[Cryptography] NSA looking for quantum-computing resistant encryption. How will encryption be affected by quantum computing

Stephen Farrell stephen.farrell at cs.tcd.ie
Sun Sep 6 17:32:04 EDT 2015

On 06/09/15 06:43, Jon Callas wrote:
> Another option, which I believe when I’m grumpy is that after years
> of pushing us to ECC over RSA, they’ve decided that the NIST curves
> have problems. Maybe the math crowd fessed up to the IA people about
> the break they’ve been sitting on. Maybe some other issue.
> And so at this point, they’re saying, "Look, over there, it’s
> Halley’s Comet!" and getting us distracted from the real point, which
> is that maybe RSA 3K is okay, or get a new curve.

That action doesn't require there to be any real issue with the NIST
curves though. If I were to construct a conspiratorial reason for NSA
to encourage a move to some yet-to-be-developed post-quantum crypto,
it'd be more along the lines that they whatever subset of them are in
the ascendency now conclude that they benefit if they discredit current

However, as we've all said, we've no real information. And what NSA or
any capable government merely assert can't be considered as trustworthy
information, which is entirely their own fault.

So, my conclusion is very similar to Peter's - post-quantum crypto seems
like a good research topic for now, no more.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150906/3698a0c6/attachment.sig>

More information about the cryptography mailing list