Long-time Slashdot reader CrtxReavr shares a report from ZDNet: Quantum computers will be able to instantly break the encryption of sensitive data protected by today's strongest security, warns the head of IBM Research. This could happen in a little more than five years because of advances in quantum computer technologies. "Anyone that wants to make sure that their data is protected for longer than 10 years should move to alternate forms of encryption now," said Arvind Krishna, director of IBM Research... Quantum computers can solve some types of problems near-instantaneously compared with billions of years of processing using conventional computers... Advances in novel materials and in low-temperature physics have led to many breakthroughs in the quantum computing field in recent years, and large commercial quantum computer systems will soon be viable and available within five years...
In addition to solving tough computing problems, quantum computers could save huge amounts of energy, as server farms proliferate and applications such as bitcoin grow in their compute needs. Each computation takes just a few watts, yet it could take several server farms to accomplish if it were run on conventional systems.
The original submission raises another possibility. "What I wonder is, if encryption can be 'instantly broken,' does this also mean that remaining crypto-coins can be instantly discovered?"
This could theoretically be the biggest breakthrough in computing since transistors, and this person is wondering about how it's going to affect Monopoly money? Jesus.
Also, no it can't, at least for the crypto currencies I am aware of. Quantum computing breaks the current commonly used asymmetric cryptographic algorithms used to move data around securely (https, encrypted email, chat, etc.). Not symmetric algorithms that encrypt data at rest (full disk crypto, etc.) and not the hashing algorithms that crypto currencies use for proof of work. You could potentially steal existing coins/tokens from people's wallets though unless the devs move to a post-quantum algorithm.
You have no idea what you're talking about, do you?
You've got all the right words there, but completely the wrong concepts behind them. You do realize that ALL of the data shipped around via HTTPS is encrypted with symmetric algorithms, right? And that asymmetric algorithms are used to create and agree on the symmetric keys to be used for communications, right?
What a strange and verbose way of saying "you're right, quantum computing will break HTTPS".
The ownership of your wallet is still guarded by asymmetric encryption.
To be clearer: Quantum computers break things based on number factoring, eg. certificate signing.
It doesn't break block ciphers like AES.
It might break blockchain, yes, but, like, who cares?
Hashes are actually one of the best ways to stay QC-safe.
At the moment, we use our existing encryption algorithms to generate hashes. Instead, most of the quantum-safe encryption algorithms use hashes to build themselves.
The reason is quite simple if I can use an analogy. It's not 100% accurate, but good enough to make most people understand.
First - a hash.
You take an input, you generate a "mini-mash" of it - you jumble it up and cut bits out in a predictable manner until you get something that is absolut
Yes. That "monopoly money" is kind of a big thing. And it uses encryption. Which is what this is about.
Cool.
So all your web browsers and disk encryption programs have got a quantum-safe algorithm in them already, then, and you're using it, right? So that your data is safe for the changeover they're talking about.
I think you'll find this is IBM warning that they - as a company trying to build quantum computers at the moment - see them coming in the next five years, which means we should have moved 5 years ago.
It's a warning that is going unheeded.
No. Elliptic curves are not quantum-safe.
What we have already,
I believe that QC will only attack the "large number" asymmetric algorithms - RSA, ECC, etc. I believe that symmetric algorithms such as AES aren't as susceptible to QC attacks - Grover's Algorithm cuts the effective key length in half (AES-128 could be brute forced by a QC as though it had a 64 bit key; AES-256 effectively eliminates that problem).
Of course, without the asymmetric algorithms it's really tough to set up a secure session, especially with a server that you don't know.
"does this also mean that remaining crypto-coins can be instantly discovered?"
No, that's not how the minting of new coins work, at all.
There are theoretical issues where someone might learn your private key from seeing a transaction, but they're mitigated for all new addresses and usage.
https://en.bitcoin.it/wiki/Qua... [bitcoin.it]
Wasn't elliptic curve cryptography supposed to be resistant to quantum computers?
The original submission raises another possibility. "What I wonder is, if encryption can be 'instantly broken,' does this also mean that remaining crypto-coins can be instantly discovered?"
Yes and No.
Of course the alternate encryption like that which IBM recommend happens to be owned by IBM. Better buy in now!
Article is very light on evidence of any new form of successful attack so it's a bit premature to advise the sky is falling just yet!
Better encryption methods are always being worked on and we will phase out the old encryption methods when they become stale and move onto more resistant types.
As it so happens there are already some constructions (and they have been around for some time) that can be used such as Ring-LWE and NTRU which have been shown to hold up against classic and Quantum based attacks.
