Comments
Start Preparing Now for the Post-Quantum Future
Newest First  |  Oldest First  |  Threaded View
timhollebeek
50%
50%
timhollebeek,
User Rank: Author
1/2/2019 | 1:41:25 PM
Re: Classical is better
It is true that potential number-theoretic breakthroughs could threaten RSA before quantum computers do.  I know several experts who view this as an additional reason to move to post-quantum methods before that happens.

However, it is not true that smart people have ignored or neglected the problem of finding better classical factoring algorithms.  Plenty of effort has been expended by some extremely smart number theoreticians for a long, long time, yet 2048-bit numbers still cannot be factored in "minutes" as you suggest.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
12/29/2018 | 6:21:10 PM
trumping the 5G race
Making these trends all the more important is the notion that secure quantum communications will be the next big thing after 5G -- and, thus, critical to national security, as highlighted by a recent USAF report.

In particular, the report pointed to recent experiments involving a Chinese launched satellite from which tthe altering of quantum subparticles entangled with quantum subparticles on Earth affected the latter subparticles -- and further experimentation in that field by scientists around the globe.
fojo123
50%
50%
fojo123,
User Rank: Apprentice
12/29/2018 | 7:27:56 AM
Classical is better
"While some of the world's brightest minds are working on "quantum-safe" encryption mechanisms, the process will take time..."

 

It's all very well being "some of the world's brightest minds", but when number theoretic problems like integer factoriation are solved in practically fast polynomial time on classical computers, thanks to a very deep understanding of number theory translated into clever and efficient algorithms that can break RSA-1024, 2048 or 4096 in a matter of minutes, then quantum computers will become a rather moot point. It's like saying I can build a ten tonne hydraulic steam hammer press, and it can crack all types of nuts instantly, including cashews, walnuts, almonds and brazils, when in fact a small, hand-held vise-like tool can perform the job just as well, and with magnitudes less effort and expense. Added further to that, is the fact that with quantum computers, there's a form of 'quantum cop-out', where we have no greater understanding of number theory than we did before, we simply rely on quantum spookiness to solve our problems for us, instead of old fashioned ingenuity, tenacity and resilience when tackling difficult mathematical problems. You'd be suprised how far you could progress in solving these problems classically, if you but only tried. Maybe some old-fashioned discernment and wisdom would go a long way in general in the modern world. If as many people as are working on quantum computers, worked with as much effort and enthusiasm on understanding number theory problems, then these problems would have been solved satisfactorily quickly and efficiently many years ago, all the while increasing our insight into the nature of these problems, and having many important and useful corollaries and knock-on effects in other fields as well.   


Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
New Mirai Version Targets Business IoT Devices
Dark Reading Staff 3/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Reading Schneier's Friday Squid Blog again?
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.