More on the RSA crack by new quantum approach paper

Peter Fairbrother peter at tsto.co.uk
Sun Jan 8 19:37:29 PST 2023 

On 09/01/2023 02:11, professor rat wrote:
> I don't enjoy becoming the boy who cried quantum wolf since I was a quantum-quackery debunker for years.
> However - the threat is now verifiable - the threat is real  - and it consists of several looming factors, this present paper making up only a tiny part.  In the interests of enlightened self-intertest please consider the following . . .

> 1) Quantum computing advances into the realms of theoretical attacks on RSA

Not practical attacks. Give it 15 years, maybe.

> 2) Increased will to mobilize the resources by a ' pariah alliance ' that includes Russia,  the DPRK and Iran.

More like the US, UK, EU, China etc who are pumping billions into QC 
research.

> 3) Increased value of ' the Prize ' - this used to be ME oil - now its Satoshi's stash the public keys for which may be vulnerable.  

The value of Satoshi's keys would be lost in the noise of the overall 
value of breaking RSA. I don't actually know, are they 2048-bit RSA?

[...] So long as anyone looks to c-punks for leadership we're obliged to 
perform at our highest standard - yes?

Agreed. The same is or should be true for cryptographers and 
cryptologists and security people generally. And I agree that we should 
be advocating and using QR crypto, now.

But I don't see any immediate change in the threat. Or good well-tested 
(by Schneier's Law) QR examples.

15 years? Some secrets (like Satoshi's keys) should last a lot longer 
than that, and we should all be advocating using 256-bit symmetric 
crypto now.

But Rindjael-256 rather than AES-256, please.



As for asymmetric crypto like signatures and key agreement, if it's 
important - well, either be aware of the danger or ... don't use it. 
There are no widespread supposed-to-be-QR asymmetric algorithms that I 
would trust right now.



> Bottom line - quantum crypto is the gold standard and the more there is of it the more cryptoanarchy.

Or more and better normal archic person's crypto? Don't see why it 
should particularly be anarchic..?

Peter Fairbrother

More information about the cypherpunks mailing list