Slashdot Mirror
Quantum Computer Not Ready To Break Public Key Encryption For At Least 10 Years, Some Experts Say (theregister.co.uk)
physburn writes: The Register has spoken to some experts to get a better understanding of the risk quantum computers present to the existing encryption systems we have today. Richard Evers, cryptographer for a Canadian security biz called Kryptera, argues that media coverage and corporate pronouncements about quantum computing have left people with the impression that current encryption algorithms will soon become obsolete. But they will not be ready for at least 10 years, he said. As an example, Evers points to remarks made by Arvind Krishna, director of IBM research, at The Churchill Club in San Francisco last May, that those interested in protecting data for at least ten years "should probably seriously consider whether they should start moving to alternate encryption techniques now." In a post Evers penned recently with his business partner Alastair Sweeny, he contends, "The hard truth is that widespread beliefs about security and encryption may prove to be based on fantasy rather than fact." And the reason for this, he suggests, is the desire for funding and fame.
The "experts" say "not possible for 10 years".
This means it will likely happen in the next 18 months.
I've been led to thinking that it will never be feasible. We don't know yet, but there are good reasons to think it might not pan out - for breaking crypto.
E.G. The energy required to cool a volume of space for an n-qbit machine to temps that will maintain entanglement between the qbits will scale with 2^n. So you spend just as much energy doing it in parallel on a quantum computer as you would in a classical computer serially. This isn't known to be true, but try plotting the size of fridge against n for existing quantum computers and see what the curve looks like.
or
You can't achieve the isolation from the surrounding universe (which is kind of the same thing).
I've seen other arguments about noise presented by physicists, but I haven't grokked them sufficiently,
Quantum computing for physics simulation, as envisioned by Feinman, makes a lot more sense.
I should use this sig to advertise my book ISBN-13 : 978-1501515132.
Ah. Spoken like a true armchair security warrior. I love the sweeping declarations. If your security is breached when someone can open all your locks then you should rethink your security.
Here are a few points to consider for you:
1) My electronic security isn't all (or even necessarily mostly) in my hands any more. It's in the hands of banks, government agencies, and (not me but for the rest of you) social networks. I'm just sure that every tired career bureaucrat is just jumping at quantum computing resistant security. They are just right on that.
2) In addition to my most important data residing, for the most part, in the hands beyond my control, so are the standards. Name a major implementation of an encryption technology standard that deprecated an algorithm before it was demonstrably broken. AES is currently broken in a cryptographic sense and there is not whisper on the horizon of deprecating it. Too costly.
3) In addition to data being at the control of others, and available cryptography being at the mercy of established standards, even when standards are quick enough to add "heir and a spare" algorithms, the software that makes use of those standards doesn't necessarily have the configurability to choose the right algos. Dovecot, for example, just recently added in configurations to allow you to select which curves to use. For years you were stuck with terrible NIST curves which are at best horribly suspect, even though most systems had better curves.
All these things are mitigatable to an extent, but you have to be a hermit not to be vulnerable.