Re: Post quantum encryption question

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 





On 10/24/24 10:38 PM, Damien Miller wrote:
On Thu, 24 Oct 2024, Chris Rapier wrote:

Have people given thought to the private key encryption methods in light of
potential quantum attacks? While the recent paper about breaking 50bit RSA
doesn't pose a threat I've been thinking about future harvest now, decrypt
later attacks against CC20 and AES. Are there post quantum ciphers that can
effectively replace these available or in development? Is the threat still
too far off to be a serious concern?

Grover's search algorithm gives a cryptographically-relevant quantum
computer a quadratic speedup. This effectively halves the strength,
as expessed in bits, of symmetric ciphers and (I think) hash algorithms.

I.e. AES-256 would be "as strong" as AES-128, and AES-128 would be
reduced to 64-bit equivalent strength. The latter sounds pretty scary
but AIUI the attacker would need to perform close to 2^64 quantum
computations to break AES and that's still a huge expenditure.


This was my understanding as well but I am, like you, neither a cryptographer or a quantum physicist. That said, this came up and people had been asking me about the implications. So I thought I would ask here so I don't inadvertently give people bad information. In my world we mostly use encryption for authentication and some PHI, PII, and CUI but generally not anything that is of long term value that would make sense for a harvest/decrypt attack.

Thanks for the insight.


Chris
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux