https://access.redhat.com/blogs/766093/posts/3031361?sc_cid=7016000000127ECAAY

The SSL/TLS protocol uses RSA, Diffie-Hellman (DH) or Elliptic Curve Diffie-Hellman (ECDH) primitives for the key exchange algorithm.

RSA is based on the fact that when given a product of two large prime numbers, factorizing the product (which is the public key) is computationally intensive, but a quantum computer could efficiently solve this problem using Shor’s algorithm. Similarly, DH and ECDH key exchanges could all be broken very easily using sufficiently large quantum computers.

For symmetric ciphers, the story is slightly different. It has been proven that applying Grover’s algorithm the strength of symmetric key lengths are effectively halved: AES-256 would have the same security against an attack using Grover’s algorithm that AES-128 has against classical brute-force search. Hashes are also affected in the same way symmetric algorithms are.

Therefore, we need new algorithms which are more resistant to quantum computations. This article introduces you to 5 proposals, which are under study.

## 2 Comments

## Tomi Engdahl says:

World’s Leading Physicist Says Quantum Computers Are “Tools of Destruction, Not Creation”

by Patrick Caughill on August 9, 2017

https://futurism.com/worlds-leading-physicist-says-quantum-computers-are-tools-of-destruction-not-creation/

Weapon of Mass Disruption

Quantum Computers are heralded as the next step in the evolution of data processing. The future of this technology promises us a tool that can outperform any conventional system, handling more data and at faster speeds than even the most powerful of today’s supercomputers.

However, at the present juncture, much of the science dedicated to this field is still focused on the technology’s ultimate utilization. We know that quantum computers could manage data at a rate that is remarkable, but exactly what kind of data processing will they be good for?

This uncertainty raises some interesting questions about the potential impact of such a theoretically powerful tool.

“No encryption existing today would be able to hide from the processing power of a functioning quantum computer.”

Last month, some of the leading names in quantum technologies gathered at the semi-annual International Conference on Quantum Technologies in Moscow. Futurism was in attendance and was able to sit and talk with some of these scientists about how their work is moving us closer to practical quantum computers, and what impact such developments will have on society.

What is it about quantum computers that would incite such a claim? In the end, it comes down to one thing, which happens to be one of the most talked about potential applications for the technology: Breaking modern cryptography.

With Great Power…

Today, all sensitive digital information sent over the internet is encrypted in order to protect the privacy of the parties involved. Already, we have seen instances where hackers were able to seize this information by breaking the encryption. According to Lvovsky, the advent of the quantum computer will only make that process easier and faster.

In fact, he asserts that no encryption existing today would be able to hide from the processing power of a functioning quantum computer. Medical records, financial information, even the secrets of governments and military organizations would be free for the taking—meaning that the entire world order could be threatened by this technology.

The consensus between other experts is, essentially, that Lvovsky isn’t wrong. “In a sense, he’s right,” Wenjamin Rosenfeld, a physics professor at the Ludwig Maximilian University of Munich, stated in an interview. He continued, “taking a quantum computer as a computer, there’s basically not much you can do with this at the moment;” however, he went on to explain that this may soon be changing.

To break this down, there are only two quantum algorithms at the moment, one to allow a quantum computer to search a database, and the other, Shor’s algorithm, which can be used by a quantum computer to break encryption.

Quantum computers may not be capable of the physical destruction of a nuclear bomb, but their potential application is the digital equivalent.

## Tomi Engdahl says:

Joshua Holden / Nautilus:

How quantum computers will speed up the breaking of public-key cryptography and how “post-quantum cryptography” researchers are trying counter that threat

How Classical Cryptography Will Survive Quantum Computers

http://nautil.us/blog/-how-classical-cryptography-will-survive-quantum-computers

Some are looking at ways to “fight quantum with quantum”—but there is another (and cheaper) option.

The methods of post-quantum cryptography have not been used in the past because they are less efficient than current public-key methods, but they are getting better. In August 2015, the N.S.A. announced that it was planning to introduce a list of approved cryptography methods that would resist quantum computers. In April 2016, the National Institute of Standards and Technology followed suit, starting a public vetting process lasting 4 to 6 years.

That’s not an unreasonable amount of time to need in order to be sure that a cryptographic method is really secure.

Four to six years is also not an unreasonable amount of time to wait for a new cryptographic standard. Government agencies are concerned about protecting data that might have to remain secure for decades into the future, so they are preparing now for computers that could still be 10 or 20 years into the future.

If you are worried about quantum criminals getting your credit card number off of the Internet, you can breathe a little easier. When quantum computers come, cryptographers expect to be ready for them. And you will be able to keep shopping safely without buying your own quantum computer, although I’m sure Amazon will be happy to sell you one.