On 4/2/2014 2:50 AM, Robert J. Hansen wrote:
Or someone builds a working quantum computer with many bits and
demonstrate a working decryption of RSA-2048 in a few seconds. :-)
Not likely in the near term... Maybe in 5000 years or so, but by then I
suspect computing as we know it will be ancie
> Or someone builds a working quantum computer with many bits and
> demonstrate a working decryption of RSA-2048 in a few seconds. :-)
Well, you'd need 4096 qubits in the ensemble, representing a state space
of something like 10^1233 (not a typo).
At that point I'm going to just give up and offer
On 02-04-2014 1:43, Robert J. Hansen wrote:
> I know, I know -- "I didn't mean 'how do *I* implement it,' I meant 'are
> *you* going to implement it.'" And the answer there is probably not,
> not unless someone like you gets the ball rolling in the above fashion.
Or someone builds a working quan
> Hi, is there any plan to include post-quantum cryptography ciphers such
> as McEliece and NTRU in GnuPG?
I am not a GnuPG developer: they will have the official word.
Unofficially, no. GnuPG tracks the RFCs published by the IETF Working
Group. If you want to see this, make a case for it to th
Hi, is there any plan to include post-quantum cryptography ciphers such as
McEliece and NTRU in GnuPG?
I know that NTRU is patented until 2020, but I found some C
implementations. It says that modifying the code it is possibile to have it
patent-free in 2017.
http://goo.gl/cQGavW
This is there o
On 4-1-2014 13:31, micha137 wrote:
> A spoofing organization is no fertile ground for true innovation. The
> real scientists, not the NSA are going to make progress in quantum
> computing. And it is not going to be as cheap as some tens of megabucks.
> Progress to get it pract
Hello, micha137.
You wrote 4 января 2014 г., 16:31:44:
m> They cheat, they bribe, they lie, they blackmail, they take polygraph
m> tests on each other but they don't invent.
As far as I know, NSA is biggest employer of mathematicians in the world. I
don't know about physics and q
They cheat, they bribe, they lie, they blackmail, they take polygraph tests on
each other but they don't invent.
A spoofing organization is no fertile ground for true innovation. The real
scientists, not the NSA are going to make progress in quantum computing. And it
is not going to be as
RSA keys),
possible advances in cryptology are nothing that would require key
lifetimes. Once you do not feel comfortable enough with your current
keylength anymore, you can simply revoke the key manually.
Actually, predicting possible advances in fields like quantum computing
is very hard, so it wou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
> ``never'' is in this case based on one case of provable secure scheme
> (that was notably difficult in implementation)?
I wouldn't be so quick to place blame on the difficulty of
implementing the one-time pad. Implementing the OTP is really pre
On 200704201113, Robert J. Hansen wrote:
> > Yeah, again. I completely agree on the practical aspect of it, but
> > would nevertheless like to see proofs of complexity that weren't
> > dependent on the current models of computations.
>
> I don't mean to sound flip, but as soon as you invent a hype
On Fri, Apr 20, 2007 at 01:57:46PM +0200, Anders Breindahl wrote:
> Saying that ``there is no such thing'' seems harsh and as if you ignore
> reality. The European Union put its hopes up for implementing a
> ``quantum cryptography'' network of communications. That sort of makes
> the term real in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
> Yeah, again. I completely agree on the practical aspect of it, but
> would
> nevertheless like to see proofs of complexity that weren't
> dependent on
> the current models of computations.
I don't mean to sound flip, but as soon as you invent
[ Please interrupt if this is getting too off-topic. ]
On 200704200441, Robert J. Hansen wrote:
> Anders Breindahl wrote:
> > Well. Yeah. But the thing that was and is fascinating about cryptography
> > is that it -- assuming some model of computing -- is ``provable too
> > hard'' to bypass. I'm w
Anders Breindahl wrote:
> Well. Yeah. But the thing that was and is fascinating about cryptography
> is that it -- assuming some model of computing -- is ``provable too
> hard'' to bypass. I'm worried that the future holds in store revolutions
> in computability that will shake those assumptions on
It is stunning that a lab curiosity continues to be mentioned over
and over again, not to mention to see venture capitalists dump money
after it.
BTW, none of this has anything to do with "Quantum Computing", which
may indeed yield breakthroughs someday in
on positive proofs, by which I mean those that
define what _is_ doable or assumable, rather than the negative proofs
that define what is undoable.
Both are convenient. However, the proofs that consolidate the security
of programs like gnupg, assume some model of computation... And in the
face of
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
> Which I also remarked in the original post. However, when (if?)
> commercial interests grab a hold of quantum computing, huge leaps in
> cost of production perhaps could be achieved, making memory-rich
> quantum
> computers abund
a 64-bit cipher... hard, but possible.
The executive summary being that increases in key sizes makes
traditional symmetric cryptography keep up with advances in quantum
computing, such as Grover's algorithm for searching the keyspace.
> > Then... It would seem that quantum computers poses
will depend a lot on implementation details.
What s2k algorithm is being used? What algorithm is
used to encrypt the secret key? What... etc., etc.
3. I've already explained why quantum computing is not
something we need to worry about. Be far, _far_ more
concerned with the
>Message: 4
>Date: Wed, 18 Apr 2007 19:56:48 -0500
>From: "Robert J. Hansen" <[EMAIL PROTECTED]>
>Subject: Re: Quantum computing
>Brute-forcing a 128-bit cipher using a traditional
>computer is a ridiculous proposition, but using Grover's, it
>be
e best way to defend against exhaustive key search in a quantum
world is to either (a) trust that quantum computing is going to
remain "in just a couple of years" for the next few decades (which
may very well be true), or (b) multiply your key sizes by a factor of 2.
The principal
On Wed, Apr 18, 2007 at 09:10:17AM +0200, Anders Breindahl wrote:
> On 200704172359, Robert J. Hansen wrote:
> > 1. We are unlikely to ever be able to brute-force a 256-bit
> > keyspace. Ever. Not until computers are made of something other
> > than matter, occupy something other than space,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
> Note that breaking Diffie-Hellman and other discrete logarithm based
> algorithms is thought to be nearly equivalent to factoring, but has
> not been proven to be so.
Going off the top of my head, the DLP is known to be greater than or
equal to
On 4/18/07, Anders Breindahl <[EMAIL PROTECTED]> wrote:
>
> However, I assume you know what you talk about, when you say that we
> aren't likely to factor 256-bit-numbers ever. So please restate that --
> even in the face of quantum computers -- we won't ever factor 256 bit
> numbers.
>
> By the wa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
> On 200704172359, Robert J. Hansen wrote:
>> 1. We are unlikely to ever be able to brute-force a 256-bit
>> keyspace. Ever. Not until computers are made of something other
>> than matter, occupy something other than space, run on something
>> oth
On 4/18/07, Ryan Malayter <[EMAIL PROTECTED]> wrote:
> Factoring, on the other hand, applies only to public-key RSA
> encryption. There "bits" mean something totally different; a bit of
> RSA key length is "worth less" than a bit of symmetric key length.
> Numbers have already been factored in the
On 200704172359, Robert J. Hansen wrote:
> 1. We are unlikely to ever be able to brute-force a 256-bit
> keyspace. Ever. Not until computers are made of something other
> than matter, occupy something other than space, run on something
> other than energy, according to rules other than phy
28 matches
Mail list logo
