Slashdot Mirror
Quantum Computers Pose a Security Threat That We're Still Totally Unprepared For (technologyreview.com)
An anonymous reader quotes a report from MIT Technology Review: The world relies on encryption to protect everything from credit card transactions to databases holding health records and other sensitive information. A new report from the U.S. National Academies of Sciences, Engineering, and Medicine says we need to speed up preparations for the time when super-powerful quantum computers can crack conventional cryptographic defenses. The experts who produced the report, which was released today, say widespread adoption of quantum-resistant cryptography "will be a long and difficult process" that "probably cannot be completed in less than 20 years." It's possible that highly capable quantum machines will appear before then, and if hackers get their hands on them, the result could be a security and privacy nightmare.
Today's cyberdefenses rely heavily on the fact that it would take even the most powerful classical supercomputers almost unimaginable amounts of time to unravel the cryptographic algorithms that protect our data, computer networks, and other digital systems. But computers that harness quantum bits, or qubits, promise to deliver exponential leaps in processing power that could break today's best encryption. The report cites an example of encryption that protects the process of swapping identical digital keys between two parties, who use them to decrypt secure messages sent to one another. A powerful quantum computer could crack RSA-1024, a popular algorithmic defense for this process, in less than a day. The U.S., Israel and others are working to develop standards for quantum-proof cryptographic algorithms, but they may not be ready or widely adopted by the time quantum computers arrive.
"[I]t will take at least a couple of decades to get quantum-safe cryptography broadly in place," the report says in closing. "If that holds, we're going have to hope it somehow takes even longer before a powerful quantum computer ends up in a malicious hacker's hands."
Today's cyberdefenses rely heavily on the fact that it would take even the most powerful classical supercomputers almost unimaginable amounts of time to unravel the cryptographic algorithms that protect our data, computer networks, and other digital systems. But computers that harness quantum bits, or qubits, promise to deliver exponential leaps in processing power that could break today's best encryption. The report cites an example of encryption that protects the process of swapping identical digital keys between two parties, who use them to decrypt secure messages sent to one another. A powerful quantum computer could crack RSA-1024, a popular algorithmic defense for this process, in less than a day. The U.S., Israel and others are working to develop standards for quantum-proof cryptographic algorithms, but they may not be ready or widely adopted by the time quantum computers arrive.
"[I]t will take at least a couple of decades to get quantum-safe cryptography broadly in place," the report says in closing. "If that holds, we're going have to hope it somehow takes even longer before a powerful quantum computer ends up in a malicious hacker's hands."
Most sites that actually care use either 4096-bit RSA or have switched to EC at a comparable bit-strength. What are the predictions for QC against those?
NSA recommends against moving to EC as it’s less QC-proof than RSA. On the other hand, they might just be saying that to convince people to use RSA since NSA is likely to be the first organization to actually use QC in production. Maybe RSA is more crackable and the NSA wants to keep it that way.
Comment removed based on user account deletion
You mean like every hostile or competing nation state?
"it will take at least a couple of decades to get quantum-safe cryptography broadly in place", I hope this will happen soon
Quantum computing isn't happening, so the threat they pose is purely hypothetical.
Can you explain how a quantum computer could work?
How would one program the quantum computer if it existed?
How would one inspect code for errors?
How would one know truth of quantum computer output?
Soooo close to limitless cheap energy AND complete destruction of information systems.
My vote is yestermorrow
... scary AI.
I swim in the quantum theory waters and it's goddam near impossible to rake the jiggle out of one qubit. The temperature has to be at near-absolute zero and Heisenberg's Uncertainty Principle plus all of the laws of thermodynamics and the properties of quantum vacuum are working against us.
As the qubit count increases, the randomness multiplies at an exponential rate. It's a nice dream, as is the theory of AI killing us all, but the hurdles are too great.
In the spirit of, "never say never," a practical quantum computer is at least 100 years away.
And here's the 411 on the encryption fear, anyway: A quantum computer that could instantly break today's encryption could just as quickly create encryption that is impossible to break.
It little behooves the best of us to comment on the rest of us.
Once the Bits are tampered with (observed) they change.
[($)]
Just a way for otherwise useless academics to extract tax payer dollars from militaristic states.
Don't forget hydrogen fuel cells! Remember those? They even had a hydrogen bus in Chicago back in the 2000s. I wonder what happened to it?
I'm of the opinion that practical quantum computing is impossible (see link below for the argument). Start believing this too, and you will have one fewer things to be worried about!
https://spectrum.ieee.org/comp...
A few days ago one of the slashdot articles explained why quantum computers of a significant size will never be possible.
Which is right?
Some drink at the fountain of knowledge. Others just gargle.
Comment removed based on user account deletion
of course RSA-1024 has been considered too weak to use for a number of years now. How about RSA-2048 or 4096. regardless we are still many years from quantum computers that can even do 1024 let alone anything that is common use today
I thought elliptical curve cryptography was good enough?
Also, it occurs to me they're concerned about a "20 year" timespan to get it widely deployed. Maybe a truly excellent algorithm just got patented, and they have to wait until it's unencumbered for it to spread?
Your ad here. Ask me how!
The world relies on encryption to protect everything from credit card transactions to databases yet they keep getting hacked repeatedly so what's the point?
Any new solution will have a hidden backdoor or unpublished mathematical flaw that will be used as backdoor. I'm just saying.
GOP data, DNC data, NSA data, the weak link is always humans.
So no matter how much you encrypt your data , we can all read it on Wikileaks one day.
Except maybe for Hillary's private email server because even the FBI can't find them.
It's called the OTP (one time pad). It's immune to quantum based attacks and, if your adversary is online only, you can distribute them physically..
Don't forget hydrogen fuel cells! Remember those?
You should not ridicule hydrogen fuel cells. They turned out to not be the best solution, but when facing a critical need the best approach is a Flooding Algorithm, where you research every plausible solution. It is important to not only identify what works, but also what doesn't work. The cost of the research failures is negligible compared to the benefit of finding the best alternative transportation technology.
There are no QCs of sufficient size to even break amateur-crypto. Scaling is proving difficult enough that it is unclear whether it works at all. There is no threat here. No, really not.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
But are you ready for climate change!? It's coming!!
It can get the answer before the question is asked! How on earth can anything beat that?
You think I'm joking but that is the current state of physics.... so I would 't worry about encryption. It's safe.
No all of physics applies in all of places. Your departmental separtions are not enforced by the universe.
That snuff voip call that the Saudi bone saw prince made torturing Kashoggi, the Washington Post journalist, ... it was all recorded. Someone claimed it was skype, but I think it was whatsapp, because that pretends to have end to end encryption.
If a Saudi prince can't rely on encryption while murdering a US journalist, nobody can rely on encryption.
I don;t remember the CIA or other agencies putting Americans first. They put the establishment first and assassinate anyone that gets in their way, up to and including the President in some cases. Kennedy was trying to reign in the CIA and have military oversight of them. We the people need to start using quantum resistant encryption now, except Australia which seems to have outlawed it. Don't let them do ecommerce. They will just give it a bad name now that your ebay and Amazon passwords are not really yours anymore in Australia, and no Bitcoin either of course as that uses encryption.
There's a lot of cryptocurrency mining hardware being dumped & can be repurposed to solve Wikileaks Insurance Files encryptons. Pursuing this direction & not knowing when solves will happen will motivate govs & banks to correct themselves. And that is a Good Thing to do.
What about governments?
who cares, encryption will be broken by the time viable quantum computers are a reality anyway.
australia is just the first domino to fall, soon other nations will follow and all encryption must be breakable by law.
On a long enough timeline, the survival rate for everyone drops to zero.
Obviously the solution is for the government to ramp up the deficit to a number too big for the hackers to cash.
Since cryptography depends on very large primes, couldn't quantum computers actually be used to find very large primes that conventional computers would take years to find?
Just saying. Maybe the prime nubers might get much larger and conventional computers can use those primes.
Itâ(TM)s here bruh
I already use the best transportation technology.
*hops away banging 2 coconuts together*
With the cost of storage. I dont know why everybody , but especially large organization doesnt start padding legetimate data with a LOT of legitimate looking garbage and encrypt it all.
It would be a bit like salting except funny..
It would really dampen the fruits of bad peoples efforts. Such as the nsa.
Same thing at times. Or didn't you know that? The arms race is real on this front.
"File to fit, pound to insert, paint to match" - Aircraft Maintenance 101
Uhh... going pretty strong. Prices have been gradually coming down and there is a lot of interest from industry. However, since batteries have also improved in the meantime, the focus is moving away from consumer applications (cars) to larger ones (ships, buses, trucks, trains, even regional planes), so they are not so visible to the man in the street.
I do work in hydrogen & fuel cells, and in the last 2-3 years we have seen a surge in industrial interest we can barely handle. We know that FC manufacturers are tooling for mass production, at which point prices will fall a lot faster. At this point we are where batteries were about 15 years ago, with some applications ready for deployment (buses, home CHP, trucks, trains) and plenty of others in advanced development—maritime is likely the next big thing.
So just because you don't hear about it in the 9 o'clock news it does not mean it has been abandoned. It has simply dipped down from the hype peak and started maturing.
Victims of 9/11: <3000. Traffic in the US: >30,000/y
Research on quantum computing is now over 35 years old, and it has been systematically hyped all along, while having very little to show for itself. Existing quantum computers have yet to solve anything that can't be solved by traditional computers far more cheaply, an at least as efficiently, for all practical purposes. The horizon for quantum computers capable of tackling non-trivial problems was ten years away ten years ago, and it still remains ten years away today. Finally, it is not even clear yet that the engineering associated with keeping qubits appropriately entangled for solving problems of interest can be developed, just we don't know whether the engineering associated with warp drives is attainable. True, practical quantum computers may be developed within the next ten years - but the may also never be developed - we don't know yet. At this point, I'd bet that we'll get practical controlled nuclear fusion before we get practical quantum computing - i.e. quantum computing that solves serious, non-Mickey Mouse problems.
widespread adoption of quantum-resistant cryptography "will be a long and difficult process"
What other computer technology took 20 years to get widespread adoption? The last one I could think of was either the Internet itself or the WWW.
Why would cryptography take so long?
Or are we talking about getting quantum-resistant cryptography in our InternetOfThings devices? I'm screwed if someone's using that much resources to hack my car. It would probably be cheaper to hire a league of assassins to take me out.
Help! I'm a slashdot refugee.
I have committed nothing to digital format worth protecting
Don't forget hydrogen fuel cells! Remember those? They even had a hydrogen bus in Chicago back in the 2000s. I wonder what happened to it?
What happened to it is that you can now lease hydrogen vehicles in California and GM and Honda have a joint fuel cell plant and predict that it will actually be profitable to sell FCEVs in the next generation. GM in particular is betting on Hydrogen to be the future fuel of the military. If you actually cared about this stuff, though, you'd know all of this.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
TOO MANY SECRETS. Quantum computing will be code-breaking box off Sneakers.
And fusion! Or thorium? Or any number of free energy devices that the inventors just need a LITTLE more capital to finally get above 1:1.
Hydrogen fuel cells themselves I agree do not deserve ridicule, but the hype that they were going to take over and replace everything can be mocked.
SSL = corporations hand-jobbing each other ("signing") and claiming they are "trusted". By who? Each other? Gimme a break. Too many times people trust encryption only to be let down by it either being a shitty implementation that gets hacked or the algo itself gets broken (or more likely becomes "questionable" and in some grey area due to some asshole's "paper" on some esoteric part of the algo). Do I see the need for it in theory? Yes. I do understand why authorization and authentication processes as well as data transport is best secured. I'm just saying that on the flipside of these needs, it's also worth looking at the fact that the old saying about 'putting your eggs in one basket' looks pretty apt for crypto. It's a great place to put all your shit and then find out it's nowhere near as secure as writing it in cleartext on a 3x5 notecard in your desk. People need to keep in mind that no single security measure keeps you protected. That's why we have defense in depth strategies that view crypto as one small part (a part I believe should get even smaller). Crypto also seems to work a lot better for corrupt governments and rich assholes, but nobody likes pointing that out and instead resort to fantasies about Greenpeace and Amnesty International NGO's using PGP to send secret messages to the free world. In reality, it's the corporations and giant global fuckers that get the most mileage out of it (think SSL and other corporate design-by-committee crypto garbage). I'd sooner trust sensitive data to a typewriter and a steel safe than a crypto algorithm and someone's lame implementation. Experience shows that shit has a rough track record.
I think the supposition that the fossil fuel industry would abandon $Trillions of infrastructure and proven petrol reserves was the greatest failing of the hydrogen revolution.
It is damn difficult to get a new industry off of the ground when the existing industry has a boot on their throat
We will all be underwater before this happens, so don't worry about it.
Good until you open the box.
I await the Quantum EULA
Some drink at the fountain of knowledge. Others just gargle.
the hype that they were going to take over and replace everything can be mocked.
I must have missed the hype. I remember GWB advocating hydrogen fuel cells, but nobody believed he was serious, and he was widely ridiculed at the time. I don't remember anyone else hyping it.
I think the supposition that the fossil fuel industry would abandon $Trillions of infrastructure and proven petrol reserves was the greatest failing of the hydrogen revolution.
That is not why hydrogen fuel cells failed. They failed partly because the fuel cells are expensive (requiring platinum coatings), need regular maintenance to keep the membranes clean, and have very limited range because of the difficulty of storing H2.
But the main reason they failed was because of dramatic advances in the cost and storage capacity of lithium batteries.
Bill,
The dirty catalyst and hydrogen storage issues are technical in nature and have been largely addressed in research.
The much larger issue has always been the lack of a wide-spread distribution network, and the lack of a motivated (and cash-rich) industry to build it out.
We have seen similar issues with Lion batteries. However, these were addressed by a well-funded industry as Lion batteries were applied to microelectronics. It is only after decades of application to personal electronics that is has been possible to apply to vehicles, with very large players finally deploying their own charging station networks.
IMO, fuel cells lacked the incremental markets that Lion batteries enjoyed, largely because fuel cells were an obvious competitor to the fossil fuel industry.
There is a reason that the term "hydrogen mafia" was coined, and it was NOT meant to support the adoption of the technology.
Hope you are well -AC
SEATEC Astronomy would benefit everyone. We could all listen to the reporter be murdered to pleade the Saudi prince. And hear Doland's reactions of "he wasnt a us citizen anyways" over and over again.
Too Many Secrets.
Is this /. or some news outlet for old fogies who don't understand computers? Isn't it already a standard security practice to only allow a few tries at a password before requiring a few minutes wait time til anyone can try again? No matter how fast an attacking computer is, its speed won't be an advantage if it can only attempt 3 tries every 15 or 20 minutes.
use q computer to make new crypto.
duh.
A flooding algorithm? You mean stress? Yeah. it's stress.