms in finite fields, not the difficulty of factoring large semi-primes. Also Elliptic Curve Cryptography (ECC) was ignored which also doesn't rely on the difficulty of factoring. Quantum algorithms also defeat discrete log and ECC but for reasons other than Shor's algorithm.

I loved Gabe passion and contribution to both Space Time and Infinite Series channels. I hope to see him as a guest in one of your future episodes!

Great visualization idea of keys as colors!

From Canada, we love you; along with the rest of the world. ❤

please do an episode on kerr newman black holes. im honestly on the edge of my seat about them. feels like if we could directly measure the magnetic field generated by one we could learn a lot, like whether there's anything to the idea of a ringularity.

The colour analogy for RSA is absolutely amazing... Definitely stealing that one

I've been doing computer stuff for almost 20 years but it never occurred to me the analogy of RSA with combining color. That's brilliant!

That color analogy for public key encryption was genius, kudos!

Henceforth I will refer to humans as "Intelligent Electric Monopole Based Lifeforms"
I'm not so sure about the intelligent part though.

I had no idea there were any Quantum resistant algorithms to begin with, really great video on the basics and advances of crypto.

We need to develop quantum cryptography to send secret messages to the Venusians or the Sun-Dwellers will know all our secrets!

Sabin covered it just few days back, common topic would have common story behind it. So good idea to space videos with similar topics apart a bit.

when you really feel like watching a new episode and the notification shows up one second later... 👊 super!

5:36 Matt missed 512 in the powers of 2.. This does in fact prove that matt is not a supercomputer...

PBS Spacetime gets a "like" from me before the episode even starts. I love this show!!

8:20 - 8:32 "which honestly I could do in my head" lmao

16:43 That's deep...

*Your thumbnail is shiv lingam. GoogIe "haribhakt shiv lingam" to clear your apprehensions. Vedic science on cosmic and quantum principles are amazing. GoogIe now.*

This is probably the clearest explanation of RSA that I have ever come across

The biggest issue is that I might have secrets, encypted with RSA, out there. It is “public”, available for anyone, but not readable due to the encryption.
Someone might make a copy of it, save it, wait for the quantum computers to be production ready, and break my secret later. And these are ALREADY out there, I can do nothing about it.

1:03 I just want to point out that "thousands to billions of years" sounds like quite the large range, and it is... but it's very true. The fun of how adding more bits to keys scales things by orders of magnitude.

Great video, thank you.

finaly you came with another video i need learn

The method shown to get a shared key (RSA protocol) is called a Diffie-Hellman key exchange to be more precise.

Telescopic collapse revealing assymetry, pretty cool.

I'm studying for a cryptography certification right now. while this is way out of scope for the test it really motivated me to study.

In the novel "The After On" there is a quantum AI that uses quantum hacking for RSA and DH. From the words of this AI - she always gets the password from the second try and the way it works - an infinite amount of these AI's try a random password on the first try and then the information from the ones who got it correct is shared through all the multiverse.

Okay so first collapsing the Digital World, then Matt on Green Hill Zone and maybe even a Counter Strike level. Referencing 2-3 video game in a single episode is wild

Great videos! I like to put on one of your playlists as I fall asleep. I just wanted to remind you that you have not added the last 10 or so episodes to the Space Time playlist, not a big deal but hey. Anyways, have great day everyone

6:08 hey, I love to watch things of this guy that inspired my own name. This time caught me off-guard!

I might not understand everything in this video but one thing I do understand is that a lettuce-based cryptosystem sounds amazing!

This channel... It makes me actually want to research and understand things I currently don't >_< I'm bad at advanced math okay? Stop being so goooooood.

Definitely having some feels here for Infinite Series. I really enjoyed the episodes on Shor's algorithm in particular, and was glad to see the reference.
After Dual_EC_DRBG I'm not keen on following NISTs guidance wrt crypto. DJB seems to be backing NTRU Prime, so that's where my money is.

So the same technology that can be used as a weapon can be used as a shield, and apparently older technology can be a good enough shield against the new weapons.

Matt O’Dowd for president 2020

My favourite show to geek-out to 😎😀

"One day I will be able to understand these videos". This is the thought that keeps me going through life

4:04 "The current dominant encryption protocol" is not RSA any more, it is ECC (Elliptic Curve Cryptography)

im excited to see were it takes us forsure

I welcome a world in which governmental, corporate, and private foundation shenanigans are easily exposed.
The end of classical encryption isn't a disaster, but a breath of fresh air. If you aren't doing anything unsavory, you have nothing to fear from publicity.

Using Sycamore to simulate a quantum system is like using an hourglass to simulate the flow of sand.

I just learned about the Dzhanibekov Effect on Veritisium, and now I want to see an episode about rotating bodies from PBS Space Time. Oumuamua, rockets, asteroids, planets, etc. I am also wondering...is the Dzhanibekov Effect caused by precession?

I love you guys!

I have been blogging and monitoring about this for quite a few years. A few corrections and thoughts:
1. SHOR's algorithm specifically breaks "asymmetric" cryptography. And that is only used for establishing a key to use for symmetric cryptography (AES / ChaCha20).
2. RSA isn't the only asymmetric cryptography for TLS, there's also ECC, and that is apparently also vulnerable. (Although a Post-Quantum protocol might exist for ECC)
3. Quantum Internet is way overhyped. Importantly TLS is used for communication between two hosts (and users behind) that have never met before. Quantum Internet is built in a very direct manner. For less cost, and way more portability you can simply distribute 2x 10TB hard disks with pure random data that is used to directly encrypt (One Time Pad) or derive the same symmetric keys.
4. It doesn't matter that Post-Quantum cryptography is not mature. You can use both RSA and McEliece together. They both generate their own keys, and then you can XOR them together for a final combined symmetric key. Then you get the maturity of RSA and the PQC of McElise. If maturity of McElise fails, you still have RSA; if RSA falls to a quantum computer, you still have McElise.
5. An 8MB key is less and less problematic as technology improves, and engineering can also reduce the amount of keys needed.
6. If we are happy to live with a 8MB McEliece key, why not live with an 8MB RSA key? Perhaps a quantum computer can break a 4k RSA key, but surely an 8MB one would require a quantum computer that is a lot more powerful.

I've seen many explanations for public/private key encryption, but this visualization was very clear in terms of explaning the concept.

One tiny meth problem? Someone at my ISP is going to expose my history unless I get them-
{Turns on closed captioning}
Ooohh! Math problem! That makes more sense.

Aww, no word to my favorite PQ algorithm (now an alternate candidate in the competition) of SIKE. I would have loved seeing your illustration of the isogeny graph. It doesn't have the same large key size problems as all the other candidates, with the keys being similar in size to RSA (sadly not to ECC, which is what we use right now, with keys less than a hundred bytes long). But what it has in small key sizes, it sadly lacks in performance, because while the computation necessary for lattices is using your standard arithmetic, computing things on curves isn't something computers are currently good at. It also is a far younger crypto system compared to the error correcting codes or even the lattice based ones.

This is an eye opener 😳....

Now you're into my area of experience and qualifications; however, look to alternative solutions such as DNA computers. Horses for Courses. Some problems need Big Data solutions, too. Occam's Razor is a powerful tool in some problem solving.

0:12 Wha-Wha-Wha
"Prime number factoring" is trivially easy !
The factors are itself and 1 ;-)

"I feel so exotic". Classic.

There is something quantic with Matt O'Dowd's hands in this video. Too much cafeine ? Or a quantum computer is threatening to decode his old My Space account password, something like that.
(Seriously, I hope it's nothing serious, your channel is one of my favorite)

1. Is the matrix problem similar to a QR code? The same information is repeated like 6 times and rotated to provide redundancy for error correction. So, the key would be to know which bits are mirrored instead of known handpicked practical error resistant shape?
2. What is the computational complexity of factorisation on quantum computer? Even if it's linear you could use big key only to encrypt and propagate a temporary small one. I think this technique is even used now. Big keys are used to authenticate and then smaller keys are used for communication and swapped on short periods of time. The slow down might not be so big, especially if regular encryption would be practically quantum resistant on short time scales.

The movie Sneakers (1992) was ahead of its time.

Great! The most important application of the quantum encryption will be in the brain-machine interfaces (as the ones researched at Neuralink). So we can take full advantage of these amazing technologies, with 0% probability of being hacked.

In addition to quantum security, lattice-based cryptosystems can also support homomorphic encryption (see ring-LWE).

The way government bypasses your encryption is to directly read the data before it gets encrypted (ie the yellow and blue) or intercepts the sent data (ie the purple and orange).

To be honest if we don't find something tinier we might as well use multiple algorithms and it wouldn't be much of a problem. For latency intensive day to day messages we could still use the good old rsa based algos, but for anything that doesn't care much about that(eg. an email or a transaction with your bank) we would have those new safer ones.

I knew it! Ever since they considered the Photon to be a particle used in processing for quantum computers, I knew processing would speed up! It may not be light speed, but it is damn close!

This is why PBS Infinite Series needs to make a comeback...

I have a question for the next time - assuming two blackholes merge and assuming each one contains new big bang/white hole/universe or even “just” a singularity; that happens with each corresponding “something” inside a black holes? Which one keep existing or both are destroyed and new one created? Is it even have meaning to talk about something happening with “entities” inside a black hole from point if view from out universe? Even if not - how information paradox of black holes is affected by merging two together?

Love that de_dust2 parallel universe

The Caesar Salad Cipher is my favorite lettuce-based crisp-o system.

These one-way functions sound an awful lot like entropy. So, how good is this analogy of encryption to the notion of entropy, and what is the quantum version of that concept? Also, does that mean that mean that breaking the encryption is akin to creating an 'open system' where the entropy of one part of the system, i.e. the encrypted message is decreased by expending energy and creating at least that much or more entropy elsewhere?

Quantum Computer paperclip: “It looks like you’re only doing one thing at a time. Can I help?”

5:44 blew my mind lol

7:11, top left corner: CS 1.6 dust 2, memories.
Anyway you say magnetic monopoles don't exist but what about div B = 0? Or is that an approximation?

Hahaha that ending story is fun! Maybe that's why they're sending CMEs at us?

As someone who works with computers a lot, going from Manual to Classical to Quantum almost feels like going from Analog to Digital then back to Analog... But this time it's *magic* Analog...

I have a really serious question (not really). I know that NP is all the problems which a solution can be verified in polynomial time (fast for classical computers), but which the solution may not be possible to find in polynomial time. NP-complete problems are a special subset of NP, when a NP problem A can be converted in polynomial time to another NP problem B, than B is NP-complete (correct me if I'm wrong). So if you find an algorithm that solves a NP-complete problem B (fast or slow), then you can convert any problem to that problem B in polynomial time and thus solve all NP problems, (if that algorithm solves it in polynomial time, then P = NP). As far as I understood, cryptography needs to be a NP problem, easy to verify a solution, hard to find the solution and I also learned that the NP class is the only one that has this property, it's the definition. Any encryption algorithm, if it can be polynomially verified but not polynomially solved, is a NP problem. If quantum computers can solve one NP-complete problem in polynomial time, since it supposedly can verify all solutions at once, then it can solve all of them, so the whole class becomes useless for cryptography by definition?
TL;DR. Cryptography needs to be a NP problem (because of the unique property of that class), quantum computers can solve as fast as a classical computer can verify. So doesn't that mean that any ever attempt of cryptography will be useless? or I am making any wrong assumption? (which is probably the case)

1:17: I'm pretty sure I can factor a prime number in my head in almost no time.