[Cryptography] Has quantum cryptanalysis actually achieved anything?
Bill Stewart
billstewart at pobox.com
Wed Mar 5 15:26:15 EST 2025
On 2/24/2025 12:03 PM, Jon Callas wrote:
> Apropos of the discussion, this morning on twitter I saw:
> <https://twitter.com/mjos_crypto/status/1893989617575092240>
>
> Oh lord, they published it <screen shot> [This is the paper on the D-Wave
> factorization of a 2048-bit RSA number -- jdcc]
> <https://ieeexplore.ieee.org/stamp/stamp.jsp?arnumber=10817698>
> If you look at the ten "2048-bit factorizations" in appendix S1, the distance
> p-q between the factors is either 2 (a prime pair) or 6. You just compute square
> root of n and guess one bit -- the complexity is literally 2^1.
>
> So there's another slight-of-hand trick. Pick a number with the primes really close to each other. I guess this is a real attack on Rabin, though, right? And that's interesting, as we know Rabin is hard.
Cool! Nice to know we don't have to actually worry about this,
though the Rabin part could be meaningful.
More information about the cryptography
mailing list