this post was submitted on 15 Jul 2023
43 points (95.7% liked)
Asklemmy
43855 readers
1852 users here now
A loosely moderated place to ask open-ended questions
Search asklemmy ๐
If your post meets the following criteria, it's welcome here!
- Open-ended question
- Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
- Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
- Not ad nauseam inducing: please make sure it is a question that would be new to most members
- An actual topic of discussion
Looking for support?
Looking for a community?
- Lemmyverse: community search
- sub.rehab: maps old subreddits to fediverse options, marks official as such
- !lemmy411@lemmy.ca: a community for finding communities
~Icon~ ~by~ ~@Double_A@discuss.tchncs.de~
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Quantum computers are nowhere near usable for breaking classical cryptography at the moment, though opinions on how soon it will come vary. As others have said, we have quantum resistant algorithms ready to go, so future encryption is fine.
The greater concern is that a lot of traffic and data encrypted using classical algorithms has been logged or stored in various mediums. An old encrypted drive, or communications stored by nation state actors (the NSA and such). These will be broken, and a lot of past secrets might come out from hiding.
All of these use ciphers that are only affected by Grover's algorithm. This basically halves the exponent on your key space (so instead of 2^128 keys you only have 2^64 keys), however this doesn't necessarily mean that the algorithm is faster than a good parallel brute force on classical computers.
The more problematic algorithms are the ones affected by Shor's algorithm, which are all algorithms in broad use today that involve some sort of agreeing on a shared secret.
I'm not well versed on the speed of Grover's over classical brute force. According to NIST this is correct! Thanks for the addition.