More on the RSA crack by new quantum approach paper
Peter Fairbrother
peter at tsto.co.uk
Sun Jan 8 19:37:29 PST 2023
On 09/01/2023 02:11, professor rat wrote:
> I don't enjoy becoming the boy who cried quantum wolf since I was a quantum-quackery debunker for years.
> However - the threat is now verifiable - the threat is real - and it consists of several looming factors, this present paper making up only a tiny part. In the interests of enlightened self-intertest please consider the following . . .
> 1) Quantum computing advances into the realms of theoretical attacks on RSA
Not practical attacks. Give it 15 years, maybe.
> 2) Increased will to mobilize the resources by a ' pariah alliance ' that includes Russia, the DPRK and Iran.
More like the US, UK, EU, China etc who are pumping billions into QC
research.
> 3) Increased value of ' the Prize ' - this used to be ME oil - now its Satoshi's stash the public keys for which may be vulnerable.
The value of Satoshi's keys would be lost in the noise of the overall
value of breaking RSA. I don't actually know, are they 2048-bit RSA?
[...] So long as anyone looks to c-punks for leadership we're obliged to
perform at our highest standard - yes?
Agreed. The same is or should be true for cryptographers and
cryptologists and security people generally. And I agree that we should
be advocating and using QR crypto, now.
But I don't see any immediate change in the threat. Or good well-tested
(by Schneier's Law) QR examples.
15 years? Some secrets (like Satoshi's keys) should last a lot longer
than that, and we should all be advocating using 256-bit symmetric
crypto now.
But Rindjael-256 rather than AES-256, please.
As for asymmetric crypto like signatures and key agreement, if it's
important - well, either be aware of the danger or ... don't use it.
There are no widespread supposed-to-be-QR asymmetric algorithms that I
would trust right now.
> Bottom line - quantum crypto is the gold standard and the more there is of it the more cryptoanarchy.
Or more and better normal archic person's crypto? Don't see why it
should particularly be anarchic..?
Peter Fairbrother
More information about the cypherpunks
mailing list