wirral forums

When Logins Become Redundant

Posted By: diggingdeeper

When Logins Become Redundant - 24th Sep 2019 7:10am

Google has successfully run a program on a quantum computer, it took 200 seconds, the fastest super-computer would have taken 10,000 years to run the same program.

The impact of this is huge, because all currently used encryptions become quickly crackable, every system that use passwords is now insecure, this includes fingerprint, retina scans, facial recognition etc because at the end of the day those technologies encode as a static digital "password".

It would be a massive step backwards for society to lose the benefits of general networks (ie all secure use of the internet).

Mathematicians are sure they have created new "quantum-safe" encryption methods but that defies some basic logic, over time they are bound to become less secure, the more a secure connection is used, the less secure it becomes.

It will be interesting where this leads to, I can only see that multiple networks will be a solution, at least temporarily, using two or more independent networks can make things a lot more secure, this may have already been realised and would account for why 5g and the fibred/wired internet seem to be planned to co-exist.

Posted By: granny

Re: When Logins Become Redundant - 24th Sep 2019 7:52am



What's the point of it ? How fast is everything needed ? Share's will be rocketing, and plummeting within split seconds ... maybe I don't understand, and have to admit there is no 'maybe' about it !

Just don't let them near a nuclear button, with their all new, all singing, all dancing, super fast technology. No recalls for errors ?
Posted By: diggingdeeper

Re: When Logins Become Redundant - 24th Sep 2019 1:51pm

Originally Posted by granny


What's the point of it ? How fast is everything needed ?


Weren't you complaining about the speed of your computer not long ago? The idea of waiting for a computer to do anything is a waste of life, if you total up how many hours you lose it would probably be scary.

The relatively "good" guys have to stay ahead otherwise the "baddies" will be ahead and screw everybody up, I wouldn't be surprised if there aren't already a more than a few super-computers just sitting there rolling money in.
Posted By: Excoriator

Re: When Logins Become Redundant - 24th Sep 2019 5:05pm

Beware the hype.

Just because it can run one selected task at mind-buggering speed doesn't make it a fast general-purpose computer.

The point of the high speed is that the key distribution method - the thing that allows you to communicate securely and make secure transactions - relies on the product of two large primes (10,000 digits long) These primes are kept secret and finding out what they are when you have only their product is very time consuming. Too long for a criminal to even try. A quantum computer would reduce this time to a tiny fraction.

It's worth noting that all this applies only to the key. The actual encryption is done using a freely available encryption algorithm, and cracking an encrypted message if you don't know the key is NOT well suited to what a Quantum computer can do.
Posted By: diggingdeeper

Re: When Logins Become Redundant - 24th Sep 2019 8:35pm

Whilst google's quantum computer is not generally programmable, it is a proof of concept that a non-trivial algorithm can be programmed and run. The shear speed makes it suitable as a brute force attack on all common forms of encryption in use today.

Factorising extremely large numbers into primes is right up a quantum computer's street, it is not complex it just takes a lot of calculations although some short cuts are known.

There are already programmes on conventional computers to hack these encryptions (DES and AES), they are only secure because those programmes currently take too long.

Now that quantum computers are looking feasible, people might store encrypted data knowing that in a few years time they will be able to crack it.

The next planned encryption was going to be elliptical based ECC instead of prime based AES (which iirc didn't have to be primes, maybe just co-primes?) but that may need to be skipped now.
Posted By: granny

Re: When Logins Become Redundant - 24th Sep 2019 10:01pm

Originally Posted by diggingdeeper
Originally Posted by granny


What's the point of it ? How fast is everything needed ?


Weren't you complaining about the speed of your computer not long ago? The idea of waiting for a computer to do anything is a waste of life, if you total up how many hours you lose it would probably be scary.




I was not complaining about the speed of my computer in general, as it is good. It's Wikiwirral that sends it on slow motion. Still does , and it's annoying beyond belief at times. No other site, email, or anything else is one bit slow. If it went any faster it would be like the speed of light. ... well maybe not, but it's good.
Posted By: Excoriator

Re: When Logins Become Redundant - 29th Sep 2019 10:09am

Elliptic curve cryptography is, basically, RSA done in operations over elliptic curves rather than over integer fields, and can be cracked by factoring numbers into primes too. There are good engineering reasons for choosing ECC which allows larger numbers to be used making it more secure, but otherwise it's the same thing.

These are both are used for establishing the same key at both ends of the link which is then used in a quite separate encryption algorithm. They are key distribution algorithms, and it is these that are being attacked by quantum computers.

AES is the currently preferred algorithm, but it has nothing to do with prime numbers, and it is unlikely that quantum computers could do any more than a conventional computer in attacking them

I attended the conferences in which AES was selected as the replacement for DES, and although nobody could find a way to crack it, there is some suspicion that as the selection process was all run by NIST - an American government agency - who laid down various requirements for the algorithm such as key size, and the fact that it had to be a 'block cipher' for instance might lead one to suspect that the US government might have a backdoor. AES was selected by a vote by the delegates from industry and academe, which I am sure was an honest one, but I wonder if perhaps NSA have a way of cracking ANY block cipher for instance?

Public key distribution is what makes commerce possible on the internet, and if it becomes possible to buy quantum computers from Currys, we might have a problem. However, were - say - DD and Granny to meet and privately agree to the same key, they could communicate using AES without any fear of their messages being hacked. (Except possibly by the US government)
© 2019 Wirral - wikiwirral.co.uk