@ Sandy Harris
On Friday, November 10, 2017 at 10:29:48 PM UTC, Sandy Harris wrote:
> On Fri, Nov 10, 2017 at 1:45 PM, Yuraeitha <[email protected]> wrote:
> 
> > Either way, cryptography protected by "structure", should be safe against a 
> > quantum computer, no? while all encryption without structure, would be 
> > extremely vulnerable to quantum computers?
> 
> I am not sure what you mean by "structure" in this context. If any of
> my guesses are correct, then I do not think that is the issue.
> 
> > Basically, long story short, is Qubes at risk in the near future of real 
> > quantum computing decryption attacks? For example, has there already gone 
> > thoughts or even development into securing Qubes against type of attacks 
> > like these?
> 
> I'm on several crypto mailing lists & follow the field fairly closely,
> though I would not claim to understand everything I read, let alone
> everything going on. As far as I can see, more-or-less everyone in the
> field agrees quantum computers are a serious threat in the long term,
> but no-one is much worried about threats in the next few years. Of
> course they could be wrong; neither AI researchers nor Go players
> thought a program that could win against top human players would turn
> up for decades, but then Google produced Alpha Go which did just that.
> A real paranoid would worry about whether some government lab already
> had a quantum computer capable of breaking a lot of crypto; my guess
> is that is not a realistic fear, but who knows?
> 
> The most worrisome threat is that a large enough (a few thousand
> q-bits) quantum machine breaks RSA public key encryption. RSA relies
> on sufficiently large semi-primes (products of two primes) being hard
> to factor. See https://en.wikipedia.org/wiki/Integer_factorization for
> background. There are about a dozen known methods for finding the
> factors, but on classical computers none that are efficient in the
> general case. On a quantum computer, though, there is a known
> efficient algorithm https://en.wikipedia.org/wiki/Shor%27s_algorithm
> so a big enough quantum machine breaks RSA.
> 
> That is a huge threat since RSA is very widely used. PGP, IPsec,
> Secure DNS, SSL & SSH (or at least most variants) all fall if RSA
> does. There are other public key methods that might replace RSA, but
> it is not clear they are safe either.

Let me try rephrase the structure part, I may not have understood it correctly, 
and I can tell you know more than I do about encryption, so let me try emphasis 
the quantum part, which may or may not be right. I'm curious whether or how it 
can fit into encryption, so this is kind of a thought experiment. The logic in 
this analogy I'm sure you already know, but I want to use the analogy's 
conclusion to make a point afterwards, so here goes. Using a massive labyrinth 
analogy to solve a decryption calculation, a traditional classic computer can 
only seek one path at a time (1/0 on/off transistor logic), and if it's a dead 
end, it has to return to try another path, each turn, or dead end, being a 
calculated 1/0 state of information. A quantum computer can do many or even all 
paths at once in a single calculation instant, with having multiple or 
exponentially many states between 1/0, thereby following multiple of paths, 
resulting in a lot of dead ends, but at the same time discovering the single 
path out of the massive labyrinth, all in a few or a single calculation, 
depending on how many qubits the quantum computer has available. 

It's a bit simplified, but enough to make the analogy point. SO, by structure, 
I mean, what if the labyrinth is full of closed doors, where you need to solve 
puzzles that are possible to solve with numbers? But instead use something like 
human thought logic pattern? This would require either a human or a 
sophisticated A.I. to solve, but it's also more akin to that of a traditional 
computer, patterns, structures, based in many 1/0 forming a structure, and the 
answer can only be found if maintaining this structure all at once. A quantum 
computer cannot do that, right? If I understood it correctly, a quantum 
computer may be truly scary in its insane calculative power, but, it's by no 
means capable of being "smart", at the very least, not on its own. 

Where my knowledge of how encryption works, truly falls apart, is regarding the 
need of near-perfect or the not reached difficult to archive, perfect entropy. 
The more entropy, or chaos without structure and order, the harder it becomes 
to predict anything, and the harder it becomes to crack an encryption. This 
much is correctly understood I assume? So, if putting in roadbloacks for the 
quantum computer, which it cannot calculate, it significantly slows down it's 
quantum speed. Even if introducing a classic computer or A.I. to work together 
with the quantum computer, if the road blocks are difficult enough, it would 
overall slow down the quantum computer enough to make it impossible to crack 
the encryption. But doesn't roadblocks, or "structure" reduce the entropy? 
Thereby making it easier to crack? As such, is this not correctly understood? 
or is it instead a paradox akin to catch-22 paradox logic? 

Perhaps such roadblocks, if they are feasible, does not hurt the entropy 
itself? 

Thanks a lot for the info, real life cases, and wiki links btw, will definitely 
have to look into it further to learn more.


[email protected]
On Friday, November 10, 2017 at 10:51:08 PM UTC, [email protected] wrote:
> In this case you should ask the luks/dmcrypt mailinglist as that is what 
> qubes uses for disk crypto.
> 
> I doubt anyone here bar the internets favorite folk hero "kedward 
> howden" would piss off some company/government enough for them to spend 
> the hundreds of thousands of dollars one to rent such a machine.

Yes indeed, but as mentioned, I'm putting up the discussion here despite having 
mentioned more appropriate forums. I'm not only seeking answers, but also 
concerned about the collective awareness. 

I'm not worried about today or even tomorrow, rather I'm worried about next 
year or the few short years to come. Consider this instead. Imagine the old 
story of the king asking the peasant what he'd like for reward from his good 
deeds to the king and the kingdom. The peasant then suggests, that he'd like a 
portion of corn every day for the duration of the number of chess plates on a 
chess game (8*8= 64 days total). The first chess plate has 1 corn, then the 
next is 2 corns, the third is 4, and the fourth is 8. The king thought to 
himself that this sounded quite fair, not to mention cheap. And so the payment 
went, over an exponential growth, day for day, reaching towards 8*8 = 64 days 
of payment, each day doubling up from the former day. As you might already 
imagine, this number becomes absolute massive already even before it reaches 64 
pieces, or 64 days of payment. The peasant tricked the king, because it is 
normal for the human brain to think in linear patterns, and hard to think in 
other patterns, such as exponential growth, without insight and tools to do so.

Basically, quantum computers calculation power are absolutely insane compared 
to traditional computers. Following an exponential growth, it won't be long 
before it catches up to traditional computers. Therefore, quantum computers 
will likely disrupt the entire world, never mind Qubes or companies, 
individuals, if no one is prepared, everyone will in all likelihood get 
disrupted, just like the king in the story was.

We are not talking about some breakthrough here, it's just a matter of simple 
doubling of growth every year. It could go faster, it could even go slower. But 
we're already seeing the emergence of a pattern in growth in quantum computers. 
The time to raise the flags of concern, imho, is now, more than ever. 
Discussions are important, especially and even more so, outside quantum and 
encryption forums, in order to create awareness and discussions on a broader 
scale, being prepared, not getting disrupted. 

At this time, the cost of decrypting anything not immune to quantum computing, 
is going to become relatively cheap. If the emerging pattern of growth is going 
to continue anything it has already historically shown, then this is a call for 
red flags. It's not speculation, it's not conspiracy or thinfoil hat, this is 
real risk analysis. One cannot hide from full circle logic based in empirical 
data, it can't be called speculation, it's science. To be fair, we have limited 
amount of data to show predictability in quantum computing growth, but other 
empirical data can be used to show that it's likely going to speed up, not 
maintain growth or slow down. It's likely to accelerate, especially due to its 
exponential nature. And all this, everything, is without considering yet 
unimagined technological breakthroughs that might further speed everything up. 
Knowing technology's trackrecord, it's likely to happen as well.
So I don't think it's fair to say only people with a lot of money and resources 
can crack encryption, we're talking about the near future here, where it's on 
the path to become much cheaper. Furthermore, this is not even including all 
the encrypted e-mails, encrypted chat messages, Tor network connection meta 
data, and so forth, everything, is easily stored on massive cloud servers, 
never to be deleted due to the economic of growth nature of Cloud servers. 
Basically, everything can be stored, and I'm not just talking about suspects 
here, I'm talking about everyone. Everything can be stored and saved. Now, if 
quantum computers eventually become cheap to perate, and everything points in 
that direction, then who will stop anyone storing all this data to decrypt 
everything they saved? Throw in an A.I. to analysis it all, and you got massive 
surveillance and a history record of people who thought they'd be safe for at 
least some years to come yet, but wasn't.
Imagine the magnitude of impact in countries with dictator leadership, or if 
someone like hitler or stalin raised again whom were sick regarding hunting 
certain people with certain beliefs, killing millions of people. Imagine power 
like this in such people's hands? Horrible people are everywhere, while also 
many good and nice people are everywhere. But it takes a single misstep to 
create another scenario like this, WWI and WWII is hardly ancient history, and 
we hardly fixed the cause of war, it can still happen, even today. So, people 
like that, even with encryption, they can see everything about you from your 
past. This may not concern everyone, but it certainly does impact a lot of 
people, it's a nightmare remaining to explode in the future. 

Centralized technology is dangerous, it's increasingly moving power towards 
single organizations or single individuals. It's not very clear today, but it's 
a dangerous trend if it keeps up, especially after a few decades of 
technological development. Decentralized technology is key, to avoid few or 
single individuals to grasp power.

Now, if we speak about encryption proof quantum computers, don't you think it's 
a good idea to start now, rather than wait? To be proactive rather than 
reactive? After all, if they can't decrypt it now, as it stands now, nothing 
keeps them from doing it in a few years time when quantum computers become 
cheap. If anything, we need quantum proof encryption, long, long before quantum 
computing decryption becomes a reality, especially for the type of data that is 
easy to obtain and store on servers, like the internet connections. 

If you do not worry for yourself, at the very least worry for the journalists, 
freedom and freedom of speech fighters, democracy advocates in places people 
are getting suppressed or worse, heavily suppressed.

Awareness also raises money, investment, creative thoughts, into finding new 
ways to stop the cracking of encryption. It's not enough for the encryption 
experts to think about it, we need investment and money to go into the field, 
as well as people seeking carriers and similar into this field of study, not to 
mention companies rising to help tackle the issue, or demonstration towards our 
politicians whom are almost always slow to adapt to new technological threats. 

There are many reasons to discuss this outside encryption forums, there are 
many reasons to increase awareness, and to start discussions. Not to mention, 
also to warn people whom's life depend on encryption, not to be overly trusting 
in todays encryption keeping them safe, if their encryption data easily can be 
saved for later, to be cracked in the future. All this matters, and it should 
be discussed on all levels of society, not only inside the quantum labs and 
forums.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/ae7ee086-d320-4522-a0a4-84cf9f4f68af%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to