To read all comments associated with this story, please click here.

I suspect most governments would declare martial law as soon as they got word of quantum computation in the wild, and probably attempt to imprison or execute anyone who they thought was involved.

(Governments do not like it when the citizens spy on them. What we call whistleblowing, they call treason.)

Except all of our currently used public key cryptography algorithms can be broken by a quantum computer. See https://en.wikipedia.org/wiki/Post-quantum_cryptography . It turns out that NP-complete problems seem to be only hard in the worst case and easy in the average case, so no one knows how to use them for cryptography. Grover's algorithm does allow for faster solutions to NP-complete problems, but they remain exponential.

With a sufficiently powerful quantum computer, Shor's algorithm defeats RSA in polynomial time and a generalization of it can solve the discrete logarithm problem (DSA, Diffieâ€“Hellman, ElGamal) in polynomial time.

Speaking seriously, it will superb when we could mass manufacture these things. And live enough to see the security hell that this will create too, since almost all your current most popular cryptography algorithms can be broken (at least in theory) by quantum computers.

There is a simple solution once you have quantum computers...quantum encryption.

The situation is even easier: quantum tagging / degradation

Once the message is read, it is destroyed. And, with a low probability of natural failure, would mean that a single transmitted secure-mode packet would signal a security breach and a new secure protocol would be enacted.

Snooping would disrupt communications of secure data, but the information itself would be largely secure (save for the odd packet here or there...).

--The loon

FunkyELF,

"Don't confuse this with a quantum computer those have yet to be realized (if ever)."

You are right, it's possible that they won't pan out. I suppose even if we're thinking of conventional transistors though, this development of single atom transistors might make future computers fast enough to render today's cryptographic systems vulnerable to brute force attacks. Does anyone know just how fast this single atom transistor is compared to those in 32nm CPUs? That would give us a much better idea of just how future-proof current cryptographic schemes are.

Algorithms like RSA and elliptic curves can naturally be extended to any bit length desired (although most implementations have an upper limit of 4096 bits).

Unfortunately, most symmetric ciphers are only defined for limited block sizes as a matter of standardization and offer no standardized way to extend them. For example, AES is hard coded to 128bit blocks, with key sizes limited to 256bits. Most of the time making the key size larger is trivial even if non-standard, and one could easily project the new parameters. For example, the number of rounds for AES-128 is 11, AES-192 is 13, AES-256 is 15, so we might project AES-384 to be 17 rounds and AES-512 to be 19 rounds, but the fact that it's non-standard is a problem. Unfortunately increasing the AES block size from 128bit would require a whole new algorithm since it's integral to the AES function.

Mind you this is all just fun cryptographic theory, I don't see a very compelling need for larger AES key or block lengths today.

BLOWFISH, by comparison, supports key sizes up to 448bits, but has a smaller block size of 64bits. In my opinion, this small block size is too small for comfort. In theory, even without cracking the 448 bit key (which is unfathomable using conventional means), one might begin to map out 64bit blocks directly. Given 1GB of data, there's a 0.02% chance a block will be reused and become cryptographically weak. Each additional GB increases the odds of a collision: for 2GB,3GB,4GB,5GB it goes to 0.08%,0.19%,0.34%,0.53% respectively.

The information leaked may be rare and of little value, but it could facilitate a meet in the middle attack against the key function, which if successful would decrypt the entire stream. For this reason, I think AES is better despite it's smaller key size.

Member since:

2005-12-18

Well... we can improve this with sub-atomic particles!

Speaking seriously, it will superb when we could mass manufacture these things. And live enough to see the security hell that this will create too, since almost all your current most popular cryptography algorithms can be broken (at least in theory) by quantum computers.