SIKE is one of the new algorithms that NIST recently added to the post-quantum cryptography competition.

It was just broken , really badly.

We present an efficient key recovery attack on the Supersingular Isogeny Diffie­-Hellman protocol (SIDH), based on a “glue-and-split” theorem due to Kani. Our attack exploits the existence of a small non-scalar endomorphism on the starting curve, and it also relies on the auxiliary torsion point information that Alice and Bob share during the protocol. Our Magma implementation breaks the instantiation SIKEp434, which aims at security level 1 of the Post-Quantum Cryptography standardization process currently ran by NIST, in about one hour on a single core.

News article .

FediTips (
  • FediTips (

    Mastodon and most other Fediverse platforms display posts chronologically, without any algorithms. On your feed you will see all the posts from all the people you follow, in the order they posted them. Because of this, if you post something important you may want to boost it again later in the day so that people in different time zones have a better chance of seeing it. #MastoTips #FediTips #Mastodon #Fediverse #TimeZones

  • favorite

    2 Like

    jorgeluis, Timothée Jaussoin

  • Ar chevron_right

    D-Wave releases its next-generation quantum annealing chip / ArsTechnica · Tuesday, 29 September, 2020 - 18:13 · 1 minute

Image of a chip surrounded by complicated support hardware.


Today, quantum computing company D-Wave is announcing the availability of its next-generation quantum annealer, a specialized processor that uses quantum effects to solve optimization and minimization problems. The hardware itself isn't much of a surprise—D-Wave was discussing its details months ago —but D-Wave talked with Ars about the challenges of building a chip with over a million individual quantum devices. And the company is coupling the hardware's release to the availability of a new software stack that functions a bit like middleware between the quantum hardware and classical computers.

Quantum annealing

Quantum computers being built by companies like Google and IBM are general purpose, gate-based machines. They can solve any problem and should show a vast acceleration for specific classes of problems. Or they will, as soon as the gate count gets high enough. Right now, these quantum computers are limited to a few dozen gates and have no error correction. Bringing them up to the scale needed presents a series of difficult technical challenges.

D-Wave's machine is not general-purpose; it's technically a quantum annealer, not a quantum computer. It performs calculations that find low-energy states for different configurations of the hardware's quantum devices. As such, it will only work if a computing problem can be translated into an energy-minimization problem in one of the chip's possible configurations. That's not as limiting as it might sound, since many forms of optimization can be translated to an energy minimization problem, including things like complicated scheduling issues and protein structures.

Read 22 remaining paragraphs | Comments