Chinese researchers break RSA encryption with a quantum computer

<a href="https:&#x2F;&#x2F;arstechnica.com&#x2F;information-technology&#x2F;2023&#x2F;01&#x2F;fear-not-rsa-encryption-wont-fall-to-quantum-computing-anytime-soon&#x2F;" rel="nofollow">https:&#x2F;&#x2F;arstechnica.com&#x2F;information-technology&#x2F;2023&#x2F;01&#x2F;fear-...</a><p>22 bits is in the range that it could be factored by hand, with the aid of some prime number tables.<p>According to the article, they used D-wave&#x27;s quantum annealing, which models optimization problems, not Shor&#x27;s algorithm, so it&#x27;s not clear how they used quantum effects (except for publicity).<p>Also from the same publication a year ago:<p><a href="https:&#x2F;&#x2F;www.csoonline.com&#x2F;article&#x2F;574717&#x2F;can-a-quantum-algorithm-crack-rsa-cryptography-not-yet.html" rel="nofollow">https:&#x2F;&#x2F;www.csoonline.com&#x2F;article&#x2F;574717&#x2F;can-a-quantum-algor...</a>

There have been a few factorization paper using various QC techniques over the last few year how ever the size were small.<p>This SE question sites some examples <a href="https:&#x2F;&#x2F;quantumcomputing.stackexchange.com&#x2F;questions&#x2F;1796&#x2F;which-is-the-highest-number-factorized-by-qc-in-a-non-specific-experiment" rel="nofollow">https:&#x2F;&#x2F;quantumcomputing.stackexchange.com&#x2F;questions&#x2F;1796&#x2F;wh...</a><p>They are all in the 3 to 6 decimal digit range...so 10 to 20 bits wide.<p>The posted article says it factored a 22 bit integer. Progress!!<p>I don&#x27;t know when they will get to 4096 bit integers but this and past events will mark the history of attempts. Will there be hockey stick graph increases over time or will it be linear or asymptomatic . Time will tell.<p>Nice that they did it but Headline writers should be flogged for overblown writing.

This is really just a proof-of-concept demonstration. They cracked a 22-bit key&#x2F;50-bit keypair, something my iphone dould also do relatively trivially. If I make an RSA key I tend to go for 4096 bits these days…<p>Post-quantum cryptography is a real threat to manage, but it’s still not here yet, or imminent either. There are a bunch of algorithms that show promise [1] for being quantum-computer resistant. Even with Shors or Grover’s quantum algorithms, we are still probably decades away from being at-risk for traditional RSA.<p>Chalk this one up to “interesting, and very cool, but not dangerous”…<p>[1] <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Post-quantum_cryptography" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Post-quantum_cryptography</a>