On Fri, Nov 10, 2017 at 1:45 PM, Yuraeitha <[email protected]> wrote:

> Either way, cryptography protected by "structure", should be safe against a 
> quantum computer, no? while all encryption without structure, would be 
> extremely vulnerable to quantum computers?

I am not sure what you mean by "structure" in this context. If any of
my guesses are correct, then I do not think that is the issue.

> Basically, long story short, is Qubes at risk in the near future of real 
> quantum computing decryption attacks? For example, has there already gone 
> thoughts or even development into securing Qubes against type of attacks like 
> these?

I'm on several crypto mailing lists & follow the field fairly closely,
though I would not claim to understand everything I read, let alone
everything going on. As far as I can see, more-or-less everyone in the
field agrees quantum computers are a serious threat in the long term,
but no-one is much worried about threats in the next few years. Of
course they could be wrong; neither AI researchers nor Go players
thought a program that could win against top human players would turn
up for decades, but then Google produced Alpha Go which did just that.
A real paranoid would worry about whether some government lab already
had a quantum computer capable of breaking a lot of crypto; my guess
is that is not a realistic fear, but who knows?

The most worrisome threat is that a large enough (a few thousand
q-bits) quantum machine breaks RSA public key encryption. RSA relies
on sufficiently large semi-primes (products of two primes) being hard
to factor. See https://en.wikipedia.org/wiki/Integer_factorization for
background. There are about a dozen known methods for finding the
factors, but on classical computers none that are efficient in the
general case. On a quantum computer, though, there is a known
efficient algorithm https://en.wikipedia.org/wiki/Shor%27s_algorithm
so a big enough quantum machine breaks RSA.

That is a huge threat since RSA is very widely used. PGP, IPsec,
Secure DNS, SSL & SSH (or at least most variants) all fall if RSA
does. There are other public key methods that might replace RSA, but
it is not clear they are safe either.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/CACXcFmkqCY1tPn21bnKKYGnzVBrUyOpFshKutJxg%2BswMWn97Tg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to