"Today's hard problem, factoring very large prime numbers, is exactly what a quantum computer might achieve"
Err... I can do that.
(it's right lower down though)
Pass the hash for peace, love and security in the quantum computing age
Digital signatures, one of the fundamental parts of cryptography, may one day be threatened by quantum computers – so crypto-boffins are busy devising schemes that can survive a post-quantum world. In a paper that's just landed at the International Association for Cryptologic Research, a group of UK and Belgian researchers are …
-
-
Tuesday 2nd August 2016 18:42 GMT sitta_europea
[Quote Anonymous Coward:]
"Today's hard problem, factoring very large prime numbers, is exactly what a quantum computer might achieve"
Err... I can do that.
[/Quote]
No you can't, unless you mean that prime numbers are, well, prime -- that is they don't have any factors other than 1 and the prime number itself.
Which leads me to ask the author of the piece...
-
-
Tuesday 2nd August 2016 06:49 GMT frank ly
If quantum computing advances so much that it's a 'problem' in this way then quantum communication channels would also be quite easily available. I thought that one of the characteristics of a quantum entangled (quantangled?) channel was that you could tell if it had been intercepted,but it is relatively slow. So, they could send the secret symmetric key via a quantum-secure channel?
-
Tuesday 2nd August 2016 07:08 GMT Lee D
The problem is that they are two different parts of quantum mechanics.
Though building a quantum machine might require entanglement in part, only a relatively tiny one, in a massive lab dedicated to it, is necessary to solve any prime factorisation problem thrown at it - basically as fast as you CAN throw them at it.
Whereas quantum entanglement as security requires fibre optic connections - at the very least - and actual transmission and reception of quantum entangled photons between the sender and recipient in order to work.
They are entirely different practical problems and having one does not automatically give you the other.
Thus, the need for "quantum-proof" encryption will arrive long before you're connected by direct, unamplified, unrepeated, fibre-optic connection to every website you want to communicate with securely.
-
-
-
Tuesday 2nd August 2016 16:46 GMT Speltier
Storage is Cheap
If you can share the "keys", just share the one time pad. Not very scalable, and very 1940's, but it works. After all, storage is cheap, sharing several TB of suitable entropy random data is pretty simple once you get over the key distribution bit.
Sig ver using key fragments. Kind of interesting, if you don't mind setting a level of confidence less than 100% that the sig verifies. On the other hand, sig ver is never really 100% in the figurative sense, since there is always the probability that the signing key was broken, purloined, or otherwise taken advantage of.
Since state actors are as close as 2 years to QC breaking real system keys on a production basis (vs. now, on a onesy twosy experimental basis), PQC schemes are getting closer to desperately needed from being nice to have, or even blue sky.
-
Wednesday 3rd August 2016 15:55 GMT allthecoolshortnamesweretaken
It's certainly a good thing to think about this now, and one way or another the results of the studies will teach us something. However, I won't start to worry until I see the first working quantum computer that is worthy of the name. And if it comes to the worst I'll start using henchmen to distribute one time pads for the really sensitive stuff.
Biting the hand that feeds IT
