'Cryptography's Future Will Be Quantum-Safe. Here's How' (quantamagazine.org) 17
Fearing the possibility of encryption-cracking quantum computers, Quanta magazine reports that researchers are "scrambling to produce new,'post-quantum' encryption scheme."
Earlier this year, the National Institute of Standards and Technology revealed four finalists in its search for a post-quantum cryptography standard. Three of them use "lattice cryptography" — a scheme inspired by lattices, regular arrangements of dots in space.
Lattice cryptography and other post-quantum possibilities differ from current standards in crucial ways. But they all rely on mathematical asymmetry. The security of many current cryptography systems is based on multiplication and factoring: Any computer can quickly multiply two numbers, but it could take centuries to factor a cryptographically large number into its prime constituents. That asymmetry makes secrets easy to encode but hard to decode.... A quirk of factoring makes it vulnerable to attack by quantum computers.... Originally developed in the 1990s, [lattice cryptography] relies on the difficulty of reverse-engineering sums of points...
Of course, it's always possible that someone will find a fatal flaw in lattice cryptography... Cryptography works until it's cracked. Indeed, earlier this summer one promising post-quantum cryptography scheme was cracked using not a quantum computer, but an ordinary laptop.
At a recent panel discussion on post-quantum cryptography, Adi Shamir (the S in RSA), expressed concern that NIST's proposed solutions are predominantly based on lattice cryptography. "In some sense, we are putting all eggs in the same basket, but that is the best we have....
"The best advice for young researchers is to stay away from lattice-based post-quantum crypto," Shamir added. "What we really lack are entirely different ideas which will turn out to be secure. So any great idea for a new basis for public-key cryptography which is not using lattices will be greatly appreciated."
Lattice cryptography and other post-quantum possibilities differ from current standards in crucial ways. But they all rely on mathematical asymmetry. The security of many current cryptography systems is based on multiplication and factoring: Any computer can quickly multiply two numbers, but it could take centuries to factor a cryptographically large number into its prime constituents. That asymmetry makes secrets easy to encode but hard to decode.... A quirk of factoring makes it vulnerable to attack by quantum computers.... Originally developed in the 1990s, [lattice cryptography] relies on the difficulty of reverse-engineering sums of points...
Of course, it's always possible that someone will find a fatal flaw in lattice cryptography... Cryptography works until it's cracked. Indeed, earlier this summer one promising post-quantum cryptography scheme was cracked using not a quantum computer, but an ordinary laptop.
At a recent panel discussion on post-quantum cryptography, Adi Shamir (the S in RSA), expressed concern that NIST's proposed solutions are predominantly based on lattice cryptography. "In some sense, we are putting all eggs in the same basket, but that is the best we have....
"The best advice for young researchers is to stay away from lattice-based post-quantum crypto," Shamir added. "What we really lack are entirely different ideas which will turn out to be secure. So any great idea for a new basis for public-key cryptography which is not using lattices will be greatly appreciated."
Re: (Score:3)
Symmetric ciphers on the other hand have that problem of getting the key safely to the other side. What do you think asymmetric ciphers are being used in PKI? For the whole communication?
Re: KISS PK Crypto GOOD BYE ! (Score:2)
Yes, you have cipher officers transporting hardware enforced one time pads hither and thither. Or you could make pretend that running a civilization off conjectures is wise, stick your fingers in you ears each time another half billion magically walks off a crypto exchange. Look at the Binance bridge thing, the writing is on the wall. Too much value for anyone not to find a way if it exists, why not use proven crypto?
Re: (Score:2)
You do know that PKI has fuck all to do with the whole blockchain bull, right? I mean, yeah, it uses a similar technology, but that's about it.
Block chain is based on asymmetric keys AKA PKI (Score:2)
So that Alice can sign them and Bob can verify them without Bob being able to forge signatures.
And that is what is vulnerable if Quantum Computers can be scaled, which is unclear.
Re: (Score:2)
There's so much uncertainty about quantum computer that it is literally fitting to the subject itself.
Beware the quantum boogeyman (Score:1)
Cryptosystems having withstood decades of concerted efforts to crack make quantum boogeyman sad.
He would be most appreciative if you would all willingly agree to replace your impenetrable castle walls with a small lattice fence.
Re: (Score:3)
You'd expect Lattice to be chained with RSA or ElGamal in practical use given their much longer history, where computational efficiency isn't paramount.
"Scrambling" my eye (Score:5, Informative)
They've seen this coming for years and have had the plan in place just as long. There is no "scrambling" going on - they're meeting their timetable.
But hey, why ruin a chance for a clickbait headline - you might manage to grab a buck or two in ad revenue.
Quantum is the new Blockchain (Score:2, Funny)
I predict a near future where every other story on Slashdot will be about quantum something or other, where stupid companies with no viable business plan and insane market cap will hit the news just because they're doing quantum something or other.
Re: (Score:3)
My new business, Quantum of Solace, is for people who want extremely short naps.
Re: (Score:2)
well, this is the thing: even if it were useless for anything else, there is reason to believe it will break the crypto everything running in our civilization depends on. that's the kind of "potential progress" where elites, authorities, and actually anyone with some significant "property", kind of get tunnel vision. i can understand why. no i don't think it ends well.
Re: (Score:2)
As the saying goes (Score:3)
Re: (Score:1)
Cool (Score:2)