Slashdot Mirror

← Back to Stories (view on slashdot.org)

Quantum Computer Not Ready To Break Public Key Encryption For At Least 10 Years, Some Experts Say (theregister.co.uk)

Posted by msmash on from the closer-look dept.

physburn writes: The Register has spoken to some experts to get a better understanding of the risk quantum computers present to the existing encryption systems we have today. Richard Evers, cryptographer for a Canadian security biz called Kryptera, argues that media coverage and corporate pronouncements about quantum computing have left people with the impression that current encryption algorithms will soon become obsolete. But they will not be ready for at least 10 years, he said. As an example, Evers points to remarks made by Arvind Krishna, director of IBM research, at The Churchill Club in San Francisco last May, that those interested in protecting data for at least ten years "should probably seriously consider whether they should start moving to alternate encryption techniques now." In a post Evers penned recently with his business partner Alastair Sweeny, he contends, "The hard truth is that widespread beliefs about security and encryption may prove to be based on fantasy rather than fact." And the reason for this, he suggests, is the desire for funding and fame.

5 of 84 comments (clear)

  1. The experts say... by jlv · · Score: 3, Insightful

    The "experts" say "not possible for 10 years".

    This means it will likely happen in the next 18 months.

  2. Re:10 Years == nonexistent security margin by guruevi · · Score: 3, Interesting

    10 years to break today's encryption. We have more modern ciphers that will become used in the next few years that are resistant to the current theoretical models of quantum-computing based attacks.

    Also, quantum computing still has trouble of scale with larger keys, I assume that we'll see the next 10 years require 4096 or 8192 bit keys as scalable rental CPU and GPU becomes more powerful.

    And people really have to stop planning to have the same security model for the next 10 years in the future. Upgrades and long term support are becoming a necessity.

    --
    Custom electronics and digital signage for your business: www.evcircuits.com
  3. Re:10? by Megol · · Score: 4, Informative

    Sure, do you remember when DES was going to take the lifetime of the Universe to crack, then some egg-heads had custom ASICS fabbed and built Deep Crack (EFF DES Cracker), which could break DES in a day?

    No, I don't remember that for two reasons the most important being that nobody sane ever made such an idiotic claim. In fact in the wikipedia page linked by yourself (that you obviously didn't read) contains this: "One of the major criticisms of DES, when proposed in 1975, was that the key size was too short. Martin Hellman and Whitfield Diffie of Stanford University estimated that a machine fast enough to test that many keys in a day would have cost about $20 million in 1976, an affordable sum to national intelligence agencies such as the US National Security Agency".

    So not only didn't anybody make your ludicrous claim but people at the time said it was too easy to crack and estimated that one could realistically build a DES cracker.

  4. Re:How long do you want that document to be secure by necro81 · · Score: 3, Interesting

    To quote from Cryptonomicon:

    Randy ... has pointed out to Avi, in an encrypted e-mail message, that if every particle of matter in the universe could be used to construct one single cosmic supercomputer, and this computer was put to work trying to break a 4096-bit encryption key, it would take longer than the lifespan of the universe.

    "Using today's technology," Avi shot back, "that is true. But what about quantum computers? And what if new mathematical techniques are developed that can simplify the factoring of large prime numbers?"

    "How long do you want these messages to remain secret?" Randy asked, in his last message before leaving San Francisco. "Five years? Ten years? Twenty-five years?"

    After he got to the hotel this afternoon, Randy decrypted and read Avi's answer. It is still hanging in front of his eyes, like the after image of a strobe:
    I want them to remain secret for as long as men are capable of evil.

  5. Re:10? by sjames · · Score: 3, Interesting

    AES is currently broken in a cryptographic sense

    That cries out for a citation much as a man lost in the desert for a week cries out for water. As far as I know, the very best known attacks of AES256 reduce it to an effective 253 bits. That is FAR from broken in any sense.

    To say it's broken is like saying you can break a 2x4 with your bare hands as long as it came from a diseased tree and you saw 90% of the way through it first.