
NSA Plans to Develop Encryption That Could Stump Quantum Computers - jonbaer
http://www.wired.com/2015/09/tricky-encryption-stump-quantum-computers/
======
deftnerd
Because of the NSA'S ability to scoop up the most brilliant cryptographers,
they're one of the few powerhouses that have the ability to put together a
team effort to accomplish this.

Unfortunately, they've shown in the past a clear desire to sabotage
implementations to include weaknesses that only they or perhaps other large
state actors can take advantage of.

Any implementation of a quantum-resistant cryptography will face a large
uphill battle in terms of trust.

~~~
kzrdude
See [http://pqcrypto.org/](http://pqcrypto.org/) for non-NSA work on post
quantum crypto.

~~~
signaler
A lot of poaching can be seen at crypto conferences, where attackers like to
show off their GPU clusters and arrays of server racks which should have hard-
drives and ethernet, but are now packed with custom PS3s for the express
purpose of breaking weak keys

------
signaler
It would be interesting to see how some crypto implementations would respond
to a quantum attack. I know some implementations that give you back a
different message for each key tried, so with a quantum attack there is the
possibility of similar-looking messages been shown. So for example, I encrypt
a picture of a sunflower, and when running a quantum attack, I get back two
different images of a sunflower, and the attacker must then infer which one is
the 'encrypted' one and which one is noise. Also why have time horizon
solutions/attacks when we already have stego?

------
remarkEon
-> Quantum computers, once seen as a remote theoretical possibility, are now widely expected to work within five to 30 years.

Not my field of expertise so forgive the ignorance, but am I wrong to think
that "five to 30 years" seems like a large spread? How close are we really to
quantum computing?

~~~
plonh
Quantum computers are well understood and prototyped by experts in the field.
What most people don't understand is that Q cannot solve NP-hard problems in
polynomial time.

------
dumael
The NSA are doing this now?

I was friends with someone in TCD (Ireland) who did this work >3 years ago.

