back to article Pass the hash for peace, love and security in the quantum computing age

Digital signatures, one of the fundamental parts of cryptography, may one day be threatened by quantum computers – so crypto-boffins are busy devising schemes that can survive a post-quantum world. In a paper that's just landed at the International Association for Cryptologic Research, a group of UK and Belgian researchers are …

  1. Anonymous Coward
    Anonymous Coward

    "Today's hard problem, factoring very large prime numbers, is exactly what a quantum computer might achieve"

    Err... I can do that.

    (it's right lower down though)

    1. sitta_europea

      [Quote Anonymous Coward:]

      "Today's hard problem, factoring very large prime numbers, is exactly what a quantum computer might achieve"

      Err... I can do that.

      [/Quote]

      No you can't, unless you mean that prime numbers are, well, prime -- that is they don't have any factors other than 1 and the prime number itself.

      Which leads me to ask the author of the piece...

      1. Richard Chirgwin (Written by Reg staff)

        Factoring large prime ... oops

        Thanks for the correction; I have amended the sentence in question.

        Cheers,

        Richard Chirgwin

        The Register

  2. frank ly

    If quantum computing advances so much that it's a 'problem' in this way then quantum communication channels would also be quite easily available. I thought that one of the characteristics of a quantum entangled (quantangled?) channel was that you could tell if it had been intercepted,but it is relatively slow. So, they could send the secret symmetric key via a quantum-secure channel?

    1. Lee D Silver badge

      The problem is that they are two different parts of quantum mechanics.

      Though building a quantum machine might require entanglement in part, only a relatively tiny one, in a massive lab dedicated to it, is necessary to solve any prime factorisation problem thrown at it - basically as fast as you CAN throw them at it.

      Whereas quantum entanglement as security requires fibre optic connections - at the very least - and actual transmission and reception of quantum entangled photons between the sender and recipient in order to work.

      They are entirely different practical problems and having one does not automatically give you the other.

      Thus, the need for "quantum-proof" encryption will arrive long before you're connected by direct, unamplified, unrepeated, fibre-optic connection to every website you want to communicate with securely.

    2. brotherelf
      Boffin

      ISTR that quantum comms are untappable only if you can reliably transmit/receive single photons and that lab-scale attacks have been demonstrated because we don't. (But that may have easily been two or three years ago and quantum comms may have improved since.)

  3. Speltier

    Storage is Cheap

    If you can share the "keys", just share the one time pad. Not very scalable, and very 1940's, but it works. After all, storage is cheap, sharing several TB of suitable entropy random data is pretty simple once you get over the key distribution bit.

    Sig ver using key fragments. Kind of interesting, if you don't mind setting a level of confidence less than 100% that the sig verifies. On the other hand, sig ver is never really 100% in the figurative sense, since there is always the probability that the signing key was broken, purloined, or otherwise taken advantage of.

    Since state actors are as close as 2 years to QC breaking real system keys on a production basis (vs. now, on a onesy twosy experimental basis), PQC schemes are getting closer to desperately needed from being nice to have, or even blue sky.

  4. Tom 7 Silver badge

    I welcome any stronger encryption

    but I have yet to be told how a quantum computer can actually crack encryption. Being able to work out all the prime numbers simultaneously is not the same as knowing which one is actually the correct one.

  5. allthecoolshortnamesweretaken

    It's certainly a good thing to think about this now, and one way or another the results of the studies will teach us something. However, I won't start to worry until I see the first working quantum computer that is worthy of the name. And if it comes to the worst I'll start using henchmen to distribute one time pads for the really sensitive stuff.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020