Imagine a world with no cyber secrets

[JMH]

Some recent news in the realm of quantum cryptography signals that in the not-too-distant future, there will be far fewer secrets in the world. Researchers at Linköping University in Sweden managed to crack "uncrackable" quantum crypto -- and not with some theoretical attack or exploitation. Rather, they accomplished the feat using real tools against existing -- albeit primitive -- first-generation quantum computers.


Quantum computers are designed to perform incredibly complex math quickly. There are numerous applications for this technology: weather prediction and simulated product trials, for example. More important, they'd give Pixar the ability to render its next animated film in a day instead of months. Of course, where heavy computing power is involved, so too are the military and cryptographers (who often work for the military and other state interests).

Existing public key cryptography works only because the two large prime numbers involved cannot be easily factored. When large primes can be easily factored, traditional public key encryption will no longer provide any protection. What's more, every previous public-key encrypted document will immediately be decryptable. When quantum computers progress to their full potential (which many observers say is in the next decade or two, at most), a lot of interesting scenarios will occur.


We have to assume that every government is storing all intercepted encrypted streams for later decryption (assuming they don't already have very fast quantum computers and aren't even now reading everything). So when large prime numbers become easily factorable, nearly every secret ever sent -- by our governments, dissents, enemies, allies, and so on -- becomes immediately readable. That includes our own encrypted documents.

More -
Imagine a world with no cyber secrets | Security Central - InfoWorld

 

[Win7User512]

I expected this to be about quantum computing just by reading the title. At the point it becomes reality, AES, SHA3, and RSA--or algorithms like them--will be useless.

 

[Thorsen]

What about unlocking with physical locks like fingerprint scanners? I am sure even if they can crack the code to decrypt a hdd, they can't gain access to the system locally without my fingerprint. they would still be able to remove the HDD, but what if case is locked with a pad-lock? that would require much more invasive physical procedures.... businesses will just move to more physical security measures as standard op.....

 

[Win7User512]

What about unlocking with physical locks like fingerprint scanners? I am sure even if they can crack the code to decrypt a hdd, they can't gain access to the system locally without my fingerprint. they would still be able to remove the HDD, but what if case is locked with a pad-lock? that would require much more invasive physical procedures.... businesses will just move to more physical security measures as standard op.....

Which is in conflict with the direction in which businesses are moving today--virtualization. Limited physical interaction.

Besides, you could have a "dictionary" of fingerprints and using quantum computing, perform a dictionary attack.

OR you could use quantum computing to create every possible fingerprint pattern until you find the right one.

 

[Thorsen]

Agreed. And I saw that coming.

No secrets in the business world though won't ever happen.... just as these exploits are identified, businesses will change their procedures to prevent exploits or lower the risk. Although virtualization is the way forward right now, there probably will be a point of what is allowed to be shared on clouds and what is deemed to sensitive to allow off of a server (pad-locked, in a locked server room)

it would be crazy if we go back to folders marked classified, because the data can't be trusted on computers. and people using typewriters to write up documents so that they aren't every digitized or possible to be found on networks.....

 

[Thorsen]

Or if businesses start using quantum computers first for their sensitive data with encryption that still takes too long to hack with quantum computers......

 

[smsff7]

Agreed. And I saw that coming.

No secrets in the business world though won't ever happen.... just as these exploits are identified, businesses will change their procedures to prevent exploits or lower the risk. Although virtualization is the way forward right now, there probably will be a point of what is allowed to be shared on clouds and what is deemed to sensitive to allow off of a server (pad-locked, in a locked server room)

it would be crazy if we go back to folders marked classified, because the data can't be trusted on computers. and people using typewriters to write up documents so that they aren't every digitized or possible to be found on networks.....

I don't think that would happen. I think they would keep important files on a non networked system and use Sneakernet to move copies of files that need to any off site system

 

[Colonel Travis]

This story gets rehashed every year. One thought about how to defend against attacks:

The defense proposed by Lidar and Wu is to give each legitimate node on the network a list of times distributed over a long period, during which the quantum computers can exchange information and possibly entangle qubits across the network. All other times, a set of decoy qubits are sending data on the network to mimic legitimate traffic flow. When not connected, the networked qubits transfer data back to a third set of qubits, known as the ancillary, or ancilla, qubits. Those registers are never connected to the network, so quantum computations can be carried out without worry of attack.

"As long as we can keep the local nodes free from malicious intruders and build a heavily fortified castle around them, we can assume the ancilla qubits are malware free," Lidar said.

Lidar and Wu found in a paper published earlier this year (PDF) that the number of network connections can never exceed the ratio of the average time between attacks over the length of time it takes to complete an attack.

In classical computing the result would be a poor tradeoff. Only connecting for one second out of every hundred or thousand would unacceptably slow down the calculation speed of, say, a grid computing system. However, in a quantum computing system, such a slowdown does not appreciably affect the speed gains of the system.

"The protocol shuts down the network for a certain period of time, say 99 percent," Lidar said. "While that's a factor of 100, it doesn't matter, because it doesn't change the complexity of the problem."

In other words, for a computer that exists in multiple dimensions and uses a form of teleportation in its calculations, taking a hundred, or even a thousand, times longer means little.