
IBM Warns Quantum Computing Will Break Encryption - baal80spam
https:&#x2F;&#x2F;www.zdnet.com&#x2F;article&#x2F;ibm-warns-of-instant-breaking-of-encryption-by-quantum-computers-move-your-data-today<p>Quantum computers will be able to instantly break the encryption of sensitive data protected by today&#x27;s strongest security, warns the head of IBM Research. This could happen in a little more than five years because of advances in quantum computer technologies. &quot;Anyone that wants to make sure that their data is protected for longer than 10 years should move to alternate forms of encryption now,&quot; said Arvind Krishna, director of IBM Research.<p>Correct me if I&#x27;m wrong, but does it mean that my KeePass database that I uploaded on Dropbox is going to be broken in ~5 years time and I need to start changing my passwords right now?
======
megamindbrian2
Quick someone warn IBM they are only 15 years behind common knowledge.

------
schoen
If so, changing your passwords wouldn't help. You would need to use new
encryption algorithms which aren't implemented in KeePass yet.

[https://en.wikipedia.org/wiki/Post-
quantum_cryptography](https://en.wikipedia.org/wiki/Post-quantum_cryptography)

However, the biggest problems are about public-key encryption algorithms like
RSA, which are broken much more readily by quantum computing than symmetric-
key algorithms like AES. The security of KeePass password databases is mainly
protected by symmetric encryption rather than public-key encryption, and the
speedup achieved by quantum computers isn't as significant. Perhaps it's
already fairly safe?

Another thing to think about is whether Dropbox would expose your encrypted
files to an adversary who could then perform a quantum cryptanalysis (either
via attacks on the cryptography used to protect the data in transit between
you and Dropbox—which _does_ include public-key encryption, unlike KeePass
itself!), or by trying to compromise or coerce Dropbox itself into turning
over your data. The existence of a cryptanalytic attack against some algorithm
doesn't necessarily always mean that there will be adversaries in a position
to use that attack against each user and each message, session, or file.

------
olliej
This is a super iffy comment. Please don’t hurt me ;)

Quantum computers fundamentally don’t break everything, just things that
depend on problems that can be treated polynomial with respect to time, if you
can also be polynomial in terms of state.

Eg there is currently no known way to break any of the major symmetric
encryption algorithms (aes etc) beyond bruteforcing, which is faster on a
classical machine.

I believe that similar applies to general case of hashing.

Things get wonky once you can convert a O(x^N) problem into a O(N^x) problem
with state(N^x).

That’s functionally how things like shore’s algorithm works - each qubit can
represent a functionally infinite number of values so you can move from other
wise expentional number of components to a polynomial amount, so you can do a
pile of math and get a “probably correct” solution to the DLP, which is the
core problem for all current assymetric encryption algorithms.

What IBM is presumably trying to say is that all assymteric algorithms are
broken if you can get a functional quantum computer, which means getting 1000s
of qubits into a quantum state and maintaining that state through a large
computation. If that happens then any data that has been archived and
encrypted with an assymetric algorithm can be decrypted.

Any problem that also depends on DLP (all the crypto coins for instance) is
likewise broken.

------
dmfdmf
Changing password won't help. This IBM guestimate is probably an extrapolation
of recent advances but still a long way to go. It reminds me of the old adage
that fusion power is only 10 years away and has been for 50 years.

More importantly, it is likely that it will be a state sponsored agent
(~cough~ NSA ~cough~) who creates the first QC (and AI) rather than a private
endeavor. This means you will never hear of it so act accordingly but I think
you still have time.

------
tugberkk
No, you changing your passwords doesn't mean anything. Quantum computers will
be able to break asymmetric encryption, not symmetric ones such as AES.

Researchers are working on cryptographic systems for this, which are based on
algorithms that cannot be solved by quantum computers. (Called Post-Quantum
Cryptography)

Right now, asymmetric cryp. works on two computationally hard problems
(integer factorization and discrete logarithms -- RSA and ElGamal).

------
owebmaster
> Correct me if I'm wrong, but does it mean that my KeePass database that I
> uploaded on Dropbox is going to be broken in ~5 years time and I need to
> start changing my passwords right now?

2 decades ago we were already 5 years distance of quantum computing. THis is a
warning to the future generation similar to the Bible.

