[Cryptography] Some quantum computers might need more power than supercomputers

[Jon Callas]

> On Jan 10, 2026, at 13:34, Nicko van Someren <nicko at nicko.org> wrote:
> 
> Well, actually specifically decrypting the morning weather report turned out to be very useful in the case of Enigma, because it was so predictable that it provided an excellent crib. As a result once you cracked the morning weather report you could get all the other traffic using that day's key. The rest of your argument all still holds though!

Yes, and that's indeed a huge part of Peter's point.

We look back to Enigma as a case study in things people got wrong (and also right, let's not forget that), and the major flaw in Enigma is centralized key distribution -- there's a Key Of The Day. When there's a KOTD, any crib is useful.

We're not in that world. There are seven trillion keys per day. Every time someone blows their nose and logs it in their nose tracker, that's a full key exchange, and every nanosecond an attacker spends on that is a nanosecond wasted. The cribs that an attacker needs are relevance cribs, not syntactic ones.

This is an incredibly good thing about the state of modern security. I'd be willing in a debate to argue the side that the relevance-uncertainty makes collect-now-decrypt-later to be a losing strategy because detecting relevance is a harder problem than decrypting.

I'm not really sure how much I believe this point, but I'd sure be willing to debate it. I'd even make a joke about some clerk bursting in and saying they just decrypted Maduro's movements on New Year's Day, why is no one excited?

	Jon