

Post-Quantum Encryption No Longer a Laughing Matter - bpolania
http://techcrunch.com/2015/06/22/pq-solutions/?ncid=rss&utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Techcrunch+%28TechCrunch%29&utm_content=FaceBook#.zj1leu:V7sn

======
ryan-c
> Now we have three patented improvements on top to make it truly NP-hard.
> And… semantically secure

This pretty much means it won't become common before the patents expire if
ever.

------
geofft
Post-quantum crypto has never been a laughing matter of academic cryptographic
research. That said, PQ Solutions' software is. Their main site isn't quite
clear, but their app home page at [https://pq-chat.com/](https://pq-chat.com/)
spells out the problems clearly (starting with being an app home page):

1\. It's available on the App Store, for iOS devices, which is secured by
classical crypto. Anyone in their threat model (i.e., any attacker that would
only be defeated by post-quantum encryption) can just break the classical
signatures on App Store updates or iOS system updates and push out a
compromised version.

2\. From the FAQ ([https://pq-chat.com/faq](https://pq-chat.com/faq)):

> Does it mean access security is reliant on only a 5-digit PIN? > > Yes. We
> do offer additional security of access by using QR code, NFC or voice
> authentication. However, our research and user feedback indicate most users
> may not want a complicated way to get into the app. A 5-digit PIN seems to
> be an acceptable compromise between security and convenience.

You don't need a quantum computer to brute-force this. For the entire lifetime
of _this app_ , quantum computers will be slower at brute-forcing 100,000 PINs
than classical ones.

3\. From the FAQ:

> How can we tell if your app is safe? > > We appreciate a user may not want
> to trust a third party app. We have therefore incorporated a feature that,
> by pressing and holding a buddy’s name, all the text in the chat screen will
> be shown in Never-The-Same ciphertext in order to show you the encryption is
> working.

I hope it's obvious that this is both completely untrustworthy and
cryptographically useless. I'd dismiss this at marketing copy, but it's
clearly an implemented feature (hover over the "Never-The-Same" picture at
[https://post-quantum.com/pqchat](https://post-quantum.com/pqchat)), which
makes me worry about the technical background of the team in this discipline.

The TechCrunch article seems to be implying that PQ Solutions is going after
the enterprise / government market, which is a good market to go after, but
_you don 't need fancy crypto for that_. You just need a solid app that works
and uses the state of the art in public crypto, and also isn't a general-
audience chat app like WhatsApp so that IT doesn't block it. Any effort spent
on research for the long-term is effort not spent on making the company
sustainable. Go fight the government procurement and FIPS fights, get rich on
classical crypto, sell and quit, and spend your time working with the _public_
crypto community on research and on software development. Then you'll be
solving the hard problems of how to move the entire world, including the iOS
and App Store stack, HTTPS, etc., over to post-quantum encryption. Only in
that world will your app be able to defend against an actual threat.

Until then, talking about quantum computers is FUD -- FUD that might get you
money now, but constrain you to spending time on research that's going
nowhere.

