@ Sandy Harris On Friday, November 10, 2017 at 10:29:48 PM UTC, Sandy Harris wrote: > On Fri, Nov 10, 2017 at 1:45 PM, Yuraeitha <[email protected]> wrote: > > > Either way, cryptography protected by "structure", should be safe against a > > quantum computer, no? while all encryption without structure, would be > > extremely vulnerable to quantum computers? > > I am not sure what you mean by "structure" in this context. If any of > my guesses are correct, then I do not think that is the issue. > > > Basically, long story short, is Qubes at risk in the near future of real > > quantum computing decryption attacks? For example, has there already gone > > thoughts or even development into securing Qubes against type of attacks > > like these? > > I'm on several crypto mailing lists & follow the field fairly closely, > though I would not claim to understand everything I read, let alone > everything going on. As far as I can see, more-or-less everyone in the > field agrees quantum computers are a serious threat in the long term, > but no-one is much worried about threats in the next few years. Of > course they could be wrong; neither AI researchers nor Go players > thought a program that could win against top human players would turn > up for decades, but then Google produced Alpha Go which did just that. > A real paranoid would worry about whether some government lab already > had a quantum computer capable of breaking a lot of crypto; my guess > is that is not a realistic fear, but who knows? > > The most worrisome threat is that a large enough (a few thousand > q-bits) quantum machine breaks RSA public key encryption. RSA relies > on sufficiently large semi-primes (products of two primes) being hard > to factor. See https://en.wikipedia.org/wiki/Integer_factorization for > background. There are about a dozen known methods for finding the > factors, but on classical computers none that are efficient in the > general case. On a quantum computer, though, there is a known > efficient algorithm https://en.wikipedia.org/wiki/Shor%27s_algorithm > so a big enough quantum machine breaks RSA. > > That is a huge threat since RSA is very widely used. PGP, IPsec, > Secure DNS, SSL & SSH (or at least most variants) all fall if RSA > does. There are other public key methods that might replace RSA, but > it is not clear they are safe either.
Let me try rephrase the structure part, I may not have understood it correctly, and I can tell you know more than I do about encryption, so let me try emphasis the quantum part, which may or may not be right. I'm curious whether or how it can fit into encryption, so this is kind of a thought experiment. The logic in this analogy I'm sure you already know, but I want to use the analogy's conclusion to make a point afterwards, so here goes. Using a massive labyrinth analogy to solve a decryption calculation, a traditional classic computer can only seek one path at a time (1/0 on/off transistor logic), and if it's a dead end, it has to return to try another path, each turn, or dead end, being a calculated 1/0 state of information. A quantum computer can do many or even all paths at once in a single calculation instant, with having multiple or exponentially many states between 1/0, thereby following multiple of paths, resulting in a lot of dead ends, but at the same time discovering the single path out of the massive labyrinth, all in a few or a single calculation, depending on how many qubits the quantum computer has available. It's a bit simplified, but enough to make the analogy point. SO, by structure, I mean, what if the labyrinth is full of closed doors, where you need to solve puzzles that are possible to solve with numbers? But instead use something like human thought logic pattern? This would require either a human or a sophisticated A.I. to solve, but it's also more akin to that of a traditional computer, patterns, structures, based in many 1/0 forming a structure, and the answer can only be found if maintaining this structure all at once. A quantum computer cannot do that, right? If I understood it correctly, a quantum computer may be truly scary in its insane calculative power, but, it's by no means capable of being "smart", at the very least, not on its own. Where my knowledge of how encryption works, truly falls apart, is regarding the need of near-perfect or the not reached difficult to archive, perfect entropy. The more entropy, or chaos without structure and order, the harder it becomes to predict anything, and the harder it becomes to crack an encryption. This much is correctly understood I assume? So, if putting in roadbloacks for the quantum computer, which it cannot calculate, it significantly slows down it's quantum speed. Even if introducing a classic computer or A.I. to work together with the quantum computer, if the road blocks are difficult enough, it would overall slow down the quantum computer enough to make it impossible to crack the encryption. But doesn't roadblocks, or "structure" reduce the entropy? Thereby making it easier to crack? As such, is this not correctly understood? or is it instead a paradox akin to catch-22 paradox logic? Perhaps such roadblocks, if they are feasible, does not hurt the entropy itself? Thanks a lot for the info, real life cases, and wiki links btw, will definitely have to look into it further to learn more. [email protected] On Friday, November 10, 2017 at 10:51:08 PM UTC, [email protected] wrote: > In this case you should ask the luks/dmcrypt mailinglist as that is what > qubes uses for disk crypto. > > I doubt anyone here bar the internets favorite folk hero "kedward > howden" would piss off some company/government enough for them to spend > the hundreds of thousands of dollars one to rent such a machine. Yes indeed, but as mentioned, I'm putting up the discussion here despite having mentioned more appropriate forums. I'm not only seeking answers, but also concerned about the collective awareness. I'm not worried about today or even tomorrow, rather I'm worried about next year or the few short years to come. Consider this instead. Imagine the old story of the king asking the peasant what he'd like for reward from his good deeds to the king and the kingdom. The peasant then suggests, that he'd like a portion of corn every day for the duration of the number of chess plates on a chess game (8*8= 64 days total). The first chess plate has 1 corn, then the next is 2 corns, the third is 4, and the fourth is 8. The king thought to himself that this sounded quite fair, not to mention cheap. And so the payment went, over an exponential growth, day for day, reaching towards 8*8 = 64 days of payment, each day doubling up from the former day. As you might already imagine, this number becomes absolute massive already even before it reaches 64 pieces, or 64 days of payment. The peasant tricked the king, because it is normal for the human brain to think in linear patterns, and hard to think in other patterns, such as exponential growth, without insight and tools to do so. Basically, quantum computers calculation power are absolutely insane compared to traditional computers. Following an exponential growth, it won't be long before it catches up to traditional computers. Therefore, quantum computers will likely disrupt the entire world, never mind Qubes or companies, individuals, if no one is prepared, everyone will in all likelihood get disrupted, just like the king in the story was. We are not talking about some breakthrough here, it's just a matter of simple doubling of growth every year. It could go faster, it could even go slower. But we're already seeing the emergence of a pattern in growth in quantum computers. The time to raise the flags of concern, imho, is now, more than ever. Discussions are important, especially and even more so, outside quantum and encryption forums, in order to create awareness and discussions on a broader scale, being prepared, not getting disrupted. At this time, the cost of decrypting anything not immune to quantum computing, is going to become relatively cheap. If the emerging pattern of growth is going to continue anything it has already historically shown, then this is a call for red flags. It's not speculation, it's not conspiracy or thinfoil hat, this is real risk analysis. One cannot hide from full circle logic based in empirical data, it can't be called speculation, it's science. To be fair, we have limited amount of data to show predictability in quantum computing growth, but other empirical data can be used to show that it's likely going to speed up, not maintain growth or slow down. It's likely to accelerate, especially due to its exponential nature. And all this, everything, is without considering yet unimagined technological breakthroughs that might further speed everything up. Knowing technology's trackrecord, it's likely to happen as well. So I don't think it's fair to say only people with a lot of money and resources can crack encryption, we're talking about the near future here, where it's on the path to become much cheaper. Furthermore, this is not even including all the encrypted e-mails, encrypted chat messages, Tor network connection meta data, and so forth, everything, is easily stored on massive cloud servers, never to be deleted due to the economic of growth nature of Cloud servers. Basically, everything can be stored, and I'm not just talking about suspects here, I'm talking about everyone. Everything can be stored and saved. Now, if quantum computers eventually become cheap to perate, and everything points in that direction, then who will stop anyone storing all this data to decrypt everything they saved? Throw in an A.I. to analysis it all, and you got massive surveillance and a history record of people who thought they'd be safe for at least some years to come yet, but wasn't. Imagine the magnitude of impact in countries with dictator leadership, or if someone like hitler or stalin raised again whom were sick regarding hunting certain people with certain beliefs, killing millions of people. Imagine power like this in such people's hands? Horrible people are everywhere, while also many good and nice people are everywhere. But it takes a single misstep to create another scenario like this, WWI and WWII is hardly ancient history, and we hardly fixed the cause of war, it can still happen, even today. So, people like that, even with encryption, they can see everything about you from your past. This may not concern everyone, but it certainly does impact a lot of people, it's a nightmare remaining to explode in the future. Centralized technology is dangerous, it's increasingly moving power towards single organizations or single individuals. It's not very clear today, but it's a dangerous trend if it keeps up, especially after a few decades of technological development. Decentralized technology is key, to avoid few or single individuals to grasp power. Now, if we speak about encryption proof quantum computers, don't you think it's a good idea to start now, rather than wait? To be proactive rather than reactive? After all, if they can't decrypt it now, as it stands now, nothing keeps them from doing it in a few years time when quantum computers become cheap. If anything, we need quantum proof encryption, long, long before quantum computing decryption becomes a reality, especially for the type of data that is easy to obtain and store on servers, like the internet connections. If you do not worry for yourself, at the very least worry for the journalists, freedom and freedom of speech fighters, democracy advocates in places people are getting suppressed or worse, heavily suppressed. Awareness also raises money, investment, creative thoughts, into finding new ways to stop the cracking of encryption. It's not enough for the encryption experts to think about it, we need investment and money to go into the field, as well as people seeking carriers and similar into this field of study, not to mention companies rising to help tackle the issue, or demonstration towards our politicians whom are almost always slow to adapt to new technological threats. There are many reasons to discuss this outside encryption forums, there are many reasons to increase awareness, and to start discussions. Not to mention, also to warn people whom's life depend on encryption, not to be overly trusting in todays encryption keeping them safe, if their encryption data easily can be saved for later, to be cracked in the future. All this matters, and it should be discussed on all levels of society, not only inside the quantum labs and forums. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ae7ee086-d320-4522-a0a4-84cf9f4f68af%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
