Hacker News new | comments | show | ask | jobs | submitlogin
The Morality of Quantum Computing (www.scottaaronson.com)
82 points by weinzierl 11 days ago | hide | past | web | 78 comments | favorite

Personally I find it really irritating that so many people, such as the humanities teacher, suggest that technology has made life on Earth worse recently like it’s a commonly-understood truth. Yes there are problems with a handful of companies right now, but for the most part life has been improved for the vast majority of people in the world thanks to things like mobile phones.

It's a form of thinking that comes from a sentiment that human civilization is in need of radical change. The problem is that it's hard to get people to support radical change, which will necessarily come with extreme amounts of suffering and resistance, when everyone is relatively comfy with their way of life.

The solution is to put a hyper focus on the problems and suffering which you can find, warn of an apocalyptic future just on the horizon, and sow complete dissatisfaction with your way of life by making you resentful of those who have it better than you and penitent for having it better than so many. This way, you can take a person who is living an extremely privileged life and make them want to turn it upside down.

I think it's for the same reasons that most developers who work on projects that they didn't create from grouns up want to do a refactor or a total rewrite. The idea in your mind never has the flaws that the real implementation acquires through time and use.

I don't think the concern here is the abuses of companies, or technologies like mobile phones. The concern is technologies like thermonuclear weapons (much worse than even nuclear weapons used against Japan), which we are just very lucky have so far not been used in earnest. I think it is a commonly-understood truth that those technologies present an existential threat to society, if not all humanity.

Artificial intelligence is assumed by many to present such a threat (i.e. Terminator-style intelligence singularity scenario). Many speculate that applications enabled by quantum computing could also be similarly dangerous.

There is also an argument that nuclear weapons were actually a greatest good for humanity, as they prevented wars between countries that have them.

Yet those thermonuclear weapons have been largely responsible for the long peace.

[1]: https://en.wikipedia.org/wiki/Long_Peace

"I'm mad that people making sweeping generalizations about technology not being good, because [sweeping generalization that technology IS good]".

Really not at all what he meant. The problem is not the instance of generalization itself, the problem is that this specific generalization (that technology made it overall worse) is obviously wrong.

He didn't actually make that claim, though. The mention of medical science suggests that he isn't opposed to any and all technological progress.

I do agree that the phrasing of the question suggests a more skeptical opinion of technology than I hold, but his basic concern (a bunch of apes that can now hit each other with nuclear warheads instead of sticks) looks legitimate to me...

This is true if you consider a snapshot in time from the perspective of an individual, but the trajectory technology has enabled us to put the planet on is speeding us toward crisis. We have already caused a major extinction event and continue to do so with no meaningful sign of stopping. Keeping our societies running involves extraction of finite resources. We are living on borrowed time. If we burn through all our fossil fuels and get hit with a big solar flare or some other major event happens, we may not have the energy reserves to recover. It's easy to celebrate now because the worst consequences of our collective actions are barely starting to come back to us. Just because that timescale is long compared to a human lifespan doesn't mean everything is great.

You may want to read "the industrial society and its future". As a philosopher, underrated.

Also the books "Anti-Tech Revolution" and "Technological Slavery"

Why is that? In myself I see a common thread of where I recall "bad" things more strongly than "good" things. Is it an evolutionary benefit kind of thing where avoid bad things is much better than running toward good things because if you're dead it's much more permanent than if you're happy?

"Today, of Americans officially designated as "poor," 99 per cent have electricity, running water, flush toilets, and a refrigerator; 95 per cent have a television, 88 per cent a telephone, 71 per cent a car and 70 per cent air conditioning. Cornelius Vanderbilt had none of these." --Matt Ridley in "The Rational Optimist: How Prosperity Evolves"

I don't like this trope because it obscures the one thing that wealthy people know and non-wealthy people don't.

Money is time. It's not gadgets or electricity or running water or toilets. It's time for yourself, your family, your religion (if you have one), and whatever hobbies make you tick. If you're on the hook to do someone else's bidding for 8+ hours a day, you are not wealthy, no matter how much they're paying you.

Today's poor are worse-off than those in times past regardless of whatever trinkets they have. In almost every culture and occupation throughout history up to the industrial revolution, working people have never spent 8+ hours a day, year round, in servile labor. It's absurd.

Regardless of how many Scooby Snacks you're so generously awarded by today's silicon robber barons, you will be poor until you stop measuring your life in trinkets and start measuring it in time.

I really think it's pushing it to describe the ability to safely store food without it going off and access to clean fresh water as trinkets as though they are silly little things rather than massive impacts on quality of life.

> Today's poor are worse-off than those in times past regardless of whatever trinkets they have. In almost every culture and occupation throughout history up to the industrial revolution, working people have never spent 8+ hours a day, year round, in servile labor.

Every single analysis of that ignores women. Women in the past spent basically all their time cooking and washing. Washing clothes before washing machines was an arduous, laborious task. In addition, without reliable birth control, family sizes were larger so a women had more children to take care of.

Now women have the opportunity and control to not be consigned to a life of house work.

Hans Rosling has a great TED talk on how socially transformative the washing machine was:


I'm not sure I buy that. Would you consider doctors significantly poorer than most other professions? Or surgeons at the least.

The easiest way to miss a point (on purpose or not), is to take a metaphor literally.

I see a lot of this here on HN, and I think it is a common vice among people with strong knowledge in the hard sciences but with a rather narrow scope of interests outside of it.

I believe that the point was that sovereignty over how one spends one's time is more important than material possessions, beyond what is strictly necessary. Surgeons can save a lot of money and retire early, probably are less restricted by managers than the typical wage slave, have a very meaningful job (something quite rare these days), etc.

Most people's lives today are not like this. They are stuck in a hamster wheel that they cannot jump out of without becoming homeless.

You make it sound as if even if not intentional, misunderstanding someones point in this way is as a result of negligence ("vice").

If you express yourself in metaphor, it is reasonable for someone to ask you to expand upon or specify your views, so they can build a more accurate model of what you're trying to express. This could be because of simply not understanding fully what's being said, or being unwilling to assume that what they mean is what you think they mean.

Asking for clarification is one thing, immediately providing a counter-example to the most literal interpretation is another.

Doctors are a rare breed. Now that the money isn't what it used to be (for most specialties, and in proportion to the cost of education), very few go into it as a "lifestyle profession". It attracts only the workaholics. Same with law.

Hopefully, the word you’re looking for is “vocation”.

That matches up with my experience with them.

Depends on how much they enjoy their work.

Most people today get more time through advances in healthcare because a simple infection won't kill you. We get more time through almost instant answers to many of life's question (search engines). We get time back through instant communication.

I don't disagree with parts of what you say. However, the idea that today's poor are worse-off I think is wholeheartedly, incredibly wrong.

Does society have issues today? Of course! There are an incredible number of issues. But I believe that the data support that on virtually every metric we look at, we are living in the best time because through technology and social progress. Have some of these advances come at a cost, of course. Do some of these advances have hidden costs and maybe they're not so great? of course. Are there rent-seeking assholes who have pseudo-stolen wealth from many, of course.

Still, I'm not sure you can make a credible argument that poor today are worse off on any large time scale.

Would you rather be middle class now or stupendously rich 100 years ago?

Does your answer change if you get sick?

> In almost every culture and occupation throughout history up to the industrial revolution, working people have never spent 8+ hours a day, year round, in servile labor. It's absurd.

If we're talking about pre-industrial-revolution, but post-agriculture, I would expect that mandatory labor took up more than ~2000 hours a year, and probably much more. Farmer workers famously work very long hours even now: https://www.google.com/search?q=how+many+hours+do+farmers+wo...

For a review of a (somewhat speculative) look at the transition to agriculture and how it enabled mandatory work:


>In almost every culture and occupation throughout history up to the industrial revolution, working people have never spent 8+ hours a day, year round, in servile labor. It's absurd.

In almost every culture throughout history up to the industrial revolution, almost everyone worked in agriculture. I'd gladly trade 8 hours a day working mostly on interesting problems comfortably in an air-conditioned office for somewhat fewer hours of manual labor outdoors.

How many software engineers genuinely work on interesting problems?

How many spend their days rolling Yet Another CRUD App(tm) gilded with the latest fad?

How many "solve" the same problem, over and over and over, with only a small twist--different platforms, different languages, different architectures, different industries, etc.?

But you can if you want to! Or are you saying you would gladly trade for equal pay vs sitting at a desk?

I read things like this, and think, so you have never done any manual labor, nor your parents or grandparents or relatives? Not your chores as a teenager, your first job, or anything? Is there nobody in your extended family who spent their retirement years in agonizing pain from the effects of lifting things all their life? Nobody who died early from an accident on the job?

I wouldn't make the trade in that direction.

People are belittling relative poverty and think that only absolute poverty should be addressed. I hope this this view comes from ignorance and not from cruelty. We are social animals. Relative poverty reduces opportunities and ability to participate in the society. Relative poverty affects health and even decreases cognitive capabilities.

1776 Adam Smith in "The Wealth of Nations" framed poverty as relative powerty.

>... By necessaries I understand not only the commodities which are indispensably necessary for the support of life, but whatever the custom of the country renders it indecent for creditable people, even of the lowest order, to be without. A linen shirt, for example, is, strictly speaking, not a necessary of life. The Greeks and Romans lived, I suppose, very comfortably though they had no linen. But in the present times, through the greater part of Europe, a creditable day-labourer would be ashamed to appear in public without a linen shirt, the want of which would be supposed to denote that disgraceful degree of poverty which, it is presumed, nobody can well fall into without extreme bad conduct. Custom, in the same manner, has rendered leather shoes a necessary of life in England. The poorest creditable person of either sex would be ashamed to appear in public without them. In Scotland, custom has rendered them a necessary of life to the lowest order of men; but not to the same order of women, who may, without any discredit, walk about barefooted. In France they are necessaries neither to men nor to women, the lowest rank of both sexes appearing there publicly, without any discredit, sometimes in wooden shoes, and sometimes barefooted. Under necessaries, therefore, I comprehend not only those things which nature, but those things which the established rules of decency have rendered necessary to the lowest rank of people. All other things I call luxuries, without meaning by this appellation to throw the smallest degree of reproach upon the temperate use of them. Beer and ale, for example, in Great Britain, and wine, even in the wine countries, I call luxuries. A man of any rank may, without any reproach, abstain totally from tasting such liquors. Nature does not render them necessary for the support of life, and custom nowhere renders it indecent to live without them.

It's not that relative poverty isn't important so much as that it's a zero-sum game. If you raise one person's social status relative to a second, you're lowering that second person's relative to the first's. By contrast, with the comfort wealth brings we first of all can raise everyone's comfort and secondarily moving money from the rich to the poor increases the poor's comfort more than it damage's the rich's comfort.

You possibly can do something about the pain caused by relative status by making the opulence of the wealthy less visible to the poor but I think that brings complications that make the whole enterprise doubtful.

Relative poverty is not a zero-sum game. You may take the relative too literally for the sake of the argument. Reducing relative poverty can also increase the quality of life for the rich in a ways that goes past disposable income. High income inequality reduces the people you meet and befriend and places you visit.

Big TV-screens, game consoles, smartphones etc. are possible because there is enough people to create economies of scale that justify massive investments. It's not economical to spend billions over decades for R&D to produce these technologies to few million wealthy people.

They also have drastically worse living conditions than everyone they see on a daily basis. This includes bad housing (often infested), lower quality more fattening and processed food, little exercise, reduced access to medical care, understimulation, a reduced sense of their role in the community, reduced freedom and energy.

We've all heard the idea that everything is better for a poor person now than a king 1000 years ago but that idea measures embarrassingly revealing notions about human wellness held by the person doing the measuring. I don't think we are measuring the right things is what I'm saying.

One great thing about internet is that it allows us to move the spotlight in geography. It's very telling, reading this, that (at least Western/North) Europe (and Japan and some other rich countries) are a much different place for "the poor" than the USA.

> bad housing (often infested)

That would generally be illegal and can be a penal offense (landlord goes to jail if conditions are unacceptable). Longer commutes, less comfortable, etc. are more striking differences.

> lower quality more fattening and processed food

That one is definitely true; cultures where cooking is well-spread and usually the cheapest way to eat (buy raw stuff, prep it yourself) are better off in that regard though. I'm not sure the 1% in America eat much better than the average French or Japanese or Swedish citizen for instance (although the USA is going fast towards a healthier culture, it's changing big time for the better).

> little exercise

That doesn't have anything to do with wealth but rather mindset. Also consider that poor people generally have to perform many more manual tasks themselves (e.g. no elevator, no fancy suitcase on-wheels, making furniture and DIY repairs because it's cheaper, generally walking A LOT MORE, etc).

> reduced access to medical care

While there is definitely inequality between public and private hospitals in terms of care (personel per patient, spaces, equipment, etc), the vast majority of people in rich countries are taken care of medically to a statistically decent level. The stats are along the lines of "90+% won't die of minor/preventable things that can be spotted early on like pre-cancerous masses; however once a fatal disease kicks in you'll live about twice longer as a rich 1% than the bottom 50%". There's still much progress to do, but nobody gets left behind if we can help it.

> understimulation

Definitely. No difference here whatsoever.

> a reduced sense of their role in the community

Can't argue against this psycho-social fact, it's been measured. It's however somewhat easier in economies where unemployment is a "structural" choice (too long to develop, but it means oscillating between 5-15% whereas other economic structures, other countries, would usually be between 2-8%). It's a mild consolation though, if at all.

> reduced freedom and energy

This is definitely true. Although, don't neglect the survival instinct. I'm living proof that hitting rock bottom in any domain of your life is a strong, strong incentive for change — and when you're there you suddenly hear all the great who basically arose from ashes.

> We've all heard the idea that everything is better for a poor person now than a king 1000 years ago but that idea measures embarrassingly revealing notions about human wellness held by the person doing the measuring.

I think the king comparison is indeed a very disingenuous way to make the argument. It lacks the nuance. The real fact is that we are all much better off today than 1000 years ago, it's a general progress. The rich didn't have TVs either in the 1920s before it was invented... So all the 'mainstream' things don't count much in relative wealth. Even 'bigger' 'better' ($2000 iPhone XS-XXL!21+Max versus decent $150 Android is less important than getting your smartphone-induced adrenaline fix).

TL;DR / conclusion: if our relative wealth is obviously the more socially salient in our perception, it's also good to remind ourselves that in absolute wealth terms, we are very fortunate to be born in our time compared to about all of known history.

Personally, I'm an optimistic kinda person so I always wonder if we're not just before the next great leap forward.

They also have a world without smallpox, a world where polio is coming decidedly close to extinction, and a world where cutting your foot on a piece of glass isn't going to mean you die of sepsis. We could lose those things, but we can also keep them, and we definitely never had them before.

because they didn't have glass?

Tetanus used to be a thing that killed people at random. I remember that being vividly captured in one of "The Great Brain" series of children's books that I read as a kid.

This is one of those quotes that sounds really clever if you don't think about it at all

> A quantum computer is not like a nuclear weapon: it’s not going to directly kill anybody

This is, of course, not the only problem with nuclear weapons (and by extension the science and technology that created them). First, there are several indirect ways that a single nuclear detonation could kill people. Second, the realization of nuclear weapons create a world in which nuclear war is possible -- one where mass detonations could alter the planet so radically that there would be innumerable indirect threats to everyone. Third, consider the way that the amassing of nuclear weapons so altered the geopolitical landscape, and what the effects were.

This is precisely what the letter-writer is hinting at -- that we should be competent enough to strongly consider possible unintended consequences. Despite the prominent stream of thought on this site, no particular technology is in itself "inevitable." We have the capability, collectively, to choose whether or not to pursue something.

> We have the capability, collectively, to choose whether or not to pursue something.

This is the coordination problem to end all coordination problems.

Is there an example in history of civilization turning its collective back on some scientific pursuit in fear of its potentially negative consequences? It seems close to impossible. There are too many different value structures out there, and there’s too much money on offer to anyone who can give any government or large corporation an advantage over its competitors.

You may be able to convince a few researchers today, but as soon as China has the slightest breakthrough towards X or Y technology, most of those who signed the pledge will be tripping over themselves to get cracking on the problem.

> Is there an example in history of civilization turning its collective back on some scientific pursuit in fear of its potentially negative consequences? It seems close to impossible.

First we should ask: is this a "scientific" pursuit in the first place? Or, rather, are we describing the creation of some mechanisms (based themselves on scientific discovery) that can be used for all kinds of purposes, among them, yes, future scientific practice? Computing leverages scientific discovery, and aids in its practice, but is itself not science.

Second, and at the risk of sounding trite, we can also ask "is there an example in the history of civilization of someone flying before the Wright brothers?" or "is there an example in the history of civilization of a world governing body before the 20th century?" The very promise of democracy, in general terms, is that we should, in fact, be able to make large decisions together on a society-wide scale. And because that is, ostensibly, the highest level through which we coordinate, we can should also be able to direct how our democratic institutions help us achieve those aims. If your position is that money, corporate influence, or government corruption prevent such coordination, you are certainly correct. But these are not "natural law." We have the ability -- however likely -- to deal with those problems. Otherwise, what's the point?

> You may be able to convince a few researchers today, but as soon as China has the slightest breakthrough towards X or Y technology, most of those who signed the pledge will be tripping over themselves to get cracking on the problem.

We are not limited to pledges. But even in that case, it is then up to those scientists who turn a dime to deal with their own potential moral failings.

> Despite the prominent stream of thought on this site, no particular technology is in itself "inevitable."

And what's your argument?

If the technology represents a big advantage to a group of people, history shows that is what eventually happens.

So yeah we could choose not to invent spears or choose not to invent metal armor, or choose not to invent gunpowder, or...

> If the technology represents a big advantage to a group of people, history shows that is what eventually happens.

It depends on what you mean by "advantage" and "group of people" here. An "advantage" is more than utilitarian in most cultures, and has to fit into the ideological context in which it emerges in order to be even considered relevant. Universally we assume that writing provides an unmatched advantage in discovery and knowledge production. But many cultures who had contact with writing did not take it up. The same is true of the wheel.

If you are conducting activity to appease / observe the reaction of Huitzilopochtli (Mexica) or "The Market" (American, etc) you are going to get different technical practices and likely divergent ideas about what is advantageous.

> And what's your argument?

That in a democratic society that is literate and at least somewhat aware of its own history (as a practice), we can and should make informed collective decisions about what we want to do. We don't have to watch how the gods of our time -- Huitzilopochtli or The Market -- react in order to do this. Insofar as we do, however, we limit the kinds of collective decisions we can make, though in no sense is that inevitable.

> So yeah we could choose not to invent spears or choose not to invent metal armor, or choose not to invent gunpowder, or...

Exactly. We can choose.

In my opinion Scott was really generous even answering. Horan makes no attempt at supporting his claim that QC will move us closer to midnight on the Doomsday Clock.

Horan is not claiming those things. Horan is wondering if the experts have considered those things. Scott's hand waving answer suggests that "no the experts have not." Engineering professionalism entails formal assessment of the risks. The burden of proof is on the engineer. Without that, it's astrology not engineering.

Quoting Horan:

But how close does the hand on that doomsday clock move to midnight once we “can harness an exponential number of amplitudes for computation"?

Looks like a claim to me.

but it ends with a question mark?

Implicit in the question.

Yeah, you're right.

It's a standard trick to sound smart. Just ask if the new thing have some unintended consequences. What is the cost of asking this for every new technology?

Relevant xkcd https://xkcd.com/1215/

Technology is mostly neutral morally*

It's good in the hands of ethical people. It's bad in the hands of unethical people.

Nothing about quantum computing changes this fundamental premise.

I would say that the scale of good or bad that can from using quantum computing is much higher than other upcoming technologies. But beyond that, nothing is particularly different than any other new technology in this regard.

*When I say technology here I am referring to over-arching technologies not specific applications. E.G. Nuclear technology in general, not nuclear power or nuclear weapons specifically.

I think you could ask this about all of science and invention - it is hard to know what the outcomes will be with any new knowledge.

Technology is not morally neutral, it is always immediately good (as a new tool that extends our agency) but can be of course used to cause greater evil. Quantum supremacy is one of the greatest things humanity will have ever achieved, right there with the scientific revolution and abolishing the institution of infanticide.

> But in any case, there’s already a push to switch to new cryptographic codes that already exist and that we think are quantum-resistant.

Hopefully this will happen soon. I don't know of any quantum-resistant ciphers though.

> I don't know of any quantum-resistant ciphers though.

Almost all widely used symmetric cryptography is more or less quantum resistant already.

Hash based signatures are the obvious quantum resistant signature, except where their size precludes them-- ( https://sphincs.org/ for a good example).

For key agreement and asymmetric encryption the story is more complicated. Classical error correcting code based cryptography has a lot of reasons to feel positive about it security, but the public keys are large enough to make them inapplicable to many applications. ( https://classic.mceliece.org/ for a good example )

For communications efficient key agreement or various zero-knowledge proofs other than signatures the field is much more complicated and the trade-offs less clear. There are a bunch of candidates in the NIST PQ contest, from several different distinct classes of hard problem. ( https://csrc.nist.gov/Projects/Post-Quantum-Cryptography )

> I don't know of any quantum-resistant ciphers though.

If you know them is however quite irrelevant.

But if you want to enlighten yourself: https://www.nist.gov/news-events/news/2019/01/nist-reveals-2...

Can we estimate how much energy would a server farm of quantum computers (capable of doing something useful) need?

Yes, but it would be kind of like Charles Babbage estimating how much coal would have to be burnt to power the Analytical Engine.

Well, if it's going to take 150 years to get to that point, maybe they should stop with the hype already.

> But in any case, there’s already a push to switch to new cryptographic codes that already exist and that we think are quantum-resistant. An actual scalable QC on the horizon would of course massively accelerate that push.

Wikipedia has a good review on major subdivisions of Post-Quantum Cryptography.

* https://en.wikipedia.org/wiki/Post-quantum_cryptography

In short, in additional to integer factorization and (elliptic) discrete logarithm, there are a lot of others hard problems that can be used to construct public key encryption algorithms.

* Lattice-based cryptography

A "lattice" is a mathematical structure in abstract algebra. The study of it originally came from the theoretical analysis in solid-state physics on the structure of crystals, and can be understood as a matrix of evenly spaced "dots" in space. Formally, it's a discrete subgroup of an addictive group in an n-dimensional space.

        *   *   *   *
       *   *   *   *
      *   *   *   *
     *   *   *   *

    (This is a lattice)
There exists several problems about them that are believed to be extremely difficult, called Lattice Problems. One well-known example is the Shortest Vector Problem: given a lattice L in vector space V and a norm N, find the shortest non-zero vector in V, measured by N, in L.

There are fast approximate solutions, but under certain circumstances, this is an NP-hard problem, so we assume that we can construct a system, that is difficult to solve, although it's not HP-hard.

NTRU is an algorithm that utilized a similar problem about lattice, proposed in 1997, no fundamental problems have been found in the original algorithm, so even after 20 years, it remains unbroken today.

OpenSSH contains an implementation that you can use now today.

But it requires LARGE (many KiB) public key - there's a large system of polynomials. Also, parameter selection is a question.

* Learning With Errors (LWE)

In theoretical machine learning, there's a problem called "Learning with Errors". I don't understand this problem well, but basically, we have a system of linear polynomial equations, but with random "noise". Solving this system of equations is believed to be extremely difficult.

And interestingly, Oded Regev proved this problem is as difficult as some of the worst Lattice Problems. So LWE is considered a branch of Lattice-based Cryptography. There is also a variant of this problem, called Ring-RWE, which is more efficient for cryptography.

Example includes Google's NewHope ciphersuits.

Again, LARGE pubkey.

* Multivariate cryptography

Solving a system of polynomial equations with many variables in a finite field F,

    y1 = G1(x1, x2, x3)
    y2 = G2(x1, x2, x3)
    y3 = G3(x1, x2, x3)
    (G is a polynomial equation)
is believed to be a difficult problem, and is NP-hard and NP-complete for a random system. And it has been proved that the case of solving a system of 2rd-order polynomial equations (quadratic equations) is already difficult enough, and this question is called the Multivariate Quadratic Problem.

This fact can be used to construct public-key cryptography. However, because the system cannot be random, it's not NP-hard or NP-complete (there is no system that is NP-hard in the entire study of cryptography, otherwise, how do you decrypt it...), but we believe that we can construct a system that is difficult to solve practically.

Unfortunately, attempts on creating public-key encryption algorithms is largely unsuccessful, but there are successful digital signature schemes, such as Oil and Vinegar.

Again, LARGE pubkey.

* Hash-based Cryptography

This scheme is proposed by Ralph Merkle in the late 70s, and remains unbroken today.

First, generate 2^n pairs of random public and private keys (X, Y), and hash all private keys, let's say we have 4 keypairs. Placing these hash values Y0, Y1, Y2, Y3 at the bottom of a binary tree as leaves.

We connect and hash the two surrounding values to obtain the next layer (think blockchains), so hash (Y0 + Y1), hash (Y2 + Y3), and built the tree recursively until we reach the root.

      H(H(H(Y0) + H(Y1)) + H(H(H(Y2) + H(Y3))) ... 1 node
               ^           ^
     H(H(Y0)  +  H(Y1))  H(H(Y2)  +  H(Y3))    ... 2 nodes
      ^         ^         ^         ^
     H(Y0)     H(Y1)     H(Y2)     H(Y3)       ... 4 nodes
To sign a message, simply select an unused keypair (X, Y) to create the signature. The signature also contains additional information to show that the (X, Y) can be traced to the root of the Merkle Tree (think Bitcoin Wallet?).

It has been proved that the its security can be reduced to the security of the underlying hash function.

XMSS is such a system, and there is already an RFC standard for it. OpenSSH contains an implementation that you can use now today. The problem is its large keysize and limited number of signatures, and more importantly, it's stateful. Key reuse is FATAL.

DJB has an attempt to make a stateless version, called SPHINCS.

* Code-Based Cryptography

This approach uses the difficulties on decoding error-correction code. Decode a general linear code is NP-hard. First, select a system of code that is easy to decode for us, as the private key, and transform it to a obscured form, as the public key.

A classic algorithm is McEliece, it's known since the late 70s, as old as the original Diffie-Hellman, and still remains unbroken today, but it uses binary Goppa codes which requires LARGE keys.

* Supersingular Elliptic Curve Isogeny cryptography

The math is even beyond description to a layman like me. Basically, "isogeny" is a mathematical structure in abstract algebra, and we can find a bunch of supersingular elliptic curve in the same isogeny, and use the property of this isogeny to encrypt data. Just like the ordinary elliptic curve cryptography, which we use a bunch of points on the same curve and use the property of this group to encrypt data.

An example of such algorithm is SIDH, and it's a new candidate for post-quantum Diffie-Hellman exchange, but requires a lot more CPU time.

Writing is a technology.

I’m no fan of Trump, but the false moral equivalence parenthetically made of Trump to Xi Jinping who jails journalists for even expressing a semblance of dissent on social media tells you all you need to know about what Scott’s opinion on morality is worth.

I read that as The Americans, The Russians, or The Chinese with their current leaders written in as stand-ins.

The false moral equivalence of american government with the totalitarian dictatorships of China and Russia is extremely misguided.

Domestically, yes. Internationally, no. The US has a long history, comparable to if not more extensive than either China or Russia, of supporting totalitarian regimes in other countries.

When accessing the potential danger of a new technology, for a large number of ordinary people in a lot of places around the world the chances of it being misused by the US against them is as likely as it being misused by Russia or China against them, and so lumping those three together is not unreasonable.

China is quite literally imprisoning their own citizens based on their faith and harvesting their organs for buyers while they are still alive. That's in addition to their Orwellian social credit system. That's in addition to their less recent massacres and abuses of totalitarian power. Please just stop. There is literally no comparison. If you asked me to die by a gas chamber or by being paralyzed, but still aware, and have my kidneys taken out, I'd take the gas chamber.

Yeah, I think Scott slipped up by making his reply so specific to one side of 2019 politics. The issue he's dealing with doesn't have anything to do with Trump or Greta Thunberg, but by bringing up their names he's shutting off critical thought in much of his audience by activating the political "yay us, boo them" reflex. Democrats will be inclined to automatically agree with him, Republicans will be inclined to automatically disagree, and critical thought will be poorer for it.

Hitler was a real person who existed, and there are some lessons to be learned from that time in history, but invoking Godwin's law is frowned upon because even the mention of his name tends to shut people's brains down. The same principle generalizes to any highly polarized name.

Scott Aaronson could learn something from Scott Alexander on this one. ;)

Scott replies to this objection in the comments:

> Trump has told us openly, over and over, that he’d do the same if he could (e.g., jail his political opponents). It’s only our system of checks and balances, or what’s left of it, that’s prevented him.

Trump has condemned journalists often enough; he only lacks the absolute power necessary to jail them.

It is acceptable to condemn others you disagree with, it is not acceptable to throw them in a cage.

e.g. https://www.bbc.co.uk/news/world-us-canada-48696131 - it's an empty threat, but it's still a threat.

>The morality of that, of course, could strongly depend on whether the codebreakers are working for the “good guys” (like the Allies during WWII) or the “bad guys” (like, perhaps, Trump or Vladimir Putin or Xi Jinping).

Yeah, not so sure about that. The allies might have been the "good guys" in WWII, but before and after they have enslaved 1/3rd of humanity as subjects in their colonials empires.

And they have been busy making enemies, toppling governments, meddling, dividing and conquering, etc all around the globe before and after WWII, and during the Cold War.

So, yeah, unless we compare to bona-fide Nazis, color me unimpressed with the idea that some group is so much better to unlock QC...

Besides, wasn't Germany itself, with tons of ex-Nazi leaders, sympathizers, and supporters in all areas of post war leadership [1], best pals with said Allies a mere few years after the war? (as West Germany was a good asset to have for Cold War purposes (and East Germany for USSR for the same)

Let's say the good and bad guys are in superimposition, as finger-pointing the fashionable names to be against in US politics du jour (Trump, Putin, Xi) doesn't really inspire confidence...

[1] So much that a big demand of younger germans in the 60s and 70s was the "denazification" of the country (I'm not speaking here of the namesake half-hearted allied attempt).

Nice take. It feels like the underlying question is "what should humans make a priority?". But we lack hindsight: it's a multi-armed bandit problem[0].

So the strategy should be in this case: let's try, and move towards what benefit us the most, and run away progressively from those things that aren't doing so.

Of course, how do we define "benefit" is the tricky part that's left to the reader...

[0] https://en.wikipedia.org/wiki/Multi-armed_bandit

Article Preview:

This morning a humanities teacher named Richard Horan, having read my NYT op-ed on quantum supremacy, emailed me the following question about it:


Is this pursuit [of scalable quantum computation] just an arms race? A race to see who can achieve it first? To what end? Will this achievement yield advances in medical science and human quality of life, or will it threaten us even more than we are threatened presently by our technologies? You seem rather sanguine about its possible development and uses. But how close does the hand on that doomsday clock move to midnight once we “can harness an exponential number of amplitudes for computation”?


I thought this question might possibly be of some broader interest, so here’s my response (with some light edits).

Dear Richard,

A radio interviewer asked me a similar question a couple weeks ago—whether there’s an ethical dimension to quantum computing research. I replied that there’s an ethical dimension to everything that humans do.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact