<p dir="ltr">What Jen said.</p>
<p dir="ltr">FM</p>
<div class="gmail_quote">On Nov 18, 2014 1:39 PM, "jen" <<a href="mailto:jen@redshiftzero.com">jen@redshiftzero.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">As Eviljoel says, the prototype quantum computers that we know currently<br>
exist can only factor small integers - classical computers are right now<br>
still your best bet at factoring big numbers. For example, current<br>
quantum computers can factor ~8-bit numbers, but classical computers can<br>
factor 768-bit numbers (in a year [0]). So unless one is using an RSA<br>
modulus of 15, one is probably pretty alright versus quantum computers<br>
(though not against classical computers... or human children and their<br>
pesky arithmetic skills). Of course, this is all based on public<br>
information. It is possible that some agency with an $11B budget for<br>
cracking crypto might have a greater capability, though I doubt even<br>
they can do much more with respect to quantum computation.<br>
<br>
With that said, a lot of interesting academic work is going on to make<br>
cryptosystems that are strong against adversaries with both classic and<br>
quantum computers. Many ideas like lattice-based cryptography that your<br>
article mentions toward the end have been around for a long time but are<br>
getting renewed interest because of this threat. One of the main<br>
problems right now for at least lattice-based crypto is that it's slow<br>
and thus impractical. And even when we do have cryptosystems that are<br>
both practical and quantum-resistant, it's a long and frustrating path<br>
to having such a system be deployed everywhere, as we've seen when<br>
trying to migrate away from weak ciphers like RC4 [1].<br>
<br>
If anyone is particularly interested in this topic, I recommend checking<br>
out a nice book that Dan Bernstein and others have written on various<br>
future PK cryptosystems (including lattices) [2].<br>
<br>
Best,<br>
<br>
Jen<br>
<br>
[0] <a href="https://eprint.iacr.org/2010/006.pdf">https://eprint.iacr.org/2010/006.pdf</a><br>
[1] <a href="https://blog.cloudflare.com/killing-rc4-the-long-goodbye/">https://blog.cloudflare.com/killing-rc4-the-long-goodbye/</a><br>
[2] <a href="https://www.springer.com/mathematics/numbers/book/978-3-540-88701-0">https://www.springer.com/mathematics/numbers/book/978-3-540-88701-0</a><br>
<br>
eviljoel wrote:<br>
> Hey Joe,<br>
><br>
> It is generally believed that a quantum computer that can do non-trivial<br>
> computation is still at least several years away (if not 10s or 100s of<br>
> years away). When that happens, I am sure we'll move to quantum<br>
> cryptography.<br>
><br>
> Joel Luellwitz<br>
><br>
><br>
> On 11/17/2014 11:48 PM, joe fuentes wrote:<br>
>> I came across this and wanted to share with you.<br>
>><br>
>> It sez quantum computing will make mince pie meat out of crypto.<br>
>><br>
>> Wot are your thoughts on this? Post please.<br>
>><br>
>> /Wot do I think?/ *The end is nigh!*<br>
>><br>
>> <a href="http://www.makeuseof.com/tag/quantum-computers-end-cryptography/">http://www.makeuseof.com/tag/quantum-computers-end-cryptography/</a><br>
>><br>
>><br>
>><br>
>> _______________________________________________<br>
>> cryptoparty-chi mailing list<br>
>> <a href="mailto:cryptoparty-chi@groups.sshchicago.org">cryptoparty-chi@groups.sshchicago.org</a><br>
>> <a href="http://groups.sshchicago.org/listinfo/cryptoparty-chi">http://groups.sshchicago.org/listinfo/cryptoparty-chi</a><br>
>><br>
><br>
><br>
><br>
> _______________________________________________<br>
> cryptoparty-chi mailing list<br>
> <a href="mailto:cryptoparty-chi@groups.sshchicago.org">cryptoparty-chi@groups.sshchicago.org</a><br>
> <a href="http://groups.sshchicago.org/listinfo/cryptoparty-chi">http://groups.sshchicago.org/listinfo/cryptoparty-chi</a><br>
><br>
<br>
--<br>
***************<br>
Jen<br>
@redshiftzero<br>
PGP 0x90CC0310<br>
@CryptopartyChi<br>
***************<br>
<br>
<br>_______________________________________________<br>
cryptoparty-chi mailing list<br>
<a href="mailto:cryptoparty-chi@groups.sshchicago.org">cryptoparty-chi@groups.sshchicago.org</a><br>
<a href="http://groups.sshchicago.org/listinfo/cryptoparty-chi">http://groups.sshchicago.org/listinfo/cryptoparty-chi</a><br>
<br></blockquote></div>