[Cryptography] Is "perfect forward secrecy" the biggest fraud of last decade?
Tom Mitchell
mitch at niftyegg.com
Tue Aug 28 22:03:21 EDT 2018
On Tue, Aug 28, 2018 at 1:45 PM, Ismail Kizir <ikizir at gmail.com> wrote:
> IBM warns of instant breaking of encryption by quantum computers:
> 'Move your data today':
>
> https://www.zdnet.com/article/ibm-warns-of-instant-breaking-
> of-encryption-by-quantum-computers-move-your-data-today/
>
>
> I think that the concept of "perfect forward secrecy" used in Signal
> based applications forced us to rely solely on asymmetric algorithms,
> which, will reveal all our secrecy in a few years!
> Am I wrong?
Anything interesting enough to grab, save and store now will be cracked in
time frames
that are within statutes of limitations. Data itself has a shelf life and
depending on the data
that value is at risk if captured now encrypted or not. Blockchain
contracts will be OK for a while,
but not 'coins'. IBM is selling blockchain contract tools and services.
It is important to note that IBM has hardware working well enough to see
real possibilities
and real time lines.
https://quantumexperience.ng.bluemix.net/qx/tutorial?sectionId=full-user-guide&page=introduction
So yes move your data and re encrypt it knowing that most tools today are
very fragile.
There are encryption guidelines, see NIST they agree with IBM.
https://csrc.nist.gov/CSRC/media/Presentations/NIST-Cryptography-Transition-Update/images-media/Transition02132018%20-%20L%20Chen.pdf
and
https://cryptojedi.org/peter/data/nancy-20180219.pdf
Multiple domestic groups are working at theis google and IBM are only two
of many.
Who knows what the rest of the world is doing.
Moving encrypted data, decrypting it and encrypting it is time consuming
and demanding of resources.
The transition costs money so addressing the obvious today is prudent.
It is a game changer and tomorrow may bring more insight that crushes rules
of thumb.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20180828/69184883/attachment.html>
More information about the cryptography
mailing list