People sometimes ask me: is there a synergy between AI and quantum computing?
A paper published in Nature yesterday by @GoogleQuantumAI shows there is. They used AI to address one of the hardest bottlenecks in quantum error correction, and I think it's only the tip of the
Published today in @Nature: We've unified calibration with computation on our Willow processor, training a reinforcement learning agent to stabilize the logical qubit and pave the way towards a quantum computer that continuously learns from its errors.
Read more:
Why we cannot wait for better post-quantum signature algorithms: ML-DSA will have to do. But searching for better is still important! blog.cloudflare.com/ml-dsa-will-ha…
ICYMI there's been a lot of progress on quantum computing.... *in theory*
Quantum research startup Oratomic just raised a $300 million Series A
Now quantum is an engineering problem. What does that mean for Bitcoin?
@conordeegan has some insights 👇
"Will Quantum Crack Crypto? Why Bitcoin Owners Worry" and "Crypto firms prepare defenses as quantum threat to encryption draws nearer"
@Bloomberg yesterday. @Reuters today.
Back-to-back pieces on quantum risk to Bitcoin and cryptography from two major financial outlets.
The
There's a number of post-quantum solutions for Bitcoin, but they all have tradeoffs says @conordeegan
Even popular schemes like SHRIMPS & SHRINCS have issues, including that they're "roll your own crypto".
Some (late) comments/thoughts on EO 14412:
- Separating migration deadlines for key establishment (HNDL), by end of 2030, from signatures (HNFL), by end of 2031, is great. 1 year is a tight turn around though and there is a lot of work still to do on the signature side, so that
Exciting news from Project Eleven Advisor @DolevBluvstein, CEO of Oratomic!
They've raised a $300 million Series A, co-led by ARCH Venture Partners, Spark Capital, Khosla Ventures, alongside Bezos Expeditions, Index Ventures, General Catalyst, Lowercarbon Capital, Bain Capital,
Threshold signing and ML-DSA long read.
Threshold signatures let a group share one key. Nobody holds the whole thing, and any subset you agree on (2 of 3, 3 of 5, whatever you set) can sign together. The verifier just sees a normal signature and can't tell it came from a group.
"Building crypto‑agility into systems delivers long-term resilience so new cryptography standards can be adopted over time without redesigning systems" - Microsoft
Crypto-agility, especially in the blockchain context where digital signatures are the only proof of ownership, will
Hash-based signatures like LMS and XMSS rely on one-time keys, where signing two messages under one key lets an attacker forge signatures.
Interesting new paper where key reuse becomes less severe.
The signer keeps re-rolling the random salt `r` already in the signature