Hacker News new | past | comments | ask | show | jobs | submit login

This echoes my thoughts on the matter. I'm weakly pessimistic I'll live to see RSA 4096 broken in my lifetime. I'm also weakly pessimistic I'll see RSA 2048 broken in the next two decades.

It's a funny place to be in for me, because I'm generally skeptical the majority of my research will be practically useful in any meaningful way in the near term :)




I do some QC research. With the need for error correction, cracking real world encryption will require millions of qubits and that’s unimaginable from where we are. I’d be surprised by 20 years and impressed by 50.

Note however that cracking crypto is unlikely to turn out to be super exciting - really secure systems have moved on and there will be plenty of time to upgrade before QC is widespread.

There are exciting applications of QC that are less than a decade away, eg quantum simulation.


The problem is that if you assume your encrypted traffic is being collected and stored today, and you want it to stay secret indefinitely, and you anticipate quantum computers will break discrete-log-based crypto in 20 years, then you need to deploy a post-quantum cryptosystem today.


This is a problem we face training activists and journalists in a number of countries. Esp places like China, Russia etc. We have to work hard to help people get the idea that a lot of the encrypted, password protected stuff etc they send now is potentially at risk in 5-10+ years. To a certain extent (but different context obviously), the lessons of the Venona Project comes to mind.


IIRC that's one of the big things the NSA's data center was doing - storing Tor traffic with the assumption QC could break the public key crypto and either see where it was going/coming from or maybe even what was being sent (traffic itself)?


So use TOR today but expect a knock at the door sometime in the next 10 years, Scary Thought!


Take what I say with a grain of salt, I'm not a cryptographer.

It's my understanding the onion routing (what went where) could be cracked since it uses public key. The data itself may be fine because it uses private key, but if you sent the private key using a public key then you may be burned (IIRC there's a protocol where you send the symmetric key using public key crypto then fall back to private key since it's faster)


That’s correct, and to the best of my knowledge such traffic does indeed use post quantum encryption.


Quantum accelerated deep learning would be awesome too.


That’s the way basic research works, across the sciences. Working on an interesting problem? It might be useful to someone in twenty years. If you’re lucky.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: