Dan GoodinGoogle is dramatically shortening its deadline readiness for the arrival of Q Day, the point at which existing quantum computers can break public-key cryptography algorithms that secure decades’ worth of secrets belonging to militaries, banks, governments, and nearly every individual on earth.
the esoteric programmer@dangoodin and do we have any further actual advancements than well, this quantum computer reversed sha1, but with considerably more engineering and compute power than a regular computer doing the same thing? That's the last info I have on the topic, and that's not very impressive. Unless they solved keeping QBits stable for a long enough time which they didn't from what I know, I don't think they can crack even something simple like RSA with a very low key length.
Well, for starters, did you read the Google research from last June? It's linked in the article.
@dangoodin nope, looking into it rn, the last I saw on this topic is a quantum computer broke sha1
Do you have a link? Quantum computing doesn't break hash algorithms, although I think it may help create collisions. Maybe @sophieschmieg knows.
Sophie Schmieg@dangoodin @esoteric_programmer yeah, the SHA1 breakage happened with good old transistor based classical computers: https://csrc.nist.gov/news/2017/research-results-on-sha-1-collisions
Quantum attacks on hash functions exist, but are not considered feasible in practice, similar to attacks on other symmetric cryptography, the quantum advantage is very small in this case, just an asymptotically polynomial speedup, that is not believed to be an actual speedup for the sizes in use. This differs from asymmetric cryptography (RSA and elliptic curves), where quantum computers have an exponential advantage over the best known classical algorithms.
Quantum attacks on hash functions exist, but are not considered feasible in practice, similar to attacks on other symmetric cryptography, the quantum advantage is very small in this case, just an asymptotically polynomial speedup, that is not believed to be an actual speedup for the sizes in use. This differs from asymmetric cryptography (RSA and elliptic curves), where quantum computers have an exponential advantage over the best known classical algorithms.
@sophieschmieg @dangoodin ah, interesting! I seem to remember someone saying that quantum computers managed to break sha1 already, spreading FUD about regular encryption and how close we are to everyone's encryption being broken, even though this was already done previously with regular computers. I can't find that article anymore indeed, but the one linked above is the one I was thinking of about doing this with normal computers. I'm trying to read the paper linked to in the article at the top of this thread, but the formatting is a bit weird, at least when reading it with the Firefox PDF viewer, and also the mathematical proofs are rendered with Unicode symbols instead of something that would translate to math ML, making it harder for the screenreader to access it, but I'm getting to understand the basics at least. Thing is, a lot of hype about quantum computers, and FUD about regular ones being obsolete in many instances already, were spreading in the past, same about blockchain and so on, that it's hard to take this stuff seriously anymore, so it's good that more papers from the people actually working with this stuff are being published.